package org.jboss.ws.extensions.security;

import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureException;
import org.apache.xml.security.transforms.TransformationException;
import org.apache.xml.security.transforms.Transforms;
import org.jboss.util.NotImplementedException;
import org.jboss.ws.extensions.security.element.DirectReference;
import org.jboss.ws.extensions.security.element.SecurityHeader;
import org.jboss.ws.extensions.security.element.SecurityTokenReference;
import org.jboss.ws.extensions.security.element.Signature;
import org.jboss.ws.extensions.security.element.X509Token;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/jboss/ws/extensions/security/SignatureOperation.class */
public class SignatureOperation implements EncodingOperation {
    private SecurityHeader header;
    private SecurityStore store;

    public SignatureOperation(SecurityHeader securityHeader, SecurityStore securityStore) throws WSSecurityException {
        this.header = securityHeader;
        this.store = securityStore;
    }

    private void processTarget(XMLSignature xMLSignature, Document document, Target target) {
        if (target instanceof QNameTarget) {
            processQNameTarget(xMLSignature, document, (QNameTarget) target);
        } else {
            if (!(target instanceof WsuIdTarget)) {
                throw new NotImplementedException();
            }
            processWsuIdTarget(xMLSignature, document, (WsuIdTarget) target);
        }
    }

    private void processQNameTarget(XMLSignature xMLSignature, Document document, QNameTarget qNameTarget) {
        QName name = qNameTarget.getName();
        Transforms transforms = new Transforms(document);
        try {
            transforms.addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
            Element findElement = Util.findElement(document.getDocumentElement(), name);
            if (findElement == null) {
                throw new RuntimeException("Could not find element");
            }
            try {
                xMLSignature.addDocument("#" + Util.assignWsuId(findElement), transforms);
            } catch (XMLSignatureException e) {
                throw new RuntimeException((Throwable) e);
            }
        } catch (TransformationException e2) {
            throw new RuntimeException((Throwable) e2);
        }
    }

    private void processWsuIdTarget(XMLSignature xMLSignature, Document document, WsuIdTarget wsuIdTarget) {
        String id = wsuIdTarget.getId();
        Transforms transforms = new Transforms(document);
        try {
            transforms.addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
            try {
                xMLSignature.addDocument("#" + id, transforms);
            } catch (XMLSignatureException e) {
                throw new RuntimeException((Throwable) e);
            }
        } catch (TransformationException e2) {
            throw new RuntimeException((Throwable) e2);
        }
    }

    @Override // org.jboss.ws.extensions.security.EncodingOperation
    public void process(Document document, List<Target> list, String str, String str2, String str3) throws WSSecurityException {
        Element documentElement = document.getDocumentElement();
        try {
            XMLSignature xMLSignature = new XMLSignature(document, (String) null, "http://www.w3.org/2000/09/xmldsig#rsa-sha1", "http://www.w3.org/2001/10/xml-exc-c14n#");
            xMLSignature.addResourceResolver(new WsuIdResolver(document, this.header.getElement()));
            PrivateKey privateKey = this.store.getPrivateKey(str);
            if (list == null || list.size() == 0) {
                processTarget(xMLSignature, document, new QNameTarget(new QName(documentElement.getNamespaceURI(), "Body")));
                if (this.header.getTimestamp() != null) {
                    processTarget(xMLSignature, document, new WsuIdTarget("timestamp"));
                }
            } else {
                Iterator<Target> it = list.iterator();
                while (it.hasNext()) {
                    processTarget(xMLSignature, document, it.next());
                }
            }
            try {
                xMLSignature.sign(privateKey);
                X509Certificate certificate = this.store.getCertificate(str);
                X509Token x509Token = (X509Token) this.header.getSharedToken(certificate);
                if (x509Token == null) {
                    x509Token = new X509Token(certificate, document);
                    this.header.addToken(x509Token);
                }
                xMLSignature.getKeyInfo().addUnknownElement(new SecurityTokenReference(new DirectReference(document, x509Token)).getElement());
                this.header.addSecurityProcess(new Signature(xMLSignature));
            } catch (XMLSignatureException e) {
                throw new WSSecurityException("Error signing message: " + e.getMessage(), e);
            }
        } catch (XMLSecurityException e2) {
            throw new WSSecurityException("Error building signature", e2);
        }
    }
}
