package org.apache.wss4j.dom.message;

import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.callback.Callback;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.ext.Attachment;
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSDocInfo;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.transform.AttachmentTransformParameterSpec;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.opensaml.xml.NamespaceManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.2.1.redhat-020.zip:modules/system/layers/fuse/org/apache/ws/security/2.0/wss4j-ws-security-dom-2.0.3.jar:org/apache/wss4j/dom/message/WSSecSignatureBase.class */
public class WSSecSignatureBase extends WSSecBase {
    private static final Logger LOG = LoggerFactory.getLogger(WSSecSignatureBase.class);

    public WSSecSignatureBase() {
    }

    public WSSecSignatureBase(WSSConfig wSSConfig) {
        super(wSSConfig);
    }

    public List<Reference> addReferencesToSign(Document document, List<WSEncryptionPart> list, WSDocInfo wSDocInfo, XMLSignatureFactory xMLSignatureFactory, WSSecHeader wSSecHeader, WSSConfig wSSConfig, String str) throws WSSecurityException {
        Transform newTransform;
        List<Element> findElements;
        try {
            DigestMethod newDigestMethod = xMLSignatureFactory.newDigestMethod(str, (DigestMethodParameterSpec) null);
            ArrayList arrayList = new ArrayList();
            Iterator<WSEncryptionPart> it = list.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                WSEncryptionPart next = it.next();
                if (next.getId() != null && next.getId().startsWith("cid:")) {
                    if (this.attachmentCallbackHandler == null) {
                        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "empty", "no attachment callbackhandler supplied");
                    }
                    AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
                    attachmentRequestCallback.setAttachmentId(next.getId().substring(4));
                    try {
                        this.attachmentCallbackHandler.handle(new Callback[]{attachmentRequestCallback});
                        List<Attachment> attachments = attachmentRequestCallback.getAttachments();
                        for (int i = 0; i < attachments.size(); i++) {
                            Attachment attachment = attachments.get(i);
                            try {
                                ArrayList arrayList2 = new ArrayList();
                                arrayList2.add(xMLSignatureFactory.newTransform("Element".equals(next.getEncModifier()) ? "http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Complete-Signature-Transform" : "http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Signature-Transform", new AttachmentTransformParameterSpec(this.attachmentCallbackHandler, attachment)));
                                arrayList.add(xMLSignatureFactory.newReference("cid:" + attachment.getId(), newDigestMethod, arrayList2, (String) null, (String) null));
                            } catch (InvalidAlgorithmParameterException e) {
                                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
                            } catch (NoSuchAlgorithmException e2) {
                                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e2);
                            }
                        }
                    } catch (Exception e3) {
                        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e3);
                    }
                }
            }
            ArrayList arrayList3 = new ArrayList();
            for (WSEncryptionPart wSEncryptionPart : list) {
                String id = wSEncryptionPart.getId();
                String name = wSEncryptionPart.getName();
                Element element = wSEncryptionPart.getElement();
                try {
                    if (!"cid:Attachments".equals(id)) {
                        if (id != null) {
                            if ("STRTransform".equals(name)) {
                                newTransform = xMLSignatureFactory.newTransform("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform", new DOMStructure(createSTRParameter(document)));
                            } else {
                                if (element == null) {
                                    if (this.callbackLookup == null) {
                                        this.callbackLookup = new DOMCallbackLookup(document);
                                    }
                                    element = this.callbackLookup.getElement(id, null, false);
                                }
                                newTransform = xMLSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", wSSConfig.isAddInclusivePrefixes() ? new ExcC14NParameterSpec(getInclusivePrefixes(element)) : null);
                            }
                            if (element != null) {
                                wSDocInfo.addTokenElement(element, false);
                            } else if (!wSEncryptionPart.isRequired()) {
                            }
                            arrayList3.add(xMLSignatureFactory.newReference("#" + id, newDigestMethod, Collections.singletonList(newTransform), (String) null, (String) null));
                        } else {
                            String namespace = wSEncryptionPart.getNamespace();
                            if (element != null) {
                                findElements = Collections.singletonList(element);
                            } else {
                                if (this.callbackLookup == null) {
                                    this.callbackLookup = new DOMCallbackLookup(document);
                                }
                                findElements = WSSecurityUtil.findElements(wSEncryptionPart, this.callbackLookup, document);
                            }
                            if (findElements == null || findElements.size() == 0) {
                                if (wSEncryptionPart.isRequired()) {
                                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noEncElement", namespace + ", " + name);
                                }
                            } else {
                                for (Element element2 : findElements) {
                                    ExcC14NParameterSpec excC14NParameterSpec = null;
                                    if (wSSConfig.isAddInclusivePrefixes()) {
                                        excC14NParameterSpec = new ExcC14NParameterSpec(getInclusivePrefixes(element2));
                                    }
                                    arrayList3.add(xMLSignatureFactory.newReference("#" + setWsuId(element2), newDigestMethod, Collections.singletonList(xMLSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", excC14NParameterSpec)), (String) null, (String) null));
                                    wSDocInfo.addTokenElement(element2, false);
                                }
                            }
                        }
                    }
                } catch (Exception e4) {
                    LOG.error("", e4);
                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, "noXMLSig", e4);
                }
            }
            arrayList3.addAll(arrayList);
            return arrayList3;
        } catch (Exception e5) {
            LOG.error("", e5);
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, "noXMLSig", e5);
        }
    }

    public List<String> getInclusivePrefixes(Element element) {
        return getInclusivePrefixes(element, true);
    }

    public List<String> getInclusivePrefixes(Element element, boolean z) {
        ArrayList arrayList = new ArrayList();
        Element element2 = element;
        while (element2.getParentNode() != null && 9 != element2.getParentNode().getNodeType()) {
            element2 = element2.getParentNode();
            NamedNodeMap attributes = element2.getAttributes();
            for (int i = 0; i < attributes.getLength(); i++) {
                Node item = attributes.item(i);
                if ("http://www.w3.org/2000/xmlns/".equals(item.getNamespaceURI())) {
                    if ("xmlns".equals(item.getNodeName())) {
                        arrayList.add(NamespaceManager.DEFAULT_NS_TOKEN);
                    } else {
                        arrayList.add(item.getLocalName());
                    }
                }
            }
        }
        if (z) {
            NamedNodeMap attributes2 = element.getAttributes();
            for (int i2 = 0; i2 < attributes2.getLength(); i2++) {
                Node item2 = attributes2.item(i2);
                if ("http://www.w3.org/2000/xmlns/".equals(item2.getNamespaceURI())) {
                    if ("xmlns".equals(item2.getNodeName())) {
                        arrayList.remove(NamespaceManager.DEFAULT_NS_TOKEN);
                    } else {
                        arrayList.remove(item2.getLocalName());
                    }
                }
                if (item2.getPrefix() != null) {
                    arrayList.remove(item2.getPrefix());
                }
            }
            if (element.getPrefix() == null) {
                arrayList.remove(NamespaceManager.DEFAULT_NS_TOKEN);
            } else {
                arrayList.remove(element.getPrefix());
            }
        }
        return arrayList;
    }

    public Element createSTRParameter(Document document) {
        Element createElementNS = document.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:TransformationParameters");
        Element createElementNS2 = document.createElementNS("http://www.w3.org/2000/09/xmldsig#", "ds:CanonicalizationMethod");
        createElementNS2.setAttributeNS(null, "Algorithm", "http://www.w3.org/2001/10/xml-exc-c14n#");
        createElementNS.appendChild(createElementNS2);
        return createElementNS;
    }
}
