package com.sun.xml.ws.security.opt.impl.enc;

import com.sun.xml.security.core.xenc.ReferenceList;
import com.sun.xml.ws.security.opt.api.EncryptedKey;
import com.sun.xml.ws.security.opt.api.SecurityElement;
import com.sun.xml.ws.security.opt.api.keyinfo.BuilderResult;
import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyInfo;
import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
import com.sun.xml.ws.security.opt.impl.message.ETHandler;
import com.sun.xml.ws.security.opt.impl.util.NamespaceContextEx;
import com.sun.xml.ws.security.opt.impl.util.WSSElementFactory;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.impl.policy.mls.DerivedTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
import com.sun.xml.wss.impl.policy.mls.EncryptionTarget;
import com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding;
import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
import com.sun.xml.wss.logging.LogDomainConstants;
import com.sun.xml.wss.logging.impl.opt.crypto.LogStringsMessages;
import java.io.UnsupportedEncodingException;
import java.security.Key;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.io.IOUtils;

/* loaded from: input_file:spg-ui-war-3.0.15.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/ws/security/opt/impl/enc/EncryptionProcessor.class */
public class EncryptionProcessor {
    private static byte[] crlf;
    private static final Logger logger = Logger.getLogger(LogDomainConstants.IMPL_OPT_CRYPTO_DOMAIN, LogDomainConstants.IMPL_OPT_CRYPTO_DOMAIN_BUNDLE);

    public void process(JAXBFilterProcessingContext jAXBFilterProcessingContext) throws XWSSecurityException {
        WSSElementFactory wSSElementFactory = new WSSElementFactory(jAXBFilterProcessingContext.getSOAPVersion());
        ((NamespaceContextEx) jAXBFilterProcessingContext.getNamespaceContext()).addEncryptionNS();
        ((NamespaceContextEx) jAXBFilterProcessingContext.getNamespaceContext()).addSignatureNS();
        WSSPolicy wSSPolicy = (WSSPolicy) jAXBFilterProcessingContext.getSecurityPolicy();
        EncryptionPolicy.FeatureBinding featureBinding = (EncryptionPolicy.FeatureBinding) wSSPolicy.getFeatureBinding();
        WSSPolicy wSSPolicy2 = (WSSPolicy) wSSPolicy.getKeyBinding();
        if (logger.isLoggable(Level.FINEST)) {
            logger.log(Level.FINEST, LogStringsMessages.WSS_1952_ENCRYPTION_KEYBINDING_VALUE(wSSPolicy2));
        }
        if (PolicyTypeUtil.derivedTokenKeyBinding(wSSPolicy2)) {
            DerivedTokenKeyBinding derivedTokenKeyBinding = (DerivedTokenKeyBinding) wSSPolicy2.clone();
            WSSPolicy originalKeyBinding = derivedTokenKeyBinding.getOriginalKeyBinding();
            if (PolicyTypeUtil.x509CertificateBinding(originalKeyBinding)) {
                AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding = (AuthenticationTokenPolicy.X509CertificateBinding) originalKeyBinding.clone();
                SymmetricKeyBinding symmetricKeyBinding = new SymmetricKeyBinding();
                symmetricKeyBinding.setKeyBinding(x509CertificateBinding);
                derivedTokenKeyBinding.setOriginalKeyBinding(symmetricKeyBinding);
                EncryptionPolicy encryptionPolicy = (EncryptionPolicy) wSSPolicy.clone();
                encryptionPolicy.setKeyBinding(derivedTokenKeyBinding);
                jAXBFilterProcessingContext.setSecurityPolicy(encryptionPolicy);
                wSSPolicy = encryptionPolicy;
            }
        }
        BuilderResult process = new TokenProcessor((EncryptionPolicy) wSSPolicy, jAXBFilterProcessingContext).process();
        Key dataProtectionKey = process.getDataProtectionKey();
        EncryptedKey encryptedKey = process.getEncryptedKey();
        Iterator it = featureBinding.getTargetBindings().iterator();
        ETHandler eTHandler = new ETHandler(jAXBFilterProcessingContext.getSOAPVersion());
        EncryptionPolicy.FeatureBinding featureBinding2 = (EncryptionPolicy.FeatureBinding) wSSPolicy.getFeatureBinding();
        ReferenceList referenceList = new ReferenceList();
        KeyInfo keyInfo = (encryptedKey == null || featureBinding2.getUseStandAloneRefList()) ? process.getKeyInfo() : null;
        boolean z = false;
        while (it.hasNext()) {
            EncryptionTarget encryptionTarget = (EncryptionTarget) it.next();
            encryptionTarget.getContentOnly();
            List buildEDList = eTHandler.buildEDList((EncryptionPolicy) wSSPolicy, encryptionTarget, jAXBFilterProcessingContext, dataProtectionKey, keyInfo);
            for (int i = 0; i < buildEDList.size(); i++) {
                referenceList.getDataReferenceOrKeyReference().add(wSSElementFactory.createDataReference((SecurityElement) buildEDList.get(i)));
                z = true;
            }
        }
        if (z) {
            if (encryptedKey == null || featureBinding2.getUseStandAloneRefList()) {
                jAXBFilterProcessingContext.getSecurityHeader().add(wSSElementFactory.createGSHeaderElement(referenceList));
            } else {
                encryptedKey.setReferenceList(referenceList);
            }
        }
    }

    private void checkBSP5607(String str, String str2, boolean z) throws XWSSecurityException {
        if (z) {
            return;
        }
        if ("http://schemas.xmlsoap.org/soap/envelope/".equalsIgnoreCase(str2) || "http://www.w3.org/2003/05/soap-envelope".equalsIgnoreCase(str2)) {
            if (MessageConstants.SOAP_HEADER_LNAME.equalsIgnoreCase(str) || "Envelope".equalsIgnoreCase(str) || MessageConstants.SOAP_BODY_LNAME.equalsIgnoreCase(str)) {
                logger.log(Level.SEVERE, LogStringsMessages.WSS_1918_ILLEGAL_ENCRYPTION_TARGET(str2, str));
                throw new XWSSecurityException("Encryption of SOAP " + str + " is not allowed");
            }
        }
    }

    static {
        crlf = null;
        try {
            crlf = IOUtils.LINE_SEPARATOR_WINDOWS.getBytes("US-ASCII");
        } catch (UnsupportedEncodingException e) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1917_CRLF_INIT_FAILED(), (Throwable) e);
        }
    }
}
