package com.sun.xml.ws.security.opt.impl.keyinfo;

import com.sun.xml.ws.security.opt.api.keyinfo.Token;
import com.sun.xml.ws.security.opt.api.reference.Reference;
import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyInfo;
import com.sun.xml.ws.security.opt.crypto.dsig.keyinfo.KeyName;
import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
import com.sun.xml.ws.security.opt.impl.crypto.SSEData;
import com.sun.xml.ws.security.opt.impl.outgoing.SecurityHeader;
import com.sun.xml.ws.security.opt.impl.reference.DirectReference;
import com.sun.xml.ws.security.opt.impl.reference.KeyIdentifier;
import com.sun.xml.ws.security.opt.impl.util.WSSElementFactory;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
import com.sun.xml.wss.logging.LogDomainConstants;
import com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:spg-ui-war-3.0.12.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/ws/security/opt/impl/keyinfo/TokenBuilder.class */
public abstract class TokenBuilder implements com.sun.xml.ws.security.opt.api.keyinfo.TokenBuilder {
    protected static final Logger logger = Logger.getLogger(LogDomainConstants.IMPL_OPT_TOKEN_DOMAIN, LogDomainConstants.IMPL_OPT_TOKEN_DOMAIN_BUNDLE);
    protected JAXBFilterProcessingContext context;
    protected SecurityHeader securityHeader;
    protected WSSElementFactory elementFactory;
    protected KeyInfo keyInfo = null;

    public TokenBuilder(JAXBFilterProcessingContext jAXBFilterProcessingContext) {
        this.context = null;
        this.securityHeader = null;
        this.elementFactory = null;
        this.context = jAXBFilterProcessingContext;
        this.securityHeader = jAXBFilterProcessingContext.getSecurityHeader();
        this.elementFactory = new WSSElementFactory(jAXBFilterProcessingContext.getSOAPVersion());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public com.sun.xml.ws.security.opt.api.keyinfo.BinarySecurityToken createBinarySecurityToken(AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding, X509Certificate x509Certificate) throws XWSSecurityException {
        if (AuthenticationTokenPolicy.X509CertificateBinding.INCLUDE_NEVER.equals(x509CertificateBinding.getIncludeToken())) {
            return null;
        }
        String id = getID(x509CertificateBinding);
        if (logger.isLoggable(Level.FINEST)) {
            logger.log(Level.FINEST, "X509 Token id: " + id);
        }
        Token token = (Token) this.securityHeader.getChildElement(id);
        if (token != null) {
            if (token instanceof com.sun.xml.ws.security.opt.api.keyinfo.BinarySecurityToken) {
                return (com.sun.xml.ws.security.opt.api.keyinfo.BinarySecurityToken) token;
            }
            throw new XWSSecurityException("Found two tokens with same Id attribute");
        }
        try {
            BinarySecurityToken createBinarySecurityToken = this.elementFactory.createBinarySecurityToken(id, x509Certificate.getEncoded());
            this.context.getSecurityHeader().add(createBinarySecurityToken);
            return createBinarySecurityToken;
        } catch (CertificateEncodingException e) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1801_BST_CREATION_FAILED());
            throw new XWSSecurityException("Error occured while constructing BinarySecurityToken", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public com.sun.xml.ws.security.opt.api.keyinfo.BinarySecurityToken createKerberosBST(AuthenticationTokenPolicy.KerberosTokenBinding kerberosTokenBinding, byte[] bArr) throws XWSSecurityException {
        if (AuthenticationTokenPolicy.KerberosTokenBinding.INCLUDE_NEVER.equals(kerberosTokenBinding.getIncludeToken())) {
            return null;
        }
        String id = getID(kerberosTokenBinding);
        if (logger.isLoggable(Level.FINEST)) {
            logger.log(Level.FINEST, "Kerberos Token id: " + id);
        }
        Token token = (Token) this.securityHeader.getChildElement(id);
        if (token != null) {
            if (token instanceof com.sun.xml.ws.security.opt.api.keyinfo.BinarySecurityToken) {
                return (com.sun.xml.ws.security.opt.api.keyinfo.BinarySecurityToken) token;
            }
            throw new XWSSecurityException("Found two tokens with same Id attribute");
        }
        BinarySecurityToken createKerberosBinarySecurityToken = this.elementFactory.createKerberosBinarySecurityToken(id, bArr);
        this.context.getSecurityHeader().add(createKerberosBinarySecurityToken);
        return createKerberosBinarySecurityToken;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecurityTokenReference buildSTR(String str, Reference reference) {
        SecurityTokenReference createSecurityTokenReference = this.elementFactory.createSecurityTokenReference(reference);
        if (this.context.getSecurityPolicy() instanceof SignaturePolicy) {
            createSecurityTokenReference.setId(str);
        }
        this.context.getElementCache().put(str, new SSEData(createSecurityTokenReference, false, this.context.getNamespaceContext()));
        return createSecurityTokenReference;
    }

