package com.sun.xml.ws.security.opt.impl.keyinfo;

import com.sun.xml.ws.security.IssuedTokenContext;
import com.sun.xml.ws.security.opt.api.SecurityHeaderElement;
import com.sun.xml.ws.security.opt.api.keyinfo.BuilderResult;
import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
import com.sun.xml.ws.security.opt.impl.reference.DirectReference;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.misc.SecurityUtil;
import com.sun.xml.wss.impl.policy.mls.KeyBindingBase;
import com.sun.xml.wss.impl.policy.mls.SecureConversationTokenKeyBinding;
import com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages;
import java.util.logging.Level;
import javax.crypto.spec.SecretKeySpec;
import org.glassfish.loadbalancer.admin.cli.beans.Cluster;

/* loaded from: input_file:com/sun/xml/ws/security/opt/impl/keyinfo/SCTBuilder.class */
public class SCTBuilder extends TokenBuilder {
    private SecureConversationTokenKeyBinding sctBinding;

    public SCTBuilder(JAXBFilterProcessingContext jAXBFilterProcessingContext, SecureConversationTokenKeyBinding secureConversationTokenKeyBinding) {
        super(jAXBFilterProcessingContext);
        this.sctBinding = null;
        this.sctBinding = secureConversationTokenKeyBinding;
    }

    @Override // com.sun.xml.ws.security.opt.api.keyinfo.TokenBuilder
    public BuilderResult process() throws XWSSecurityException {
        BuilderResult builderResult = new BuilderResult();
        String dataEncryptionAlgo = SecurityUtil.getDataEncryptionAlgo(this.context);
        SecurityHeaderElement childElement = this.context.getSecurityHeader().getChildElement(this.sctBinding.getUUID());
        IssuedTokenContext secureConversationContext = this.context.getSecureConversationContext();
        String includeToken = this.sctBinding.getIncludeToken();
        boolean z = KeyBindingBase.INCLUDE_ALWAYS.equals(includeToken) || KeyBindingBase.INCLUDE_ALWAYS_TO_RECIPIENT.equals(includeToken) || KeyBindingBase.INCLUDE_ALWAYS_VER2.equals(includeToken) || KeyBindingBase.INCLUDE_ALWAYS_TO_RECIPIENT_VER2.equals(includeToken);
        com.sun.xml.ws.security.SecurityContextToken securityContextToken = null;
        if (childElement == null) {
            securityContextToken = (com.sun.xml.ws.security.SecurityContextToken) secureConversationContext.getSecurityToken();
            if (securityContextToken == null) {
                logger.log(Level.SEVERE, LogStringsMessages.WSS_1809_SCT_NOT_FOUND());
                throw new XWSSecurityException("SecureConversation Token not Found");
            }
            childElement = this.context.getSecurityHeader().getChildElement(securityContextToken.getWsuId());
            if (childElement == null) {
                securityContextToken = SecurityUtil.getSCT(securityContextToken, this.context.getSOAPVersion());
                if (z) {
                    if (this.context.getSecurityPolicyVersion().equals(MessageConstants.SECURITYPOLICY_12_NS)) {
                        this.context.getSecurityHeader().add((SecurityContextToken13) securityContextToken);
                    } else {
                        this.context.getSecurityHeader().add((SecurityContextToken) securityContextToken);
                    }
                }
                childElement = this.context.getSecurityPolicyVersion().equals(MessageConstants.SECURITYPOLICY_12_NS) ? (SecurityContextToken13) securityContextToken : (SecurityContextToken) securityContextToken;
            }
        }
        String id = childElement.getId();
        if (id == null) {
            childElement.setId(this.context.generateID());
            id = childElement.getId();
        }
        DirectReference createDirectReference = this.elementFactory.createDirectReference();
        if (z) {
            createDirectReference.setURI("#" + id);
        } else {
            createDirectReference.setURI(securityContextToken.getIdentifier().toString());
        }
        if (!KeyBindingBase.INCLUDE_ALWAYS_TO_RECIPIENT.equals(this.sctBinding.getIncludeToken()) || !KeyBindingBase.INCLUDE_ALWAYS.equals(this.sctBinding.getIncludeToken())) {
            if (this.context.getSecurityPolicyVersion().equals(MessageConstants.SECURITYPOLICY_12_NS)) {
                createDirectReference.setValueType(MessageConstants.SCT_13_VALUETYPE);
            } else {
                createDirectReference.setValueType("http://schemas.xmlsoap.org/ws/2005/02/sc/sct");
            }
        }
        if (securityContextToken.getInstance() != null && !this.context.isExpired()) {
            createDirectReference.setAttribute(this.context.getWSSCVersion(this.context.getSecurityPolicyVersion()), Cluster.INSTANCE, securityContextToken.getInstance());
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(securityContextToken.getInstance() != null ? this.context.isExpired() ? secureConversationContext.getProofKey() : secureConversationContext.getSecurityContextTokenInfo() != null ? secureConversationContext.getSecurityContextTokenInfo().getInstanceSecret(securityContextToken.getInstance()) : secureConversationContext.getProofKey() : secureConversationContext.getProofKey(), SecurityUtil.getSecretKeyAlgorithm(dataEncryptionAlgo));
        buildKeyInfo(createDirectReference, this.context.generateID());
        builderResult.setKeyInfo(this.keyInfo);
        builderResult.setDataProtectionKey(secretKeySpec);
        return builderResult;
    }
}
