package org.apache.camel.dataformat.xmlsecurity;

import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.transform.dom.DOMSource;
import org.apache.camel.Exchange;
import org.apache.camel.converter.IOConverter;
import org.apache.camel.spi.DataFormat;
import org.apache.camel.util.ExchangeHelper;
import org.apache.camel.util.IOHelper;
import org.apache.xml.security.Init;
import org.apache.xml.security.encryption.EncryptedKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.encryption.XMLEncryptionException;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xpath.XPathAPI;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.traversal.NodeIterator;

/* loaded from: input_file:org/apache/camel/dataformat/xmlsecurity/XMLSecurityDataFormat.class */
public class XMLSecurityDataFormat implements DataFormat {
    private String xmlCipherAlgorithm;
    private byte[] passPhrase;
    private String secureTag;
    private boolean secureTagContents;

    public XMLSecurityDataFormat() {
        this.xmlCipherAlgorithm = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
        this.passPhrase = "Just another 24 Byte key".getBytes();
        this.secureTag = "";
        this.secureTagContents = true;
        Init.init();
    }

    public XMLSecurityDataFormat(String str, boolean z) {
        this();
        setSecureTag(str);
        setSecureTagContents(z);
    }

    public XMLSecurityDataFormat(String str, boolean z, byte[] bArr) {
        this();
        setSecureTag(str);
        setSecureTagContents(z);
        setPassPhrase(bArr);
    }

    public XMLSecurityDataFormat(String str, boolean z, byte[] bArr, String str2) {
        this();
        setSecureTag(str);
        setSecureTagContents(z);
        setPassPhrase(bArr);
        setXmlCipherAlgorithm(str2);
    }

    public void marshal(Exchange exchange, Object obj, OutputStream outputStream) throws Exception {
        Key generateEncryptionKey;
        Key generateEncryptionKey2;
        InputStream inputStream = (InputStream) exchange.getContext().getTypeConverter().convertTo(InputStream.class, obj);
        if (inputStream == null) {
            throw new IllegalArgumentException("Cannot get the inputstream for XMLSecurityDataFormat mashalling");
        }
        Document document = (Document) exchange.getContext().getTypeConverter().convertTo(Document.class, exchange, inputStream);
        if (this.xmlCipherAlgorithm.equals("http://www.w3.org/2001/04/xmlenc#tripledes-cbc")) {
            generateEncryptionKey = generateEncryptionKey("DESede");
            generateEncryptionKey2 = generateEncryptionKey("DESede");
        } else {
            generateEncryptionKey = generateEncryptionKey("AES");
            generateEncryptionKey2 = generateEncryptionKey("AES");
        }
        XMLCipher xMLCipher = XMLCipher.getInstance(generateXmlCipherAlgorithmKeyWrap());
        xMLCipher.init(3, generateEncryptionKey);
        XMLCipher xMLCipher2 = XMLCipher.getInstance(this.xmlCipherAlgorithm);
        xMLCipher2.init(1, generateEncryptionKey2);
        if (!this.secureTag.equalsIgnoreCase("")) {
            NodeIterator selectNodeIterator = XPathAPI.selectNodeIterator(document, this.secureTag);
            while (true) {
                Node nextNode = selectNodeIterator.nextNode();
                if (nextNode == null) {
                    break;
                }
                embedKeyInfoInEncryptedData(document, xMLCipher, xMLCipher2, generateEncryptionKey2);
                document.importNode(xMLCipher2.doFinal(document, (Element) nextNode, getSecureTagContents()).getDocumentElement().cloneNode(true), true);
            }
        } else {
            embedKeyInfoInEncryptedData(document, xMLCipher, xMLCipher2, generateEncryptionKey2);
            document = xMLCipher2.doFinal(document, document.getDocumentElement());
        }
        try {
            IOHelper.copy(IOConverter.toInputStrean(new DOMSource(document)), outputStream);
            outputStream.close();
        } catch (Throwable th) {
            outputStream.close();
            throw th;
        }
    }

