package org.apache.ws.security.saml;

import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.Properties;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.keys.content.X509Data;
import org.apache.xml.security.keys.content.keyvalues.DSAKeyValue;
import org.apache.xml.security.keys.content.keyvalues.RSAKeyValue;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLAuthenticationStatement;
import org.opensaml.SAMLException;
import org.opensaml.SAMLNameIdentifier;
import org.opensaml.SAMLSubject;
import org.w3c.dom.Document;
import org.wso2.securevault.definition.CipherInformation;

/* loaded from: input_file:lib/wss4j-1.5.11-wso2v20.jar:org/apache/ws/security/saml/SAMLIssuerImpl.class */
public class SAMLIssuerImpl implements SAMLIssuer {
    private static final Log log = LogFactory.getLog(SAMLIssuerImpl.class.getName());
    private SAMLAssertion sa;
    private Document instanceDoc;
    private Properties properties;
    private Crypto issuerCrypto;
    private String issuerKeyPassword;
    private String issuerKeyName;
    private boolean senderVouches;
    private String[] confirmationMethods;
    private Crypto userCrypto;
    private String username;
    private boolean sendKeyValue;

    public SAMLIssuerImpl() {
        this.sa = null;
        this.instanceDoc = null;
        this.properties = null;
        this.issuerCrypto = null;
        this.issuerKeyPassword = null;
        this.issuerKeyName = null;
        this.senderVouches = true;
        this.confirmationMethods = new String[1];
        this.userCrypto = null;
        this.username = null;
        this.sendKeyValue = false;
    }

