package com.ibm.pvcws.wss.util;

import com.ibm.pvcws.jaxp.namespace.NSDecl;
import com.ibm.pvcws.jaxp.namespace.NamespaceResolver;
import com.ibm.pvcws.jaxp.util.Attribute;
import com.ibm.pvcws.jaxp.util.Logger;
import com.ibm.pvcws.jaxrpc.msg.Elem;
import com.ibm.pvcws.jaxrpc.msg.Envelope;
import com.ibm.pvcws.jaxrpc.msg.ExcC14N;
import com.ibm.pvcws.jaxrpc.msg.Message;
import com.ibm.pvcws.jaxrpc.msg.Text;
import com.ibm.pvcws.wss.WSSBasicHandler;
import com.ibm.pvcws.wss.WSSConstants;
import com.ibm.pvcws.wss.WSSException;
import com.ibm.pvcws.wss.WSSGenerator;
import com.ibm.pvcws.wss.WSSParameter;
import com.ibm.pvcws.wss.dsig.DigestHandler;
import com.ibm.pvcws.wss.dsig.SignatureHandler;
import com.ibm.pvcws.wss.param.PartParameter;
import com.ibm.pvcws.wss.param.SignatureParameter;
import java.io.UnsupportedEncodingException;
import java.util.Enumeration;
import javax.xml.namespace.QName;
import org.xml.sax.SAXException;

/* loaded from: input_file:fixed/ive-2.2/runtimes/win32/x86/midp20/lib/jclMidp20/ext/WS-Security.jar:com/ibm/pvcws/wss/util/SignatureGenImpl.class */
public class SignatureGenImpl implements WSSGenerator {
    private final WSSConstants _constants;
    private final WSSFactory _factory;
    protected SignatureParameter _sp;
    private Envelope _envelope;
    private Elem _p;
    private boolean _isCommit;

    static String copyright() {
        return Copyright.IBM_COPYRIGHT_SHORT;
    }

    public SignatureGenImpl(WSSFactory wSSFactory) {
        this._factory = wSSFactory;
        this._constants = wSSFactory.getConstants();
        clear();
    }

    @Override // com.ibm.pvcws.wss.WSSGenerator
    public QName getBaseQName() {
        return WSSConstants.QNAME_SIGNATURE;
    }

    @Override // com.ibm.pvcws.wss.WSSGenerator
    public void clear() {
        this._sp = null;
        this._envelope = null;
        this._p = null;
        this._isCommit = false;
    }

    @Override // com.ibm.pvcws.wss.WSSGenerator
    public void prepend(WSSParameter wSSParameter) throws WSSException {
        if (wSSParameter == null) {
            throw new WSSException("FaultCode:220, null is not allowed to the parameter.");
        }
        if (!(wSSParameter instanceof SignatureParameter)) {
            throw new WSSException(new StringBuffer().append("FaultCode:220, unexpected parameter [ ").append(wSSParameter.getClass().getName()).append("].").toString());
        }
        this._sp = (SignatureParameter) wSSParameter;
    }

    @Override // com.ibm.pvcws.wss.WSSGenerator
    public void prepend(Elem elem) throws WSSException {
        if (elem == null) {
            throw new WSSException("FaultCode:220, null is not allowed to the parameter.");
        }
        if (elem.getQName().equals(this._constants.QNAME_SECURITY)) {
            this._p = elem;
        } else {
            if (!elem.getQName().equals(Message.envelopeName)) {
                throw new WSSException(new StringBuffer().append("FaultCode:220, unexpected element [").append(elem.getQName()).append("].").toString());
            }
            this._envelope = (Envelope) elem;
        }
    }

