package org.apache.wss4j.stax.impl.processor.output;

import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.Attribute;
import org.apache.wss4j.common.ext.Attachment;
import org.apache.wss4j.common.ext.AttachmentRequestCallback;
import org.apache.wss4j.common.ext.AttachmentResultCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.utils.WSSUtils;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.OutputProcessorChain;
import org.apache.xml.security.stax.ext.SecurePart;
import org.apache.xml.security.stax.ext.Transformer;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
import org.apache.xml.security.stax.impl.SignaturePartDef;
import org.apache.xml.security.stax.impl.processor.output.AbstractSignatureOutputProcessor;
import org.apache.xml.security.stax.impl.util.DigestOutputStream;
import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.apache.xml.security.utils.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-476.zip:modules/system/layers/fuse/org/apache/ws/security/2.1/wss4j-ws-security-stax-2.1.7.jar:org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor.class */
public class WSSSignatureOutputProcessor extends AbstractSignatureOutputProcessor {
    private static final Logger LOG = LoggerFactory.getLogger(WSSSignatureOutputProcessor.class);

    /* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-476.zip:modules/system/layers/fuse/org/apache/ws/security/2.1/wss4j-ws-security-stax-2.1.7.jar:org/apache/wss4j/stax/impl/processor/output/WSSSignatureOutputProcessor$InternalWSSSignatureOutputProcessor.class */
    class InternalWSSSignatureOutputProcessor extends AbstractSignatureOutputProcessor.InternalSignatureOutputProcessor {
        InternalWSSSignatureOutputProcessor(SignaturePartDef signaturePartDef, XMLSecStartElement xMLSecStartElement) throws XMLSecurityException {
            super(signaturePartDef, xMLSecStartElement);
            addBeforeProcessor(InternalWSSSignatureOutputProcessor.class.getName());
        }
    }

    @Override // org.apache.xml.security.stax.ext.AbstractOutputProcessor, org.apache.xml.security.stax.ext.OutputProcessor
    public void init(OutputProcessorChain outputProcessorChain) throws XMLSecurityException {
        super.init(outputProcessorChain);
        WSSSignatureEndingOutputProcessor wSSSignatureEndingOutputProcessor = new WSSSignatureEndingOutputProcessor(this);
        wSSSignatureEndingOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
        wSSSignatureEndingOutputProcessor.setAction(getAction());
        wSSSignatureEndingOutputProcessor.init(outputProcessorChain);
    }

