package org.apache.tsik.xmlenc.elements;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import org.apache.tsik.common.Logger;
import org.apache.tsik.common.LoggerFactory;
import org.apache.tsik.datatypes.Base64;
import org.apache.tsik.domutil.DOMCursor;
import org.apache.tsik.domutil.DOMWriteCursor;
import org.apache.tsik.domutil.elements.ElementException;
import org.apache.tsik.domutil.elements.ElementExtension;
import org.apache.tsik.domutil.elements.ElementImpl;
import org.apache.tsik.util.Namespaces;
import org.apache.tsik.xmlenc.AlgorithmType;
import org.apache.tsik.xmlsig.elements.KeyInfo;

/* loaded from: input_file:org/apache/tsik/xmlenc/elements/EncryptedKey.class */
public class EncryptedKey extends ElementImpl implements ElementExtension {
    private static Logger log;
    static EncryptedKey INSTANCE;
    private static String name;
    private static String prefix;
    private static String uri;
    private static String[] ns;
    private Key encryptionKey;
    private Key decryptionKey;
    private Key keyToEncrypt;
    private EncryptionMethod encryptionMethod;
    private KeyInfo keyInfo;
    private CipherData cipherData;
    static Class class$org$apache$tsik$xmlenc$elements$EncryptedKey;

    public EncryptedKey() {
        this.encryptionMethod = new EncryptionMethod();
        this.keyInfo = new KeyInfo();
        this.cipherData = new CipherData();
    }

    public EncryptedKey(EncryptionMethod encryptionMethod, KeyInfo keyInfo, CipherData cipherData) {
        this.encryptionMethod = encryptionMethod;
        this.keyInfo = keyInfo;
        this.cipherData = cipherData;
    }

    public void setEncryptionKey(Key key) {
        this.encryptionKey = key;
    }

    public void setDecryptionKey(Key key) {
        this.decryptionKey = key;
    }

    public void setKeyToEncrypt(Key key) {
        this.keyToEncrypt = key;
    }

    public Key getDecryptedKey() {
        return this.keyToEncrypt;
    }

    public void setKeyInfo(org.apache.tsik.xmlsig.KeyInfo keyInfo) {
        this.keyInfo = new KeyInfo(keyInfo);
    }

    public org.apache.tsik.xmlsig.KeyInfo getKeyInfo() {
        if (this.keyInfo != null) {
            return this.keyInfo.getKeyInfo();
        }
        return null;
    }

    public void encrypt(AlgorithmType algorithmType, boolean z) throws NoSuchAlgorithmException, IllegalArgumentException {
        if (algorithmType != AlgorithmType.RSA1_5) {
            throw new IllegalArgumentException("AlgorithmType must be RSA1_5 for key encryption");
        }
        String jceAlgorithm = algorithmType.getJceAlgorithm();
        try {
            byte[] encoded = this.keyToEncrypt.getEncoded();
            Cipher cipher = getCipher(jceAlgorithm, !z, this.encryptionKey);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Using cipher: ").append(cipher.getAlgorithm()).toString());
                log.debug(new StringBuffer().append("about to encrypt ").append(encoded.length).append(" KEY bytes:\n").append(new BigInteger(1, encoded).toString(16)).toString());
            }
            cipher.init(1, this.encryptionKey);
            byte[] doFinal = cipher.doFinal(encoded);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("encrypted ").append(doFinal.length).append(" KEY bytes:\n").append(new BigInteger(1, doFinal).toString(16)).toString());
            }
            String encode = Base64.encode(doFinal);
            this.encryptionMethod.setAlgorithmType(algorithmType);
            this.cipherData.setEncryptedValue(encode);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e.toString());
        } catch (Exception e2) {
            throw new IllegalArgumentException(new StringBuffer().append("Probable mismatch of key with algorithm: ").append(e2).toString());
        }
    }

    private Key convertToKey(byte[] bArr) {
        return new SecretKeySpec(bArr, "DESede");
    }

    public void decrypt() throws NoSuchAlgorithmException {
        try {
            decrypt(true);
        } catch (NoSuchAlgorithmException e) {
            throw e;
        } catch (BadPaddingException e2) {
            try {
                decrypt(false);
            } catch (Exception e3) {
                throw new IllegalArgumentException(new StringBuffer().append("Probable mismatch of key with algorithm: ").append(e2).toString());
            }
        } catch (GeneralSecurityException e4) {
            throw new IllegalArgumentException(new StringBuffer().append("Probable mismatch of key with algorithm: ").append(e4).toString());
        }
    }

