package iaik.xml.crypto.utils;

import iaik.asn1.structures.Name;
import iaik.utils.RFC2253NameParserException;
import iaik.utils.Util;
import iaik.xml.crypto.XSecProvider;
import iaik.xml.crypto.dom.DOMStructure;
import iaik.xml.crypto.dsig.keyinfo.RetrievalMethodImpl;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.xml.crypto.AlgorithmMethod;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.KeySelectorException;
import javax.xml.crypto.KeySelectorResult;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.NodeSetData;
import javax.xml.crypto.OctetStreamData;
import javax.xml.crypto.URIReferenceException;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dom.DOMCryptoContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyName;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import javax.xml.crypto.dsig.keyinfo.RetrievalMethod;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.keyinfo.X509IssuerSerial;
import javax.xml.crypto.enc.XMLEncryptionException;
import javax.xml.crypto.enc.dom.DOMDecryptContext;
import javax.xml.crypto.enc.keyinfo.AgreementMethod;
import javax.xml.crypto.enc.keyinfo.EncryptedKey;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_xsect-2.13.jar:iaik/xml/crypto/utils/KeySelectorImpl.class */
public class KeySelectorImpl extends KeySelector {
    protected String failReason_ = "";

    /* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_xsect-2.13.jar:iaik/xml/crypto/utils/KeySelectorImpl$KeyInfoHints.class */
    public static class KeyInfoHints implements KeyInfo {
        private KeyInfo a;
        protected EncryptedKey encryptedKey_ = null;
        protected AgreementMethod agreementMethod_ = null;
        protected KeyValue keyValue_ = null;
        protected KeyName keyName_ = null;
        protected List x509Data_ = new ArrayList();
        protected X509Certificate rawCert_ = null;
        private List b = new ArrayList();

        public KeyInfoHints(KeyInfo keyInfo, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
            if (keyInfo == null) {
                return;
            }
            this.a = keyInfo;
            init(xMLCryptoContext);
        }

        protected void init(XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
            Iterator it = getContent().iterator();
            while (it.hasNext()) {
                collectKeyInfo((XMLStructure) it.next(), xMLCryptoContext);
            }
        }

        protected KeyName getKeyName() {
            return this.keyName_;
        }

        protected void collectKeyInfo(XMLStructure xMLStructure, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
            if (xMLStructure instanceof EncryptedKey) {
                this.encryptedKey_ = (EncryptedKey) xMLStructure;
                return;
            }
            if (xMLStructure instanceof AgreementMethod) {
                this.agreementMethod_ = (AgreementMethod) xMLStructure;
                return;
            }
            if (xMLStructure instanceof KeyValue) {
                this.keyValue_ = (KeyValue) xMLStructure;
                return;
            }
            if (xMLStructure instanceof KeyName) {
                this.keyName_ = (KeyName) xMLStructure;
            } else if (xMLStructure instanceof X509Data) {
                this.x509Data_.add(xMLStructure);
            } else if (xMLStructure instanceof RetrievalMethod) {
                dereferenceRetrievalMethod((RetrievalMethod) xMLStructure, xMLCryptoContext);
            }
        }

