package weblogic.xml.security.specs;

import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import weblogic.xml.security.utils.ElementFactory;
import weblogic.xml.security.utils.NSOutputStream;
import weblogic.xml.security.utils.NamespaceAwareXOS;
import weblogic.xml.security.utils.StreamUtils;
import weblogic.xml.security.wsse.BinarySecurityToken;
import weblogic.xml.security.wsse.Token;
import weblogic.xml.security.wsse.v200207.BinarySecurityTokenImpl;
import weblogic.xml.security.wsse.v200207.WSSEConstants;
import weblogic.xml.stream.Attribute;
import weblogic.xml.stream.StartElement;
import weblogic.xml.stream.XMLEvent;
import weblogic.xml.stream.XMLInputStream;
import weblogic.xml.stream.XMLOutputStream;
import weblogic.xml.stream.XMLStreamException;

/* loaded from: input_file:weblogic.jar:weblogic/xml/security/specs/EncryptionSpec.class */
public class EncryptionSpec extends OperationSpec {
    private String encryptionMethod;
    private String keyWrappingMethod;
    private X509Certificate cert;
    private BinarySecurityToken bst;
    private static final String DEFAULT_ENCRYPTION_METHOD = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
    private static final String DEFAULT_KEYWRAPPING_METHOD = "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
    private static final EncryptionSpec DEFAULT_SPEC = new EncryptionSpec("http://www.w3.org/2001/04/xmlenc#tripledes-cbc", "http://www.w3.org/2001/04/xmlenc#rsa-1_5", null, true);

    public EncryptionSpec(String str, X509Certificate x509Certificate) {
        this(str, "http://www.w3.org/2001/04/xmlenc#rsa-1_5", x509Certificate, false);
    }

    public EncryptionSpec(String str, X509Certificate x509Certificate, boolean z) {
        this(str, "http://www.w3.org/2001/04/xmlenc#rsa-1_5", x509Certificate, z);
    }

    public EncryptionSpec(String str, String str2, X509Certificate x509Certificate, boolean z) {
        this.encryptionMethod = null;
        this.keyWrappingMethod = null;
        this.cert = null;
        this.bst = null;
        this.encryptionMethod = str;
        setKeyWrappingMethod(str2);
        setCertificate(x509Certificate);
        setEntireBody(z);
    }

    public EncryptionSpec(XMLInputStream xMLInputStream, String str) throws XMLStreamException {
        this.encryptionMethod = null;
        this.keyWrappingMethod = null;
        this.cert = null;
        this.bst = null;
        fromXMLInternal(xMLInputStream, str);
    }

    public X509Certificate getCertificate() {
        return this.cert;
    }

    public void setCertificate(X509Certificate x509Certificate) {
        this.cert = x509Certificate;
        if (x509Certificate != null) {
            this.bst = new BinarySecurityTokenImpl(x509Certificate, (PrivateKey) null);
        } else {
            this.bst = null;
        }
    }

    public Token getToken() {
        return this.bst;
    }

    public String getEncryptionMethod() {
        return this.encryptionMethod;
    }

    @Override // weblogic.xml.security.specs.SpecBase
    public void toXML(XMLOutputStream xMLOutputStream, String str, int i) throws XMLStreamException {
        if (!(xMLOutputStream instanceof NSOutputStream)) {
            NamespaceAwareXOS namespaceAwareXOS = new NamespaceAwareXOS(xMLOutputStream);
            xMLOutputStream = namespaceAwareXOS;
            namespaceAwareXOS.addPrefix(SpecConstants.SPEC_URI, SpecConstants.DEFAULT_PREFIX);
        }
        Attribute[] attributeArr = new Attribute[3];
        attributeArr[0] = ElementFactory.createAttribute(str, "EncryptionMethod", this.encryptionMethod);
        attributeArr[1] = ElementFactory.createAttribute(str, SpecConstants.ATTR_KEYWRAPPING_METHOD, getKeyWrappingMethod());
        attributeArr[2] = ElementFactory.createAttribute(str, SpecConstants.ATTR_ENCRYPT_BODY, entireBody() ? "true" : "false");
        StreamUtils.addStart(xMLOutputStream, str, SpecConstants.TAG_ENCRYPTION_SPEC, attributeArr, i);
        int i2 = i + 2;
        if (this.bst != null) {
            this.bst.toXML(xMLOutputStream);
        }
        Iterator it = this.headerList.iterator();
        while (it.hasNext()) {
            ((ElementIdentifier) it.next()).toXML(xMLOutputStream, str, i2);
        }
        Iterator it2 = this.bodyList.iterator();
        while (it2.hasNext()) {
            ((ElementIdentifier) it2.next()).toXML(xMLOutputStream, str, i2);
        }
        Iterator it3 = this.unrestrictedList.iterator();
        while (it3.hasNext()) {
            ((ElementIdentifier) it3.next()).toXML(xMLOutputStream, str, i2);
        }
        StreamUtils.addEnd(xMLOutputStream, str, SpecConstants.TAG_ENCRYPTION_SPEC, i);
    }

