package com.sun.xml.wss.impl.filter;

import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.FilterProcessingContext;
import com.sun.xml.wss.impl.HarnessUtil;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor;
import com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor;
import com.sun.xml.wss.impl.callback.DynamicPolicyCallback;
import com.sun.xml.wss.impl.configuration.DynamicApplicationContext;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
import com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding;
import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
import com.sun.xml.wss.logging.LogDomainConstants;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:WEB-INF/lib/xws-security-2.0-FCS.jar:com/sun/xml/wss/impl/filter/EncryptionFilter.class */
public class EncryptionFilter {
    protected static Logger log = Logger.getLogger(LogDomainConstants.IMPL_FILTER_DOMAIN, LogDomainConstants.IMPL_FILTER_DOMAIN_BUNDLE);

    public static void process(FilterProcessingContext filterProcessingContext) throws XWSSecurityException {
        if (filterProcessingContext.isInboundMessage()) {
            if (filterProcessingContext.makeDynamicPolicyCallback()) {
                WSSPolicy wSSPolicy = (WSSPolicy) filterProcessingContext.getSecurityPolicy();
                try {
                    ((EncryptionPolicy) wSSPolicy).isReadOnly(true);
                    DynamicApplicationContext dynamicApplicationContext = new DynamicApplicationContext(filterProcessingContext.getPolicyContext());
                    dynamicApplicationContext.setMessageIdentifier(filterProcessingContext.getMessageIdentifier());
                    dynamicApplicationContext.inBoundMessage(true);
                    DynamicPolicyCallback dynamicPolicyCallback = new DynamicPolicyCallback(wSSPolicy, dynamicApplicationContext);
                    ProcessingContext.copy(dynamicApplicationContext.getRuntimeProperties(), filterProcessingContext.getExtraneousProperties());
                    HarnessUtil.makeDynamicPolicyCallback(dynamicPolicyCallback, filterProcessingContext.getSecurityEnvironment().getCallbackHandler());
                    filterProcessingContext.setSecurityPolicy((EncryptionPolicy) dynamicPolicyCallback.getSecurityPolicy());
                } catch (Exception e) {
                    log.log(Level.SEVERE, "WSS1420.dynamic.policy.signature", new Object[]{e.getMessage()});
                    throw new XWSSecurityException(e);
                }
            }
            DecryptionProcessor.decrypt(filterProcessingContext);
            return;
        }
        EncryptionPolicy encryptionPolicy = (EncryptionPolicy) filterProcessingContext.getSecurityPolicy();
        EncryptionPolicy encryptionPolicy2 = encryptionPolicy;
        if (filterProcessingContext.makeDynamicPolicyCallback()) {
            try {
                encryptionPolicy.isReadOnly(true);
                DynamicApplicationContext dynamicApplicationContext2 = new DynamicApplicationContext(filterProcessingContext.getPolicyContext());
                dynamicApplicationContext2.setMessageIdentifier(filterProcessingContext.getMessageIdentifier());
                dynamicApplicationContext2.inBoundMessage(false);
                DynamicPolicyCallback dynamicPolicyCallback2 = new DynamicPolicyCallback(encryptionPolicy, dynamicApplicationContext2);
                ProcessingContext.copy(dynamicApplicationContext2.getRuntimeProperties(), filterProcessingContext.getExtraneousProperties());
                HarnessUtil.makeDynamicPolicyCallback(dynamicPolicyCallback2, filterProcessingContext.getSecurityEnvironment().getCallbackHandler());
                encryptionPolicy2 = (EncryptionPolicy) dynamicPolicyCallback2.getSecurityPolicy();
            } catch (Exception e2) {
                log.log(Level.SEVERE, "WSS1412.error.processing.dynamicpolicy", new Object[]{e2.getMessage()});
                throw new XWSSecurityException(e2);
            }
        } else {
            WSSPolicy wSSPolicy2 = (WSSPolicy) encryptionPolicy.getKeyBinding();
            if (PolicyTypeUtil.x509CertificateBinding(wSSPolicy2)) {
                try {
                    AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding = (AuthenticationTokenPolicy.X509CertificateBinding) wSSPolicy2.clone();
                    x509CertificateBinding.setX509Certificate(filterProcessingContext.getSecurityEnvironment().getCertificate(filterProcessingContext.getExtraneousProperties(), x509CertificateBinding.getCertificateIdentifier(), false));
                    filterProcessingContext.setX509CertificateBinding(x509CertificateBinding);
                } catch (Exception e3) {
                    log.log(Level.SEVERE, "WSS1413.error.extracting.certificate", (Throwable) e3);
                    throw new XWSSecurityException(e3);
                }
            } else if (PolicyTypeUtil.symmetricKeyBinding(wSSPolicy2)) {
                try {
                    SymmetricKeyBinding symmetricKeyBinding = (SymmetricKeyBinding) wSSPolicy2.clone();
                    symmetricKeyBinding.setSecretKey(filterProcessingContext.getSecurityEnvironment().getSecretKey(filterProcessingContext.getExtraneousProperties(), symmetricKeyBinding.getKeyIdentifier(), true));
                    filterProcessingContext.setSymmetricKeyBinding(symmetricKeyBinding);
                } catch (Exception e4) {
                    log.log(Level.SEVERE, "WSS1414.error.extracting.symmetrickey", new Object[]{e4.getMessage()});
                    throw new XWSSecurityException(e4);
                }
            } else if (PolicyTypeUtil.samlTokenPolicy(wSSPolicy2)) {
                WSSPolicy wSSPolicy3 = (WSSPolicy) encryptionPolicy.getKeyBinding();
                DynamicApplicationContext dynamicApplicationContext3 = new DynamicApplicationContext(filterProcessingContext.getPolicyContext());
                dynamicApplicationContext3.setMessageIdentifier(filterProcessingContext.getMessageIdentifier());
                dynamicApplicationContext3.inBoundMessage(false);
                AuthenticationTokenPolicy.SAMLAssertionBinding sAMLAssertionBinding = (AuthenticationTokenPolicy.SAMLAssertionBinding) wSSPolicy3;
                sAMLAssertionBinding.isReadOnly(true);
                AuthenticationTokenPolicy.SAMLAssertionBinding populateSAMLPolicy = filterProcessingContext.getSecurityEnvironment().populateSAMLPolicy(filterProcessingContext.getExtraneousProperties(), sAMLAssertionBinding, dynamicApplicationContext3);
                if (populateSAMLPolicy.getAssertion() == null) {
                    log.log(Level.SEVERE, "WSS1415.saml.assertion.notset");
                    throw new XWSSecurityException("SAML Assertion not set by CallbackHandler  for Encryption Processing");
                }
                encryptionPolicy.setKeyBinding(populateSAMLPolicy);
                encryptionPolicy2 = encryptionPolicy;
            }
        }
        filterProcessingContext.setSecurityPolicy(encryptionPolicy2);
        EncryptionProcessor.encrypt(filterProcessingContext);
    }
}
