package com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.impl;

import com.ibm.rational.test.lt.models.ws.LoggingUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.KeystoreManager;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.EncryptedKeyAlgorithm;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.IChainedAlgorithm;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.X509Key;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.XMLEncryption;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.impl.CryptoIdentifierTypeUtil;
import com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationResult;
import com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationRule;
import com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.WSSEVALIDMSG;
import java.security.InvalidKeyException;
import java.security.cert.X509Certificate;
import javax.crypto.Cipher;
import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.util.WSSecurityUtil;

/* loaded from: input_file:com/ibm/rational/ttt/common/ui/editors/wsecurity/validation/internal/impl/EncryptionSymAlgorithmNameValidator.class */
public class EncryptionSymAlgorithmNameValidator implements IValidationRule {
    @Override // com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationRule
    public boolean applyTo(IChainedAlgorithm iChainedAlgorithm) {
        return (iChainedAlgorithm instanceof XMLEncryption) || (iChainedAlgorithm instanceof EncryptedKeyAlgorithm);
    }

    @Override // com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationRule
    public String getTitle() {
        return WSSEVALIDMSG.CHECK_ENC_SYM_ALGO_NAME;
    }

    @Override // com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationRule
    public IValidationResult validate(IChainedAlgorithm iChainedAlgorithm, KeystoreManager keystoreManager) {
        X509Key extractKey = KeysTool.extractKey(iChainedAlgorithm);
        String str = null;
        String str2 = null;
        if (iChainedAlgorithm instanceof XMLEncryption) {
            XMLEncryption xMLEncryption = (XMLEncryption) iChainedAlgorithm;
            str = xMLEncryption.getSymetricEncodingAlgorithmName().getValue();
            str2 = xMLEncryption.getTransportKeyIdentifier().getValue();
        } else if (iChainedAlgorithm instanceof EncryptedKeyAlgorithm) {
            EncryptedKeyAlgorithm encryptedKeyAlgorithm = (EncryptedKeyAlgorithm) iChainedAlgorithm;
            str = extractEncodingAlgorithm(encryptedKeyAlgorithm.getKeySize());
            str2 = encryptedKeyAlgorithm.getTransportKeyIdentifier().getValue();
        }
        try {
            byte[] encoded = KeysTool.getEncryptionKeyGenerator(str).generateKey().getEncoded();
            if (extractKey instanceof X509Key) {
                X509Key x509Key = extractKey;
                if (!StrTool.isNull(x509Key.getKeyStoreAliasName()) && x509Key.getName() != null && !StrTool.isNull(x509Key.getName().getValue())) {
                    try {
                        X509Certificate x509Certificate = CryptoIdentifierTypeUtil.createNEWCustomCryptoAndDoNotStore(keystoreManager, x509Key.getKeyStoreAliasName()).getCertificates(x509Key.getName().getValue())[0];
                        WSSConfig.setAddJceProviders(true);
                        WSSConfig.getDefaultWSConfig();
                        Cipher cipherInstance = WSSecurityUtil.getCipherInstance(str2);
                        try {
                            cipherInstance.init(1, x509Certificate.getPublicKey());
                            int blockSize = cipherInstance.getBlockSize();
                            if (blockSize > 0 && blockSize < encoded.length) {
                                return new ValidationResult(3, WSSEVALIDMSG.ERROR_WHEN_EXECUTION_OF_RULE_RELATED_TO_KEYS_PUBLIC_KEY_IS_WEAK_EXCEPTION);
                            }
                            try {
                                cipherInstance.doFinal(encoded);
                            } catch (Exception e) {
                                LoggingUtil.INSTANCE.error(getClass(), e);
                                return new ValidationResult(3, WSSEVALIDMSG.ERROR_WHEN_EXECUTION_OF_RULE_RELATED_TO_KEYS_DO_FINAL_CIPHER_EXCEPTION);
                            }
                        } catch (InvalidKeyException e2) {
                            LoggingUtil.INSTANCE.error(getClass(), e2);
                            return new ValidationResult(3, WSSEVALIDMSG.ERROR_WHEN_EXECUTION_OF_RULE_RELATED_TO_KEYS_INVALID_KEY_EXCEPTION);
                        }
                    } catch (Throwable th) {
                        LoggingUtil.INSTANCE.error(getClass(), th);
                        return new ValidationResult(3, WSSEVALIDMSG.ERROR_WHEN_EXECUTION_OF_RULE_RELATED_TO_KEYS);
                    }
                }
            }
            return IValidationResult.OK_RESULT;
        } catch (Exception e3) {
            LoggingUtil.INSTANCE.error(getClass(), e3);
            return new ValidationResult(3, WSSEVALIDMSG.ERROR_WHEN_EXECUTION_OF_RULE_RELATED_TO_KEYS);
        }
    }

    private String extractEncodingAlgorithm(int i) {
        if (i == 128) {
            return "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
        }
        if (i == 192) {
            return "http://www.w3.org/2001/04/xmlenc#aes192-cbc";
        }
        if (i == 256) {
            return "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
        }
        throw new UnsupportedOperationException();
    }
}
