package weblogic.xml.crypto.wss;

import java.io.OutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.XMLStreamWriter;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import weblogic.utils.io.UnsyncByteArrayOutputStream;
import weblogic.xml.crypto.NodeSetDataImpl;
import weblogic.xml.crypto.OctetData;
import weblogic.xml.crypto.api.Data;
import weblogic.xml.crypto.api.NodeSetData;
import weblogic.xml.crypto.api.XMLCryptoContext;
import weblogic.xml.crypto.dom.WLDOMSignContext;
import weblogic.xml.crypto.dsig.CanonicalizationMethodImpl;
import weblogic.xml.crypto.dsig.OctetTransform;
import weblogic.xml.crypto.dsig.TransformFactory;
import weblogic.xml.crypto.dsig.TransformImpl;
import weblogic.xml.crypto.dsig.WLCanonicalizationMethod;
import weblogic.xml.crypto.dsig.WLXMLStructure;
import weblogic.xml.crypto.dsig.api.CanonicalizationMethod;
import weblogic.xml.crypto.dsig.api.Transform;
import weblogic.xml.crypto.dsig.api.XMLSignatureException;
import weblogic.xml.crypto.dsig.api.spec.TransformParameterSpec;
import weblogic.xml.crypto.utils.DOMUtils;
import weblogic.xml.crypto.utils.DataUtils;
import weblogic.xml.crypto.utils.LogUtils;
import weblogic.xml.crypto.utils.StaxUtils;
import weblogic.xml.crypto.wss.api.BinarySecurityToken;
import weblogic.xml.crypto.wss.provider.SecurityToken;
import weblogic.xml.crypto.wss.provider.SecurityTokenReference;
import weblogic.xml.dom.marshal.MarshalException;
import weblogic.xml.stream.XMLInputStream;
import weblogic.xml.stream.XMLOutputStream;
import weblogic.xml.stream.XMLStreamException;

/* loaded from: input_file:weblogic/xml/crypto/wss/STRTransform.class */
public class STRTransform extends TransformImpl implements OctetTransform, TransformFactory {
    private static STRTransform exclC14nStrTransform = new STRTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
    private static STRTransform inclC14nStrTransform = new STRTransform("http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
    private CanonicalizationMethod c14nMethod;

    private STRTransform(String str) {
        try {
            this.c14nMethod = CanonicalizationMethodImpl.newCanonicalizationMethod(str + "_augmented");
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e);
        }
    }

    public static void init() {
        register(exclC14nStrTransform);
    }

    public static STRTransform getInstance() {
        return new STRTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
    }

    @Override // weblogic.xml.crypto.dsig.TransformImpl, weblogic.xml.crypto.api.AlgorithmMethod
    public String getAlgorithm() {
        return WSSConstants.STR_TRANSFORM;
    }

