package com.sun.xml.wss.impl.dsig;

import com.sun.xml.jaxws.JAXWSMessage;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.core.SecurityTokenReference;
import com.sun.xml.wss.impl.FilterProcessingContext;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.SecurableSoapMessage;
import com.sun.xml.wss.impl.XMLUtil;
import com.sun.xml.wss.impl.c14n.StAXEXC14nCanonicalizerImpl;
import com.sun.xml.wss.impl.misc.UnsyncByteArrayOutputStream;
import com.sun.xml.wss.impl.policy.MLSPolicy;
import com.sun.xml.wss.impl.policy.PolicyGenerationException;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.impl.policy.mls.Parameter;
import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
import com.sun.xml.wss.impl.policy.mls.SignatureTarget;
import com.sun.xml.wss.impl.policy.mls.Target;
import com.sun.xml.wss.logging.LogDomainConstants;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.Security;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.crypto.URIDereferencer;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.crypto.dsig.spec.XPathFilter2ParameterSpec;
import javax.xml.crypto.dsig.spec.XPathFilterParameterSpec;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.soap.AttachmentPart;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import javax.xml.soap.Text;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/xws-security-2.0-FCS.jar:com/sun/xml/wss/impl/dsig/WSSPolicyConsumerImpl.class */
public class WSSPolicyConsumerImpl {
    public static final String defaultJSR105Provider = "org.jcp.xml.dsig.internal.dom.XMLDSigRI";
    private String providerName;
    private String pMT;
    private NamespaceContextImpl nsContext = null;
    private URIDereferencer externalURIResolver = null;
    private Provider provider;
    static Class class$com$sun$xml$wss$impl$dsig$WSSPolicyConsumerImpl;
    private static Logger logger = Logger.getLogger(LogDomainConstants.IMPL_SIGNATURE_DOMAIN_BUNDLE, LogDomainConstants.IMPL_SIGNATURE_DOMAIN_BUNDLE);
    private static WSSPolicyConsumerImpl wpcInstance = null;

    /* loaded from: input_file:WEB-INF/lib/xws-security-2.0-FCS.jar:com/sun/xml/wss/impl/dsig/WSSPolicyConsumerImpl$JAXWSDigestProcessor.class */
    public class JAXWSDigestProcessor {
        FilterProcessingContext fpContext;
        SignatureTarget target;
        DigestMethod dm;
        XMLSignatureFactory signatureFactory;
        String targetURI = "";
        SOAPMessage msg;
        private final WSSPolicyConsumerImpl this$0;

        JAXWSDigestProcessor(WSSPolicyConsumerImpl wSSPolicyConsumerImpl, FilterProcessingContext filterProcessingContext, SignatureTarget signatureTarget, DigestMethod digestMethod, XMLSignatureFactory xMLSignatureFactory) {
            this.this$0 = wSSPolicyConsumerImpl;
            this.fpContext = null;
            this.target = null;
            this.dm = null;
            this.signatureFactory = null;
            this.msg = null;
            this.fpContext = filterProcessingContext;
            this.target = signatureTarget;
            this.dm = digestMethod;
            this.signatureFactory = xMLSignatureFactory;
            this.msg = this.fpContext.getSOAPMessage();
        }

        public Reference handleJAXWSSOAPBody() throws XWSSecurityException {
            try {
                SOAPBody eMBody = this.msg.getEMBody();
                int configType = this.fpContext.getConfigType();
                switch (configType) {
                    case 1:
                        signBody(eMBody);
                        break;
                    case 2:
                        signEncryptBody(eMBody);
                        break;
                    default:
                        throw new XWSSecurityException("Invalid configuration option");
                }
                this.target.getTransforms().listIterator();
                ArrayList arrayList = new ArrayList(1);
                MessageDigest messageDigest = null;
                if (this.dm.getAlgorithm() == "http://www.w3.org/2000/09/xmldsig#sha1") {
                    messageDigest = MessageDigest.getInstance("SHA");
                }
                JAXWSMessage jAXWSMessage = this.msg.getJAXWSMessage();
                byte[] canonicalizedBody = jAXWSMessage.getCanonicalizedBody();
                int cBLength = jAXWSMessage.getCBLength();
                if (MessageConstants.SIGN_ENCRYPT_BODY == configType) {
                    jAXWSMessage.setCanonicalizedBody((byte[]) null, 0);
                }
                messageDigest.update(canonicalizedBody, 0, cBLength);
                byte[] digest = messageDigest.digest();
                arrayList.add(this.signatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null));
                return this.signatureFactory.newReference(this.targetURI, this.dm, arrayList, null, null, digest);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }

