package org.apache.xml.security.keys.keyresolver.implementations;

import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.crypto.SecretKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.encryption.XMLEncryptionException;
import org.apache.xml.security.keys.keyresolver.KeyResolverSpi;
import org.apache.xml.security.keys.storage.StorageResolver;
import org.apache.xml.security.utils.XMLUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/xmlsec-2.3.3.jar:org/apache/xml/security/keys/keyresolver/implementations/EncryptedKeyResolver.class */
public class EncryptedKeyResolver extends KeyResolverSpi {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) RSAKeyValueResolver.class);
    private final Key kek;
    private final String algorithm;
    private final List<KeyResolverSpi> internalKeyResolvers;

    public EncryptedKeyResolver(String str, List<KeyResolverSpi> list) {
        this(str, null, list);
    }

    public EncryptedKeyResolver(String str, Key key, List<KeyResolverSpi> list) {
        this.algorithm = str;
        this.kek = key;
        if (list != null) {
            this.internalKeyResolvers = new ArrayList(list);
        } else {
            this.internalKeyResolvers = Collections.emptyList();
        }
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    protected boolean engineCanResolve(Element element, String str, StorageResolver storageResolver) {
        return XMLUtils.elementIsInEncryptionSpace(element, "EncryptedKey");
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    protected PublicKey engineResolvePublicKey(Element element, String str, StorageResolver storageResolver, boolean z) {
        return null;
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    protected X509Certificate engineResolveX509Certificate(Element element, String str, StorageResolver storageResolver, boolean z) {
        return null;
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    protected SecretKey engineResolveSecretKey(Element element, String str, StorageResolver storageResolver, boolean z) {
        if (element == null) {
            return null;
        }
        LOG.debug("EncryptedKeyResolver - Can I resolve {}", element.getTagName());
        SecretKey secretKey = null;
        LOG.debug("Passed an Encrypted Key");
        try {
            XMLCipher xMLCipher = XMLCipher.getInstance();
            xMLCipher.init(4, this.kek);
            int size = this.internalKeyResolvers.size();
            for (int i = 0; i < size; i++) {
                xMLCipher.registerInternalKeyResolver(this.internalKeyResolvers.get(i));
            }
            secretKey = (SecretKey) xMLCipher.decryptKey(xMLCipher.loadEncryptedKey(element), this.algorithm);
        } catch (XMLEncryptionException e) {
            LOG.debug(e.getMessage(), (Throwable) e);
        }
        return secretKey;
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    protected PrivateKey engineResolvePrivateKey(Element element, String str, StorageResolver storageResolver, boolean z) {
        return null;
    }
}
