package com.sun.identity.saml2.xmlenc;

import com.iplanet.am.util.XMLUtils;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.saml2.common.SAML2SDKUtils;
import com.sun.org.apache.xml.security.Init;
import com.sun.org.apache.xml.security.encryption.EncryptedData;
import com.sun.org.apache.xml.security.encryption.EncryptedKey;
import com.sun.org.apache.xml.security.encryption.XMLCipher;
import com.sun.org.apache.xml.security.encryption.XMLEncryptionException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.util.Hashtable;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:122983-01/SUNWsaml2/reloc/SUNWam/saml2/lib/saml2.jar:com/sun/identity/saml2/xmlenc/FMEncProvider.class */
public final class FMEncProvider implements EncProvider {
    static Hashtable cachedKeys = new Hashtable();

    @Override // com.sun.identity.saml2.xmlenc.EncProvider
    public Element encrypt(String str, Key key, String str2, int i, String str3, String str4) throws SAML2Exception {
        SecretKey generateSecretKey;
        XMLCipher xMLCipher;
        if (str == null || str.length() == 0 || key == null || str2 == null || str2.length() == 0 || str4 == null || str4.length() == 0) {
            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Null input parameter(s).").toString());
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
        }
        if (!str2.equals("http://www.w3.org/2001/04/xmlenc#aes128-cbc") && !str2.equals("http://www.w3.org/2001/04/xmlenc#aes192-cbc") && !str2.equals("http://www.w3.org/2001/04/xmlenc#aes256-cbc") && !str2.equals("http://www.w3.org/2001/04/xmlenc#tripledes-cbc")) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("unsupportedKeyAlg"));
        }
        if ((str2.equals("http://www.w3.org/2001/04/xmlenc#aes128-cbc") && i != 128) || ((str2.equals("http://www.w3.org/2001/04/xmlenc#aes192-cbc") && i != 192) || (str2.equals("http://www.w3.org/2001/04/xmlenc#aes256-cbc") && i != 256))) {
            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Data encryption algorithm ").append(str2).append("and strength ").append(i).append(" mismatch.").toString());
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("algSizeMismatch"));
        }
        Document dOMDocument = XMLUtils.toDOMDocument(str, SAML2SDKUtils.debug);
        if (dOMDocument == null) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorObtainingElement"));
        }
        if (i <= 0) {
            i = 128;
        }
        Element documentElement = dOMDocument.getDocumentElement();
        if (documentElement == null) {
            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Empty document.").toString());
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("emptyDoc"));
        }
        if (str3 == null) {
            generateSecretKey = generateSecretKey(str2, i);
        } else if (cachedKeys.containsKey(str3)) {
            generateSecretKey = (SecretKey) cachedKeys.get(str3);
        } else {
            generateSecretKey = generateSecretKey(str2, i);
            cachedKeys.put(str3, generateSecretKey);
        }
        if (generateSecretKey == null) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorGenerateKey"));
        }
        String algorithm = key.getAlgorithm();
        try {
            if (algorithm.equals(SAML2Constants.RSA)) {
                xMLCipher = XMLCipher.getInstance("http://www.w3.org/2001/04/xmlenc#rsa-1_5");
            } else if (algorithm.equals("DESede")) {
                xMLCipher = XMLCipher.getInstance("http://www.w3.org/2001/04/xmlenc#kw-tripledes");
            } else {
                if (!algorithm.equals("AES")) {
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("unsupportedKeyAlg"));
                }
                xMLCipher = XMLCipher.getInstance("http://www.w3.org/2001/04/xmlenc#kw-aes128");
            }
            try {
                xMLCipher.init(3, key);
                try {
                    EncryptedKey encryptKey = xMLCipher.encryptKey(dOMDocument, generateSecretKey);
                    try {
                        XMLCipher xMLCipher2 = XMLCipher.getInstance(str2);
                        try {
                            xMLCipher2.init(1, generateSecretKey);
                            try {
                                Document doFinal = xMLCipher2.doFinal(dOMDocument, documentElement);
                                try {
                                    Element martial = xMLCipher2.martial(dOMDocument, encryptKey);
                                    Element createElementNS = doFinal.createElementNS(SAML2Constants.ASSERTION_NAMESPACE_URI, new StringBuffer().append(SAML2Constants.ASSERTION_PREFIX).append(str4).toString());
                                    createElementNS.setAttributeNS(SAML2Constants.NS_XML, "xmlns:saml", SAML2Constants.ASSERTION_NAMESPACE_URI);
                                    Element documentElement2 = doFinal.getDocumentElement();
                                    doFinal.replaceChild(createElementNS, documentElement2);
                                    createElementNS.appendChild(documentElement2);
                                    createElementNS.appendChild(martial);
                                    return doFinal.getDocumentElement();
                                } catch (XMLEncryptionException e) {
                                    SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Failed to martial the encrypted key").toString(), e);
                                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedMartialingEncryptedKey"));
                                }
                            } catch (Exception e2) {
                                SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Failed to do the final data encryption.").toString(), e2);
                                throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedEncryptingData"));
                            }
                        } catch (XMLEncryptionException e3) {
                            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Failed to initialize cipher with secret key.").toString(), e3);
                            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedInitCipherWithSecretKey"));
                        }
                    } catch (XMLEncryptionException e4) {
                        SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Failed to obtain a cipher for ").append("data encryption algorithm").append(str2).toString(), e4);
                        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("cipherNotAvailableForDataEncAlg"));
                    }
                } catch (XMLEncryptionException e5) {
                    SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Failed to encrypt secret key with public key").toString(), e5);
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedEncryptingSecretKeyWithPublicKey"));
                }
            } catch (XMLEncryptionException e6) {
                SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Failed to initialize cipher with public key").toString(), e6);
                throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedInitCipherWithPublicKey"));
            }
        } catch (XMLEncryptionException e7) {
            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.encrypt: ").append("Unable to obtain cipher with public key algorithm.").toString(), e7);
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("noCipherForPublicKeyAlg"));
        }
    }

