package com.sun.identity.federation.message.common;

import com.iplanet.am.util.XMLUtils;
import com.iplanet.services.util.Base64;
import com.sun.identity.federation.alliance.FSAllianceManagementException;
import com.sun.identity.federation.alliance.FSProviderDescriptor;
import com.sun.identity.federation.common.FSException;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.services.util.FSServiceUtils;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.xmlenc.EncryptionException;
import com.sun.identity.xmlenc.XMLEncryptionManager;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:119465-07/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/federation/message/common/EncryptedNameIdentifier.class */
public class EncryptedNameIdentifier {
    private static Document getEncryptableDocument(EncryptableNameIdentifier encryptableNameIdentifier) {
        StringBuffer stringBuffer = new StringBuffer(300);
        stringBuffer.append("<").append(IFSConstants.LIB_PREFIX).append("EncryptedNameIdentifier").append(" ").append(IFSConstants.LIB_12_NAMESPACE_STRING).append(">").append(encryptableNameIdentifier.toString()).append("</").append(IFSConstants.LIB_PREFIX).append("EncryptedNameIdentifier").append(">");
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message(new StringBuffer().append("EncryptedNameIdentifier.getEncryptableNameIdentifier: doc =").append(stringBuffer.toString()).toString());
        }
        return XMLUtils.toDOMDocument(stringBuffer.toString(), FSUtils.debug);
    }

    public static NameIdentifier getEncryptedNameIdentifier(NameIdentifier nameIdentifier, String str) throws FSException {
        if (nameIdentifier == null || str == null) {
            FSUtils.debug.error("EncryptedNameIdentifier.construct: nullValues");
            throw new FSException(FSUtils.bundle.getString("nullValues"));
        }
        try {
            FSProviderDescriptor provider = FSServiceUtils.getAllianceInstance().getProvider(str);
            Document encryptableDocument = getEncryptableDocument(new EncryptableNameIdentifier(nameIdentifier));
            try {
                Document encryptAndReplace = XMLEncryptionManager.getInstance().encryptAndReplace(encryptableDocument, (Element) encryptableDocument.getElementsByTagNameNS("urn:liberty:iff:2003-08", "EncryptableNameIdentifier").item(0), provider.getEncryptionKeyMethod(), provider.getEncryptionKeySize(), provider.getEncryptionKeyAlias(), str);
                if (encryptAndReplace == null) {
                    throw new FSException(FSUtils.bundle.getString("EncryptionFailed"));
                }
                try {
                    return new NameIdentifier(Base64.encode(SAMLUtils.stringToByteArray(FSUtils.toString(encryptAndReplace))), nameIdentifier.getNameQualifier(), IFSConstants.NI_ENCRYPTED_FORMAT_URI);
                } catch (SAMLException e) {
                    throw new FSException(e);
                }
            } catch (EncryptionException e2) {
                FSUtils.debug.error("EncryptedNameIdentifier.construct: Unableto encrypt the xml doc", e2);
                throw new FSException(e2);
            }
        } catch (FSAllianceManagementException e3) {
            FSUtils.debug.error(new StringBuffer().append("EncryptedNameIdentifier.construct: Couldnot retrieve the provider id for provider").append(str).toString());
            throw new FSException(e3);
        }
    }

    public static NameIdentifier getDecryptedNameIdentifier(NameIdentifier nameIdentifier, String str) throws FSException {
        if (nameIdentifier == null || str == null) {
            FSUtils.debug.error("EncryptedNameIdentifier.getDecryptedNameIdentifier: null values");
            throw new FSException(FSUtils.bundle.getString("nullValues"));
        }
        if (nameIdentifier.getFormat() == null || !nameIdentifier.getFormat().equals(IFSConstants.NI_ENCRYPTED_FORMAT_URI)) {
            throw new FSException(FSUtils.bundle.getString("notValidFormat"));
        }
        try {
            try {
                EncryptableNameIdentifier encryptableNameIdentifier = new EncryptableNameIdentifier((Element) XMLEncryptionManager.getInstance().decryptAndReplace(XMLUtils.toDOMDocument(SAMLUtils.byteArrayToString(Base64.decode(FSUtils.removeNewLineChars(nameIdentifier.getName()))), FSUtils.debug), FSServiceUtils.getAllianceInstance().getProvider(str).getEncryptionKeyAlias()).getElementsByTagNameNS("urn:liberty:iff:2003-08", "EncryptableNameIdentifier").item(0));
                return new NameIdentifier(encryptableNameIdentifier.getName(), encryptableNameIdentifier.getNameQualifier(), encryptableNameIdentifier.getFormat());
            } catch (SAMLException e) {
                throw new FSException(e);
            } catch (EncryptionException e2) {
                FSUtils.debug.error("EncryptedNameIdentifier.getDecryptedNameIdentifier: Decryption exception", e2);
                throw new FSException(e2);
            }
        } catch (FSAllianceManagementException e3) {
            FSUtils.debug.error("EncryptedNameIdentifier.getDecryptedNameIdentifier: Unable to find provider", e3);
            throw new FSException(e3);
        }
    }
}