        private void signBody(SOAPBody sOAPBody) throws IOException, XMLStreamException, XWSSecurityException, SOAPException {
            StAXEXC14nCanonicalizerImpl stAXEXC14nCanonicalizerImpl = new StAXEXC14nCanonicalizerImpl();
            UnsyncByteArrayOutputStream unsyncByteArrayOutputStream = new UnsyncByteArrayOutputStream();
            stAXEXC14nCanonicalizerImpl.setStream(unsyncByteArrayOutputStream);
            JAXWSMessage jAXWSMessage = this.msg.getJAXWSMessage();
            cBodyTag(stAXEXC14nCanonicalizerImpl, sOAPBody);
            if (!jAXWSMessage.isBodyUsed()) {
                jAXWSMessage.writeJAXWSBody(stAXEXC14nCanonicalizerImpl);
            }
            stAXEXC14nCanonicalizerImpl.writeEndDocument();
            jAXWSMessage.setCanonicalizedBody(unsyncByteArrayOutputStream.getBytes(), unsyncByteArrayOutputStream.getLength());
        }

        private void signEncryptBody(SOAPBody sOAPBody) throws IOException, XMLStreamException, XWSSecurityException, SOAPException {
            StAXEXC14nCanonicalizerImpl stAXEXC14nCanonicalizerImpl = new StAXEXC14nCanonicalizerImpl();
            UnsyncByteArrayOutputStream unsyncByteArrayOutputStream = new UnsyncByteArrayOutputStream();
            stAXEXC14nCanonicalizerImpl.setStream(unsyncByteArrayOutputStream);
            JAXWSMessage jAXWSMessage = this.msg.getJAXWSMessage();
            cBodyTag(stAXEXC14nCanonicalizerImpl, sOAPBody);
            stAXEXC14nCanonicalizerImpl.writeCharacters("");
            byte[] byteArray = unsyncByteArrayOutputStream.toByteArray();
            unsyncByteArrayOutputStream.reset();
            if (!jAXWSMessage.isBodyUsed()) {
                jAXWSMessage.writeJAXWSBody(stAXEXC14nCanonicalizerImpl);
            }
            byte[] byteArray2 = unsyncByteArrayOutputStream.toByteArray();
            unsyncByteArrayOutputStream.reset();
            stAXEXC14nCanonicalizerImpl.writeEndDocument();
            byte[] bytes = unsyncByteArrayOutputStream.getBytes();
            byte[] bArr = new byte[byteArray.length + byteArray2.length + unsyncByteArrayOutputStream.getLength()];
            System.arraycopy(byteArray, 0, bArr, 0, byteArray.length);
            System.arraycopy(byteArray2, 0, bArr, byteArray.length, byteArray2.length);
            System.arraycopy(bytes, 0, bArr, byteArray.length + byteArray2.length, unsyncByteArrayOutputStream.getLength());
            jAXWSMessage.setCanonicalizedBody(bArr, bArr.length);
            this.fpContext.setCanonicalizedData(byteArray2);
        }

