package org.apache.wss4j.policy.stax.assertionStates;

import java.util.LinkedList;
import javax.xml.namespace.QName;
import org.apache.wss4j.common.WSSPolicyException;
import org.apache.wss4j.policy.AssertionState;
import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
import org.apache.wss4j.policy.model.EncryptedParts;
import org.apache.wss4j.policy.model.Header;
import org.apache.wss4j.policy.stax.Assertable;
import org.apache.wss4j.policy.stax.DummyPolicyAsserter;
import org.apache.wss4j.policy.stax.PolicyAsserter;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.securityEvent.EncryptedPartSecurityEvent;
import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
import org.apache.wss4j.stax.utils.WSSUtils;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;

/* loaded from: input_file:org/apache/wss4j/policy/stax/assertionStates/EncryptedPartsAssertionState.class */
public class EncryptedPartsAssertionState extends AssertionState implements Assertable {
    private int attachmentCount;
    private int encryptedAttachmentCount;
    private boolean encryptedAttachmentRequired;
    private PolicyAsserter policyAsserter;
    private final boolean soap12;

    public EncryptedPartsAssertionState(AbstractSecurityAssertion abstractSecurityAssertion, PolicyAsserter policyAsserter, boolean z, int i, boolean z2) {
        super(abstractSecurityAssertion, z);
        this.attachmentCount = i;
        this.policyAsserter = policyAsserter;
        if (this.policyAsserter == null) {
            this.policyAsserter = new DummyPolicyAsserter();
        }
        if (z) {
            policyAsserter.assertPolicy(getAssertion());
        }
        this.soap12 = z2;
    }

    @Override // org.apache.wss4j.policy.stax.Assertable
    public SecurityEventConstants.Event[] getSecurityEventType() {
        return new SecurityEventConstants.Event[]{WSSecurityEventConstants.ENCRYPTED_PART};
    }

    @Override // org.apache.wss4j.policy.stax.Assertable
    public boolean assertEvent(SecurityEvent securityEvent) throws WSSPolicyException {
        EncryptedPartSecurityEvent encryptedPartSecurityEvent = (EncryptedPartSecurityEvent) securityEvent;
        EncryptedParts assertion = getAssertion();
        if (assertion.getAttachments() != null) {
            this.encryptedAttachmentRequired = true;
            if (encryptedPartSecurityEvent.isAttachment()) {
                this.encryptedAttachmentCount++;
                setAsserted(true);
                this.policyAsserter.assertPolicy(getAssertion());
                return true;
            }
        }
        if (assertion.isBody() && WSSUtils.isInSOAPBody(encryptedPartSecurityEvent.getElementPath())) {
            if (encryptedPartSecurityEvent.isEncrypted()) {
                setAsserted(true);
                this.policyAsserter.assertPolicy(getAssertion());
                return true;
            }
            setAsserted(false);
            setErrorMessage("SOAP-Body must be encrypted");
            this.policyAsserter.unassertPolicy(getAssertion(), getErrorMessage());
            return false;
        }
        for (int i = 0; i < assertion.getHeaders().size(); i++) {
            Header header = (Header) assertion.getHeaders().get(i);
            QName qName = new QName(header.getNamespace(), header.getName() == null ? "" : header.getName());
            LinkedList linkedList = new LinkedList();
            if (this.soap12) {
                linkedList.addAll(WSSConstants.SOAP_12_HEADER_PATH);
            } else {
                linkedList.addAll(WSSConstants.SOAP_11_HEADER_PATH);
            }
            linkedList.add(qName);
            if (WSSUtils.pathMatches(linkedList, encryptedPartSecurityEvent.getElementPath(), header.getName() == null)) {
                if (encryptedPartSecurityEvent.isEncrypted()) {
                    setAsserted(true);
                    this.policyAsserter.assertPolicy(getAssertion());
                    return true;
                }
                setAsserted(false);
                setErrorMessage("Element " + WSSUtils.pathAsString(encryptedPartSecurityEvent.getElementPath()) + " must be encrypted");
                this.policyAsserter.unassertPolicy(getAssertion(), getErrorMessage());
                return false;
            }
        }
        this.policyAsserter.assertPolicy(getAssertion());
        return true;
    }

    @Override // org.apache.wss4j.policy.stax.Assertable
    public boolean isAsserted() {
        if (!this.encryptedAttachmentRequired || this.encryptedAttachmentCount >= this.attachmentCount) {
            return super.isAsserted();
        }
        return false;
    }
}