    @Override // com.sun.identity.saml2.xmlenc.EncProvider
    public Element decrypt(String str, Key key) throws SAML2Exception {
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message(new StringBuffer().append("FMEncProvider.decrypt: ").append("Entering ...").toString());
        }
        if (str == null || str.length() == 0 || key == null) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("nullInput"));
        }
        Document dOMDocument = XMLUtils.toDOMDocument(str, SAML2SDKUtils.debug);
        if (dOMDocument == null) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorObtainingElement"));
        }
        Element documentElement = dOMDocument.getDocumentElement();
        if (documentElement == null) {
            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Empty document.").toString());
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("emptyDoc"));
        }
        Element element = (Element) documentElement.getFirstChild();
        if (element == null) {
            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Missing the EncryptedData element.").toString());
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missingElementEncryptedData"));
        }
        Element element2 = (Element) element.getNextSibling();
        if (element2 == null) {
            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Missing the EncryptedKey element.").toString());
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missingElementEncryptedKey"));
        }
        try {
            XMLCipher xMLCipher = XMLCipher.getInstance();
            try {
                xMLCipher.init(2, (Key) null);
                try {
                    EncryptedData loadEncryptedData = xMLCipher.loadEncryptedData(dOMDocument, element);
                    try {
                        EncryptedKey loadEncryptedKey = xMLCipher.loadEncryptedKey(dOMDocument, element2);
                        Document document = null;
                        if (loadEncryptedKey != null && loadEncryptedData != null) {
                            try {
                                XMLCipher xMLCipher2 = XMLCipher.getInstance();
                                try {
                                    xMLCipher2.init(4, key);
                                    try {
                                        Key decryptKey = xMLCipher2.decryptKey(loadEncryptedKey, loadEncryptedData.getEncryptionMethod().getAlgorithm());
                                        try {
                                            XMLCipher xMLCipher3 = XMLCipher.getInstance();
                                            try {
                                                xMLCipher3.init(2, decryptKey);
                                                try {
                                                    document = xMLCipher3.doFinal(dOMDocument, element);
                                                } catch (Exception e) {
                                                    SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Failed to decrypt data.").toString(), e);
                                                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedDecryptingData"));
                                                }
                                            } catch (XMLEncryptionException e2) {
                                                SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Failed to initialize cipher with secret key.").toString(), e2);
                                                throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedInitCipherForDecrypt"));
                                            }
                                        } catch (XMLEncryptionException e3) {
                                            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Failed to get cipher instance for ").append("final data decryption.").toString(), e3);
                                            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("noCipher"));
                                        }
                                    } catch (XMLEncryptionException e4) {
                                        SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Failed to decrypt the secret key").toString(), e4);
                                        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedDecryptingSecretKey"));
                                    }
                                } catch (XMLEncryptionException e5) {
                                    SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Failed to initialize cipher in unwrap mode ").append("with private key").toString(), e5);
                                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("noCipherForUnwrap"));
                                }
                            } catch (XMLEncryptionException e6) {
                                SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Failed to get a cipher instance ").append("for decrypting secret key.").toString(), e6);
                                throw new SAML2Exception(SAML2SDKUtils.bundle.getString("noCipher"));
                            }
                        }
                        Element documentElement2 = document.getDocumentElement();
                        Node firstChild = documentElement2.getFirstChild();
                        documentElement2.removeChild(firstChild);
                        document.replaceChild(firstChild, documentElement2);
                        return document.getDocumentElement();
                    } catch (XMLEncryptionException e7) {
                        SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Failed to load encrypted key").toString(), e7);
                        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedLoadingEncryptedKey"));
                    }
                } catch (XMLEncryptionException e8) {
                    SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Failed to load encrypted data").toString(), e8);
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedLoadingEncryptedData"));
                }
            } catch (XMLEncryptionException e9) {
                SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Failed to initialize cipher for decryption mode").toString(), e9);
                throw new SAML2Exception(SAML2SDKUtils.bundle.getString("failedInitCipherForDecrypt"));
            }
        } catch (XMLEncryptionException e10) {
            SAML2SDKUtils.debug.error(new StringBuffer().append("FMEncProvider.decrypt: ").append("Unable to get a cipher instance.").toString(), e10);
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("noCipher"));
        }
    }

    private SecretKey generateSecretKey(String str, int i) throws SAML2Exception {
        KeyGenerator keyGenerator;
        try {
            if (str.equals("http://www.w3.org/2001/04/xmlenc#aes128-cbc") || str.equals("http://www.w3.org/2001/04/xmlenc#aes192-cbc") || str.equals("http://www.w3.org/2001/04/xmlenc#aes256-cbc")) {
                keyGenerator = KeyGenerator.getInstance("AES");
            } else {
                if (!str.equals("http://www.w3.org/2001/04/xmlenc#tripledes-cbc")) {
                    throw new SAML2Exception(SAML2SDKUtils.bundle.getString("unsupportedKeyAlg"));
                }
                keyGenerator = KeyGenerator.getInstance("TripleDES");
            }
            if (i != 0) {
                keyGenerator.init(i);
            }
            if (keyGenerator != null) {
                return keyGenerator.generateKey();
            }
            return null;
        } catch (NoSuchAlgorithmException e) {
            throw new SAML2Exception(e);
        }
    }

    static {
        Init.init();
    }
}