        protected void dereferenceRetrievalMethod(RetrievalMethod retrievalMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
            Document parse;
            checkDereferencedURIsForDosPrevention(retrievalMethod.getURI(), xMLCryptoContext);
            if (RetrievalMethodImpl.TYPE_RAW_X509_CERTIFICATE.equals(retrievalMethod.getType())) {
                try {
                    OctetStreamData dereference = retrievalMethod.dereference(xMLCryptoContext);
                    if (!(dereference instanceof OctetStreamData)) {
                        throw new KeySelectorException("The RetrievalMethod is of Type='http://www.w3.org/2000/09/xmldsig#rawX509Certificate'. Therefore, the dereferenced data must be a valid certificate.");
                    }
                    InputStream octetStream = dereference.getOctetStream();
                    try {
                        CertificateFactory certificateFactory = null;
                        Provider delegationProvider = XSecProvider.getDelegationProvider(new StringBuffer().append("CertificateFactory.").append("X.509").toString(), null);
                        if (delegationProvider != null) {
                            try {
                                certificateFactory = CertificateFactory.getInstance("X.509", delegationProvider);
                            } catch (NoSuchMethodError e) {
                                try {
                                    certificateFactory = CertificateFactory.getInstance("X.509", delegationProvider.getName());
                                } catch (NoSuchProviderException e2) {
                                    throw new j(this, "Delegation provider not registered, any more.", e2);
                                }
                            }
                        }
                        if (certificateFactory == null) {
                            certificateFactory = CertificateFactory.getInstance("X.509");
                        }
                        this.rawCert_ = (X509Certificate) certificateFactory.generateCertificate(octetStream);
                        return;
                    } catch (NoSuchAlgorithmException e3) {
                        throw new KeySelectorException(new StringBuffer().append("No provider found for '").append("X.509").append("'. ").append(e3.getMessage()).toString(), e3);
                    } catch (CertificateException e4) {
                        throw new KeySelectorException(new StringBuffer().append("The RetrievalMethod is of Type='http://www.w3.org/2000/09/xmldsig#rawX509Certificate'. Therefore, the dereferenced data must be a valid certificate. ").append(e4.getMessage()).toString(), e4);
                    }
                } catch (URIReferenceException e5) {
                    throw new KeySelectorException(new StringBuffer().append("Failed to get certificate from RetrievalMethod, ").append(e5.getMessage()).toString(), e5);
                }
            }
            try {
                NodeSetData dereference2 = retrievalMethod.dereference(xMLCryptoContext);
                if (dereference2 instanceof NodeSetData) {
                    Element element = null;
                    Iterator it = dereference2.iterator();
                    while (it.hasNext() && element == null) {
                        Node node = (Node) it.next();
                        if (node.getNodeType() == 1) {
                            element = (Element) node;
                        }
                    }
                    if (element == null) {
                        throw new KeySelectorException("Dereferencing RetrievalMethod did not return an XML element.");
                    }
                    try {
                        parse = DOMUtils.newDocument(new Boolean(true), null, null);
                        Element createElementNS = parse.createElementNS("http://www.w3.org/2000/09/xmldsig#", "KeyInfo");
                        parse.appendChild(createElementNS);
                        createElementNS.appendChild(parse.importNode(element, true));
                    } catch (ParserConfigurationException e6) {
                        throw new KeySelectorException(new StringBuffer().append("Failed to dereference RetrievalMethod.").append(e6.getMessage()).toString(), e6);
                    }
                } else {
                    try {
                        OctetStreamData octetStreamData = (OctetStreamData) dereference2;
                        parse = DOMUtils.parse(octetStreamData.getOctetStream(), octetStreamData.getURI(), (String) null, xMLCryptoContext);
                        Element createElementNS2 = parse.createElementNS("http://www.w3.org/2000/09/xmldsig#", "KeyInfo");
                        Element documentElement = parse.getDocumentElement();
                        parse.replaceChild(documentElement, createElementNS2);
                        createElementNS2.appendChild(documentElement);
                    } catch (IOException e7) {
                        throw new KeySelectorException(new StringBuffer().append("Failed to parse Document dereferenced from RetrievalMethod.").append(e7.getMessage()).toString(), e7);
                    } catch (ParserConfigurationException e8) {
                        throw new KeySelectorException(new StringBuffer().append("Failed to dereference RetrievalMethod.").append(e8.getMessage()).toString(), e8);
                    } catch (SAXException e9) {
                        throw new KeySelectorException(new StringBuffer().append("Failed to parse Document dereferenced from RetrievalMethod.").append(e9.getMessage()).toString(), e9);
                    }
                }
                try {
                    List content = DOMStructure.getInstance(parse.getDocumentElement(), (DOMCryptoContext) xMLCryptoContext).getContent();
                    if (content.isEmpty()) {
                        throw new KeySelectorException("Dereferencing RetrievalMethod did not return an KeyInfo element.");
                    }
                    collectKeyInfo((XMLStructure) content.get(0), xMLCryptoContext);
                } catch (ClassCastException e10) {
                    throw new KeySelectorException(new StringBuffer().append("Failed to unmarshal KeyInfo type from dereferenced RetrievalMethod.").append(e10.getMessage()).toString(), e10);
                } catch (MarshalException e11) {
                    throw new KeySelectorException(new StringBuffer().append("Failed to unmarshal KeyInfo type from dereferenced RetrievalMethod.").append(e11.getMessage()).toString(), e11);
                }
            } catch (URIReferenceException e12) {
                throw new KeySelectorException(new StringBuffer().append("Failed to dereference RetrievalMethod.").append(e12.getMessage()).toString(), e12);
            }
        }

