package weblogic.xml.security.wsse.v200207;

import java.security.PrivateKey;
import weblogic.xml.security.encryption.DecryptXMLInputStream;
import weblogic.xml.security.encryption.EncryptedKey;
import weblogic.xml.security.encryption.EncryptedKeyProvider;
import weblogic.xml.security.encryption.EncryptionException;
import weblogic.xml.security.encryption.ReferenceList;
import weblogic.xml.security.encryption.XMLEncConstants;
import weblogic.xml.security.encryption.XMLEncReader;
import weblogic.xml.security.keyinfo.KeyProviderFactory;
import weblogic.xml.security.keyinfo.KeyResolver;
import weblogic.xml.security.signature.DSIGReader;
import weblogic.xml.security.signature.Signature;
import weblogic.xml.security.signature.SignatureValidationException;
import weblogic.xml.security.signature.SoapVerifyXMLInputStream;
import weblogic.xml.security.utils.EventBufferInputStream;
import weblogic.xml.security.utils.StreamUtils;
import weblogic.xml.security.utils.XMLEventBuffer;
import weblogic.xml.security.utils.XMLInputStreamBase;
import weblogic.xml.security.wsse.SecureInputStream;
import weblogic.xml.security.wsse.Security;
import weblogic.xml.security.wsse.internal.Utils;
import weblogic.xml.security.wsu.v200207.TimestampImpl;
import weblogic.xml.security.wsu.v200207.WSUConstants;
import weblogic.xml.stream.ElementFactory;
import weblogic.xml.stream.EndElement;
import weblogic.xml.stream.StartDocument;
import weblogic.xml.stream.StartElement;
import weblogic.xml.stream.XMLEvent;
import weblogic.xml.stream.XMLInputStream;
import weblogic.xml.stream.XMLName;
import weblogic.xml.stream.XMLStreamException;

/* loaded from: input_file:weblogic.jar:weblogic/xml/security/wsse/v200207/SecureInputStreamInternal.class */
public class SecureInputStreamInternal extends XMLInputStreamBase implements WSSEConstants, SecureInputStream {
    private static final XMLName REFERENCE_LIST = ElementFactory.createXMLName(XMLEncConstants.XMLENC_URI, XMLEncConstants.TAG_REFERENCE_LIST);
    private static final XMLName SIGNATURE = ElementFactory.createXMLName("http://www.w3.org/2000/09/xmldsig#", "Signature");
    private static final XMLName USERNAME_TOKEN = ElementFactory.createXMLName(WSSEConstants.WSSE_URI, WSSEConstants.TAG_USERNAME_TOKEN);
    private static final XMLName BINARY_SECURITY_TOKEN = ElementFactory.createXMLName(WSSEConstants.WSSE_URI, WSSEConstants.TAG_BINARY_SECURITY_TOKEN);
    private static final XMLName TIMESTAMP = ElementFactory.createXMLName(WSUConstants.WSU_URI, WSUConstants.TAG_TIMESTAMP);
    private static final XMLName ENCRYPTED_KEY = ElementFactory.createXMLName(XMLEncConstants.XMLENC_URI, XMLEncConstants.TAG_ENCRYPTED_KEY);
    private final String role;
    private final XMLInputStream origin;
    private String encoding;
    private KeyResolver keyResolver;
    private SecurityImpl security;

    public SecureInputStreamInternal(XMLInputStream xMLInputStream, String str, KeyResolver keyResolver) throws XMLStreamException {
        this.origin = xMLInputStream;
        this.role = str;
        this.keyResolver = keyResolver;
        this.security = null;
        this.source = null;
    }

    @Override // weblogic.xml.security.wsse.SecureInputStream
    public KeyResolver getKeyResolver() {
        return this.keyResolver;
    }

    @Override // weblogic.xml.security.wsse.SecureInputStream
    public void setKeyResolver(KeyResolver keyResolver) {
        if (this.source != null) {
            throw new IllegalStateException("Cannot change key resolver after stream has been read");
        }
        this.keyResolver = keyResolver;
    }

    public SecureInputStreamInternal(XMLInputStream xMLInputStream, String str, PrivateKey privateKey) throws XMLStreamException {
        this(xMLInputStream, str, new KeyResolver());
        if (privateKey != null) {
            this.keyResolver.addKeyProvider(KeyProviderFactory.create(privateKey));
        }
    }

    private static String getEncoding(XMLInputStream xMLInputStream) throws XMLStreamException {
        if (xMLInputStream == null) {
            return null;
        }
        XMLEvent peek = xMLInputStream.peek();
        if (peek.isStartDocument()) {
            return ((StartDocument) peek).getCharacterEncodingScheme();
        }
        return null;
    }

