package com.sun.xml.ws.security.opt.impl.keyinfo;

import com.sun.xml.ws.security.IssuedTokenContext;
import com.sun.xml.ws.security.impl.DerivedKeyTokenImpl;
import com.sun.xml.ws.security.opt.api.keyinfo.BuilderResult;
import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
import com.sun.xml.ws.security.opt.impl.reference.DirectReference;
import com.sun.xml.ws.security.secext10.SecurityTokenReferenceType;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.AlgorithmSuite;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.misc.SecurityUtil;
import com.sun.xml.wss.impl.policy.mls.DerivedTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.IssuedTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.SecureConversationTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding;
import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
import com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages;
import java.security.Key;
import java.util.logging.Level;
import javax.crypto.SecretKey;
import javax.xml.bind.JAXBElement;

/* loaded from: input_file:spg-ui-war-2.1.40.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/ws/security/opt/impl/keyinfo/DerivedKeyTokenBuilder.class */
public class DerivedKeyTokenBuilder extends TokenBuilder {
    private DerivedTokenKeyBinding dtk;

    public DerivedKeyTokenBuilder(JAXBFilterProcessingContext jAXBFilterProcessingContext, DerivedTokenKeyBinding derivedTokenKeyBinding) {
        super(jAXBFilterProcessingContext);
        this.dtk = null;
        this.dtk = derivedTokenKeyBinding;
    }