        protected void checkDereferencedURIsForDosPrevention(String str, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
            String str2;
            if (!this.b.contains(str)) {
                this.b.add(str);
                return;
            }
            Iterator it = this.b.iterator();
            String str3 = "";
            while (true) {
                str2 = str3;
                if (!it.hasNext()) {
                    break;
                } else {
                    str3 = new StringBuffer().append(str2).append(it.next()).append(", ").toString();
                }
            }
            throw new KeySelectorException(new StringBuffer().append("The URIs \"").append(new StringBuffer().append(str2).append(str).toString()).append("\" are suspected to introduce ").append("cyclic dereferencing of Retrieval methods").toString());
        }

        public List getContent() {
            return this.a.getContent();
        }

        public String getId() {
            return this.a.getId();
        }

        public boolean isFeatureSupported(String str) {
            return this.a.isFeatureSupported(str);
        }

        public void marshal(XMLStructure xMLStructure, XMLCryptoContext xMLCryptoContext) throws MarshalException {
            this.a.marshal(xMLStructure, xMLCryptoContext);
        }
    }

    /* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_xsect-2.13.jar:iaik/xml/crypto/utils/KeySelectorImpl$KeySelectorResultImpl.class */
    public static class KeySelectorResultImpl implements KeySelectorResult {
        protected Key key_;

        public KeySelectorResultImpl() {
        }

        public KeySelectorResultImpl(Key key) {
            this.key_ = key;
        }

        public Key getKey() {
            return this.key_;
        }

        public void setKey(Key key) {
            this.key_ = key;
        }
    }

    /* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_xsect-2.13.jar:iaik/xml/crypto/utils/KeySelectorImpl$X509KeySelectorResultImpl.class */
    public static class X509KeySelectorResultImpl implements X509KeySelectorResult {
        protected Key key_;
        protected List certificates_;
        protected List crls_;

        public X509KeySelectorResultImpl(Key key, List list, List list2) {
            this.key_ = key;
            this.certificates_ = list;
            this.crls_ = list2;
        }

        @Override // iaik.xml.crypto.utils.X509KeySelectorResult
        public List getCertificates() {
            return this.certificates_ == null ? Collections.EMPTY_LIST : Collections.unmodifiableList(this.certificates_);
        }

        @Override // iaik.xml.crypto.utils.X509KeySelectorResult
        public List getCRLs() {
            return this.crls_ == null ? Collections.EMPTY_LIST : Collections.unmodifiableList(this.crls_);
        }

        public Key getKey() {
            return this.key_;
        }
    }

    public final KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        KeySelectorResult select;
        KeySelectorResult select2;
        KeySelectorResult select3;
        KeySelectorResult select4;
        ArrayList arrayList = new ArrayList();
        KeyInfoHints newKeyInfoHints = newKeyInfoHints(keyInfo, xMLCryptoContext);
        KeySelectorResult select5 = select(newKeyInfoHints, purpose, algorithmMethod, xMLCryptoContext);
        if (select5 != null) {
            arrayList.add(select5);
        }
        KeyFactory keyFactory = null;
        try {
            keyFactory = getKeyFactoryInstance(algorithmMethod, keySelectorPurpose2DelegationPurpose(purpose));
        } catch (NoSuchAlgorithmException e) {
        }
        if (keyFactory == null) {
            if (newKeyInfoHints.encryptedKey_ != null && (select4 = select(newKeyInfoHints.encryptedKey_, purpose, algorithmMethod, xMLCryptoContext)) != null) {
                arrayList.add(select4);
            }
            if (newKeyInfoHints.agreementMethod_ != null && (select3 = select(newKeyInfoHints.agreementMethod_, purpose, algorithmMethod, xMLCryptoContext)) != null) {
                arrayList.add(select3);
            }
        }
        if (newKeyInfoHints.keyValue_ != null) {
            arrayList.add(select(newKeyInfoHints.keyValue_, purpose, algorithmMethod, xMLCryptoContext));
        }
        if (!newKeyInfoHints.x509Data_.isEmpty()) {
            KeySelectorResult keySelectorResult = null;
            Iterator it = newKeyInfoHints.x509Data_.iterator();
            while (it.hasNext() && keySelectorResult == null) {
                keySelectorResult = select((X509Data) it.next(), purpose, algorithmMethod, xMLCryptoContext);
                if (keySelectorResult != null) {
                    arrayList.add(keySelectorResult);
                }
            }
        }
        if (newKeyInfoHints.rawCert_ != null && (select2 = select(newKeyInfoHints.rawCert_, purpose, algorithmMethod, xMLCryptoContext)) != null) {
            arrayList.add(select2);
        }
        if (arrayList.isEmpty() && (select = select(purpose, algorithmMethod, xMLCryptoContext)) != null) {
            arrayList.add(select);
        }
        return select(newKeyInfoHints, (KeySelectorResult[]) arrayList.toArray(new KeySelectorResult[arrayList.size()]));
    }

