package org.opensaml.lite.encryption;

import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import org.opensaml.lite.common.SAMLObject;
import org.opensaml.lite.encryption.exc.DecryptionException;
import org.opensaml.lite.saml2.core.Assertion;
import org.opensaml.lite.saml2.core.Attribute;
import org.opensaml.lite.saml2.core.EncryptedAssertion;
import org.opensaml.lite.saml2.core.EncryptedAttribute;
import org.opensaml.lite.saml2.core.EncryptedElementType;
import org.opensaml.lite.saml2.core.EncryptedID;
import org.opensaml.lite.saml2.core.NewEncryptedID;
import org.opensaml.lite.saml2.core.NewID;
import org.opensaml.lite.security.Credential;
import org.opensaml.lite.xml.signature.KeyInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.yadda.aas.keystore.IInternalKeyStore;
import pl.edu.icm.yadda.aas.keystore.KeyQueryRequest;
import pl.edu.icm.yadda.aas.keystore.KeyQueryResponse;
import pl.edu.icm.yadda.aas.keystore.KeyStoreException;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.2.2.jar:org/opensaml/lite/encryption/Decrypter.class */
public class Decrypter implements IDecrypter {
    public static final int DEFAULT_MAX_DEPTH = 5;
    private IInternalKeyStore<Credential> keyStore;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    private int maxDepth = 5;

    @Override // org.opensaml.lite.encryption.IDecrypter
    public Assertion decrypt(EncryptedAssertion encryptedAssertion) throws DecryptionException {
        return (Assertion) decryptElement(encryptedAssertion);
    }

    @Override // org.opensaml.lite.encryption.IDecrypter
    public Attribute decrypt(EncryptedAttribute encryptedAttribute) throws DecryptionException {
        return (Attribute) decryptElement(encryptedAttribute);
    }

    @Override // org.opensaml.lite.encryption.IDecrypter
    public SAMLObject decrypt(EncryptedID encryptedID) throws DecryptionException {
        return decryptElement(encryptedID);
    }

    @Override // org.opensaml.lite.encryption.IDecrypter
    public NewID decrypt(NewEncryptedID newEncryptedID) throws DecryptionException {
        return (NewID) decryptElement(newEncryptedID);
    }

    @Override // org.opensaml.lite.encryption.IDecrypter
    public SAMLObject decryptElement(EncryptedElementType encryptedElementType) throws DecryptionException {
        if (encryptedElementType != null) {
            try {
                if (encryptedElementType.getEncryptedData() != null) {
                    if (encryptedElementType.getEncryptedData().getEncryptedObject() == null) {
                        throw new DecryptionException("Got null SealedObject for data decryption!");
                    }
                    Key retrieveKey = retrieveKey(encryptedElementType.getEncryptedData().getKeyInfo(), 0);
                    if (retrieveKey == null) {
                        throw new DecryptionException("Couldn't retrieve decryption key!");
                    }
                    return (SAMLObject) encryptedElementType.getEncryptedData().getEncryptedObject().getObject(retrieveKey);
                }
            } catch (IOException e) {
                throw new DecryptionException("Exception occured when decrypting data!", e);
            } catch (ClassNotFoundException e2) {
                throw new DecryptionException("Exception occured when decrypting data!", e2);
            } catch (InvalidKeyException e3) {
                throw new DecryptionException("Exception occured when decrypting data!", e3);
            } catch (NoSuchAlgorithmException e4) {
                throw new DecryptionException("Exception occured when decrypting data!", e4);
            }
        }
        throw new DecryptionException("Got null EncryptedData for decryption!");
    }

    private Key retrieveKey(KeyInfo keyInfo, int i) throws DecryptionException {
        int i2 = i + 1;
        if (i2 > this.maxDepth) {
            throw new DecryptionException("Exceeded limit of recursion's maximum depth: " + this.maxDepth);
        }
        if (keyInfo != null && keyInfo.getEncryptedKeys() != null && keyInfo.getEncryptedKeys().size() > 0) {
            if (keyInfo.getEncryptedKeys().size() > 1) {
                this.log.warn("More than one EncryptedKey found! Trying to decrypt first key from list.");
            }
            return decryptKey(keyInfo.getEncryptedKeys().get(0), i2);
        }
        if (keyInfo == null || keyInfo.getKeyNames() == null || keyInfo.getKeyNames().size() <= 0) {
            this.log.warn("Couldn't find key alias among keyNames, returning local decryption private key!");
            if (this.keyStore.getInternalEncryptionCredential() != null) {
                return this.keyStore.getInternalEncryptionCredential().getPrivateKey();
            }
            return null;
        }
        if (keyInfo.getKeyNames().size() > 1) {
            this.log.warn("More than one KeyName found! Only fist name will be used!");
        }
        try {
            KeyQueryResponse<Credential> queryKeys = this.keyStore.queryKeys(new KeyQueryRequest(keyInfo.getKeyNames().get(0).getValue()));
            if (queryKeys == null || queryKeys.getCredential() == null) {
                return null;
            }
            return queryKeys.getCredential().getSecretKey() != null ? queryKeys.getCredential().getSecretKey() : queryKeys.getCredential().getPrivateKey();
        } catch (KeyStoreException e) {
            throw new DecryptionException("Exception occured when querying for keys from keystore!", e);
        }
    }

    public Key decryptKey(EncryptedKey encryptedKey, int i) throws DecryptionException {
        if (encryptedKey.getEncryptedObject() == null) {
            throw new DecryptionException("Got null SealedObject for key decryption!");
        }
        try {
            return (Key) encryptedKey.getEncryptedObject().getObject(retrieveKey(encryptedKey.getKeyInfo(), i));
        } catch (IOException e) {
            throw new DecryptionException("Exception occured when decrypting key data!", e);
        } catch (ClassNotFoundException e2) {
            throw new DecryptionException("Exception occured when decrypting key data!", e2);
        } catch (InvalidKeyException e3) {
            throw new DecryptionException("Exception occured when decrypting key data!", e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new DecryptionException("Exception occured when decrypting key data!", e4);
        }
    }

    public void setKeyStore(IInternalKeyStore<Credential> iInternalKeyStore) {
        this.keyStore = iInternalKeyStore;
    }

    public int getMaxDepth() {
        return this.maxDepth;
    }

    public void setMaxDepth(int i) {
        this.maxDepth = i;
    }
}