    /* JADX WARN: Removed duplicated region for block: B:4:0x000b  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static boolean findHeader(weblogic.xml.stream.XMLInputStream r4, weblogic.xml.security.utils.XMLEventBuffer r5, java.lang.String r6) throws weblogic.xml.stream.XMLStreamException {
        /*
            weblogic.xml.security.wsse.internal.SoapStreamState r0 = new weblogic.xml.security.wsse.internal.SoapStreamState
            r1 = r0
            r1.<init>()
            r7 = r0
            goto Ld7
        Lb:
            r0 = r4
            weblogic.xml.stream.XMLEvent r0 = r0.peek()
            r9 = r0
            r0 = r9
            int r0 = r0.getType()
            switch(r0) {
                case 2: goto L34;
                case 4: goto Lad;
                default: goto Lc7;
            }
        L34:
            r0 = r9
            weblogic.xml.stream.StartElement r0 = (weblogic.xml.stream.StartElement) r0
            r10 = r0
            r0 = r7
            r1 = r10
            boolean r0 = r0.update(r1)
            r8 = r0
            r0 = r7
            boolean r0 = r0.inHeader()
            if (r0 == 0) goto L9a
            r0 = r7
            boolean r0 = r0.atTypeLevel()
            if (r0 == 0) goto L9a
            r0 = r10
            weblogic.xml.stream.XMLName r0 = r0.getName()
            r11 = r0
            r0 = r11
            java.lang.String r0 = r0.getNamespaceUri()
            r12 = r0
            java.lang.String r0 = "Security"
            r1 = r11
            java.lang.String r1 = r1.getLocalName()
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto La4
            r0 = r12
            boolean r0 = validWSSEuri(r0)
            if (r0 == 0) goto La4
            r0 = r10
            java.lang.String r1 = "role"
            java.lang.String r0 = weblogic.xml.security.utils.StreamUtils.getAttribute(r0, r1)
            r13 = r0
            r0 = r6
            if (r0 != 0) goto L8f
            r0 = r13
            if (r0 != 0) goto La4
            goto L98
        L8f:
            r0 = r6
            r1 = r13
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto La4
        L98:
            r0 = 1
            return r0
        L9a:
            r0 = r7
            r1 = 1
            boolean r0 = r0.after(r1)
            if (r0 == 0) goto La4
            r0 = 0
            return r0
        La4:
            r0 = r4
            r1 = r5
            weblogic.xml.stream.XMLEvent r0 = bufferNext(r0, r1)
            goto Ld2
        Lad:
            r0 = r7
            r1 = r4
            r2 = r5
            weblogic.xml.stream.XMLEvent r1 = bufferNext(r1, r2)
            boolean r0 = r0.update(r1)
            r8 = r0
            r0 = r8
            if (r0 == 0) goto Ld2
            r0 = r7
            r1 = 1
            boolean r0 = r0.after(r1)
            if (r0 == 0) goto Ld2
            r0 = 0
            return r0
        Lc7:
            r0 = r7
            r1 = r4
            r2 = r5
            weblogic.xml.stream.XMLEvent r1 = bufferNext(r1, r2)
            boolean r0 = r0.update(r1)
            r8 = r0
        Ld2:
            r0 = r8
            if (r0 == 0) goto Ld7
        Ld7:
            r0 = r4
            boolean r0 = r0.hasNext()
            if (r0 != 0) goto Lb
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: weblogic.xml.security.wsse.v200207.SecureInputStreamInternal.findHeader(weblogic.xml.stream.XMLInputStream, weblogic.xml.security.utils.XMLEventBuffer, java.lang.String):boolean");
    }

    private XMLInputStream buildStream() throws XMLStreamException {
        this.encoding = getEncoding(this.origin);
        this.security = new SecurityImpl(this.role);
        this.source = buildStream(this.origin, this.security);
        return this.source;
    }

