package org.apache.wss4j.stax.impl.securityToken;

import java.security.Key;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSUtils;
import org.apache.wss4j.stax.securityToken.EncryptedKeySha1SecurityToken;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityTokenConstants;

/* loaded from: input_file:org/apache/wss4j/stax/impl/securityToken/EncryptedKeySha1SecurityTokenImpl.class */
public class EncryptedKeySha1SecurityTokenImpl extends AbstractInboundSecurityToken implements EncryptedKeySha1SecurityToken {
    private CallbackHandler callbackHandler;

    public EncryptedKeySha1SecurityTokenImpl(WSInboundSecurityContext wSInboundSecurityContext, CallbackHandler callbackHandler, String str, String str2) {
        super(wSInboundSecurityContext, str2, WSSecurityTokenConstants.KeyIdentifier_EncryptedKeySha1Identifier, false);
        this.callbackHandler = callbackHandler;
        setSha1Identifier(str);
    }

    public boolean isAsymmetric() throws XMLSecurityException {
        return false;
    }

    protected Key getKey(String str, XMLSecurityConstants.AlgorithmUsage algorithmUsage, String str2) throws XMLSecurityException {
        Key key = (Key) getSecretKey().get(str);
        if (key != null) {
            return key;
        }
        WSPasswordCallback wSPasswordCallback = new WSPasswordCallback(getSha1Identifier(), (String) null, WSSConstants.NS_ENCRYPTED_KEY_SHA1, WSPasswordCallback.Usage.SECRET_KEY);
        WSSUtils.doSecretKeyCallback(this.callbackHandler, wSPasswordCallback, getSha1Identifier());
        if (wSPasswordCallback.getKey() == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noKey", new Object[]{getSha1Identifier()});
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(wSPasswordCallback.getKey(), JCEMapper.getJCEKeyAlgorithmFromURI(str));
        setSecretKey(str, secretKeySpec);
        return secretKeySpec;
    }

    public SecurityTokenConstants.TokenType getTokenType() {
        return WSSecurityTokenConstants.EncryptedKeyToken;
    }
}