        private void cBodyTag(XMLStreamWriter xMLStreamWriter, SOAPBody sOAPBody) throws IOException, XMLStreamException, XWSSecurityException, SOAPException {
            String attributeNS = sOAPBody.getAttributeNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Id");
            if ((attributeNS == null || attributeNS.length() == 0) && (sOAPBody.getNamespaceURI() == "http://www.w3.org/2000/09/xmldsig#" || sOAPBody.getNamespaceURI() == "http://www.w3.org/2001/04/xmlenc#")) {
                attributeNS = sOAPBody.getAttribute("Id");
            }
            if (attributeNS == null || attributeNS.equals("")) {
                attributeNS = this.fpContext.getSecurableSoapMessage().generateId();
                XMLUtil.setWsuIdAttr(sOAPBody, attributeNS);
            }
            this.targetURI = new StringBuffer().append("#").append(attributeNS).toString();
            NamedNodeMap attributes = sOAPBody.getAttributes();
            Vector vector = new Vector();
            Vector vector2 = new Vector();
            for (int i = 0; i < attributes.getLength(); i++) {
                Attr attr = (Attr) attributes.item(i);
                if (attr.getNamespaceURI().equals("http://www.w3.org/2000/xmlns/")) {
                    vector2.add(attr);
                } else {
                    vector.add(attr);
                }
            }
            NamedNodeMap attributes2 = this.msg.getSOAPPart().getEnvelope().getAttributes();
            for (int i2 = 0; i2 < attributes2.getLength(); i2++) {
                Attr attr2 = (Attr) attributes2.item(i2);
                if (attr2.getNamespaceURI().equals("http://www.w3.org/2000/xmlns/")) {
                    xMLStreamWriter.writeNamespace(attr2.getLocalName(), attr2.getValue());
                }
            }
            xMLStreamWriter.writeStartDocument();
            xMLStreamWriter.writeStartElement(sOAPBody.getPrefix(), sOAPBody.getLocalName(), sOAPBody.getNamespaceURI());
            Iterator it = vector2.iterator();
            while (it.hasNext()) {
                Attr attr3 = (Attr) it.next();
                xMLStreamWriter.writeNamespace(attr3.getLocalName(), attr3.getValue());
            }
            Iterator it2 = vector.iterator();
            while (it2.hasNext()) {
                Attr attr4 = (Attr) it2.next();
                xMLStreamWriter.writeAttribute(attr4.getPrefix(), attr4.getNamespaceURI(), attr4.getLocalName(), attr4.getValue());
            }
        }
    }

    /* loaded from: input_file:WEB-INF/lib/xws-security-2.0-FCS.jar:com/sun/xml/wss/impl/dsig/WSSPolicyConsumerImpl$WSSProvider.class */
    public final class WSSProvider extends Provider {
        private static final String INFO = "WSS_TRANSFORM (DOM WSS_TRANSFORM_PROVIDER)";
        private final WSSPolicyConsumerImpl this$0;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        public WSSProvider(WSSPolicyConsumerImpl wSSPolicyConsumerImpl) {
            super("WSS_TRANSFORM", 1.0d, INFO);
            this.this$0 = wSSPolicyConsumerImpl;
            HashMap hashMap = new HashMap();
            hashMap.put("TransformService.http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-swa-profile-1.0#Attachment-Complete-Transform", "com.sun.xml.wss.impl.transform.ACTransform");
            hashMap.put("TransformService.http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-swa-profile-1.0#Attachment-Complete-Transform MechanismType", "DOM");
            hashMap.put("TransformService.http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform", "com.sun.xml.wss.impl.transform.DOMSTRTransform");
            hashMap.put("TransformService.http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform MechanismType", "DOM");
            hashMap.put("TransformService.http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-swa-profile-1.0#Attachment-Content-Only-Transform", "com.sun.xml.wss.impl.transform.ACOTransform");
            hashMap.put("TransformService.http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-swa-profile-1.0#Attachment-Content-Only-Transform MechanismType", "DOM");
            putAll(hashMap);
        }
    }

    private WSSPolicyConsumerImpl() {
        this.providerName = null;
        this.pMT = null;
        this.provider = null;
        this.providerName = System.getProperty("jsr105Provider", defaultJSR105Provider);
        this.pMT = System.getProperty("jsr105MechanismType", "DOM");
        try {
            ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
            this.provider = (Provider) Class.forName(this.providerName, true, contextClassLoader == null ? getClass().getClassLoader() : contextClassLoader).newInstance();
        } catch (Exception e) {
            logger.log(Level.SEVERE, "WSS1324.dsig.factory", (Throwable) e);
        }
        if (logger.getLevel() == Level.FINEST) {
            logger.log(Level.FINEST, new StringBuffer().append("JSR 105 provider is : ").append(this.providerName).toString());
            logger.log(Level.FINEST, new StringBuffer().append("JSR 105 provider mechanism is : ").append(this.pMT).toString());
        }
        AccessController.doPrivileged(new PrivilegedAction(this) { // from class: com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl.1
            private final WSSPolicyConsumerImpl this$0;