    @Override // weblogic.xml.crypto.dsig.TransformImpl, weblogic.xml.crypto.dsig.WLTransform
    public Data transform(Data data, XMLCryptoContext xMLCryptoContext) throws XMLSignatureException {
        SecurityToken securityToken;
        NodeSetData<Node> extractNodeSetData = DataUtils.extractNodeSetData(data);
        Iterator it = extractNodeSetData.iterator();
        Node node = it.hasNext() ? (Node) it.next() : null;
        if (null == node) {
            throw new XMLSignatureException("Null input STR node found. ");
        }
        boolean z = false;
        if ((xMLCryptoContext instanceof WLDOMSignContext) && node.getParentNode() == null) {
            Element signatureNode = ((WLDOMSignContext) xMLCryptoContext).getXMLSignature().getSignatureNode();
            try {
                Node adoptNode = signatureNode.getOwnerDocument().adoptNode(node);
                if (null != adoptNode) {
                    LogUtils.logDsig("Good output STR node found after adoptNode into signatureNode: " + adoptNode);
                    node = adoptNode;
                } else {
                    LogUtils.logDsig("Try again, after Null Node found during signatureNode adoptNode process. Input was", node);
                    node = signatureNode.getOwnerDocument().importNode(node, true);
                    extractNodeSetData = new NodeSetDataImpl(DOMUtils.getNodeSet(node, false));
                }
            } catch (Throwable th) {
                LogUtils.logDsig("Error during signatureNode adoptNode process. Exception =", th);
                node = signatureNode.getOwnerDocument().importNode(node, true);
                extractNodeSetData = new NodeSetDataImpl(DOMUtils.getNodeSet(node, false));
            }
            if (node == null) {
                throw new XMLSignatureException("Problem on import STR node to signature node. STR node was: " + node);
            }
            signatureNode.appendChild(node);
            z = true;
        }
        boolean z2 = false;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (Node node2 : extractNodeSetData) {
            if (node2.getNodeType() == 1) {
                if (!z2 && "http://www.w3.org/2000/09/xmldsig#".equals(node2.getNamespaceURI()) && "KeyInfo".equals(node2.getLocalName())) {
                    z2 = true;
                }
                if ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd".equals(node2.getNamespaceURI()) && "SecurityTokenReference".equals(node2.getLocalName())) {
                    linkedHashMap.put(node2, null);
                }
            }
        }
        if (linkedHashMap.isEmpty()) {
            throw new XMLSignatureException("Input node set for STR-Transform can not be empty.");
        }
        WSSecurityContext wSSecurityContext = (WSSecurityContext) xMLCryptoContext.getProperty(WSSecurityContext.WS_SECURITY_CONTEXT);
        if (wSSecurityContext == null) {
            throw new IllegalArgumentException("WSSecurityContext must be set on XMLCryptoContext");
        }
        MessageContext messageContext = (MessageContext) wSSecurityContext.getProperty(WSSecurityContext.MESSAGE_CONTEXT);
        if (messageContext == null) {
            throw new IllegalArgumentException("MessageContext must be set on WSSecurityContext");
        }
        try {
            for (Element element : linkedHashMap.keySet()) {
                SecurityTokenReference str = wSSecurityContext.getSTR(DOMUtils.getExistingId(element, wSSecurityContext.getIdQNames()));
                if (str != null) {
                    securityToken = str.getSecurityToken();
                } else {
                    str = SecurityTokenReferenceImpl.createAndUnmarshal(element);
                    securityToken = wSSecurityContext.getRequiredTokenHandler(str.getValueType()).getSecurityToken(str, messageContext);
                }
                if (z2) {
                    wSSecurityContext.addKeyInfo(DOMUtils.getExistingId((Element) node, wSSecurityContext.getIdQNames()), securityToken);
                } else {
                    wSSecurityContext.addSTR(str, securityToken);
                }
                Node node3 = wSSecurityContext.getNode(securityToken);
                if (node3 == null) {
                    securityToken.setId(null);
                    HashMap hashMap = new HashMap();
                    hashMap.put(element.getNamespaceURI(), element.getPrefix());
                    if (securityToken instanceof BinarySecurityToken) {
                        BSTUtils.marshalToken((BinarySecurityToken) securityToken, (Element) element.getParentNode(), hashMap, element, false);
                    } else {
                        securityToken.marshal((Element) element.getParentNode(), element, null);
                    }
                } else {
                    Node insertBefore = element.getParentNode().insertBefore(node3.cloneNode(true), element);
                    Set nodeSet = DOMUtils.getNodeSet(node3, false);
                    Set<Node> nodeSet2 = DOMUtils.getNodeSet(insertBefore, false);
                    Iterator it2 = nodeSet.iterator();
                    HashSet hashSet = new HashSet();
                    for (Node node4 : nodeSet2) {
                        Node node5 = (Node) it2.next();
                        if (node4.getNodeType() == 1 || node4.getNodeType() == 2) {
                            String prefix = node4.getPrefix();
                            if (node4.getNodeType() != 2 || (!"xmlns".equals(node4.getNodeName()) && !"xmlns".equals(prefix) && prefix != null && !"".equals(prefix))) {
                                if (!hashSet.contains(prefix)) {
                                    String lookupNamespaceURI = node5.lookupNamespaceURI(prefix);
                                    String lookupNamespaceURI2 = node4.lookupNamespaceURI(prefix);
                                    if ((lookupNamespaceURI != null || lookupNamespaceURI2 != null) && lookupNamespaceURI != null && !lookupNamespaceURI.equals(lookupNamespaceURI2)) {
                                        if (prefix == null || "".equals(prefix)) {
                                            ((Element) insertBefore).setAttribute("xmlns", lookupNamespaceURI);
                                        }
                                        DOMUtils.declareNamespace((Element) insertBefore, lookupNamespaceURI, prefix);
                                    }
                                    hashSet.add(prefix);
                                }
                            }
                        }
                    }
                }
                Node previousSibling = element.getPreviousSibling();
                element.getParentNode().removeChild(element);
                linkedHashMap.put(element, previousSibling);
            }
            HashSet hashSet2 = new HashSet();
            Iterator it3 = linkedHashMap.values().iterator();
            while (it3.hasNext()) {
                hashSet2.add(((Node) it3.next()).getNodeName());
            }
            ((WLCanonicalizationMethod) this.c14nMethod).setAugmentedElementTracks(hashSet2);
            Node node6 = node;
            if (linkedHashMap.keySet().contains(node6)) {
                node6 = (Node) linkedHashMap.get(node6);
            }
            OctetData octetData = new OctetData(c14n(DOMUtils.getXMLInputStream(node6), DOMUtils.getNamespaceMap(node6)));
            for (Map.Entry entry : linkedHashMap.entrySet()) {
                Node node7 = (Node) entry.getKey();
                Node node8 = (Node) entry.getValue();
                node8.getParentNode().insertBefore(node7, node8);
                node8.getParentNode().removeChild(node8);
            }
            if (z) {
                ((WLDOMSignContext) xMLCryptoContext).getXMLSignature().getSignatureNode().removeChild(node);
            }
            return octetData;
        } catch (XMLStreamException e) {
            throw new XMLSignatureException("Failed to obtain InputStream of STR-Transform result.", e);
        } catch (WSSecurityException e2) {
            throw new XMLSignatureException(e2);
        } catch (MarshalException e3) {
            throw new XMLSignatureException((Throwable) e3);
        }
    }

