package weblogic.xml.crypto.wss11.internal;

import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.namespace.QName;
import org.python.core.PyString;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import weblogic.security.service.ContextHandler;
import weblogic.xml.crypto.api.KeySelector;
import weblogic.xml.crypto.api.MarshalException;
import weblogic.xml.crypto.api.XMLCryptoContext;
import weblogic.xml.crypto.common.keyinfo.EncryptedKeyProvider;
import weblogic.xml.crypto.common.keyinfo.KeyProvider;
import weblogic.xml.crypto.dsig.ReferenceImpl;
import weblogic.xml.crypto.dsig.api.DigestMethod;
import weblogic.xml.crypto.dsig.api.Reference;
import weblogic.xml.crypto.dsig.api.SignedInfo;
import weblogic.xml.crypto.dsig.api.keyinfo.KeyInfo;
import weblogic.xml.crypto.encrypt.api.EncryptionMethod;
import weblogic.xml.crypto.encrypt.api.TBEKey;
import weblogic.xml.crypto.encrypt.api.XMLEncryptionException;
import weblogic.xml.crypto.encrypt.api.dom.DOMEncryptContext;
import weblogic.xml.crypto.encrypt.api.dom.DOMTBEXML;
import weblogic.xml.crypto.encrypt.api.keyinfo.EncryptedKey;
import weblogic.xml.crypto.utils.DOMUtils;
import weblogic.xml.crypto.utils.LogUtils;
import weblogic.xml.crypto.wss.SecurityTokenContextHandler;
import weblogic.xml.crypto.wss.WSSConstants;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.WSSecurityException;
import weblogic.xml.crypto.wss.provider.SecurityToken;
import weblogic.xml.crypto.wss.provider.SecurityTokenHandler;
import weblogic.xml.crypto.wss.provider.SecurityTokenReference;
import weblogic.xml.crypto.wss11.internal.enckey.EncryptedKeySTR;
import weblogic.xml.crypto.wss11.internal.enckey.EncryptedKeyToken;
import weblogic.xml.saaj.SOAPConstants;

/* loaded from: input_file:weblogic/xml/crypto/wss11/internal/SecurityBuilderImpl.class */
public class SecurityBuilderImpl extends weblogic.xml.crypto.wss.SecurityBuilderImpl implements SecurityBuilder {
    private final boolean DEBUG = false;
    private String layout;
    private String version;
    private boolean processingStarted;
    private static final List EMPTY_LIST = new ArrayList();
    private static final List supportedLayouts = new ArrayList();

    public SecurityBuilderImpl(WSSecurityContext wSSecurityContext, Element element) {
        super(wSSecurityContext, element);
        this.DEBUG = false;
        this.layout = SecurityBuilder.STRICT;
        this.version = WSS11Constants.XMLNS_WSS11;
        this.processingStarted = false;
    }

    public SecurityBuilderImpl(WSSecurityContext wSSecurityContext) {
        super(wSSecurityContext);
        this.DEBUG = false;
        this.layout = SecurityBuilder.STRICT;
        this.version = WSS11Constants.XMLNS_WSS11;
        this.processingStarted = false;
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void setLayout(String str) {
        if (this.processingStarted && !this.layout.equals(str)) {
            throw new IllegalStateException("Layout can not be changed after SecurityBuilder processing started.");
        }
        checkLayout(str);
        this.layout = str;
    }