    private XMLInputStream buildStream(XMLInputStream xMLInputStream, SecurityImpl securityImpl) throws XMLStreamException {
        XMLEventBuffer xMLEventBuffer = new XMLEventBuffer();
        if (!findHeader(xMLInputStream, xMLEventBuffer, this.role)) {
            return EventBufferInputStream.reconstitute(xMLEventBuffer, xMLInputStream);
        }
        StartElement startElement = (StartElement) xMLInputStream.next();
        if (!StreamUtils.matches(startElement, WSSEConstants.TAG_SECURITY) && !validWSSEuri(startElement.getName().getNamespaceUri())) {
            throw new AssertionError("findHeader failed");
        }
        XMLEvent peek = xMLInputStream.peek();
        while (true) {
            XMLEvent xMLEvent = peek;
            if (xMLEvent.isEndElement()) {
                XMLEvent next = xMLInputStream.next();
                if (matchingEndElement(startElement, (EndElement) next)) {
                    return EventBufferInputStream.reconstitute(xMLEventBuffer, xMLInputStream);
                }
                throw new AssertionError(new StringBuffer().append("expected </Security>, got ").append(next).toString());
            }
            if (xMLEvent.isStartElement()) {
                if (StreamUtils.matches(xMLEvent, BINARY_SECURITY_TOKEN)) {
                    handleBST(xMLInputStream, securityImpl);
                } else if (StreamUtils.matches(xMLEvent, USERNAME_TOKEN)) {
                    handleUsernameToken(xMLInputStream, securityImpl);
                } else if (StreamUtils.matches(xMLEvent, TIMESTAMP)) {
                    handleTimestamp(xMLInputStream, securityImpl);
                } else {
                    if (StreamUtils.matches(xMLEvent, SIGNATURE)) {
                        return handleSignature(xMLInputStream, securityImpl, startElement, xMLEventBuffer);
                    }
                    if (StreamUtils.matches(xMLEvent, REFERENCE_LIST)) {
                        return handleReferenceList(xMLInputStream, securityImpl, startElement, xMLEventBuffer);
                    }
                    if (StreamUtils.matches(xMLEvent, ENCRYPTED_KEY)) {
                        return handleEncryptedKey(xMLInputStream, securityImpl, startElement, xMLEventBuffer);
                    }
                    Utils.handleException(WSSEConstants.QNAME_FAULT_UNSUPPORTEDSECURITYTOKEN, new StringBuffer().append(startElement.getName()).append(" not currently supported").toString(), this.role);
                }
                peek = xMLInputStream.peek();
            } else {
                xMLInputStream.next();
                peek = xMLInputStream.peek();
            }
        }
    }

    private XMLInputStream handleEncryptedKey(XMLInputStream xMLInputStream, SecurityImpl securityImpl, StartElement startElement, XMLEventBuffer xMLEventBuffer) throws XMLStreamException {
        EncryptedKey encryptedKey = (EncryptedKey) XMLEncReader.read(xMLInputStream, 2);
        securityImpl.append(encryptedKey);
        return buildStream(decryptStream(encryptedKey, this.keyResolver, this.encoding, reconstitute(startElement, xMLEventBuffer, xMLInputStream)), securityImpl);
    }

    private XMLInputStream handleReferenceList(XMLInputStream xMLInputStream, SecurityImpl securityImpl, StartElement startElement, XMLEventBuffer xMLEventBuffer) throws XMLStreamException {
        ReferenceList referenceList = (ReferenceList) XMLEncReader.read(xMLInputStream, 4);
        securityImpl.append(referenceList);
        return buildStream(decryptStream(referenceList, this.keyResolver, this.encoding, reconstitute(startElement, xMLEventBuffer, xMLInputStream)), securityImpl);
    }

    private XMLInputStream handleSignature(XMLInputStream xMLInputStream, SecurityImpl securityImpl, StartElement startElement, XMLEventBuffer xMLEventBuffer) throws XMLStreamException {
        Signature signature = (Signature) DSIGReader.read(xMLInputStream, 8);
        securityImpl.append(signature);
        return buildStream(verifyStream(signature, this.keyResolver, this.role, reconstitute(startElement, xMLEventBuffer, xMLInputStream)), securityImpl);
    }

    private void handleTimestamp(XMLInputStream xMLInputStream, SecurityImpl securityImpl) throws XMLStreamException {
        securityImpl.append(new TimestampImpl(xMLInputStream));
    }

    private void handleUsernameToken(XMLInputStream xMLInputStream, SecurityImpl securityImpl) throws XMLStreamException {
        securityImpl.append(new UsernameTokenImpl(xMLInputStream, WSSEConstants.WSSE_URI));
    }

    private void handleBST(XMLInputStream xMLInputStream, SecurityImpl securityImpl) throws XMLStreamException {
        BinarySecurityTokenImpl binarySecurityTokenImpl = new BinarySecurityTokenImpl(xMLInputStream, WSSEConstants.WSSE_URI);
        this.keyResolver.addKeyProvider(KeyProviderFactory.create(binarySecurityTokenImpl));
        securityImpl.append(binarySecurityTokenImpl);
    }