    @Override // org.apache.xml.security.stax.impl.processor.output.AbstractSignatureOutputProcessor, org.apache.xml.security.stax.ext.AbstractOutputProcessor
    public void processEvent(XMLSecEvent xMLSecEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, XMLSecurityException {
        SecurePart securePartMatches;
        if (xMLSecEvent.getEventType() == 1) {
            XMLSecStartElement asStartElement = xMLSecEvent.asStartElement();
            if (getActiveInternalSignatureOutputProcessor() == null && (securePartMatches = securePartMatches(asStartElement, outputProcessorChain, "signatureParts")) != null) {
                LOG.debug("Matched securePart for signature");
                SignaturePartDef signaturePartDef = new SignaturePartDef();
                signaturePartDef.setSecurePart(securePartMatches);
                signaturePartDef.setTransforms(securePartMatches.getTransforms());
                if (signaturePartDef.getTransforms() == null) {
                    signaturePartDef.setTransforms(new String[]{"http://www.w3.org/2001/10/xml-exc-c14n#"});
                }
                signaturePartDef.setExcludeVisibleC14Nprefixes(true);
                signaturePartDef.setDigestAlgo(securePartMatches.getDigestMethod());
                if (signaturePartDef.getDigestAlgo() == null) {
                    signaturePartDef.setDigestAlgo(getSecurityProperties().getSignatureDigestAlgorithm());
                }
                if (securePartMatches.getIdToSign() == null) {
                    signaturePartDef.setGenerateXPointer(securePartMatches.isGenerateXPointer());
                    signaturePartDef.setSigRefId(IDGenerator.generateID(null));
                    Attribute attributeByName = asStartElement.getAttributeByName(WSSConstants.ATT_WSU_ID);
                    if (attributeByName != null) {
                        signaturePartDef.setSigRefId(attributeByName.getValue());
                    } else {
                        ArrayList arrayList = new ArrayList(1);
                        arrayList.add(createAttribute(WSSConstants.ATT_WSU_ID, signaturePartDef.getSigRefId()));
                        xMLSecEvent = addAttributes(asStartElement, arrayList);
                    }
                } else if ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform".equals(securePartMatches.getName().getLocalPart())) {
                    signaturePartDef.setSigRefId(securePartMatches.getIdToReference());
                    signaturePartDef.setTransforms(new String[]{"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform", "http://www.w3.org/2001/10/xml-exc-c14n#"});
                } else {
                    signaturePartDef.setSigRefId(securePartMatches.getIdToSign());
                }
                getSignaturePartDefList().add(signaturePartDef);
                InternalWSSSignatureOutputProcessor internalWSSSignatureOutputProcessor = new InternalWSSSignatureOutputProcessor(signaturePartDef, asStartElement);
                internalWSSSignatureOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
                internalWSSSignatureOutputProcessor.setAction(getAction());
                internalWSSSignatureOutputProcessor.addAfterProcessor(WSSSignatureOutputProcessor.class.getName());
                internalWSSSignatureOutputProcessor.addBeforeProcessor(WSSSignatureEndingOutputProcessor.class.getName());
                internalWSSSignatureOutputProcessor.init(outputProcessorChain);
                setActiveInternalSignatureOutputProcessor(internalWSSSignatureOutputProcessor);
                if ("Body".equals(asStartElement.getName().getLocalPart()) && WSSUtils.isInSOAPBody(asStartElement)) {
                    doFinalInternal(outputProcessorChain);
                    outputProcessorChain.removeProcessor(this);
                }
            }
        }
        outputProcessorChain.processEvent(xMLSecEvent);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.xml.security.stax.impl.processor.output.AbstractSignatureOutputProcessor
    public void digestExternalReference(OutputProcessorChain outputProcessorChain, SecurePart securePart) throws XMLSecurityException, XMLStreamException {
        if (securePart.getExternalReference() == null || !securePart.getExternalReference().startsWith("cid:")) {
            super.digestExternalReference(outputProcessorChain, securePart);
            return;
        }
        CallbackHandler attachmentCallbackHandler = ((WSSSecurityProperties) getSecurityProperties()).getAttachmentCallbackHandler();
        if (attachmentCallbackHandler == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, "empty", new Object[]{"no attachment callbackhandler supplied"});
        }
        AttachmentRequestCallback attachmentRequestCallback = new AttachmentRequestCallback();
        attachmentRequestCallback.setAttachmentId(securePart.getExternalReference().substring("cid:".length()));
        try {
            attachmentCallbackHandler.handle(new Callback[]{attachmentRequestCallback});
            List<Attachment> attachments = attachmentRequestCallback.getAttachments();
            if (attachments != null) {
                for (int i = 0; i < attachments.size(); i++) {
                    Attachment attachment = attachments.get(i);
                    SignaturePartDef signaturePartDef = new SignaturePartDef();
                    signaturePartDef.setSecurePart(securePart);
                    signaturePartDef.setSigRefId("cid:" + attachment.getId());
                    signaturePartDef.setExternalResource(true);
                    signaturePartDef.setTransforms(securePart.getTransforms());
                    if (signaturePartDef.getTransforms() == null) {
                        if (securePart.getModifier() == SecurePart.Modifier.Element) {
                            signaturePartDef.setTransforms(new String[]{"http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Complete-Signature-Transform"});
                        } else {
                            signaturePartDef.setTransforms(new String[]{"http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Signature-Transform"});
                        }
                    }
                    signaturePartDef.setExcludeVisibleC14Nprefixes(true);
                    signaturePartDef.setDigestAlgo(securePart.getDigestMethod());
                    if (signaturePartDef.getDigestAlgo() == null) {
                        signaturePartDef.setDigestAlgo(getSecurityProperties().getSignatureDigestAlgorithm());
                    }
                    DigestOutputStream createMessageDigestOutputStream = createMessageDigestOutputStream(signaturePartDef.getDigestAlgo());
                    InputStream sourceStream = attachment.getSourceStream();
                    if (!sourceStream.markSupported()) {
                        sourceStream = new BufferedInputStream(sourceStream);
                    }
                    sourceStream.mark(Integer.MAX_VALUE);
                    try {
                        Transformer buildTransformerChain = buildTransformerChain(createMessageDigestOutputStream, signaturePartDef, null);
                        HashMap hashMap = new HashMap(2);
                        hashMap.put("attachment", attachment);
                        buildTransformerChain.setProperties(hashMap);
                        buildTransformerChain.transform(sourceStream);
                        buildTransformerChain.doFinal();
                        createMessageDigestOutputStream.close();
                        sourceStream.reset();
                        String encode = Base64.encode(createMessageDigestOutputStream.getDigestValue());
                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Calculated Digest: " + encode);
                        }
                        signaturePartDef.setDigestValue(encode);
                        Attachment attachment2 = new Attachment();
                        attachment2.setId(attachment.getId());
                        attachment2.setMimeType(attachment.getMimeType());
                        attachment2.addHeaders(attachment.getHeaders());
                        attachment2.setSourceStream(sourceStream);
                        AttachmentResultCallback attachmentResultCallback = new AttachmentResultCallback();
                        attachmentResultCallback.setAttachmentId(attachment2.getId());
                        attachmentResultCallback.setAttachment(attachment2);
                        try {
                            attachmentCallbackHandler.handle(new Callback[]{attachmentResultCallback});
                            getSignaturePartDefList().add(signaturePartDef);
                        } catch (Exception e) {
                            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e);
                        }
                    } catch (IOException | XMLStreamException e2) {
                        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e2);
                    }
                }
            }
        } catch (Exception e3) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_SIGNATURE, e3);
        }
    }