            {
                this.this$0 = this;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                Security.addProvider(this.this$0.provider);
                Security.addProvider(new WSSProvider(this.this$0));
                return null;
            }
        });
    }

    public static WSSPolicyConsumerImpl getInstance() {
        Class cls;
        if (wpcInstance == null) {
            if (class$com$sun$xml$wss$impl$dsig$WSSPolicyConsumerImpl == null) {
                cls = class$("com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl");
                class$com$sun$xml$wss$impl$dsig$WSSPolicyConsumerImpl = cls;
            } else {
                cls = class$com$sun$xml$wss$impl$dsig$WSSPolicyConsumerImpl;
            }
            Class cls2 = cls;
            synchronized (cls) {
                if (wpcInstance == null) {
                    wpcInstance = new WSSPolicyConsumerImpl();
                }
            }
        }
        return wpcInstance;
    }

    public SignedInfo constructSignedInfo(FilterProcessingContext filterProcessingContext) throws PolicyGenerationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, XWSSecurityException {
        if (PolicyTypeUtil.signaturePolicy(filterProcessingContext.getSecurityPolicy())) {
            return generateSignedInfo(filterProcessingContext);
        }
        return null;
    }

    public XMLSignature constructSignature(SignedInfo signedInfo, KeyInfo keyInfo) {
        return getSignatureFactory().newXMLSignature(signedInfo, keyInfo);
    }

    public KeyInfo constructKeyInfo(MLSPolicy mLSPolicy, SecurityTokenReference securityTokenReference) throws PolicyGenerationException, SOAPException, XWSSecurityException {
        if (!PolicyTypeUtil.signaturePolicy(mLSPolicy)) {
            return null;
        }
        return getKeyInfoFactory().newKeyInfo(Collections.singletonList(new DOMStructure(securityTokenReference.getAsSoapElement())));
    }

    public XMLSignatureFactory getSignatureFactory() {
        try {
            return XMLSignatureFactory.getInstance("DOM", this.provider);
        } catch (Exception e) {
            logger.log(Level.SEVERE, "WSS1324.dsig.factory", (Throwable) e);
            throw new RuntimeException(e);
        }
    }

    public KeyInfoFactory getKeyInfoFactory() {
        try {
            return getSignatureFactory().getKeyInfoFactory();
        } catch (Exception e) {
            logger.log(Level.SEVERE, "WSS1323.dsig.keyinfo.factory", (Throwable) e);
            throw new RuntimeException(e);
        }
    }

    public SignaturePolicy constructSignaturePolicy(SignedInfo signedInfo, boolean z) {
        SignaturePolicy signaturePolicy = new SignaturePolicy();
        constructSignaturePolicy(signedInfo, z, signaturePolicy);
        return signaturePolicy;
    }

    public void constructSignaturePolicy(SignedInfo signedInfo, boolean z, SignaturePolicy signaturePolicy) {
        List<Reference> references = signedInfo.getReferences();
        signedInfo.getSignatureMethod();
        CanonicalizationMethod canonicalizationMethod = signedInfo.getCanonicalizationMethod();
        signaturePolicy.isBSP(z);
        SignaturePolicy.FeatureBinding featureBinding = (SignaturePolicy.FeatureBinding) signaturePolicy.getFeatureBinding();
        featureBinding.setCanonicalizationAlgorithm(canonicalizationMethod.getAlgorithm());
        for (Reference reference : references) {
            SignatureTarget.Transform signatureTransform = getSignatureTransform(reference);
            SignatureTarget signatureTarget = new SignatureTarget();
            signatureTarget.isBSP(z);
            if (signatureTransform != null) {
                signatureTarget.addTransform(signatureTransform);
            }
            signatureTarget.setDigestAlgorithm(reference.getDigestMethod().getAlgorithm());
            if (reference.getURI().length() > 0) {
                signatureTarget.setValue(SecurableSoapMessage.getIdFromFragmentRef(reference.getURI()));
            } else {
                signatureTarget.setValue(reference.getURI());
            }
            signatureTarget.setType("uri");
            featureBinding.addTargetBinding(signatureTarget);
        }
    }