    protected XSecProvider.Purpose keySelectorPurpose2DelegationPurpose(KeySelector.Purpose purpose) throws KeySelectorException {
        if (purpose == KeySelector.Purpose.VERIFY || purpose == KeySelector.Purpose.ENCRYPT) {
            return XSecProvider.Purpose.KeyFactoryPurpose.PUBLIC;
        }
        if (purpose == KeySelector.Purpose.SIGN || purpose == KeySelector.Purpose.DECRYPT) {
            return XSecProvider.Purpose.KeyFactoryPurpose.PRIVATE;
        }
        throw new KeySelectorException(new StringBuffer().append("Unknown Purpose:").append(purpose).toString());
    }

    protected KeyInfoHints newKeyInfoHints(KeyInfo keyInfo, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        return new KeyInfoHints(keyInfo, xMLCryptoContext);
    }

    protected KeySelectorResult select(KeyInfoHints keyInfoHints, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        return null;
    }

    protected KeySelectorResult select(EncryptedKey encryptedKey, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        try {
            return new KeySelectorResultImpl(encryptedKey.decryptKey(new DOMDecryptContext(xMLCryptoContext.getKeySelector(), (Element) ((javax.xml.crypto.dom.DOMStructure) encryptedKey).getNode()), algorithmMethod));
        } catch (XMLEncryptionException e) {
            throw new KeySelectorException(new StringBuffer().append("Failed to decrypt EncryptedKey. ").append(e.getMessage()).toString(), e);
        }
    }