    public static void setEncryptBeforeSign(ContextHandler contextHandler, boolean z) {
        ((SecurityTokenContextHandler) contextHandler).addContextElement(SecurityTokenContextHandler.ENCRYPT_THEN_SIGN, new Boolean(z));
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void setWSSVersion(String str) {
        if (this.processingStarted && !this.version.equals(str)) {
            throw new IllegalStateException("WSS version can not be changed after SecurityBuilder processing started.");
        }
        if (!"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd".equals(str) && !WSS11Constants.XMLNS_WSS11.equals(str)) {
            throw new IllegalArgumentException("Unsupported WSS version: " + str);
        }
        this.version = str;
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public SignatureConfirmation[] addSignatureConfirmation(String[] strArr, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        SignatureConfirmation[] signatureConfirmationArr;
        ensureWSS11();
        setLayout(contextHandler);
        start();
        if (strArr.length == 0) {
            signatureConfirmationArr = new SignatureConfirmation[]{addSigConf(null, contextHandler)};
        } else {
            signatureConfirmationArr = new SignatureConfirmation[strArr.length];
            for (int i = 0; i < strArr.length; i++) {
                String str = strArr[i];
                if (str == null) {
                    throw new NullPointerException();
                }
                signatureConfirmationArr[i] = addSigConf(str, contextHandler);
            }
        }
        return signatureConfirmationArr;
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void addSignatureAndEncryption(SignedInfo signedInfo, List list, EncryptionMethod encryptionMethod, EncryptionMethod encryptionMethod2, String str, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        addSignAndEncInternal(signedInfo, list, encryptionMethod, encryptionMethod2, str, null, str2, z, contextHandler);
    }

    protected EncryptedKeyToken addEncryptedKeyToken(Key key, String str) {
        EncryptedKeyToken encryptedKeyToken = new EncryptedKeyToken(key, str);
        this.securityCtx.addSecurityToken(encryptedKeyToken);
        return encryptedKeyToken;
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void addSignatureAndEncryption(SignedInfo signedInfo, List list, EncryptionMethod encryptionMethod, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        ensureWSS11();
        setLayout(contextHandler);
        start();
        boolean isEncryptBeforeSign = SecurityImpl.isEncryptBeforeSign(contextHandler);
        EncryptedKeyToken encryptedKeyToken = (EncryptedKeyToken) getToken(WSS11Constants.ENC_KEY_TOKEN_TYPE, null, contextHandler);
        if (isEncryptBeforeSign) {
            SecurityTokenReference encryptedKeySTR = new EncryptedKeySTR(WSSConstants.KEY_IDENTIFIER_QNAME, encryptedKeyToken);
            KeyInfo keyInfo = getKeyInfo(encryptedKeySTR);
            DOMEncryptContext dOMEncryptContext = new DOMEncryptContext(null);
            dOMEncryptContext.setKeySelector(this.securityCtx.getKeySelector());
            addReferenceList(encryptData(list, dOMEncryptContext, encryptionMethod, keyInfo, true, contextHandler), encryptedKeyToken, contextHandler);
            addSignatureWithToken(signedInfo, encryptedKeySTR, null, contextHandler);
            moveTimestampToTop();
            return;
        }
        SecurityTokenReference encryptedKeySTR2 = new EncryptedKeySTR(WSSConstants.KEY_IDENTIFIER_QNAME, encryptedKeyToken);
        addSignatureWithToken(signedInfo, encryptedKeySTR2, null, contextHandler);
        KeyInfo keyInfo2 = getKeyInfo(encryptedKeySTR2);
        DOMEncryptContext dOMEncryptContext2 = new DOMEncryptContext(null);
        dOMEncryptContext2.setKeySelector(this.securityCtx.getKeySelector());
        List encryptData = encryptData(list, dOMEncryptContext2, encryptionMethod, keyInfo2, true, contextHandler);
        if (!SecurityBuilder.LAX_TS_FIRST.equals(this.layout)) {
            ((SecurityTokenContextHandler) contextHandler).addContextElement(SecurityTokenContextHandler.SET_TO_FIRST_TOKEN, "true");
        }
        addReferenceList(encryptData, encryptedKeyToken, contextHandler);
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void addSignatureAndEncryptionAndEndorsing(SignedInfo signedInfo, List list, EncryptionMethod encryptionMethod, int i, SignedInfo signedInfo2, String str, List list2, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        ensureWSS11();
        setLayout(contextHandler);
        start();
        if ((i & 4096) == 4096) {
            throw new WSSecurityException("Wrong Policy on Encrypt before Sign and Encrypt Signature");
        }
        boolean z2 = (i & 8192) == 8192;
        EncryptedKeyToken encryptedKeyToken = (EncryptedKeyToken) getToken(WSS11Constants.ENC_KEY_TOKEN_TYPE, null, contextHandler);
        SecurityTokenReference encryptedKeySTR = new EncryptedKeySTR(WSSConstants.KEY_IDENTIFIER_QNAME, encryptedKeyToken);
        Node addSignatureWithToken = addSignatureWithToken(signedInfo, encryptedKeySTR, null, contextHandler);
        Node node = null;
        if (signedInfo2 != null) {
            setSignatureReference(signedInfo2, (Element) addSignatureWithToken);
            node = addSignatureInternal(signedInfo2, str, list2, str2, z, contextHandler);
        }
        if (z2) {
            list.add(new DOMTBEXML((Element) addSignatureWithToken, signedInfo.getCanonicalizationMethod()));
            if (node != null) {
                list.add(new DOMTBEXML((Element) node, signedInfo2.getCanonicalizationMethod()));
            }
        }
        KeyInfo keyInfo = getKeyInfo(encryptedKeySTR);
        DOMEncryptContext dOMEncryptContext = new DOMEncryptContext(null);
        dOMEncryptContext.setKeySelector(this.securityCtx.getKeySelector());
        List encryptData = encryptData(list, dOMEncryptContext, encryptionMethod, keyInfo, true, contextHandler);
        if (!SecurityBuilder.LAX_TS_FIRST.equals(this.layout)) {
            ((SecurityTokenContextHandler) contextHandler).addContextElement(SecurityTokenContextHandler.SET_TO_FIRST_TOKEN, "true");
        }
        addReferenceList(encryptData, encryptedKeyToken, contextHandler);
        if (z2) {
            moveTimestampToTop();
        }
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void addSignature(SignedInfo signedInfo, EncryptionMethod encryptionMethod, String str, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        addSignatureInternal(signedInfo, encryptionMethod, str, null, str2, z, contextHandler);
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void addSignature(SignedInfo signedInfo, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        ensureWSS11();
        start();
        setLayout(contextHandler);
        addSignatureWithToken(signedInfo, new EncryptedKeySTR(WSSConstants.KEY_IDENTIFIER_QNAME, (EncryptedKeyToken) getToken(WSS11Constants.ENC_KEY_TOKEN_TYPE, null, contextHandler)), null, contextHandler);
    }