    private static final XMLInputStream verifyStream(Signature signature, KeyResolver keyResolver, String str, XMLInputStream xMLInputStream) throws XMLStreamException {
        try {
            return new SoapVerifyXMLInputStream(signature, xMLInputStream, keyResolver.copy());
        } catch (SignatureValidationException e) {
            Utils.handleException(weblogic.xml.security.utils.Utils.getQName(WSSEConstants.QNAME_FAULT_INVALIDSECURITYTOKEN), e.getMessage(), str);
            throw new AssertionError("failed to validate signature");
        }
    }

    private static final XMLInputStream decryptStream(EncryptedKey encryptedKey, KeyResolver keyResolver, String str, XMLInputStream xMLInputStream) throws XMLStreamException {
        ReferenceList referenceList = encryptedKey.getReferenceList();
        encryptedKey.setKeyResolver(keyResolver);
        try {
            EncryptedKeyProvider encryptedKeyProvider = new EncryptedKeyProvider(encryptedKey);
            keyResolver.addKeyProvider(encryptedKeyProvider);
            KeyResolver keyResolver2 = new KeyResolver();
            keyResolver2.addKeyProvider(encryptedKeyProvider);
            return decryptStream(referenceList, keyResolver2, str, xMLInputStream);
        } catch (EncryptionException e) {
            throw new XMLStreamException("Unable to decrypt EncryptedKey", e);
        }
    }

    private static XMLInputStream decryptStream(ReferenceList referenceList, KeyResolver keyResolver, String str, XMLInputStream xMLInputStream) {
        DecryptXMLInputStream decryptXMLInputStream = new DecryptXMLInputStream(xMLInputStream, referenceList, str);
        decryptXMLInputStream.setKeyResolver(keyResolver);
        return decryptXMLInputStream;
    }

    private static final XMLInputStream reconstitute(StartElement startElement, XMLEventBuffer xMLEventBuffer, XMLInputStream xMLInputStream) throws XMLStreamException {
        while (xMLInputStream.hasNext()) {
            XMLEvent peek = xMLInputStream.peek();
            switch (peek.getType()) {
                case 2:
                    xMLEventBuffer.add(startElement);
                    return EventBufferInputStream.reconstitute(xMLEventBuffer, xMLInputStream);
                case 4:
                    if (!matchingEndElement(startElement, (EndElement) peek)) {
                        throw new AssertionError(new StringBuffer().append("expected </Security>, got ").append(peek).toString());
                    }
                    xMLInputStream.next();
                    return EventBufferInputStream.reconstitute(xMLEventBuffer, xMLInputStream);
                default:
                    xMLInputStream.next();
            }
        }
        throw new XMLStreamException("stream ended unexpectedly with security header open");
    }

    private static final boolean matchingEndElement(StartElement startElement, EndElement endElement) {
        return StreamUtils.matches(endElement, WSSEConstants.TAG_SECURITY, startElement.getName().getNamespaceUri());
    }

    private static final boolean validWSSEuri(String str) {
        return WSSEConstants.WSSE_URI.equals(str);
    }

    private static final XMLEvent bufferNext(XMLInputStream xMLInputStream, XMLEventBuffer xMLEventBuffer) throws XMLStreamException {
        XMLEvent next = xMLInputStream.next();
        xMLEventBuffer.add(next);
        return next;
    }

    @Override // weblogic.xml.security.wsse.SecureInputStream
    public Security getSecurityElement() {
        try {
            if (this.source == null) {
                buildStream();
            }
            return this.security;
        } catch (XMLStreamException e) {
            throw new AssertionError(e);
        }
    }

    @Override // weblogic.xml.security.utils.XMLInputStreamBase, weblogic.xml.stream.XMLInputStream
    public boolean hasNext() throws XMLStreamException {
        if (this.source == null) {
            buildStream();
        }
        return super.hasNext();
    }

    @Override // weblogic.xml.security.utils.XMLInputStreamBase, weblogic.xml.stream.XMLInputStream
    public XMLEvent next() throws XMLStreamException {
        if (this.source == null) {
            buildStream();
        }
        return this.source.next();
    }

    @Override // weblogic.xml.security.utils.XMLInputStreamBase, weblogic.xml.stream.XMLInputStream
    public XMLEvent peek() throws XMLStreamException {
        if (this.source == null) {
            buildStream();
        }
        return super.peek();
    }
}