    protected KeySelectorResult select(AgreementMethod agreementMethod, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v129, types: [java.util.List] */
    /* JADX WARN: Type inference failed for: r0v131, types: [java.util.List] */
    protected KeySelectorResult select(X509Data x509Data, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        if (purpose != null && purpose != KeySelector.Purpose.VERIFY && purpose != KeySelector.Purpose.ENCRYPT) {
            this.failReason_ = new StringBuffer().append(this.failReason_).append("This KeySelector only supports ").append(KeySelector.Purpose.VERIFY).append(" and ").append(KeySelector.Purpose.ENCRYPT).append(". ").toString();
            return null;
        }
        if (x509Data == null) {
            this.failReason_ = new StringBuffer().append(this.failReason_).append("No X509Data included in KeyInfo. ").toString();
            return null;
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        ArrayList arrayList4 = new ArrayList();
        ArrayList arrayList5 = new ArrayList();
        for (Object obj : x509Data.getContent()) {
            if (obj instanceof X509Certificate) {
                arrayList.add((X509Certificate) obj);
            } else if (obj instanceof X509CRL) {
                arrayList2.add(obj);
            } else if (obj instanceof String) {
                arrayList4.add(obj);
            } else if (obj instanceof byte[]) {
                arrayList5.add(obj);
            } else if (obj instanceof X509IssuerSerial) {
                arrayList3.add(obj);
            }
        }
        String[] strArr = new String[arrayList4.size()];
        arrayList4.toArray(strArr);
        X509IssuerSerial[] x509IssuerSerialArr = new X509IssuerSerial[arrayList3.size()];
        arrayList3.toArray(x509IssuerSerialArr);
        Object[] objArr = new Object[arrayList5.size()];
        if (arrayList.isEmpty()) {
            this.failReason_ = new StringBuffer().append(this.failReason_).append("No certificate included in X509Data. ").toString();
            return null;
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[arrayList.size()];
        arrayList.toArray(x509CertificateArr);
        arrayList.clear();
        Iterator it = null;
        try {
            iaik.x509.X509Certificate[] convertCertificateChain = Util.convertCertificateChain(x509CertificateArr);
            iaik.x509.X509Certificate[] arrangeCertificateChain = Util.arrangeCertificateChain(convertCertificateChain, false);
            if (arrangeCertificateChain == null) {
                arrayList = Arrays.asList(convertCertificateChain);
                it = arrayList.iterator();
            } else {
                it = Collections.nCopies(1, arrangeCertificateChain[0]).iterator();
                arrayList = Arrays.asList(arrangeCertificateChain);
            }
        } catch (CertificateException e) {
            this.failReason_ = new StringBuffer().append(this.failReason_).append("Error parsing certificate(s) in KeyInfo. ").toString();
        }
        PublicKey publicKey = null;
        while (it.hasNext()) {
            iaik.x509.X509Certificate x509Certificate = (iaik.x509.X509Certificate) it.next();
            PublicKey publicKey2 = x509Certificate.getPublicKey();
            try {
                try {
                    getKeyFactoryInstance(algorithmMethod, keySelectorPurpose2DelegationPurpose(purpose)).translateKey(publicKey2);
                    boolean z = true;
                    if (publicKey != null && !publicKey2.equals(publicKey)) {
                        this.failReason_ = new StringBuffer().append(this.failReason_).append("Two different certificates in KeyInfo neither belong to the same chain, nor contain the same public key. ").toString();
                        return null;
                    }
                    publicKey = publicKey2;
                    if (strArr != null && strArr.length > 0) {
                        for (String str : strArr) {
                            try {
                                z &= matchSubjectDN(x509Certificate, str);
                                if (!z) {
                                    this.failReason_ = new StringBuffer().append(this.failReason_).append("KeyInfo X509SubjectName (").append(str).append(") does not match SubjectDN (").append(getSubjectDN(x509Certificate)).append(") of KeyInfo X509Certificate. Any X509IssuerSerial, X509SKI, ").append("and X509SubjectName elements that appear MUST refer to the ").append("certificate or certificates containing the validation key.").toString();
                                }
                            } catch (RFC2253NameParserException e2) {
                                this.failReason_ = new StringBuffer().append(this.failReason_).append("Error parsing SubjectDN of certificate in KeyInfo. ").toString();
                            }
                        }
                    }
                    if (x509IssuerSerialArr != null && x509IssuerSerialArr.length > 0) {
                        boolean z2 = true;
                        int i = 0;
                        while (true) {
                            try {
                                if (i >= x509IssuerSerialArr.length) {
                                    break;
                                }
                                X509IssuerSerial x509IssuerSerial = x509IssuerSerialArr[i];
                                z2 &= matchIssuerDN(x509Certificate, x509IssuerSerial);
                                if (!z2) {
                                    this.failReason_ = new StringBuffer().append(this.failReason_).append("KeyInfo X509IssuerName does not match IssuerDN of KeyInfo X509Certificate. ").toString();
                                }
                                z &= z2;
                                if (!true || !matchIssuerSN(x509Certificate, x509IssuerSerial)) {
                                    this.failReason_ = new StringBuffer().append(this.failReason_).append("KeyInfo X509SerialNumber does not match serial number of KeyInfo X509Certificate. ").toString();
                                    z = false;
                                    break;
                                }
                                i++;
                            } catch (RFC2253NameParserException e3) {
                                this.failReason_ = new StringBuffer().append(this.failReason_).append("Error parsing IssuerDN of certificate in KeyInfo. ").toString();
                            }
                        }
                    }
                    if (z) {
                        this.failReason_ = null;
                        return new X509KeySelectorResultImpl(publicKey2, arrayList, arrayList2);
                    }
                } catch (InvalidKeyException e4) {
                    this.failReason_ = new StringBuffer().append(this.failReason_).append("Public key in certificate does not match signature method. ").toString();
                    this.failReason_ = new StringBuffer().append(this.failReason_).append("Invalid key for signature method \"").append(algorithmMethod.getAlgorithm()).append("\". ").toString();
                    return null;
                }
            } catch (NoSuchAlgorithmException e5) {
                this.failReason_ = new StringBuffer().append(this.failReason_).append("Could not find KeyFactory for \"").append(algorithmMethod.getAlgorithm()).append("\". ").toString();
                return null;
            }
        }
        return null;
    }