    private void setLayout(ContextHandler contextHandler) {
        if (this.layout.equals(SecurityBuilder.STRICT)) {
            ((SecurityTokenContextHandler) contextHandler).addContextElement(SecurityTokenContextHandler.STRICT_LAYOUT, Boolean.TRUE);
        }
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void addEncryption(List list, EncryptionMethod encryptionMethod, ContextHandler contextHandler) throws MarshalException, WSSecurityException {
        ensureWSS11();
        start();
        EncryptedKeyToken encryptedKeyToken = (EncryptedKeyToken) getToken(WSS11Constants.ENC_KEY_TOKEN_TYPE, null, contextHandler);
        KeyInfo keyInfo = getKeyInfo(new EncryptedKeySTR(WSSConstants.KEY_IDENTIFIER_QNAME, encryptedKeyToken));
        DOMEncryptContext dOMEncryptContext = new DOMEncryptContext(null);
        dOMEncryptContext.setKeySelector(this.securityCtx.getKeySelector());
        addReferenceList(encryptData(list, dOMEncryptContext, encryptionMethod, keyInfo, true, contextHandler), encryptedKeyToken, contextHandler);
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public Reference createReference(String str, List list, String str2, DigestMethod digestMethod, List list2, boolean z, ContextHandler contextHandler) throws WSSecurityException {
        setLayout(contextHandler);
        start();
        return createReferenceInternal(str, list, str2, digestMethod, list2, z, contextHandler);
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public Node addSignature(SignedInfo signedInfo, Reference reference, List list, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        start();
        setLayout(contextHandler);
        return addSignatureInternal(signedInfo, reference, list, contextHandler);
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public Node addSignature(SignedInfo signedInfo, String str, List list, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        start();
        setLayout(contextHandler);
        boolean isMoveTimestampNeeded = isMoveTimestampNeeded(contextHandler);
        Node addSignatureInternal = addSignatureInternal(signedInfo, str, list, str2, z, contextHandler);
        if (null != addSignatureInternal && isMoveTimestampNeeded) {
            moveTimestampToTop();
        }
        return addSignatureInternal;
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public boolean addEncryption(List list, EncryptionMethod encryptionMethod, EncryptionMethod encryptionMethod2, String str, List list2, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        start();
        return addEncryptionInternal(list, encryptionMethod, encryptionMethod2, str, list2, str2, z, contextHandler);
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void addSignatureAndEncryption(SignedInfo signedInfo, List list, EncryptionMethod encryptionMethod, EncryptionMethod encryptionMethod2, String str, List list2, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        addSignAndEncInternal(signedInfo, list, encryptionMethod, encryptionMethod2, str, list2, str2, z, contextHandler);
    }