    protected SecurityTokenReference buildSTR(Reference reference) {
        return this.elementFactory.createSecurityTokenReference(reference);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyInfo buildKeyInfo(Reference reference, String str) {
        this.keyInfo = this.elementFactory.createKeyInfo(buildSTR(str, reference));
        return this.keyInfo;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyInfo buildKeyInfo(SecurityTokenReference securityTokenReference) {
        this.keyInfo = this.elementFactory.createKeyInfo(securityTokenReference);
        return this.keyInfo;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyInfo buildKIWithKeyName(String str) {
        KeyName keyName = new KeyName();
        keyName.setKeyName(str);
        this.keyInfo = this.elementFactory.createKeyInfo(keyName);
        return this.keyInfo;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public DirectReference buildDirectReference(String str, String str2) {
        DirectReference createDirectReference = this.elementFactory.createDirectReference();
        createDirectReference.setURI("#" + str);
        if (str2 != null) {
            createDirectReference.setValueType(str2);
        }
        return createDirectReference;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyIdentifier buildKeyInfoWithKI(AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding, String str) throws XWSSecurityException {
        KeyIdentifier createKeyIdentifier = this.elementFactory.createKeyIdentifier();
        createKeyIdentifier.setValueType(str);
        createKeyIdentifier.updateReferenceValue(x509CertificateBinding.getX509Certificate());
        createKeyIdentifier.setEncodingType(MessageConstants.BASE64_ENCODING_NS);
        if (createKeyIdentifier.getValue() == null || createKeyIdentifier.getValue().length() == 0) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1852_KEY_IDENTIFIER_EMPTY());
            throw new XWSSecurityException(LogStringsMessages.WSS_1852_KEY_IDENTIFIER_EMPTY());
        }
        buildKeyInfo(createKeyIdentifier, x509CertificateBinding.getSTRID());
        return createKeyIdentifier;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyIdentifier buildKeyInfoWithKIKerberos(AuthenticationTokenPolicy.KerberosTokenBinding kerberosTokenBinding, String str) throws XWSSecurityException {
        KeyIdentifier createKeyIdentifier = this.elementFactory.createKeyIdentifier();
        createKeyIdentifier.setValueType(str);
        createKeyIdentifier.updateReferenceValue(kerberosTokenBinding.getTokenValue());
        createKeyIdentifier.setEncodingType(MessageConstants.BASE64_ENCODING_NS);
        if (createKeyIdentifier.getValue() == null || createKeyIdentifier.getValue().length() == 0) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1852_KEY_IDENTIFIER_EMPTY());
            throw new XWSSecurityException(LogStringsMessages.WSS_1852_KEY_IDENTIFIER_EMPTY());
        }
        buildKeyInfo(createKeyIdentifier, kerberosTokenBinding.getSTRID());
        return createKeyIdentifier;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyIdentifier buildKeyInfoWithEKSHA1(String str) {
        KeyIdentifier createKeyIdentifier = this.elementFactory.createKeyIdentifier();
        createKeyIdentifier.setValueType(MessageConstants.EncryptedKeyIdentifier_NS);
        createKeyIdentifier.setEncodingType(MessageConstants.BASE64_ENCODING_NS);
        createKeyIdentifier.setReferenceValue(str);
        buildKeyInfo(createKeyIdentifier, null);
        return createKeyIdentifier;
    }

    protected String getID(WSSPolicy wSSPolicy) {
        String uuid = wSSPolicy.getUUID();
        return (uuid == null || uuid.length() == 0) ? this.context.generateID() : uuid;
    }

    public javax.xml.crypto.dsig.keyinfo.KeyInfo getKeyInfo() {
        return this.keyInfo;
    }
}
