package org.opensaml.xml.security;

import java.util.ArrayList;
import org.apache.bcel.Constants;
import org.opensaml.xml.security.credential.BasicKeyInfoGeneratorFactory;
import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager;
import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager;
import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;

/* loaded from: input_file:WEB-INF/lib/xmltooling-1.4.1.jar:org/opensaml/xml/security/DefaultSecurityConfigurationBootstrap.class */
public class DefaultSecurityConfigurationBootstrap {
    protected DefaultSecurityConfigurationBootstrap() {
    }

    public static BasicSecurityConfiguration buildDefaultConfig() {
        BasicSecurityConfiguration basicSecurityConfiguration = new BasicSecurityConfiguration();
        populateSignatureParams(basicSecurityConfiguration);
        populateEncryptionParams(basicSecurityConfiguration);
        populateKeyInfoCredentialResolverParams(basicSecurityConfiguration);
        populateKeyInfoGeneratorManager(basicSecurityConfiguration);
        populateKeyParams(basicSecurityConfiguration);
        return basicSecurityConfiguration;
    }

    protected static void populateSignatureParams(BasicSecurityConfiguration basicSecurityConfiguration) {
        basicSecurityConfiguration.registerSignatureAlgorithmURI("RSA", "http://www.w3.org/2000/09/xmldsig#rsa-sha1");
        basicSecurityConfiguration.registerSignatureAlgorithmURI("DSA", "http://www.w3.org/2000/09/xmldsig#dsa-sha1");
        basicSecurityConfiguration.registerSignatureAlgorithmURI("EC", "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1");
        basicSecurityConfiguration.registerSignatureAlgorithmURI("AES", "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        basicSecurityConfiguration.registerSignatureAlgorithmURI("DESede", "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        basicSecurityConfiguration.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
        basicSecurityConfiguration.setSignatureHMACOutputLength(null);
        basicSecurityConfiguration.setSignatureReferenceDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1");
    }

    protected static void populateEncryptionParams(BasicSecurityConfiguration basicSecurityConfiguration) {
        basicSecurityConfiguration.registerDataEncryptionAlgorithmURI("AES", 128, "http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        basicSecurityConfiguration.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(Constants.CHECKCAST), "http://www.w3.org/2001/04/xmlenc#aes192-cbc");
        basicSecurityConfiguration.registerDataEncryptionAlgorithmURI("AES", 256, "http://www.w3.org/2001/04/xmlenc#aes256-cbc");
        basicSecurityConfiguration.registerDataEncryptionAlgorithmURI("DESede", 168, "http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
        basicSecurityConfiguration.registerDataEncryptionAlgorithmURI("DESede", Integer.valueOf(Constants.CHECKCAST), "http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
        basicSecurityConfiguration.registerKeyTransportEncryptionAlgorithmURI("RSA", null, "AES", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
        basicSecurityConfiguration.registerKeyTransportEncryptionAlgorithmURI("RSA", null, "DESede", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
        basicSecurityConfiguration.registerKeyTransportEncryptionAlgorithmURI("AES", 128, null, "http://www.w3.org/2001/04/xmlenc#kw-aes128");
        basicSecurityConfiguration.registerKeyTransportEncryptionAlgorithmURI("AES", Integer.valueOf(Constants.CHECKCAST), null, "http://www.w3.org/2001/04/xmlenc#kw-aes192");
        basicSecurityConfiguration.registerKeyTransportEncryptionAlgorithmURI("AES", 256, null, "http://www.w3.org/2001/04/xmlenc#kw-aes256");
        basicSecurityConfiguration.registerKeyTransportEncryptionAlgorithmURI("DESede", 168, null, "http://www.w3.org/2001/04/xmlenc#kw-tripledes");
        basicSecurityConfiguration.registerKeyTransportEncryptionAlgorithmURI("DESede", Integer.valueOf(Constants.CHECKCAST), null, "http://www.w3.org/2001/04/xmlenc#kw-tripledes");
        basicSecurityConfiguration.setAutoGeneratedDataEncryptionKeyAlgorithmURI("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
    }

    protected static void populateKeyInfoCredentialResolverParams(BasicSecurityConfiguration basicSecurityConfiguration) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new RSAKeyValueProvider());
        arrayList.add(new DSAKeyValueProvider());
        arrayList.add(new InlineX509DataProvider());
        basicSecurityConfiguration.setDefaultKeyInfoCredentialResolver(new BasicProviderKeyInfoCredentialResolver(arrayList));
    }

    protected static void populateKeyInfoGeneratorManager(BasicSecurityConfiguration basicSecurityConfiguration) {
        NamedKeyInfoGeneratorManager namedKeyInfoGeneratorManager = new NamedKeyInfoGeneratorManager();
        basicSecurityConfiguration.setKeyInfoGeneratorManager(namedKeyInfoGeneratorManager);
        namedKeyInfoGeneratorManager.setUseDefaultManager(true);
        KeyInfoGeneratorManager defaultManager = namedKeyInfoGeneratorManager.getDefaultManager();
        BasicKeyInfoGeneratorFactory basicKeyInfoGeneratorFactory = new BasicKeyInfoGeneratorFactory();
        basicKeyInfoGeneratorFactory.setEmitPublicKeyValue(true);
        X509KeyInfoGeneratorFactory x509KeyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory();
        x509KeyInfoGeneratorFactory.setEmitEntityCertificate(true);
        defaultManager.registerFactory(basicKeyInfoGeneratorFactory);
        defaultManager.registerFactory(x509KeyInfoGeneratorFactory);
    }

    protected static void populateKeyParams(BasicSecurityConfiguration basicSecurityConfiguration) {
    }
}