    private void setSignatureReference(SignedInfo signedInfo, Element element) throws WSSecurityException {
        for (ReferenceImpl referenceImpl : signedInfo.getReferences()) {
            if ("#weblogic.wsee.security.signature_node".equals(referenceImpl.getURI())) {
                String existingId = DOMUtils.getExistingId(element, this.idQNames);
                if (null == existingId) {
                    throw new WSSecurityException("Missing Signature Id");
                }
                referenceImpl.setUri("#" + existingId);
                return;
            }
        }
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void addSignatureAndEncryptionAndEndorsing(SignedInfo signedInfo, List list, EncryptionMethod encryptionMethod, EncryptionMethod encryptionMethod2, String str, List list2, String str2, boolean z, int i, SignedInfo signedInfo2, String str3, List list3, String str4, boolean z2, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        boolean z3 = false;
        ensureWSS11();
        start();
        setLayout(contextHandler);
        if ((i & 4096) == 4096) {
            throw new WSSecurityException("Wrong Policy on Encrypt before Sign and Encrypt Signature");
        }
        if (null == encryptionMethod) {
            throw new WSSecurityException("Wrong state on Encrypted Key and DK");
        }
        boolean z4 = (i & 1024) == 1024;
        boolean z5 = (i & 8192) == 8192;
        SecurityToken token = getToken(str, str2, contextHandler);
        addToken(z, token, contextHandler);
        SecurityTokenReference str5 = getSTR(str, list2, token, z);
        Key generateKey = generateKey(encryptionMethod2);
        String generateId = DOMUtils.generateId("encKey");
        EncryptedKeyToken addEncryptedKeyToken = addEncryptedKeyToken(generateKey, generateId);
        Node addSignatureWithToken = addSignatureWithToken(signedInfo, new EncryptedKeySTR(WSSConstants.REFERENCE_QNAME, addEncryptedKeyToken), null, contextHandler);
        Node node = null;
        if (z4) {
            setSignatureReference(signedInfo2, (Element) addSignatureWithToken);
            node = addSignatureInternal(signedInfo2, str3, list3, str4, z2, contextHandler);
        }
        if (z5) {
            list.add(new DOMTBEXML((Element) addSignatureWithToken, signedInfo.getCanonicalizationMethod()));
            if (node != null) {
                list.add(new DOMTBEXML((Element) node, signedInfo2.getCanonicalizationMethod()));
            }
            z3 = true;
        }
        KeyInfo keyInfo = getKeyInfo(str5);
        List encryptData = encryptData(list, new DOMEncryptContext(generateKey), encryptionMethod2, keyInfo, false, contextHandler);
        KeyProvider keyProvider = getKeyProvider(str, token);
        KeySelector keySelector = this.securityCtx.getKeySelector();
        if (null != encryptionMethod) {
            addEncryptedKeyToken.setEncryptedKey(addEncryptedKey(generateKey, getKey(keySelector, keyProvider, encryptionMethod), encryptionMethod, keyInfo, encryptData, generateId, z, token, contextHandler));
        } else {
            addReferenceList(encryptData, token, contextHandler);
        }
        if (z3) {
            moveTimestampToTop();
        }
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public void addSignature(SignedInfo signedInfo, EncryptionMethod encryptionMethod, String str, List list, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        addSignatureInternal(signedInfo, encryptionMethod, str, list, str2, z, contextHandler);
    }