    public SignatureTarget.Transform getSignatureTransform(Reference reference) {
        SignatureTarget.Transform transform = null;
        for (Transform transform2 : reference.getTransforms()) {
            String algorithm = transform2.getAlgorithm();
            transform = new SignatureTarget.Transform();
            transform.setTransform(algorithm);
            transform.setAlgorithmParameters(transform2.getParameterSpec());
        }
        return transform;
    }

    public void addCanonicalizationParams(AlgorithmParameterSpec algorithmParameterSpec, HashMap hashMap) {
        if (algorithmParameterSpec instanceof XPathFilterParameterSpec) {
            hashMap.put("XPATH", ((XPathFilterParameterSpec) algorithmParameterSpec).getXPath());
        } else if (algorithmParameterSpec instanceof XPathFilter2ParameterSpec) {
            hashMap.put("XPATH2", ((XPathFilter2ParameterSpec) algorithmParameterSpec).getXPathList());
        }
    }

    private SignedInfo generateSignedInfo(FilterProcessingContext filterProcessingContext) throws PolicyGenerationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, XWSSecurityException {
        SignaturePolicy signaturePolicy = (SignaturePolicy) filterProcessingContext.getSecurityPolicy();
        SignaturePolicy.FeatureBinding featureBinding = (SignaturePolicy.FeatureBinding) signaturePolicy.getFeatureBinding();
        MLSPolicy keyBinding = signaturePolicy.getKeyBinding();
        XMLSignatureFactory signatureFactory = getSignatureFactory();
        SecurableSoapMessage securableSoapMessage = filterProcessingContext.getSecurableSoapMessage();
        String canonicalizationAlgorithm = featureBinding.getCanonicalizationAlgorithm();
        ArrayList targetBindings = featureBinding.getTargetBindings();
        String str = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
        if (PolicyTypeUtil.x509CertificateBinding(keyBinding)) {
            AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding = (AuthenticationTokenPolicy.X509CertificateBinding) keyBinding;
            if (!"".equals(x509CertificateBinding.getKeyAlgorithm())) {
                str = x509CertificateBinding.getKeyAlgorithm();
            }
        } else {
            if (!PolicyTypeUtil.samlTokenPolicy(keyBinding)) {
                throw new XWSSecurityException("Unsupported KeyBinding for SignaturePolicy");
            }
            AuthenticationTokenPolicy.SAMLAssertionBinding sAMLAssertionBinding = (AuthenticationTokenPolicy.SAMLAssertionBinding) keyBinding;
            if (!"".equals(sAMLAssertionBinding.getKeyAlgorithm())) {
                str = sAMLAssertionBinding.getKeyAlgorithm();
            }
        }
        ExcC14NParameterSpec excC14NParameterSpec = null;
        if ("http://www.w3.org/2001/10/xml-exc-c14n#".equalsIgnoreCase(canonicalizationAlgorithm)) {
            excC14NParameterSpec = featureBinding.isBSP() ? new ExcC14NParameterSpec(getInclusiveNamespacePrefixes(securableSoapMessage.findSecurityHeader(), false)) : null;
        }
        return signatureFactory.newSignedInfo(signatureFactory.newCanonicalizationMethod(canonicalizationAlgorithm, excC14NParameterSpec), signatureFactory.newSignatureMethod(str, null), generateReferenceList(targetBindings, signatureFactory, securableSoapMessage, filterProcessingContext, false), null);
    }

    public static List getInclusiveNamespacePrefixes(Element element, boolean z) {
        ArrayList arrayList = new ArrayList();
        Node node = element;
        while (true) {
            Node node2 = node;
            if (node2 instanceof Document) {
                return arrayList;
            }
            NamedNodeMap attributes = node2.getAttributes();
            for (int i = 0; i < attributes.getLength(); i++) {
                Node item = attributes.item(i);
                if (item.getNamespaceURI() != null && item.getNamespaceURI().equals("http://www.w3.org/2000/xmlns/")) {
                    arrayList.add(item.getLocalName());
                }
            }
            node = node2.getParentNode();
        }
    }

