package com.sonicsw.ws.security.processingresult;

import com.sonicsw.ws.axis.DebugObjects;
import com.sonicsw.ws.security.action.Encryption;
import com.sonicsw.ws.security.policy.WSSPConstants;
import com.sonicsw.wsp.WSPConstants;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.cert.X509Certificate;
import java.util.Vector;
import javax.xml.namespace.QName;
import org.apache.axis.MessageContext;
import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:com/sonicsw/ws/security/processingresult/EncryptionResult.class */
public class EncryptionResult extends EncryptionSignatureResult {
    private X509Certificate m_encryptedKeyCert;
    private URI m_algEncryptionURI;
    private URI m_algAsymmetricKeyTransportURI;
    private Vector m_encryptedElements;
    private boolean allRequiredPartsEncrypted;

    public void setEncryptedKeyCert(X509Certificate x509Certificate) {
        this.m_encryptedKeyCert = x509Certificate;
    }

    public void setAsymmetricKeyTransportURI(String str) {
        this.m_algAsymmetricKeyTransportURI = URI.create(str);
    }

    public void setEncryptionURI(String str) {
        this.m_algEncryptionURI = URI.create(str);
    }

    public void addPart(QName qName) {
        this.m_encryptedElements.add(qName);
    }

    public EncryptionResult(Element element) {
        this.m_encryptedKeyCert = null;
        this.m_algEncryptionURI = null;
        this.m_algAsymmetricKeyTransportURI = null;
        this.m_encryptedElements = new Vector();
        this.allRequiredPartsEncrypted = true;
        this.m_element = element;
    }

    public EncryptionResult(Element element, X509Certificate x509Certificate) {
        Element element2;
        this.m_encryptedKeyCert = null;
        this.m_algEncryptionURI = null;
        this.m_algAsymmetricKeyTransportURI = null;
        this.m_encryptedElements = new Vector();
        this.allRequiredPartsEncrypted = true;
        this.m_element = element;
        this.m_encryptedKeyCert = x509Certificate;
        Document ownerDocument = element.getOwnerDocument();
        Element element3 = (Element) WSSecurityUtil.getDirectChild(element, "EncryptionMethod", "http://www.w3.org/2001/04/xmlenc#");
        if (element3 != null && element3.getAttribute(WSSPConstants.LN_ALGORITHM) != null) {
            this.m_algAsymmetricKeyTransportURI = URI.create(element3.getAttribute(WSSPConstants.LN_ALGORITHM));
        }
        Element element4 = (Element) WSSecurityUtil.getDirectChild(element, "ReferenceList", "http://www.w3.org/2001/04/xmlenc#");
        if (element4 == null) {
            return;
        }
        Node firstChild = element4.getFirstChild();
        while (true) {
            Node node = firstChild;
            if (node == null) {
                return;
            }
            if (node.getNodeType() == 1 && node.getNamespaceURI().equals("http://www.w3.org/2001/04/xmlenc#") && node.getLocalName().equals("DataReference")) {
                String attribute = ((Element) node).getAttribute("URI");
                Element element5 = null;
                if (attribute != null) {
                    DebugObjects.getPolicyDebug().debug("EncryptionResult.init: data ref found = " + attribute);
                    String trim = attribute.trim();
                    if (trim.length() != 0 && trim.charAt(0) == '#') {
                        trim = trim.substring(1);
                    }
                    element5 = WSSecurityUtil.findElementById(ownerDocument.getDocumentElement(), trim, WSPConstants.NSURI_SECURITY_UTIL);
                    if (element5 == null) {
                        element5 = WSSecurityUtil.getElementByGenId(ownerDocument, attribute);
                    }
                }
                if (this.m_encryptedElements == null) {
                    this.m_encryptedElements = new Vector();
                }
                if (element5 == null) {
                    throw new NullPointerException("Element encBodyData is null in " + getClass().getName());
                }
                Element element6 = (Element) element5.getParentNode();
                QName qName = new QName(element6.getNamespaceURI(), element6.getLocalName());
                DebugObjects.getPolicyDebug().debug("EncryptionResult.init: encrypted part = " + qName);
                this.m_encryptedElements.add(qName);
                if (this.m_algEncryptionURI == null && (element2 = (Element) WSSecurityUtil.findElement(element6, "EncryptionMethod", "http://www.w3.org/2001/04/xmlenc#")) != null) {
                    String attribute2 = element2.getAttribute(WSSPConstants.LN_ALGORITHM);
                    DebugObjects.getPolicyDebug().debug("EncryptionResult.init: encryption algorithm = " + attribute2);
                    this.m_algEncryptionURI = URI.create(attribute2);
                }
            }
            firstChild = node.getNextSibling();
        }
    }

