package com.sun.xml.ws.security.opt.impl.dsig;

import com.sun.xml.ws.security.opt.api.keyinfo.BuilderResult;
import com.sun.xml.ws.security.opt.api.keyinfo.TokenBuilder;
import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
import com.sun.xml.ws.security.opt.impl.keyinfo.DerivedKeyTokenBuilder;
import com.sun.xml.ws.security.opt.impl.keyinfo.IssuedTokenBuilder;
import com.sun.xml.ws.security.opt.impl.keyinfo.KerberosTokenBuilder;
import com.sun.xml.ws.security.opt.impl.keyinfo.SCTBuilder;
import com.sun.xml.ws.security.opt.impl.keyinfo.SamlTokenBuilder;
import com.sun.xml.ws.security.opt.impl.keyinfo.SymmetricTokenBuilder;
import com.sun.xml.ws.security.opt.impl.keyinfo.X509TokenBuilder;
import com.sun.xml.ws.security.opt.impl.util.NamespaceContextEx;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.AlgorithmSuite;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.impl.policy.mls.DerivedTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.IssuedTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.PrivateKeyBinding;
import com.sun.xml.wss.impl.policy.mls.SecureConversationTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
import com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding;
import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
import com.sun.xml.wss.logging.LogDomainConstants;
import com.sun.xml.wss.logging.impl.opt.signature.LogStringsMessages;
import java.security.Key;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:spg-ui-war-2.1.52.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/ws/security/opt/impl/dsig/TokenProcessor.class */
public class TokenProcessor {
    private static final Logger logger = Logger.getLogger(LogDomainConstants.IMPL_OPT_SIGNATURE_DOMAIN, LogDomainConstants.IMPL_OPT_SIGNATURE_DOMAIN_BUNDLE);
    private Key signingKey = null;
    private TokenBuilder builder = null;
    private WSSPolicy keyBinding;
    private JAXBFilterProcessingContext context;

    public TokenProcessor(SignaturePolicy signaturePolicy, JAXBFilterProcessingContext jAXBFilterProcessingContext) {
        this.keyBinding = null;
        this.context = null;
        this.context = jAXBFilterProcessingContext;
        this.keyBinding = (WSSPolicy) signaturePolicy.getKeyBinding();
    }

    public BuilderResult process() throws XWSSecurityException {
        SymmetricKeyBinding symmetricKeyBinding;
        AuthenticationTokenPolicy.KerberosTokenBinding kerberosTokenBinding;
        AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding;
        String str = MessageConstants.RSA_15_KEY_TRANSPORT;
        String str2 = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
        AlgorithmSuite algorithmSuite = this.context.getAlgorithmSuite();
        String str3 = null;
        if (algorithmSuite != null) {
            str3 = algorithmSuite.getAsymmetricKeyAlgorithm();
        }
        if (str3 != null && !"".equals(str3)) {
            str = str3;
        }
        if (algorithmSuite != null) {
            str3 = algorithmSuite.getEncryptionAlgorithm();
        }
        if (str3 != null && !"".equals(str3)) {
            str2 = str3;
        }
        if (PolicyTypeUtil.usernameTokenPolicy(this.keyBinding)) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1702_UNSUPPORTED_USERNAMETOKEN_KEYBINDING());
            throw new XWSSecurityException("UsernameToken as KeyBinding for SignaturePolicy is Not Yet Supported");
        }
        if (PolicyTypeUtil.x509CertificateBinding(this.keyBinding)) {
            if (this.context.getX509CertificateBinding() != null) {
                x509CertificateBinding = this.context.getX509CertificateBinding();
                this.context.setX509CertificateBinding(null);
            } else {
                x509CertificateBinding = (AuthenticationTokenPolicy.X509CertificateBinding) this.keyBinding;
            }
            this.signingKey = ((PrivateKeyBinding) x509CertificateBinding.getKeyBinding()).getPrivateKey();
            this.builder = new X509TokenBuilder(this.context, x509CertificateBinding);
            BuilderResult process = this.builder.process();
            process.setDataProtectionKey(this.signingKey);
            return process;
        }
        if (PolicyTypeUtil.kerberosTokenBinding(this.keyBinding)) {
            if (this.context.getKerberosTokenBinding() != null) {
                kerberosTokenBinding = this.context.getKerberosTokenBinding();
                this.context.setKerberosTokenBinding(null);
            } else {
                kerberosTokenBinding = (AuthenticationTokenPolicy.KerberosTokenBinding) this.keyBinding;
            }
            this.signingKey = kerberosTokenBinding.getSecretKey();
            this.builder = new KerberosTokenBuilder(this.context, kerberosTokenBinding);
            BuilderResult process2 = this.builder.process();
            process2.setDataProtectionKey(this.signingKey);
            return process2;
        }
        if (PolicyTypeUtil.symmetricKeyBinding(this.keyBinding)) {
            if (this.context.getSymmetricKeyBinding() != null) {
                symmetricKeyBinding = this.context.getSymmetricKeyBinding();
                this.context.setSymmetricKeyBinding(null);
            } else {
                symmetricKeyBinding = (SymmetricKeyBinding) this.keyBinding;
            }
            this.builder = new SymmetricTokenBuilder(symmetricKeyBinding, this.context, str2, str);
            return this.builder.process();
        }
        if (PolicyTypeUtil.derivedTokenKeyBinding(this.keyBinding)) {
            DerivedTokenKeyBinding derivedTokenKeyBinding = (DerivedTokenKeyBinding) this.keyBinding;
            ((NamespaceContextEx) this.context.getNamespaceContext()).addSCNS();
            this.builder = new DerivedKeyTokenBuilder(this.context, derivedTokenKeyBinding);
            return this.builder.process();
        }
        if (PolicyTypeUtil.issuedTokenKeyBinding(this.keyBinding)) {
            return new IssuedTokenBuilder(this.context, (IssuedTokenKeyBinding) this.keyBinding).process();
        }
        if (PolicyTypeUtil.secureConversationTokenKeyBinding(this.keyBinding)) {
            ((NamespaceContextEx) this.context.getNamespaceContext()).addSCNS();
            return new SCTBuilder(this.context, (SecureConversationTokenKeyBinding) this.keyBinding).process();
        }
        if (PolicyTypeUtil.samlTokenPolicy(this.keyBinding)) {
            ((NamespaceContextEx) this.context.getNamespaceContext()).addSAMLNS();
            return new SamlTokenBuilder(this.context, (AuthenticationTokenPolicy.SAMLAssertionBinding) this.keyBinding, true).process();
        }
        logger.log(Level.SEVERE, LogStringsMessages.WSS_1703_UNSUPPORTED_KEYBINDING_SIGNATUREPOLICY(this.keyBinding));
        throw new UnsupportedOperationException("Unsupported Key Binding" + this.keyBinding);
    }
}