    private void addSignAndEncInternal(SignedInfo signedInfo, List list, EncryptionMethod encryptionMethod, EncryptionMethod encryptionMethod2, String str, List list2, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        ensureWSS11();
        start();
        setLayout(contextHandler);
        boolean isEncryptBeforeSign = SecurityImpl.isEncryptBeforeSign(contextHandler);
        SecurityToken token = getToken(str, str2, contextHandler);
        addToken(z, token, contextHandler);
        SecurityTokenReference str3 = getSTR(str, list2, token, z);
        Key generateKey = generateKey(encryptionMethod2);
        String generateId = DOMUtils.generateId("encKey");
        EncryptedKeyToken addEncryptedKeyToken = addEncryptedKeyToken(generateKey, generateId);
        if (!isEncryptBeforeSign) {
            addSignatureWithToken(signedInfo, new EncryptedKeySTR(WSSConstants.REFERENCE_QNAME, addEncryptedKeyToken), null, contextHandler);
            KeyInfo keyInfo = getKeyInfo(str3);
            addEncryptedKeyToken.setEncryptedKey(addEncryptedKey(generateKey, getKey(this.securityCtx.getKeySelector(), getKeyProvider(str, token), encryptionMethod), encryptionMethod, keyInfo, encryptData(list, new DOMEncryptContext(generateKey), encryptionMethod2, keyInfo, false, contextHandler), generateId, z, token, contextHandler));
            return;
        }
        KeyInfo keyInfo2 = getKeyInfo(str3);
        DOMEncryptContext dOMEncryptContext = new DOMEncryptContext(generateKey);
        STRType sTRType = new STRType(WSSConstants.REFERENCE_QNAME, WSS11Constants.ENC_KEY_VALUE_TYPE, WSS11Constants.ENC_KEY_TOKEN_TYPE);
        ArrayList arrayList = new ArrayList();
        arrayList.add(sTRType);
        List encryptData = encryptData(list, dOMEncryptContext, encryptionMethod2, getKeyInfo(getSTR(WSS11Constants.ENC_KEY_TOKEN_TYPE, arrayList, addEncryptedKeyToken, false)), true, contextHandler);
        EncryptedKey addEncryptedKey = addEncryptedKey(generateKey, getKey(this.securityCtx.getKeySelector(), getKeyProvider(str, token), encryptionMethod), encryptionMethod, keyInfo2, new ArrayList(), generateId, z, token, contextHandler);
        addReferenceList(encryptData, addEncryptedKeyToken, contextHandler);
        addEncryptedKeyToken.setEncryptedKey(addEncryptedKey);
        Map map = (Map) contextHandler.getValue(SecurityTokenContextHandler.ENCRYPTED_ELEMENT_MAP);
        if (null != map) {
            for (ReferenceImpl referenceImpl : signedInfo.getReferences()) {
                if (map.containsKey(referenceImpl.getURI())) {
                    referenceImpl.setUri("#" + ((String) map.get(referenceImpl.getURI())));
                }
            }
        }
        addSignatureWithToken(signedInfo, new EncryptedKeySTR(WSSConstants.REFERENCE_QNAME, addEncryptedKeyToken), null, contextHandler);
        moveTimestampToTop();
    }

    private void moveTimestampToTop() {
        if (SecurityBuilder.LAX_TS_LAST.equals(this.layout)) {
            return;
        }
        Element lastElement = DOMUtils.getLastElement(this.securityCtx.getSecurityElement());
        if ("Timestamp".equals(lastElement.getLocalName())) {
            moveToTop(lastElement);
        }
    }

    private void addSignatureInternal(SignedInfo signedInfo, EncryptionMethod encryptionMethod, String str, List list, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        ensureWSS11();
        setLayout(contextHandler);
        start();
        SecurityToken token = getToken(str, str2, contextHandler);
        addToken(z, token, contextHandler);
        SecurityTokenReference str3 = getSTR(str, list, token, z);
        try {
            Key generateKey = generateKey(this.securityCtx.getEncryptionFactory().newEncryptionMethod("http://www.w3.org/2001/04/xmlenc#aes256-cbc", null, null));
            String generateId = DOMUtils.generateId("encKey");
            EncryptedKeyToken addEncryptedKeyToken = addEncryptedKeyToken(generateKey, generateId);
            addSignatureWithToken(signedInfo, new EncryptedKeySTR(WSSConstants.REFERENCE_QNAME, addEncryptedKeyToken), null, contextHandler);
            addEncryptedKeyToken.setEncryptedKey(addEncryptedKey(generateKey, getKey(this.securityCtx.getKeySelector(), getKeyProvider(str, token), encryptionMethod), encryptionMethod, getKeyInfo(str3), EMPTY_LIST, generateId, z, token, contextHandler));
        } catch (InvalidAlgorithmParameterException e) {
            throw new WSSecurityException(e);
        }
    }