    @Override // com.ibm.pvcws.wss.WSSGenerator
    public void commit() throws WSSException {
        if (this._sp == null) {
            throw new WSSException("FaultCode:220, null is not allowed to the paremeter.");
        }
        if (this._p == null) {
            throw new WSSException("FaultCode:220, null is not allowed to the parent element.");
        }
        if (this._envelope == null) {
            throw new WSSException("FaultCode:220, null is not allowed to the envelope element.");
        }
        if (this._isCommit) {
            throw new WSSException("FaultCode:220, already invoked.");
        }
        constructMessage();
        this._isCommit = true;
    }

    private void constructMessage() throws WSSException {
        Elem child = this._p.getChild(WSSConstants.QNAME_SIGNATURE);
        if (child == null) {
            child = WSSUtils.constructElement(this._p, WSSConstants.QNAME_SIGNATURE, new NSDecl[]{new NSDecl(WSSConstants.PREFIX_DSIGNATURE, WSSConstants.URI_DSIGNATURE)}, new boolean[]{false});
        }
        Elem constructElement = WSSUtils.constructElement(child, WSSConstants.QNAME_SIGNED_INFO, new NSDecl[]{new NSDecl(WSSUtils.getNewPrefix(child, WSSConstants.PREFIX_DSIGNATURE, WSSConstants.URI_DSIGNATURE), WSSConstants.URI_DSIGNATURE)}, new boolean[]{true});
        WSSUtils.constructElement(constructElement, WSSConstants.QNAME_C14N_METHOD, null, null).addAttribute(new Attribute(WSSConstants.ATTR_ALGORITHM, WSSConstants.URI_EXC_C14N));
        WSSUtils.constructElement(constructElement, WSSConstants.QNAME_SIG_METHOD, null, null).addAttribute(new Attribute(WSSConstants.ATTR_ALGORITHM, this._sp.getAlgorithm()));
        Enumeration references = this._sp.getReferences();
        while (references.hasMoreElements()) {
            Object nextElement = references.nextElement();
            if (nextElement == null || !(nextElement instanceof PartParameter)) {
                throw new WSSException("FaultCode:220, not the instance of PartParemeter.");
            }
            procPart(constructElement, (PartParameter) nextElement);
        }
        SignatureHandler handler = this._sp.getHandler();
        if (handler == null) {
            throw new WSSException("FaultCode:260, not registered basic signature handler.");
        }
        handler.setKey(this._sp.getSigningKey());
        try {
            String xMLString = ExcC14N.excC14N(constructElement).toXMLString(false, true);
            byte[] bytes = xMLString.getBytes("utf-8");
            Logger.log((byte) 7, new StringBuffer().append("signing the SignedInfo element=[").append(xMLString).append("].\n").toString());
            WSSUtils.constructElement(child, WSSConstants.QNAME_SIG_VALUE, null, null).addChild(new Text(WSSUtils.encode_base64(handler.sign(bytes, 0, bytes.length)), null), true);
            WSSGenerator generator = this._factory.getGenerator(WSSConstants.QNAME_KEY_INFO, null);
            if (generator == null) {
                throw new WSSException(new StringBuffer().append("FaultCode:220, not registered generator for [").append(WSSConstants.QNAME_KEY_INFO).append("].").toString());
            }
            generator.prepend(child);
            generator.prepend(this._sp);
            generator.commit();
        } catch (UnsupportedEncodingException e) {
            throw new WSSException("FaultCode:260, encoding exception.", e);
        } catch (SAXException e2) {
            throw new WSSException("FaultCode:260, SAX exception.", e2);
        } catch (Exception e3) {
            throw new WSSException(new StringBuffer().append("FaultCode:260, ").append(e3.getMessage()).toString(), e3);
        }
    }