    @Override // org.apache.xml.security.stax.ext.AbstractOutputProcessor
    protected SecurePart securePartMatches(XMLSecStartElement xMLSecStartElement, Map<Object, SecurePart> map) {
        SecurePart securePart;
        SecurePart securePart2;
        SecurePart securePart3;
        SecurePart securePart4;
        if (!xMLSecStartElement.getOnElementDeclaredAttributes().isEmpty()) {
            Attribute attributeByName = xMLSecStartElement.getAttributeByName(WSSConstants.ATT_WSU_ID);
            if (attributeByName != null && (securePart4 = map.get(attributeByName.getValue())) != null) {
                return securePart4;
            }
            Attribute attributeByName2 = xMLSecStartElement.getAttributeByName(WSSConstants.ATT_NULL_Id);
            if (attributeByName2 != null && (securePart3 = map.get(attributeByName2.getValue())) != null) {
                return securePart3;
            }
            Attribute attributeByName3 = xMLSecStartElement.getAttributeByName(WSSConstants.ATT_NULL_ID);
            if (attributeByName3 != null && (securePart2 = map.get(attributeByName3.getValue())) != null) {
                return securePart2;
            }
            Attribute attributeByName4 = xMLSecStartElement.getAttributeByName(WSSConstants.ATT_NULL_ASSERTION_ID);
            if (attributeByName4 != null && (securePart = map.get(attributeByName4.getValue())) != null) {
                return securePart;
            }
        }
        return map.get(xMLSecStartElement.getName());
    }
}