    @Override // com.sun.xml.ws.security.opt.api.keyinfo.TokenBuilder
    public BuilderResult process() throws XWSSecurityException {
        BuilderResult process;
        byte[] encoded;
        WSSPolicy originalKeyBinding = this.dtk.getOriginalKeyBinding();
        AlgorithmSuite algorithmSuite = this.context.getAlgorithmSuite();
        BuilderResult builderResult = new BuilderResult();
        if (algorithmSuite == null) {
            throw new XWSSecurityException("Internal Error: Algorithm Suite is not set in context");
        }
        String encryptionAlgorithm = algorithmSuite.getEncryptionAlgorithm();
        if (logger.isLoggable(Level.FINEST)) {
            logger.log(Level.FINEST, "Algorithm used for Derived Keys: " + encryptionAlgorithm);
        }
        long lengthFromAlgorithm = SecurityUtil.getLengthFromAlgorithm(encryptionAlgorithm);
        WSSPolicy wSSPolicy = (WSSPolicy) this.context.getSecurityPolicy();
        if (lengthFromAlgorithm == 32 && PolicyTypeUtil.signaturePolicy(wSSPolicy)) {
            lengthFromAlgorithm = 24;
        }
        String str = "";
        if (PolicyTypeUtil.symmetricKeyBinding(originalKeyBinding)) {
            if (this.context.getSymmetricKeyBinding() == null) {
                throw new XWSSecurityException("Internal Error: SymmetricBinding not set on context");
            }
            SymmetricKeyBinding symmetricKeyBinding = this.context.getSymmetricKeyBinding();
            this.context.setSymmetricKeyBinding(null);
            String dataEncryptionAlgo = SecurityUtil.getDataEncryptionAlgo(this.context);
            String keyAlgorithm = symmetricKeyBinding.getKeyAlgorithm();
            if ((keyAlgorithm == null || "".equals(keyAlgorithm)) && this.context.getAlgorithmSuite() != null) {
                keyAlgorithm = this.context.getAlgorithmSuite().getAsymmetricKeyAlgorithm();
            }
            process = new SymmetricTokenBuilder(symmetricKeyBinding, this.context, dataEncryptionAlgo, keyAlgorithm).process();
            encoded = process.getDataProtectionKey().getEncoded();
            if (logger.isLoggable(Level.FINEST)) {
                logger.log(Level.FINEST, "SymmetricBinding under Derived Keys");
                logger.log(Level.FINEST, "DataEncryption Algorithm:" + dataEncryptionAlgo);
                logger.log(Level.FINEST, "Key Algorithm:" + keyAlgorithm);
            }
        } else if (PolicyTypeUtil.secureConversationTokenKeyBinding(originalKeyBinding)) {
            process = new SCTBuilder(this.context, (SecureConversationTokenKeyBinding) originalKeyBinding).process();
            IssuedTokenContext secureConversationContext = this.context.getSecureConversationContext();
            com.sun.xml.ws.security.SecurityContextToken securityContextToken = (com.sun.xml.ws.security.SecurityContextToken) secureConversationContext.getSecurityToken();
            encoded = securityContextToken.getInstance() != null ? this.context.isExpired() ? secureConversationContext.getProofKey() : secureConversationContext.getSecurityContextTokenInfo().getInstanceSecret(securityContextToken.getInstance()) : secureConversationContext.getProofKey();
            if (logger.isLoggable(Level.FINEST)) {
                logger.log(Level.FINEST, "SecureConversation token binding under Derived Keys");
            }
        } else {
            if (!PolicyTypeUtil.issuedTokenKeyBinding(originalKeyBinding)) {
                if (originalKeyBinding != null) {
                    throw new XWSSecurityException("Unsupported Key Binding:" + originalKeyBinding);
                }
                throw new XWSSecurityException("Internal Error: Null original key binding");
            }
            process = new IssuedTokenBuilder(this.context, (IssuedTokenKeyBinding) originalKeyBinding).process();
            Key dataProtectionKey = process.getDataProtectionKey();
            if (this.context.getTrustContext().getProofKey() == null) {
                builderResult.setDataProtectionKey(dataProtectionKey);
                builderResult.setKeyInfo(process.getKeyInfo());
                return builderResult;
            }
            encoded = dataProtectionKey.getEncoded();
            str = process.getDPTokenId();
            if (logger.isLoggable(Level.FINEST)) {
                logger.log(Level.FINEST, "Issued Token Binding token binding under Derived Keys");
            }
        }
        DerivedKeyTokenImpl derivedKeyTokenImpl = new DerivedKeyTokenImpl(0L, lengthFromAlgorithm, encoded);
        try {
            SecretKey generateSymmetricKey = derivedKeyTokenImpl.generateSymmetricKey(SecurityUtil.getSecretKeyAlgorithm(encryptionAlgorithm));
            Object obj = process.getKeyInfo().getContent().get(0);
            SecurityTokenReferenceType securityTokenReferenceType = obj instanceof JAXBElement ? (SecurityTokenReferenceType) ((JAXBElement) obj).getValue() : (SecurityTokenReferenceType) obj;
            DerivedKey createDerivedKey = str.length() == 0 ? this.elementFactory.createDerivedKey(this.dtk.getUUID(), encryptionAlgorithm, derivedKeyTokenImpl.getNonce(), derivedKeyTokenImpl.getOffset(), derivedKeyTokenImpl.getLength(), derivedKeyTokenImpl.getLabel(), securityTokenReferenceType, this.context.getSecurityPolicyVersion()) : this.elementFactory.createDerivedKey(this.dtk.getUUID(), encryptionAlgorithm, derivedKeyTokenImpl.getNonce(), derivedKeyTokenImpl.getOffset(), derivedKeyTokenImpl.getLength(), derivedKeyTokenImpl.getLabel(), securityTokenReferenceType, str, this.context.getSecurityPolicyVersion());
            DirectReference createDirectReference = this.elementFactory.createDirectReference();
            createDirectReference.setURI("#" + createDerivedKey.getId());
            SecurityTokenReference buildSTR = buildSTR(this.context.generateID(), createDirectReference);
            this.context.getSecurityHeader().add(createDerivedKey);
            buildKeyInfo(buildSTR);
            builderResult.setKeyInfo(this.keyInfo);
            builderResult.setDataProtectionKey(generateSymmetricKey);
            return builderResult;
        } catch (Exception e) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1806_ERROR_GENERATING_SYMMETRIC_KEY());
            throw new XWSSecurityException(e);
        }
    }
}