    private SignatureConfirmation addSigConf(String str, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        if (this.security == null) {
            createSecurity(this.securityCtx);
        }
        SignatureConfirmation newSignatureConfirmation = WSS11Factory.newSignatureConfirmation(str);
        this.security.add(newSignatureConfirmation, (XMLCryptoContext) null, contextHandler);
        return newSignatureConfirmation;
    }

    private void start() {
        this.processingStarted = true;
    }

    private boolean isWSS10() {
        return this.version.equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
    }

    private void checkLayout(String str) {
        if (!supportedLayouts.contains(str)) {
            throw new IllegalArgumentException("Unsupported layout: " + str);
        }
    }

    private void ensureWSS11() {
        if (isWSS10()) {
            throw new UnsupportedOperationException("Operation not supported with WSS version " + this.version);
        }
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilderImpl, weblogic.xml.crypto.wss.SecurityBuilder
    public Node addSignature(SignedInfo signedInfo, String str, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        setLayout(contextHandler);
        return super.addSignature(signedInfo, str, str2, z, contextHandler);
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilderImpl, weblogic.xml.crypto.wss.SecurityBuilder
    public Node addSignature(SignedInfo signedInfo, Reference reference, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        setLayout(contextHandler);
        return super.addSignature(signedInfo, reference, contextHandler);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // weblogic.xml.crypto.wss.SecurityBuilderImpl
    public SecurityTokenReference getSTR(String str, List list, SecurityToken securityToken, boolean z) throws WSSecurityException {
        if (list == null || list.size() == 0) {
            return super.getSTR(str, list, securityToken, z);
        }
        SecurityTokenHandler securityTokenHandler = null;
        int i = 0;
        while (true) {
            if (i >= list.size()) {
                break;
            }
            String valueType = ((STRType) list.get(i)).getValueType();
            if (valueType != null) {
                securityTokenHandler = this.securityCtx.getTokenHandler(valueType);
                if (null == securityTokenHandler && list.size() == 1) {
                    throw new WSSecurityException("Unable to get handler for str value type =" + valueType);
                }
            } else {
                i++;
            }
        }
        if (securityTokenHandler == null) {
            securityTokenHandler = this.securityCtx.getRequiredTokenHandler(str);
        }
        SecurityTokenReference securityTokenReference = null;
        QName qName = null;
        QName qName2 = null;
        for (int i2 = 0; securityTokenReference == null && list.size() > i2; i2++) {
            STRType sTRType = (STRType) list.get(i2);
            qName2 = sTRType.getTopLevelElement();
            if (qName2.equals(WSSConstants.REFERENCE_QNAME)) {
                return createDirectSTR(str, securityToken);
            }
            String valueType2 = sTRType.getValueType();
            if (WSS11Constants.THUMBPRINT_URI.equals(valueType2)) {
                ensureWSS11();
                securityTokenReference = securityTokenHandler.getSTR(qName2, sTRType.getValueType(), securityToken);
            } else {
                securityTokenReference = securityTokenHandler.getSTR(qName2, valueType2 != null ? sTRType.getTokenType() : str, securityToken);
                if (WSSConstants.KEY_IDENTIFIER_QNAME.equals(qName2) && !WSSConstants.KEY_IDENTIFIER_QNAME.equals(securityTokenReference.getSTRType())) {
                    if (list.size() <= i2) {
                        throw new WSSecurityException("Failed to create KeyIdentifier STR");
                    }
                    qName = securityTokenReference.getSTRType();
                    securityTokenReference = null;
                }
            }
        }
        if (securityTokenReference == null) {
            throw new WSSecurityException("Failed to create STR for QName =" + qName2 + " error STR QName =" + qName);
        }
        if (securityTokenReference.getId() == null) {
            securityTokenReference.setId(getId(PyString.exposed_name));