    public static List getReferenceNamespacePrefixes(Node node) {
        ArrayList arrayList = new ArrayList();
        traverseSubtree(node, arrayList);
        return arrayList;
    }

    private static void traverseSubtree(Node node, List list) {
        SOAPElement sOAPElement = (SOAPElement) node;
        Iterator visibleNamespacePrefixes = sOAPElement.getVisibleNamespacePrefixes();
        while (visibleNamespacePrefixes.hasNext()) {
            String str = (String) visibleNamespacePrefixes.next();
            if (!list.contains(str)) {
                list.add(str);
            }
        }
        Iterator childElements = sOAPElement.getChildElements();
        while (childElements.hasNext()) {
            Node node2 = (Node) childElements.next();
            if (!(node2 instanceof Text)) {
                traverseSubtree(node2, list);
            }
        }
    }

    public List generateReferenceList(List list, SecurableSoapMessage securableSoapMessage, FilterProcessingContext filterProcessingContext, boolean z) throws PolicyGenerationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, XWSSecurityException {
        return generateReferenceList(list, getSignatureFactory(), securableSoapMessage, filterProcessingContext, z);
    }

    private List generateReferenceList(List list, XMLSignatureFactory xMLSignatureFactory, SecurableSoapMessage securableSoapMessage, FilterProcessingContext filterProcessingContext, boolean z) throws PolicyGenerationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, XWSSecurityException {
        NodeList nodeList;
        ListIterator listIterator = list.listIterator();
        ArrayList arrayList = new ArrayList();
        while (listIterator.hasNext()) {
            SignatureTarget signatureTarget = (SignatureTarget) listIterator.next();
            String digestAlgorithm = signatureTarget.getDigestAlgorithm();
            try {
                DigestMethod newDigestMethod = xMLSignatureFactory.newDigestMethod(digestAlgorithm, null);
                boolean z2 = false;
                ListIterator listIterator2 = signatureTarget.getTransforms().listIterator();
                ArrayList arrayList2 = new ArrayList(2);
                while (listIterator2.hasNext()) {
                    SignatureTarget.Transform transform = (SignatureTarget.Transform) listIterator2.next();
                    String transform2 = transform.getTransform();
                    Transform transform3 = null;
                    if (transform2 == "http://www.w3.org/TR/1999/REC-xpath-19991116" || transform2.equals("http://www.w3.org/TR/1999/REC-xpath-19991116")) {
                        TransformParameterSpec transformParameterSpec = (TransformParameterSpec) transform.getAlgorithmParameters();
                        if (transformParameterSpec == null) {
                            throw new XWSSecurityException("XPATH parameters cannot be null");
                        }
                        transform3 = xMLSignatureFactory.newTransform(transform2, transformParameterSpec);
                    } else if (transform2 == "http://www.w3.org/2002/06/xmldsig-filter2" || transform2.equals("http://www.w3.org/2002/06/xmldsig-filter2")) {
                        transform3 = xMLSignatureFactory.newTransform(transform2, (TransformParameterSpec) transform.getAlgorithmParameters());
                    } else if (transform2 == "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform" || transform2.equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform")) {
                        Parameter parameter = (Parameter) transform.getAlgorithmParameters();
                        String str = null;
                        if (parameter.getParamName().equals("CanonicalizationMethod")) {
                            str = parameter.getParamValue();
                        }
                        if (str == null) {
                            throw new XWSSecurityException("STR Transform must have acanonicalization method specified");
                        }
                        try {
                            Document newDocument = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
                            Element createElementNS = newDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:TransformationParameters");
                            Element createElementNS2 = newDocument.createElementNS("http://www.w3.org/2000/09/xmldsig#", "ds:CanonicalizationMethod");
                            createElementNS.appendChild(createElementNS2);
                            createElementNS2.setAttribute("Algorithm", str);
                            newDocument.appendChild(createElementNS);
                            transform3 = xMLSignatureFactory.newTransform(transform2, new DOMStructure(createElementNS));
                        } catch (Exception e) {
                            logger.log(Level.SEVERE, "WSS1300.dsig.transform_param.error", (Throwable) e);
                            throw new XWSSecurityException(e.getMessage());
                        }
                    } else if ("http://www.w3.org/2001/10/xml-exc-c14n#".equalsIgnoreCase(transform2)) {
                        z2 = true;
                    } else {
                        transform3 = xMLSignatureFactory.newTransform(transform2, (TransformParameterSpec) null);
                    }
                    if (!"http://www.w3.org/2001/10/xml-exc-c14n#".equalsIgnoreCase(transform2)) {
                        arrayList2.add(transform3);
                    }
                }
                String str2 = "";
                String type = signatureTarget.getType();
                SOAPMessage sOAPMessage = securableSoapMessage.getSOAPMessage();
                if (type.equals("qname") || type.equals("xpath")) {
                    if (type == "qname") {
                        String value = signatureTarget.getValue();
                        boolean z3 = false;
                        if (filterProcessingContext.getConfigType() == MessageConstants.SIGN_BODY || filterProcessingContext.getConfigType() == MessageConstants.SIGN_ENCRYPT_BODY) {
                            z3 = true;
                        }
                        if (value.equals(Target.BODY) && z3) {
                            arrayList.add(new JAXWSDigestProcessor(this, filterProcessingContext, signatureTarget, newDigestMethod, xMLSignatureFactory).handleJAXWSSOAPBody());
                        } else if (value.equals(Target.BODY)) {
                            try {
                                nodeList = new NodeList(this, sOAPMessage.getSOAPBody()) { // from class: com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl.2
                                    Node node;
                                    private final SOAPElement val$se;
                                    private final WSSPolicyConsumerImpl this$0;

