package com.sun.xml.ws.security.impl.policyconv;

import com.sun.xml.ws.policy.PolicyException;
import com.sun.xml.ws.security.impl.policy.Constants;
import com.sun.xml.ws.security.policy.AsymmetricBinding;
import com.sun.xml.ws.security.policy.Binding;
import com.sun.xml.ws.security.policy.EncryptedElements;
import com.sun.xml.ws.security.policy.EncryptedParts;
import com.sun.xml.ws.security.policy.SignedElements;
import com.sun.xml.ws.security.policy.SignedParts;
import com.sun.xml.ws.security.policy.Token;
import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
import com.sun.xml.wss.impl.policy.mls.TimestampPolicy;
import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
import java.util.Vector;
import java.util.logging.Level;

/* loaded from: input_file:BOOT-INF/lib/webservices-rt-2.4.4.jar:com/sun/xml/ws/security/impl/policyconv/AsymmetricBindingProcessor.class */
public class AsymmetricBindingProcessor extends BindingProcessor {
    private final AsymmetricBinding binding;

    public AsymmetricBindingProcessor(AsymmetricBinding asymmetricBinding, XWSSPolicyContainer xWSSPolicyContainer, boolean z, boolean z2, Vector<SignedParts> vector, Vector<EncryptedParts> vector2, Vector<SignedElements> vector3, Vector<EncryptedElements> vector4) {
        this.binding = asymmetricBinding;
        this.container = xWSSPolicyContainer;
        this.isServer = z;
        this.isIncoming = z2;
        this.protectionOrder = this.binding.getProtectionOrder();
        this.tokenProcessor = new TokenProcessor(z, z2, this.pid);
        this.iAP = new IntegrityAssertionProcessor(this.binding.getAlgorithmSuite(), this.binding.isSignContent());
        this.eAP = new EncryptionAssertionProcessor(this.binding.getAlgorithmSuite(), false);
        this.signedParts = vector;
        this.signedElements = vector3;
        this.encryptedElements = vector4;
        this.encryptedParts = vector2;
    }

    public void process() throws PolicyException {
        Token signatureToken = getSignatureToken();
        Token encryptionToken = getEncryptionToken();
        if (signatureToken != null) {
            this.primarySP = new SignaturePolicy();
            this.primarySP.setUUID(this.pid.generateID());
            if (Constants.logger.isLoggable(Level.FINEST)) {
                Constants.logger.log(Level.FINEST, "ID of Primary signature policy is " + this.primarySP.getUUID());
            }
            this.tokenProcessor.addKeyBinding(this.binding, this.primarySP, signatureToken, true);
            SignaturePolicy.FeatureBinding featureBinding = (SignaturePolicy.FeatureBinding) this.primarySP.getFeatureBinding();
            SecurityPolicyUtil.setCanonicalizationMethod(featureBinding, this.binding.getAlgorithmSuite());
            featureBinding.isPrimarySignature(true);
        }
        if (encryptionToken != null) {
            this.primaryEP = new EncryptionPolicy();
            this.primaryEP.setUUID(this.pid.generateID());
            this.tokenProcessor.addKeyBinding(this.binding, this.primaryEP, encryptionToken, false);
            if (Constants.logger.isLoggable(Level.FINEST)) {
                Constants.logger.log(Level.FINEST, "ID of Encryption policy is " + this.primaryEP.getUUID());
            }
        }
        if (this.protectionOrder == "SignBeforeEncrypting") {
            this.container.insert(this.primarySP);
        } else {
            this.container.insert(this.primaryEP);
            this.container.insert(this.primarySP);
        }
        addPrimaryTargets();
        if (this.foundEncryptTargets && this.binding.getSignatureProtection()) {
            if (Constants.logger.isLoggable(Level.FINEST)) {
                Constants.logger.log(Level.FINEST, "PrimarySignature will be Encrypted");
            }
            protectPrimarySignature();
        }
        if (this.binding.isIncludeTimeStamp()) {
            if (Constants.logger.isLoggable(Level.FINEST)) {
                Constants.logger.log(Level.FINEST, "Timestamp header will be added to the message and will be Integrity protected ");
            }
            TimestampPolicy timestampPolicy = new TimestampPolicy();
            timestampPolicy.setUUID(this.pid.generateID());
            this.container.insert(timestampPolicy);
            if (!this.binding.isDisableTimestampSigning()) {
                protectTimestamp(timestampPolicy);
            }
        }
        if (this.binding.getTokenProtection()) {
            if (Constants.logger.isLoggable(Level.FINEST)) {
                Constants.logger.log(Level.FINEST, "Token reference by primary signature with ID " + this.primarySP.getUUID() + " will be Integrity protected");
            }
            if (this.primarySP != null) {
                protectToken((WSSPolicy) this.primarySP.getKeyBinding());
            }
        }
    }

    protected Token getEncryptionToken() {
        if (this.isServer ^ this.isIncoming) {
            Token initiatorToken = this.binding.getInitiatorToken();
            if (initiatorToken == null) {
                initiatorToken = this.binding.getRecipientEncryptionToken();
            }
            return initiatorToken;
        }
        Token recipientToken = this.binding.getRecipientToken();
        if (recipientToken == null) {
            recipientToken = this.binding.getInitiatorEncryptionToken();
        }
        return recipientToken;
    }

    protected Token getSignatureToken() {
        if (this.isServer ^ this.isIncoming) {
            Token recipientToken = this.binding.getRecipientToken();
            if (recipientToken == null) {
                recipientToken = this.binding.getRecipientSignatureToken();
            }
            return recipientToken;
        }
        Token initiatorToken = this.binding.getInitiatorToken();
        if (initiatorToken == null) {
            initiatorToken = this.binding.getInitiatorSignatureToken();
        }
        return initiatorToken;
    }

    @Override // com.sun.xml.ws.security.impl.policyconv.BindingProcessor
    protected Binding getBinding() {
        return this.binding;
    }

    @Override // com.sun.xml.ws.security.impl.policyconv.BindingProcessor
    protected EncryptionPolicy getSecondaryEncryptionPolicy() throws PolicyException {
        if (this.sEncPolicy == null) {
            this.sEncPolicy = new EncryptionPolicy();
            this.sEncPolicy.setUUID(this.pid.generateID());
            this.tokenProcessor.addKeyBinding(this.binding, this.sEncPolicy, getEncryptionToken(), false);
            this.container.insert(this.sEncPolicy);
        }
        return this.sEncPolicy;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.sun.xml.ws.security.impl.policyconv.BindingProcessor
    public void close() {
        if (this.protectionOrder == "SignBeforeEncrypting") {
            this.container.insert(this.primaryEP);
        }
    }
}