        }
        return securityTokenReference;
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilderImpl
    protected SecurityTokenReference createKeyIdSTRInternal(String str, List list, SecurityToken securityToken, boolean z) throws WSSecurityException {
        return getSTR(str, list, securityToken, z);
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilderImpl
    protected void createSecurity(WSSecurityContext wSSecurityContext) throws MarshalException {
        WSS11Factory.getInstance();
        this.security = WSS11Factory.newSecurity(wSSecurityContext);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // weblogic.xml.crypto.wss.SecurityBuilderImpl
    public void processEncryptedHeader(Node node, Node node2) {
        if (isWSS10()) {
            super.processEncryptedHeader(node, node2);
            return;
        }
        boolean z = this.namespaces.get("http://schemas.xmlsoap.org/soap/envelope/") == null;
        String str = (String) this.namespaces.get(WSS11Constants.XMLNS_WSS11);
        if (str == null) {
            str = WSS11Constants.PREFIX_WSS11;
        }
        Element createAndAddElement = DOMUtils.createAndAddElement((Element) node2.getParentNode(), WSS11Constants.ENC_HEADER_QNAME, str);
        NamedNodeMap attributes = node.getAttributes();
        if (null != this.securityCtx.getSecurityElement()) {
            attributes = this.securityCtx.getSecurityElement().getAttributes();
        }
        Node namedItemNS = attributes.getNamedItemNS("http://schemas.xmlsoap.org/soap/envelope/", "actor");
        if (namedItemNS == null) {
            namedItemNS = attributes.getNamedItemNS("http://www.w3.org/2003/05/soap-envelope", SOAPConstants.HEADER12_ROLE.getLocalPart());
        }
        if (namedItemNS != null) {
            createAndAddElement.setAttributeNodeNS((Attr) namedItemNS.cloneNode(true));
        }
        Node namedItemNS2 = attributes.getNamedItemNS("http://www.w3.org/2003/05/soap-envelope", SOAPConstants.HEADER12_RELAY.getLocalPart());
        if (namedItemNS2 != null) {
            createAndAddElement.setAttributeNodeNS((Attr) namedItemNS2.cloneNode(true));
        }
        SecurityImpl.setMustUnderstand(createAndAddElement, this.namespaces, z);
        node2.getParentNode().removeChild(node2);
        createAndAddElement.appendChild(node2);
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilderImpl
    protected EncryptedKey addEncryptedKey(Key key, Key key2, EncryptionMethod encryptionMethod, KeyInfo keyInfo, List list, String str, boolean z, SecurityToken securityToken, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        TBEKey tBEKey = new TBEKey(key);
        EncryptedKey newEncryptedKey = 0 != 0 ? getEncryptionFactory().newEncryptedKey(tBEKey, encryptionMethod, keyInfo, null, null, str, null, null, null) : getEncryptionFactory().newEncryptedKey(tBEKey, encryptionMethod, keyInfo, null, list, str, null, null, null);
        addEncryptedKey(newEncryptedKey, new DOMEncryptContext(key2), contextHandler);
        try {
            addEncryptedKeyToken(key, str).setEncryptedKey(newEncryptedKey);
            addToken(z, securityToken, contextHandler);
            return newEncryptedKey;
        } catch (XMLEncryptionException e) {
            throw new WSSecurityException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // weblogic.xml.crypto.wss.SecurityBuilderImpl
    public void updateContext(Node node, Node node2, ContextHandler contextHandler) {
        super.updateContext(node, node2, contextHandler);
        if (SecurityImpl.isEncryptBeforeSign(contextHandler)) {
            SecurityTokenContextHandler securityTokenContextHandler = (SecurityTokenContextHandler) contextHandler;
            Map map = (Map) securityTokenContextHandler.getValue(SecurityTokenContextHandler.ENCRYPTED_ELEMENT_MAP);
            if (null == map) {
                map = new HashMap();
                securityTokenContextHandler.addContextElement(SecurityTokenContextHandler.ENCRYPTED_ELEMENT_MAP, map);
            }
            map.put(new QName(node.getNamespaceURI(), node.getLocalName()), node2);
            String exisitingUri = getExisitingUri((Element) node);
            String exisitingUri2 = getExisitingUri((Element) node2);
            if (null == exisitingUri || null == exisitingUri2) {
                return;
            }
            map.put(getUri(exisitingUri), exisitingUri2);
        }
    }