    public Object unmarshal(Exchange exchange, InputStream inputStream) throws Exception {
        InputStream inputStream2 = (InputStream) ExchangeHelper.getMandatoryInBody(exchange, InputStream.class);
        Key generateEncryptionKey = this.xmlCipherAlgorithm.equals("http://www.w3.org/2001/04/xmlenc#tripledes-cbc") ? generateEncryptionKey("DESede") : generateEncryptionKey("AES");
        XMLCipher xMLCipher = XMLCipher.getInstance();
        xMLCipher.init(2, (Key) null);
        xMLCipher.setKEK(generateEncryptionKey);
        Document document = (Document) exchange.getContext().getTypeConverter().convertTo(Document.class, exchange, inputStream2);
        if (!this.secureTag.equalsIgnoreCase("")) {
            NodeIterator selectNodeIterator = XPathAPI.selectNodeIterator(document, this.secureTag);
            while (true) {
                Node nextNode = selectNodeIterator.nextNode();
                if (nextNode == null) {
                    break;
                }
                document.importNode(xMLCipher.doFinal(document, (Element) nextNode, getSecureTagContents()).getDocumentElement().cloneNode(true), true);
            }
        } else {
            document = xMLCipher.doFinal(document, document.getDocumentElement());
        }
        DOMSource dOMSource = new DOMSource(document);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            IOHelper.copy(IOConverter.toInputStrean(dOMSource), byteArrayOutputStream);
            byteArrayOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Throwable th) {
            byteArrayOutputStream.close();
            throw th;
        }
    }

    private Key generateEncryptionKey(String str) throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
        Key secretKeySpec;
        try {
            if (str.equalsIgnoreCase("DESede")) {
                secretKeySpec = SecretKeyFactory.getInstance(str).generateSecret(new DESedeKeySpec(this.passPhrase));
            } else {
                secretKeySpec = new SecretKeySpec(this.passPhrase, "AES");
            }
            return secretKeySpec;
        } catch (InvalidKeyException e) {
            throw new InvalidKeyException("InvalidKeyException due to invalid passPhrase: " + Arrays.toString(this.passPhrase));
        } catch (NoSuchAlgorithmException e2) {
            throw new NoSuchAlgorithmException("NoSuchAlgorithmException while using XMLCipher.TRIPLEDES algorithm: DESede");
        } catch (InvalidKeySpecException e3) {
            throw new InvalidKeySpecException("Invalid Key generated while using passPhrase: " + Arrays.toString(this.passPhrase));
        }
    }

    private void embedKeyInfoInEncryptedData(Document document, XMLCipher xMLCipher, XMLCipher xMLCipher2, Key key) throws XMLEncryptionException {
        EncryptedKey encryptKey = xMLCipher.encryptKey(document, key);
        KeyInfo keyInfo = new KeyInfo(document);
        keyInfo.add(encryptKey);
        xMLCipher2.getEncryptedData().setKeyInfo(keyInfo);
    }

    private String generateXmlCipherAlgorithmKeyWrap() {
        String str = null;
        if (this.xmlCipherAlgorithm.equalsIgnoreCase("http://www.w3.org/2001/04/xmlenc#tripledes-cbc")) {
            str = "http://www.w3.org/2001/04/xmlenc#kw-tripledes";
        } else if (this.xmlCipherAlgorithm.equalsIgnoreCase("http://www.w3.org/2001/04/xmlenc#aes128-cbc")) {
            str = "http://www.w3.org/2001/04/xmlenc#kw-aes128";
        } else if (this.xmlCipherAlgorithm.equalsIgnoreCase("http://www.w3.org/2001/04/xmlenc#aes192-cbc")) {
            str = "http://www.w3.org/2001/04/xmlenc#kw-aes192";
        } else if (this.xmlCipherAlgorithm.equalsIgnoreCase("http://www.w3.org/2001/04/xmlenc#aes256-cbc")) {
            str = "http://www.w3.org/2001/04/xmlenc#kw-aes256";
        }
        return str;
    }

    public String getXmlCipherAlgorithm() {
        return this.xmlCipherAlgorithm;
    }

    public void setXmlCipherAlgorithm(String str) {
        this.xmlCipherAlgorithm = str;
    }

    public byte[] getPassPhrase() {
        return this.passPhrase;
    }

    public void setPassPhrase(byte[] bArr) {
        this.passPhrase = bArr;
    }

    public String getSecureTag() {
        return this.secureTag;
    }

    public void setSecureTag(String str) {
        this.secureTag = str;
    }

    public boolean isSecureTagContents() {
        return this.secureTagContents;
    }

    public boolean getSecureTagContents() {
        return this.secureTagContents;
    }

    public void setSecureTagContents(boolean z) {
        this.secureTagContents = z;
    }
}