    private void procPart(Elem elem, PartParameter partParameter) throws WSSException {
        byte type = partParameter.getType();
        switch (type) {
            case 0:
                Enumeration elementByQN = WSSUtils.getElementByQN(this._envelope, partParameter.getQname(), partParameter.getNumber());
                if (elementByQN == null) {
                    throw new WSSException(new StringBuffer().append("FaultCode:240, no element [").append(partParameter.getQname()).append("].").toString());
                }
                while (elementByQN.hasMoreElements()) {
                    constructReference(elem, (Elem) elementByQN.nextElement(), partParameter);
                }
                return;
            case 1:
                Elem elementById = WSSUtils.getElementById(this._envelope, partParameter.getQname(), partParameter.getURI());
                if (elementById == null) {
                    throw new WSSException(new StringBuffer().append("FaultCode:240, no element that has the identifier [").append(partParameter.getURI()).append("].").toString());
                }
                constructReference(elem, elementById, partParameter);
                return;
            case 2:
            default:
                throw new WSSException(new StringBuffer().append("FaultCode:240, unknown type [").append((int) type).append("].").toString());
            case 3:
                Enumeration elementByQN2 = WSSUtils.getElementByQN(this._envelope, this._constants.QNAME_TIMESTAMP, 1);
                if (elementByQN2 == null || !elementByQN2.hasMoreElements()) {
                    throw new WSSException("FaultCode:240, no timestamp in the request SOAP message.");
                }
                Enumeration children = ((Elem) elementByQN2.nextElement()).getChildren();
                while (children.hasMoreElements()) {
                    constructReference(elem, (Elem) children.nextElement(), partParameter);
                }
                return;
        }
    }

    private void constructReference(Elem elem, Elem elem2, PartParameter partParameter) throws WSSException {
        String makeUniqueId;
        Attribute attribute = elem2.getAttribute(this._constants.ATTR_WSUID);
        if (attribute != null) {
            makeUniqueId = attribute.value;
        } else {
            makeUniqueId = WSSUtils.makeUniqueId("sign");
            if (!NamespaceResolver.isDefinedNamespaceURI(this._constants.URI_WSUTILITY, elem2)) {
                elem2.addNSDecl(new NSDecl(WSSUtils.getNewPrefix(elem2, WSSConstants.PREFIX_WSUTILITY, this._constants.URI_WSUTILITY), this._constants.URI_WSUTILITY));
            }
            elem2.addAttribute(new Attribute(this._constants.ATTR_WSUID, makeUniqueId));
        }
        Elem constructElement = WSSUtils.constructElement(elem, WSSConstants.QNAME_DS_REFERENCE, null, null);
        constructElement.addAttribute(new Attribute(WSSConstants.ATTR_URI, new StringBuffer().append("#").append(makeUniqueId).toString()));
        WSSUtils.constructElement(WSSUtils.constructElement(constructElement, WSSConstants.QNAME_TRANSFORMS, null, null), WSSConstants.QNAME_TRANSFORM, null, null).addAttribute(new Attribute(WSSConstants.ATTR_ALGORITHM, WSSConstants.URI_EXC_C14N));
        WSSUtils.constructElement(constructElement, WSSConstants.QNAME_DIG_METHOD, null, null).addAttribute(new Attribute(WSSConstants.ATTR_ALGORITHM, partParameter.getAlgorithm()));
        WSSBasicHandler handler = partParameter.getHandler();
        if (handler == null || !(handler instanceof DigestHandler)) {
            throw new WSSException("FaultCode:260, not registered basic digest handler.");
        }
        DigestHandler digestHandler = (DigestHandler) handler;
        try {
            String xMLString = ExcC14N.excC14N(elem2).toXMLString(false, true);
            byte[] bytes = xMLString.getBytes("utf-8");
            Logger.log((byte) 7, new StringBuffer().append("signing the target=[").append(xMLString).append("].\n").toString());
            WSSUtils.constructElement(constructElement, WSSConstants.QNAME_DIG_VALUE, null, null).addChild(new Text(WSSUtils.encode_base64(digestHandler.digest(bytes, 0, bytes.length)), null), true);
        } catch (UnsupportedEncodingException e) {
            throw new WSSException("FaultCode:240, encoding exception.", e);
        } catch (SAXException e2) {
            throw new WSSException("FaultCode:240, SAX exception.", e2);
        } catch (Exception e3) {
            throw new WSSException("FaultCode:240, exception.", e3);
        }
    }
}