    private void decrypt(boolean z) throws GeneralSecurityException {
        String jceAlgorithm = this.encryptionMethod.getAlgorithmType().getJceAlgorithm();
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("Decrypting using cipher: ").append(jceAlgorithm).toString());
        }
        byte[] decode = Base64.decode(this.cipherData.getEncryptedValue());
        Cipher cipher = getCipher(jceAlgorithm, z, this.decryptionKey);
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("Using cipher: ").append(cipher.getAlgorithm()).toString());
            log.debug(new StringBuffer().append("    provider: ").append(cipher.getProvider()).toString());
            log.debug(new StringBuffer().append("about to decrypt ").append(decode.length).append(" KEY bytes:\n").append(new BigInteger(1, decode).toString(16)).toString());
        }
        cipher.init(2, this.decryptionKey);
        byte[] doFinal = cipher.doFinal(decode);
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("decrypted ").append(doFinal.length).append(" KEY bytes:\n").append(new BigInteger(1, doFinal).toString(16)).toString());
        }
        this.keyToEncrypt = convertToKey(doFinal);
    }

    private static boolean hasBouncyCastle() {
        return Security.getProvider("BC") != null;
    }

    private static boolean hasChrysalis() {
        return Security.getProvider("LunaJCEProvider") != null;
    }

    private static boolean installBouncyCastle() {
        try {
            if (hasBouncyCastle()) {
                return false;
            }
            Security.insertProviderAt((Provider) Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider").newInstance(), 2);
            return true;
        } catch (ClassNotFoundException e) {
            return false;
        } catch (IllegalAccessException e2) {
            return false;
        } catch (InstantiationException e3) {
            return false;
        }
    }

    private static void removeBouncyCastle() {
        Security.removeProvider("BC");
    }

    public static Cipher getCipher(String str, Key key) throws NoSuchAlgorithmException {
        return getCipher(str, true, key);
    }

    private static Cipher getCipher(String str, boolean z, Key key) throws NoSuchAlgorithmException {
        boolean z2 = false;
        try {
            try {
                if (!hasBouncyCastle()) {
                    z2 = installBouncyCastle();
                }
                if (z && ((hasBouncyCastle() || hasChrysalis()) && "RSA".equals(str))) {
                    str = "RSA/ECB/PKCS1PADDING";
                }
                Cipher cipher = Cipher.getInstance(str);
                if (z2) {
                    removeBouncyCastle();
                }
                return cipher;
            } catch (NoSuchAlgorithmException e) {
                throw e;
            } catch (NoSuchPaddingException e2) {
                throw new NoSuchAlgorithmException(e2.toString());
            }
        } catch (Throwable th) {
            if (z2) {
                removeBouncyCastle();
            }
            throw th;
        }
    }

    @Override // org.apache.tsik.domutil.elements.ElementExtension
    public ElementExtension fromXml(DOMCursor dOMCursor) {
        try {
            if (!dOMCursor.moveToChild(uri, name)) {
                return null;
            }
            dOMCursor.moveToParent();
            return fromXmlStatic(dOMCursor);
        } catch (ElementException e) {
            throw new IllegalArgumentException(e.toString());
        }
    }

    public static EncryptedKey fromXmlStatic(DOMCursor dOMCursor) throws ElementException {
        DOMCursor cloneCursor = dOMCursor.cloneCursor();
        cloneCursor.moveToChild(uri, name);
        EncryptionMethod encryptionMethod = (EncryptionMethod) EncryptionMethod.fromXml(cloneCursor);
        KeyInfo keyInfo = null;
        if (KeyInfo.isAnElementIn(cloneCursor)) {
            keyInfo = KeyInfo.fromXml(cloneCursor);
        }
        return new EncryptedKey(encryptionMethod, keyInfo, CipherData.fromXml(cloneCursor));
    }

    @Override // org.apache.tsik.domutil.elements.ElementImpl, org.apache.tsik.domutil.elements.Element
    public void toXml(DOMWriteCursor dOMWriteCursor) {
        DOMWriteCursor addUnder = dOMWriteCursor.addUnder(uri, prefix, name);
        this.encryptionMethod.toXml(addUnder);
        if (this.keyInfo != null) {
            this.keyInfo.toXml(addUnder);
        }
        this.cipherData.toXml(addUnder);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$tsik$xmlenc$elements$EncryptedKey == null) {
            cls = class$("org.apache.tsik.xmlenc.elements.EncryptedKey");
            class$org$apache$tsik$xmlenc$elements$EncryptedKey = cls;
        } else {
            cls = class$org$apache$tsik$xmlenc$elements$EncryptedKey;
        }
        log = LoggerFactory.getLogger(cls);
        INSTANCE = new EncryptedKey();
        name = "EncryptedKey";
        prefix = Namespaces.XMLENC.getPrefix();
        uri = Namespaces.XMLENC.getUri();
        ns = new String[]{prefix, uri};
    }
}