    public SAMLIssuerImpl(Properties properties) {
        this.sa = null;
        this.instanceDoc = null;
        this.properties = null;
        this.issuerCrypto = null;
        this.issuerKeyPassword = null;
        this.issuerKeyName = null;
        this.senderVouches = true;
        this.confirmationMethods = new String[1];
        this.userCrypto = null;
        this.username = null;
        this.sendKeyValue = false;
        if (properties == null) {
            return;
        }
        this.properties = properties;
        String property = this.properties.getProperty("org.apache.ws.security.saml.issuer.cryptoProp.file");
        if (property != null) {
            this.issuerCrypto = CryptoFactory.getInstance(property);
            this.issuerKeyName = this.properties.getProperty("org.apache.ws.security.saml.issuer.key.name");
            this.issuerKeyPassword = this.properties.getProperty("org.apache.ws.security.saml.issuer.key.password");
        }
        String property2 = this.properties.getProperty("org.apache.ws.security.saml.issuer.sendKeyValue");
        if (property2 != null) {
            this.sendKeyValue = Boolean.valueOf(property2).booleanValue();
        }
        if ("senderVouches".equals(this.properties.getProperty("org.apache.ws.security.saml.confirmationMethod"))) {
            this.confirmationMethods[0] = SAMLSubject.CONF_SENDER_VOUCHES;
        } else if ("keyHolder".equals(this.properties.getProperty("org.apache.ws.security.saml.confirmationMethod"))) {
            this.confirmationMethods[0] = SAMLSubject.CONF_HOLDER_KEY;
            this.senderVouches = false;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r24v0, types: [java.lang.Throwable, org.apache.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r25v1, types: [java.lang.Throwable, org.apache.ws.security.WSSecurityException] */
    @Override // org.apache.ws.security.saml.SAMLIssuer
    public SAMLAssertion newAssertion() {
        log.debug("Begin add SAMLAssertion token...");
        String property = this.properties.getProperty("org.apache.ws.security.saml.issuer");
        try {
            SAMLNameIdentifier sAMLNameIdentifier = new SAMLNameIdentifier(this.properties.getProperty("org.apache.ws.security.saml.subjectNameId.name"), this.properties.getProperty("org.apache.ws.security.saml.subjectNameId.qualifier"), "");
            String str = null;
            if ("password".equals(this.properties.getProperty("org.apache.ws.security.saml.authenticationMethod"))) {
                str = SAMLAuthenticationStatement.AuthenticationMethod_Password;
            }
            Date date = new Date();
            SAMLSubject sAMLSubject = new SAMLSubject(sAMLNameIdentifier, Arrays.asList(this.confirmationMethods), null, null);
            this.sa = new SAMLAssertion(property, null, null, null, null, Arrays.asList(new SAMLAuthenticationStatement(sAMLSubject, str, date, null, null, null)));
            if (!this.senderVouches) {
                KeyInfo keyInfo = new KeyInfo(this.instanceDoc);
                try {
                    try {
                        X509Certificate[] certificates = this.userCrypto.getCertificates(this.username);
                        if (this.sendKeyValue) {
                            PublicKey publicKey = certificates[0].getPublicKey();
                            String algorithm = publicKey.getAlgorithm();
                            if ("DSA".equalsIgnoreCase(algorithm)) {
                                keyInfo.add(new DSAKeyValue(this.instanceDoc, publicKey));
                            } else if (CipherInformation.DEFAULT_ALGORITHM.equalsIgnoreCase(algorithm)) {
                                keyInfo.add(new RSAKeyValue(this.instanceDoc, publicKey));
                            }
                        } else {
                            X509Data x509Data = new X509Data(this.instanceDoc);
                            x509Data.addCertificate(certificates[0]);
                            keyInfo.add(x509Data);
                        }
                        keyInfo.getElement().setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:ds", "http://www.w3.org/2000/09/xmldsig#");
                        sAMLSubject.setKeyInfo(keyInfo);
                        try {
                            X509Certificate[] certificates2 = this.issuerCrypto.getCertificates(this.issuerKeyName);
                            String algorithm2 = certificates2[0].getPublicKey().getAlgorithm();
                            log.debug("automatic sig algo detection: " + algorithm2);
                            this.sa.sign(algorithm2.equalsIgnoreCase("DSA") ? "http://www.w3.org/2000/09/xmldsig#dsa-sha1" : "http://www.w3.org/2000/09/xmldsig#rsa-sha1", this.issuerCrypto.getPrivateKey(this.issuerKeyName, this.issuerKeyPassword), Arrays.asList(certificates2));
                        } catch (Exception e) {
                            if (!log.isDebugEnabled()) {
                                return null;
                            }
                            log.debug(e.getMessage(), e);
                            return null;
                        } catch (WSSecurityException e2) {
                            if (!log.isDebugEnabled()) {
                                return null;
                            }
                            log.debug(e2.getMessage(), e2);
                            return null;
                        }
                    } catch (XMLSecurityException e3) {
                        if (!log.isDebugEnabled()) {
                            return null;
                        }
                        log.debug(e3.getMessage(), e3);
                        return null;
                    }
                } catch (WSSecurityException e4) {
                    if (!log.isDebugEnabled()) {
                        return null;
                    }
                    log.debug(e4.getMessage(), e4);
                    return null;
                }
            }
            return this.sa;
        } catch (SAMLException e5) {
            if (log.isDebugEnabled()) {
                log.debug(e5.getMessage(), e5);
            }
            throw new RuntimeException(e5.toString(), e5);
        }
    }

    @Override // org.apache.ws.security.saml.SAMLIssuer
    public void setUserCrypto(Crypto crypto) {
        this.userCrypto = crypto;
    }

    @Override // org.apache.ws.security.saml.SAMLIssuer
    public void setUsername(String str) {
        this.username = str;
    }

    @Override // org.apache.ws.security.saml.SAMLIssuer
    public Crypto getIssuerCrypto() {
        return this.issuerCrypto;
    }

    @Override // org.apache.ws.security.saml.SAMLIssuer
    public String getIssuerKeyName() {
        return this.issuerKeyName;
    }

    @Override // org.apache.ws.security.saml.SAMLIssuer
    public String getIssuerKeyPassword() {
        return this.issuerKeyPassword;
    }

    @Override // org.apache.ws.security.saml.SAMLIssuer
    public boolean isSenderVouches() {
        return this.senderVouches;
    }

    @Override // org.apache.ws.security.saml.SAMLIssuer
    public void setInstanceDoc(Document document) {
        this.instanceDoc = document;
    }
}