    @Override // weblogic.xml.crypto.dsig.TransformImpl
    public void readParameters(XMLStreamReader xMLStreamReader) throws weblogic.xml.crypto.api.MarshalException {
        try {
            xMLStreamReader.nextTag();
            xMLStreamReader.require(1, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", WSSConstants.TRANSFORM_PARAMS_ELEMENT);
            xMLStreamReader.nextTag();
            this.c14nMethod = CanonicalizationMethodImpl.newCanonicalizationMethod(StaxUtils.getAttributeValue("http://www.w3.org/2000/09/xmldsig#", "Algorithm", xMLStreamReader) + "_augmented");
            ((WLXMLStructure) this.c14nMethod).read(xMLStreamReader);
            xMLStreamReader.nextTag();
            StaxUtils.findEnd(xMLStreamReader, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", WSSConstants.TRANSFORM_PARAMS_ELEMENT);
        } catch (NoSuchAlgorithmException e) {
            throw new weblogic.xml.crypto.api.MarshalException("Failed to read CanonicalizationMethod Transform " + getAlgorithm() + ".", e);
        } catch (javax.xml.stream.XMLStreamException e2) {
            throw new weblogic.xml.crypto.api.MarshalException("Failed to read Transform " + getAlgorithm() + ".", e2);
        }
    }

    @Override // weblogic.xml.crypto.dsig.TransformImpl
    public void writeParameters(XMLStreamWriter xMLStreamWriter) throws weblogic.xml.crypto.api.MarshalException {
        try {
            xMLStreamWriter.writeStartElement("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", WSSConstants.TRANSFORM_PARAMS_ELEMENT);
            ((WLXMLStructure) this.c14nMethod).write(xMLStreamWriter);
            xMLStreamWriter.writeEndElement();
        } catch (javax.xml.stream.XMLStreamException e) {
            throw new weblogic.xml.crypto.api.MarshalException("Failed to write element Transform", e);
        }
    }

    private byte[] c14n(XMLInputStream xMLInputStream, Map map) throws XMLSignatureException {
        OutputStream unsyncByteArrayOutputStream = new UnsyncByteArrayOutputStream();
        XMLOutputStream canonicalize = ((WLCanonicalizationMethod) this.c14nMethod).canonicalize(unsyncByteArrayOutputStream, map);
        try {
            canonicalize.add(xMLInputStream);
            canonicalize.close(true);
            return unsyncByteArrayOutputStream.toByteArray();
        } catch (XMLStreamException e) {
            throw new XMLSignatureException("canonicalization error", e);
        }
    }

    @Override // weblogic.xml.crypto.dsig.TransformFactory
    public Transform newTransform(TransformParameterSpec transformParameterSpec) throws InvalidAlgorithmParameterException {
        return new STRTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
    }

    @Override // weblogic.xml.crypto.dsig.TransformFactory
    public String getURI() {
        return WSSConstants.STR_TRANSFORM;
    }
}