    @Override // weblogic.xml.crypto.wss.SecurityBuilderImpl
    protected void moveToTop(SecurityToken securityToken) {
        moveToTop(this.securityCtx.getNode(securityToken));
    }

    protected void moveToTop(Node node) {
        Element securityElement = this.securityCtx.getSecurityElement();
        securityElement.removeChild(node);
        Node firstChild = securityElement.getFirstChild();
        if (SecurityBuilder.LAX_TS_FIRST.equals(this.layout) && null != firstChild && WSSConstants.TIMESTAMP_QNAME.getLocalPart().equals(firstChild.getLocalName())) {
            firstChild = firstChild.getNextSibling();
        }
        securityElement.insertBefore(node, firstChild);
    }

    @Override // weblogic.xml.crypto.wss11.internal.SecurityBuilder
    public boolean isCredentialAvailable(String str) {
        return null != getCredentialProvider(str);
    }

    public static boolean isMoveTimestampNeeded(ContextHandler contextHandler) {
        Boolean bool = (Boolean) contextHandler.getValue(SecurityTokenContextHandler.NEED_TO_MOVE_TIMESTAMP);
        if (bool != null) {
            return bool.booleanValue();
        }
        return false;
    }

    public Key getEncryptedKeyToken(EncryptionMethod encryptionMethod, EncryptionMethod encryptionMethod2, String str, List list, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException, XMLEncryptionException {
        start();
        return getEncryptedKeyTokenInternal(encryptionMethod, encryptionMethod2, str, list, str2, z, contextHandler);
    }

    protected Key getEncryptedKeyTokenInternal(EncryptionMethod encryptionMethod, EncryptionMethod encryptionMethod2, String str, List list, String str2, boolean z, ContextHandler contextHandler) throws WSSecurityException, MarshalException {
        SecurityToken token = getToken(str, str2, contextHandler);
        SecurityTokenReference createKeyIdSTRInternal = createKeyIdSTRInternal(str, list, token, z);
        if (createKeyIdSTRInternal == null) {
            throw new WSSecurityException("Failed to create reference for token: " + token);
        }
        KeyInfo keyInfo = getKeyInfo(createKeyIdSTRInternal);
        KeyProvider keyProvider = getKeyProvider(str, token);
        KeySelector keySelector = this.securityCtx.getKeySelector();
        Key generateKey = generateKey(encryptionMethod2);
        String generateId = DOMUtils.generateId("encKey");
        EncryptedKey addEncryptedKey = addEncryptedKey(generateKey, getKey(keySelector, keyProvider, encryptionMethod), encryptionMethod, keyInfo, EMPTY_LIST, generateId, z, token, contextHandler);
        if (null == addEncryptedKey) {
            LogUtils.logWss("Unable to add Encrypted Key");
            return null;
        }
        EncryptedKeyToken encryptedKeyToken = new EncryptedKeyToken(generateKey, generateId);
        try {
            EncryptedKeyProvider encryptedKeyProvider = new EncryptedKeyProvider(addEncryptedKey, generateKey, encryptedKeyToken);
            encryptedKeyToken.setKeyProvider(encryptedKeyProvider);
            this.securityCtx.addKeyProvider(encryptedKeyProvider);
            this.securityCtx.addSecurityToken(encryptedKeyToken);
            this.securityCtx.addToken(encryptedKeyToken, this.securityCtx.getElementById(addEncryptedKey.getId()));
            return generateKey;
        } catch (XMLEncryptionException e) {
            throw new WSSecurityException(e, WSSConstants.FAILURE_INVALID);
        }
    }

    static {
        supportedLayouts.add(SecurityBuilder.STRICT);
        supportedLayouts.add(SecurityBuilder.LAX);
        supportedLayouts.add(SecurityBuilder.LAX_TS_FIRST);
        supportedLayouts.add(SecurityBuilder.LAX_TS_LAST);
    }
}