    public X509Certificate getCertificate() {
        return this.m_encryptedKeyCert;
    }

    private void setError(String str) {
        if (this.m_status != null) {
            this.m_status.setError(str);
        }
        this.allRequiredPartsEncrypted = false;
    }

    private void addEncryptedPart(QName qName) {
        if (this.m_status != null) {
            this.m_status.addMessagePart(qName);
        }
    }

    public boolean validate(Encryption encryption, MessageContext messageContext, ValidationStatus validationStatus) {
        this.m_status = validationStatus;
        String keyEncryptionAlgorithm = encryption.getKeyEncryptionAlgorithm();
        if (keyEncryptionAlgorithm != null) {
            DebugObjects.getPolicyDebug().debug("validating key transport alg against policy, expected " + keyEncryptionAlgorithm);
            try {
                URI uri = new URI(keyEncryptionAlgorithm);
                if (this.m_algAsymmetricKeyTransportURI == null || !this.m_algAsymmetricKeyTransportURI.equals(uri)) {
                    setError("key transport algorithm not matched, expected " + uri + ", found " + this.m_algAsymmetricKeyTransportURI);
                    DebugObjects.getPolicyDebug().debug("Validation of key transport algorithm failed, found " + this.m_algAsymmetricKeyTransportURI);
                    return false;
                }
            } catch (URISyntaxException e) {
                e.printStackTrace();
                return false;
            }
        }
        String algEncryption = encryption.getAlgEncryption();
        if (algEncryption != null) {
            DebugObjects.getPolicyDebug().debug("validating Encryption alg against policy, expected " + algEncryption);
            try {
                URI uri2 = new URI(algEncryption);
                if (this.m_algEncryptionURI == null || !this.m_algEncryptionURI.equals(uri2)) {
                    DebugObjects.getPolicyDebug().debug("Validation of Encryption alg failed, found " + this.m_algEncryptionURI);
                    setError("encryption algorithm not matched, expected " + uri2 + ", found " + this.m_algEncryptionURI);
                    return false;
                }
            } catch (URISyntaxException e2) {
                e2.printStackTrace();
                return false;
            }
        }
        if (!validateTokenReference(encryption, messageContext)) {
            return false;
        }
        DebugObjects.getPolicyDebug().debug("EncryptionResult: validating all required message part(s) are encrypted...");
        QName[] partsAsQNames = encryption.getPartsAsQNames();
        if (partsAsQNames != null) {
            for (QName qName : partsAsQNames) {
                DebugObjects.getPolicyDebug().debug("EncryptionResult: required encrypted part " + qName);
                boolean z = false;
                int i = 0;
                while (true) {
                    if (i >= this.m_encryptedElements.size()) {
                        break;
                    }
                    QName qName2 = (QName) this.m_encryptedElements.get(i);
                    DebugObjects.getPolicyDebug().debug("EncryptionResult: found encrypted part " + qName2);
                    z = qName.equals(qName2);
                    if (z) {
                        addEncryptedPart(qName);
                        break;
                    }
                    i++;
                }
                if (z) {
                    DebugObjects.getPolicyDebug().debug("EncryptionResult: required message part encrypted: " + qName);
                } else {
                    if (encryption.isSP2002()) {
                        String str = "required message part not encrypted: " + qName;
                        setError(str);
                        DebugObjects.getPolicyDebug().debug("EncryptionResult:" + str);
                        return false;
                    }
                    if (this.m_element.getOwnerDocument().getElementsByTagNameNS(qName.getNamespaceURI(), qName.getLocalPart()).getLength() != 0) {
                        String str2 = "required message part found in message but not encrypted: " + qName;
                        setError(str2);
                        DebugObjects.getPolicyDebug().debug("EncryptionResult:" + str2);
                    } else {
                        addEncryptedPart(qName);
                        DebugObjects.getPolicyDebug().debug("EncryptionResult: required message part not encrypted: " + qName);
                    }
                }
            }
        }
        return this.allRequiredPartsEncrypted;
    }
}
