package com.sun.identity.federation.message.common;

import com.sun.identity.federation.common.FSException;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.jaxb.entityconfig.BaseConfigType;
import com.sun.identity.federation.key.EncInfo;
import com.sun.identity.federation.key.KeyUtil;
import com.sun.identity.federation.meta.IDFFMetaException;
import com.sun.identity.federation.meta.IDFFMetaManager;
import com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.shared.encode.Base64;
import com.sun.identity.shared.xml.XMLUtils;
import com.sun.identity.xmlenc.EncryptionException;
import com.sun.identity.xmlenc.XMLEncryptionManager;
import java.security.Key;
import java.security.PrivateKey;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

@Deprecated
/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.2.jar:com/sun/identity/federation/message/common/EncryptedNameIdentifier.class */
public class EncryptedNameIdentifier {
    private static Document getEncryptableDocument(EncryptableNameIdentifier encryptableNameIdentifier) {
        StringBuffer stringBuffer = new StringBuffer(300);
        stringBuffer.append("<").append(IFSConstants.LIB_PREFIX).append("EncryptedNameIdentifier").append(" ").append(IFSConstants.LIB_12_NAMESPACE_STRING).append(">").append(encryptableNameIdentifier.toString()).append("</").append(IFSConstants.LIB_PREFIX).append("EncryptedNameIdentifier").append(">");
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("EncryptedNameIdentifier.getEncryptableNameIdentifier: doc =" + stringBuffer.toString());
        }
        return XMLUtils.toDOMDocument(stringBuffer.toString(), FSUtils.debug);
    }

    public static NameIdentifier getEncryptedNameIdentifier(NameIdentifier nameIdentifier, String str, String str2) throws FSException {
        if (nameIdentifier == null || str2 == null) {
            FSUtils.debug.error("EncryptedNameIdentifier.construct: nullInputParameter");
            throw new FSException("nullInputParameter", (Object[]) null);
        }
        SPDescriptorType sPDescriptorType = null;
        try {
            IDFFMetaManager iDFFMetaManager = FSUtils.getIDFFMetaManager();
            if (iDFFMetaManager != null) {
                sPDescriptorType = iDFFMetaManager.getSPDescriptor(str, str2);
                if (sPDescriptorType == null) {
                    sPDescriptorType = iDFFMetaManager.getIDPDescriptor(str, str2);
                }
            }
            if (sPDescriptorType == null) {
                throw new IDFFMetaException((String) null);
            }
            EncInfo encInfo = KeyUtil.getEncInfo(sPDescriptorType, str2, false);
            return getEncryptedNameIdentifier(nameIdentifier, str2, encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength());
        } catch (IDFFMetaException e) {
            FSUtils.debug.error("EncryptedNameIdentifier.construct: Couldnot retrieve the meta for provider" + str2);
            throw new FSException(e);
        }
    }

    public static NameIdentifier getEncryptedNameIdentifier(NameIdentifier nameIdentifier, String str, Key key, String str2, int i) throws FSException {
        if (nameIdentifier == null || str == null) {
            FSUtils.debug.error("EncryptedNameIdentifier.construct: nullInputParameter");
            throw new FSException("nullInputParameter", (Object[]) null);
        }
        Document encryptableDocument = getEncryptableDocument(new EncryptableNameIdentifier(nameIdentifier));
        try {
            Document encryptAndReplace = XMLEncryptionManager.getInstance().encryptAndReplace(encryptableDocument, (Element) encryptableDocument.getElementsByTagNameNS("urn:liberty:iff:2003-08", "EncryptableNameIdentifier").item(0), str2, i, key, 0, str);
            if (encryptAndReplace == null) {
                throw new FSException("EncryptionFailed", (Object[]) null);
            }
            try {
                return new NameIdentifier(Base64.encode(SAMLUtils.stringToByteArray(XMLUtils.print(encryptAndReplace))), nameIdentifier.getNameQualifier(), IFSConstants.NI_ENCRYPTED_FORMAT_URI);
            } catch (SAMLException e) {
                throw new FSException(e);
            }
        } catch (EncryptionException e2) {
            FSUtils.debug.error("EncryptedNameIdentifier.construct: Unableto encrypt the xml doc", e2);
            throw new FSException(e2);
        }
    }

    public static NameIdentifier getDecryptedNameIdentifier(NameIdentifier nameIdentifier, String str, String str2) throws FSException {
        if (nameIdentifier == null || str2 == null) {
            FSUtils.debug.error("EncryptedNameIdentifier.getDecryptedNameIdentifier: null values");
            throw new FSException("nullInputParameter", (Object[]) null);
        }
        try {
            BaseConfigType sPDescriptorConfig = FSUtils.getIDFFMetaManager().getSPDescriptorConfig(str, str2);
            if (sPDescriptorConfig == null) {
                sPDescriptorConfig = FSUtils.getIDFFMetaManager().getIDPDescriptorConfig(str, str2);
            }
            if (sPDescriptorConfig != null) {
                return getDecryptedNameIdentifier(nameIdentifier, KeyUtil.getDecryptionKey(sPDescriptorConfig));
            }
            FSUtils.debug.error("EncryptedNameIdentifier.getDecryptedNameIdentifier: Unable to find provider " + str2);
            throw new FSException("noProviderFound", (Object[]) null);
        } catch (Exception e) {
            FSUtils.debug.error("EncryptedNameIdentifier.getDecryptedNameIdentifier: Unable to find provider", e);
            throw new FSException(e);
        }
    }

    public static NameIdentifier getDecryptedNameIdentifier(NameIdentifier nameIdentifier, PrivateKey privateKey) throws FSException {
        if (nameIdentifier.getFormat() == null || !nameIdentifier.getFormat().equals(IFSConstants.NI_ENCRYPTED_FORMAT_URI)) {
            throw new FSException("notValidFormat", (Object[]) null);
        }
        try {
            EncryptableNameIdentifier encryptableNameIdentifier = new EncryptableNameIdentifier((Element) XMLEncryptionManager.getInstance().decryptAndReplace(XMLUtils.toDOMDocument(SAMLUtils.byteArrayToString(Base64.decode(FSUtils.removeNewLineChars(nameIdentifier.getName()))), FSUtils.debug), privateKey).getElementsByTagNameNS("urn:liberty:iff:2003-08", "EncryptableNameIdentifier").item(0));
            return new NameIdentifier(encryptableNameIdentifier.getName(), encryptableNameIdentifier.getNameQualifier(), encryptableNameIdentifier.getFormat());
        } catch (SAMLException e) {
            throw new FSException(e);
        } catch (EncryptionException e2) {
            FSUtils.debug.error("EncryptedNameIdentifier.getDecryptedNameIdentifier: Decryption exception", e2);
            throw new FSException(e2);
        }
    }
}