    protected boolean matchIssuerSN(X509Certificate x509Certificate, X509IssuerSerial x509IssuerSerial) {
        return x509IssuerSerial.getSerialNumber().equals(x509Certificate.getSerialNumber());
    }

    protected static String getSubjectDN(X509Certificate x509Certificate) throws RFC2253NameParserException {
        return ((Name) x509Certificate.getSubjectDN()).getRFC2253String();
    }

    protected static boolean matchSubjectDN(X509Certificate x509Certificate, String str) throws RFC2253NameParserException {
        return str.equals(getSubjectDN(x509Certificate));
    }

    protected boolean matchIssuerDN(iaik.x509.X509Certificate x509Certificate, X509IssuerSerial x509IssuerSerial) throws RFC2253NameParserException {
        return x509IssuerSerial.getIssuerName().equals(((Name) x509Certificate.getIssuerDN()).getRFC2253String());
    }

    protected KeySelectorResult select(KeyValue keyValue, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        if (keyValue == null) {
            return null;
        }
        if (purpose != KeySelector.Purpose.VERIFY && purpose != KeySelector.Purpose.ENCRYPT) {
            return null;
        }
        try {
            try {
                return new KeySelectorResultImpl(getKeyFactoryInstance(algorithmMethod, keySelectorPurpose2DelegationPurpose(purpose)).translateKey(keyValue.getPublicKey()));
            } catch (InvalidKeyException e) {
                return null;
            } catch (NoSuchAlgorithmException e2) {
                return null;
            }
        } catch (KeyException e3) {
            throw new KeySelectorException(new StringBuffer().append("Failed to get public key from KeyValue. ").append(e3.getMessage()).toString(), e3);
        }
    }

    protected KeySelectorResult select(X509Certificate x509Certificate, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        if ((purpose != KeySelector.Purpose.VERIFY && purpose != KeySelector.Purpose.ENCRYPT) || x509Certificate == null) {
            return null;
        }
        try {
            return new X509KeySelectorResultImpl((PublicKey) getKeyFactoryInstance(algorithmMethod, keySelectorPurpose2DelegationPurpose(purpose)).translateKey(x509Certificate.getPublicKey()), Collections.nCopies(1, x509Certificate), null);
        } catch (InvalidKeyException e) {
            return null;
        } catch (NoSuchAlgorithmException e2) {
            return null;
        }
    }

    protected KeySelectorResult select(KeyInfoHints keyInfoHints, KeySelectorResult[] keySelectorResultArr) {
        if (keySelectorResultArr.length == 0) {
            return null;
        }
        return keySelectorResultArr[0];
    }

    protected KeySelectorResult select(KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        return null;
    }

    public String getFailReason() {
        return this.failReason_;
    }

    protected KeyFactory getKeyFactoryInstance(AlgorithmMethod algorithmMethod, XSecProvider.Purpose purpose) throws NoSuchAlgorithmException {
        String algorithm;
        KeyFactory keyFactory = null;
        if (algorithmMethod != null && (algorithm = algorithmMethod.getAlgorithm()) != null) {
            Provider delegationProvider = XSecProvider.getDelegationProvider(new StringBuffer().append("KeyFactory.").append(algorithm).toString(), purpose);
            if (delegationProvider != null) {
                try {
                    keyFactory = KeyFactory.getInstance(algorithm, delegationProvider);
                } catch (NoSuchMethodError e) {
                    try {
                        keyFactory = KeyFactory.getInstance(algorithm, delegationProvider.getName());
                    } catch (NoSuchProviderException e2) {
                        throw new i(this, new StringBuffer().append("Delegation for \"").append(algorithm).append("\" for Provider \"").append(delegationProvider.getName()).append("\" in jdk 1.3 or earlier invalid. Provider has to be registered ").append(e2.getMessage()).toString(), e2);
                    }
                }
            } else if (0 == 0) {
                keyFactory = KeyFactory.getInstance(algorithm);
            }
        }
        return keyFactory;
    }
}