                                    {
                                        this.this$0 = this;
                                        this.val$se = r5;
                                        this.node = this.val$se;
                                    }

                                    @Override // org.w3c.dom.NodeList
                                    public int getLength() {
                                        return this.node == null ? 0 : 1;
                                    }

                                    @Override // org.w3c.dom.NodeList
                                    public Node item(int i) {
                                        if (i == 0) {
                                            return this.node;
                                        }
                                        return null;
                                    }
                                };
                            } catch (SOAPException e2) {
                                throw new XWSSecurityException(new StringBuffer().append("SignatureTarget with URI ").append(value).append(" is not in the message").toString());
                            }
                        } else {
                            QName valueOf = QName.valueOf(value);
                            nodeList = "".equals(valueOf.getNamespaceURI()) ? sOAPMessage.getSOAPPart().getElementsByTagName(valueOf.getLocalPart()) : sOAPMessage.getSOAPPart().getElementsByTagNameNS(valueOf.getNamespaceURI(), valueOf.getLocalPart());
                        }
                    } else {
                        String value2 = signatureTarget.getValue();
                        try {
                            XPath newXPath = XPathFactory.newInstance().newXPath();
                            newXPath.setNamespaceContext(securableSoapMessage.getNamespaceContext());
                            nodeList = (NodeList) newXPath.compile(value2).evaluate(securableSoapMessage.getSOAPPart(), XPathConstants.NODESET);
                        } catch (XPathExpressionException e3) {
                            logger.log(Level.FINEST, new StringBuffer().append("Error occurred whileresolving XPATH expression").append(value2).toString(), (Throwable) e3);
                            throw new XWSSecurityException(e3);
                        }
                    }
                    int i = 0;
                    if (nodeList == null || nodeList.getLength() <= 0) {
                        throw new XWSSecurityException(new StringBuffer().append("SignatureTarget with URI ").append(signatureTarget.getValue()).append(" is not in the message").toString());
                    }
                    HashMap hashMap = null;
                    if (filterProcessingContext != null) {
                        hashMap = filterProcessingContext.getElementCache();
                    }
                    while (i < nodeList.getLength()) {
                        int i2 = i;
                        i++;
                        Node item = nodeList.item(i2);
                        if (item.getNodeType() != 1) {
                            throw new XWSSecurityException("XPath does not correspond to a DOM Element");
                        }
                        if (z2) {
                            arrayList2.add(xMLSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", new ExcC14NParameterSpec(getReferenceNamespacePrefixes(item))));
                        }
                        boolean z4 = false;
                        String attributeNS = ((Element) item).getAttributeNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Id");
                        if ((attributeNS == null || attributeNS.equals("")) && (item.getNamespaceURI() == "http://www.w3.org/2000/09/xmldsig#" || item.getNamespaceURI() == "http://www.w3.org/2001/04/xmlenc#")) {
                            z4 = true;
                            attributeNS = ((Element) item).getAttribute("Id");
                        }
                        if (attributeNS == null || attributeNS.equals("")) {
                            attributeNS = securableSoapMessage.generateId();
                            if (z) {
                                hashMap.put(attributeNS, item);
                            } else if (z4) {
                                XMLUtil.setIdAttr((Element) item, attributeNS);
                            } else {