    @Override // weblogic.xml.security.specs.SpecBase
    protected void fromXMLInternal(XMLInputStream xMLInputStream, String str) throws XMLStreamException {
        StartElement startElement = (StartElement) StreamUtils.getElement(xMLInputStream, str, SpecConstants.TAG_ENCRYPTION_SPEC);
        if (startElement == null) {
            throw new XMLStreamException(new StringBuffer().append("Expected EncryptionSpec, got ").append(startElement).toString());
        }
        this.encryptionMethod = StreamUtils.getAttribute(startElement, "EncryptionMethod");
        StreamUtils.requiredAttr(this.encryptionMethod, SpecConstants.TAG_ENCRYPTION_SPEC, "EncryptionMethod");
        this.keyWrappingMethod = StreamUtils.getAttribute(startElement, SpecConstants.ATTR_KEYWRAPPING_METHOD);
        setEntireBody("true".equals(StreamUtils.getAttribute(startElement, SpecConstants.ATTR_ENCRYPT_BODY)));
        XMLEvent peekElement = StreamUtils.peekElement(xMLInputStream);
        if (peekElement.isStartElement() && StreamUtils.matches(peekElement, WSSEConstants.TAG_BINARY_SECURITY_TOKEN, WSSEConstants.WSSE_URI)) {
            this.bst = new BinarySecurityTokenImpl(xMLInputStream, WSSEConstants.WSSE_URI);
            this.cert = this.bst.getCertificate();
            peekElement = StreamUtils.peekElement(xMLInputStream);
        }
        while (!peekElement.isEndElement()) {
            if (peekElement.isStartElement() && StreamUtils.matches(peekElement, SpecConstants.TAG_TYPE_IDENTIFIER, str)) {
                ElementIdentifier elementIdentifier = new ElementIdentifier(xMLInputStream, str);
                String restriction = elementIdentifier.getRestriction();
                if (restriction == null) {
                    addUnrestrictedType(elementIdentifier);
                } else if ("body".equals(restriction)) {
                    addBodyElement(elementIdentifier);
                } else {
                    addHeaderElement(elementIdentifier);
                }
            } else {
                StreamUtils.discard(xMLInputStream);
            }
            peekElement = StreamUtils.peekElement(xMLInputStream);
        }
        StreamUtils.closeScope(xMLInputStream, str, SpecConstants.TAG_ENCRYPTION_SPEC);
    }

    public static EncryptionSpec getDefaultSpec() {
        return DEFAULT_SPEC;
    }

    public String toString() {
        return new StringBuffer().append("weblogic.xml.security.specs.EncryptionSpec{encryptionMethod='").append(this.encryptionMethod).append("'").append(", cert=").append(this.cert).append(", bst=").append(this.bst).append("}").toString();
    }

    public String getKeyWrappingMethod() {
        return this.keyWrappingMethod == null ? "http://www.w3.org/2001/04/xmlenc#rsa-1_5" : this.keyWrappingMethod;
    }

    public void setKeyWrappingMethod(String str) {
        if (str != null && !"http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p".equals(str) && !"http://www.w3.org/2001/04/xmlenc#rsa-1_5".equals(str)) {
            throw new IllegalArgumentException(new StringBuffer().append(str).append(" is not a supported key wrapping").append(" algorithm").toString());
        }
        this.keyWrappingMethod = str;
    }
}