                                XMLUtil.setWsuIdAttr((Element) item, attributeNS);
                            }
                        }
                        str2 = new StringBuffer().append("#").append(attributeNS).toString();
                    }
                    byte[] digestValue = filterProcessingContext.getDigestValue();
                    arrayList.add((!z || digestValue == null) ? xMLSignatureFactory.newReference(str2, newDigestMethod, arrayList2, null, null) : xMLSignatureFactory.newReference(str2, newDigestMethod, arrayList2, null, null, digestValue));
                } else {
                    if (type == "uri") {
                        str2 = signatureTarget.getValue();
                        if (str2 == null) {
                            str2 = "";
                        }
                        if (str2 == MessageConstants.PROCESS_ALL_ATTACHMENTS) {
                            Iterator attachments = securableSoapMessage.getAttachments();
                            if (!attachments.hasNext()) {
                                throw new XWSSecurityException("No attachment present in the message");
                            }
                            while (attachments.hasNext()) {
                                String contentId = ((AttachmentPart) attachments.next()).getContentId();
                                int lastIndexOf = contentId.lastIndexOf(62);
                                int indexOf = contentId.indexOf(60);
                                if (lastIndexOf < indexOf || lastIndexOf == indexOf) {
                                    logger.log(Level.SEVERE, "WSS1303.cid_error");
                                }
                                arrayList.add(xMLSignatureFactory.newReference(new StringBuffer().append("cid:").append(contentId.substring(indexOf + 1, lastIndexOf)).toString(), newDigestMethod, arrayList2, null, null));
                            }
                        } else if (z2) {
                            try {
                                String str3 = str2;
                                if (str2.length() > 0 && str2.charAt(0) == '#') {
                                    str3 = str2.substring(1);
                                }
                                SOAPElement sOAPElement = (SOAPElement) XMLUtil.getElementById(securableSoapMessage.getSOAPPart(), str3);
                                TransformParameterSpec transformParameterSpec2 = null;
                                if (sOAPElement != null) {
                                    transformParameterSpec2 = new ExcC14NParameterSpec(getReferenceNamespacePrefixes(sOAPElement));
                                }
                                arrayList2.add(xMLSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", transformParameterSpec2));
                            } catch (TransformerException e4) {
                                throw new XWSSecurityException(e4.getMessage(), e4);
                            }
                        }
                    }
                    byte[] digestValue2 = filterProcessingContext.getDigestValue();
                    arrayList.add((!z || digestValue2 == null) ? xMLSignatureFactory.newReference(str2, newDigestMethod, arrayList2, null, null) : xMLSignatureFactory.newReference(str2, newDigestMethod, arrayList2, null, null, digestValue2));
                }
            } catch (Exception e5) {
                logger.log(Level.SEVERE, "WSS1301.invalid.digest.algo", digestAlgorithm);
                throw new XWSSecurityException(e5.getMessage());
            }
        }
        return arrayList;
    }

    public URIDereferencer getDefaultResolver() {
        if (this.externalURIResolver == null) {
            this.externalURIResolver = getSignatureFactory().getURIDereferencer();
        }
        return this.externalURIResolver;
    }

    public static void printDocument(Node node) {
        try {
            logger.log(Level.FINEST, "\n");
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
            newTransformer.setOutputProperty("indent", CustomBooleanEditor.VALUE_YES);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            newTransformer.transform(new DOMSource(node), new StreamResult(byteArrayOutputStream));
            logger.log(Level.FINEST, new String(byteArrayOutputStream.toByteArray()));
            logger.log(Level.FINEST, "\n");
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
