package com.sun.xml.wss.keyinfo;

import com.sun.org.apache.xml.security.utils.Base64;
import com.sun.xml.wss.KeyInfoHeaderBlock;
import com.sun.xml.wss.KeyInfoStrategy;
import com.sun.xml.wss.SecurableSoapMessage;
import com.sun.xml.wss.SecurityTokenReference;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.reference.KeyIdentifier;
import com.sun.xml.wss.reference.X509SubjectKeyIdentifier;
import com.sun.xml.wss.saml.assertion.Assertion;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:119166-14/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/xml/wss/keyinfo/KeyIdentifierStrategy.class */
public class KeyIdentifierStrategy implements KeyInfoStrategy {
    protected static Logger log = Logger.getLogger("javax.enterprise.resource.webservices.security", "com.sun.xml.wss.LogStrings");
    X509Certificate cert;
    String alias;
    boolean forSigning;
    Assertion samlAssertion;

    public KeyIdentifierStrategy(Assertion assertion) {
        this.cert = null;
        this.alias = null;
        this.samlAssertion = null;
        this.samlAssertion = assertion;
        this.cert = null;
        this.alias = null;
        this.forSigning = false;
    }

    public KeyIdentifierStrategy(String str, boolean z) {
        this.cert = null;
        this.alias = null;
        this.samlAssertion = null;
        this.alias = str;
        this.forSigning = z;
        this.samlAssertion = null;
        this.cert = null;
    }

    @Override // com.sun.xml.wss.KeyInfoStrategy
    public void insertKey(SecurityTokenReference securityTokenReference, SecurableSoapMessage securableSoapMessage) throws XWSSecurityException {
        KeyIdentifier keyIdentifier = getKeyIdentifier(securableSoapMessage);
        if (keyIdentifier == null) {
            log.log(Level.SEVERE, "WSS0701.cannot.locate.certificate", this.alias);
            throw new XWSSecurityException("Unable to obtain value for KeyIdentifier Reference");
        }
        securityTokenReference.setReference(keyIdentifier);
    }

    @Override // com.sun.xml.wss.KeyInfoStrategy
    public void insertKey(KeyInfoHeaderBlock keyInfoHeaderBlock, SecurableSoapMessage securableSoapMessage, String str) throws XWSSecurityException {
        KeyIdentifier keyIdentifier = getKeyIdentifier(securableSoapMessage);
        if (keyIdentifier == null) {
            log.log(Level.SEVERE, "WSS0701.cannot.locate.certificate", this.alias);
            throw new XWSSecurityException("Unable to obtain value for KeyIdentifier Reference");
        }
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(keyInfoHeaderBlock.getOwnerDocument());
        securityTokenReference.setReference(keyIdentifier);
        keyInfoHeaderBlock.addSecurityTokenReference(securityTokenReference);
    }

    private KeyIdentifier getKeyIdentifier(SecurableSoapMessage securableSoapMessage) throws XWSSecurityException {
        X509SubjectKeyIdentifier x509SubjectKeyIdentifier = null;
        if (this.cert != null) {
            byte[] subjectKeyIdentifier = X509SubjectKeyIdentifier.getSubjectKeyIdentifier(this.cert);
            if (subjectKeyIdentifier == null) {
                log.log(Level.SEVERE, "WSS0702.no.subject.keyidentifier", this.alias);
                throw new XWSSecurityException("The found certificate does not contain subject key identifier X509 extension");
            }
            String encode = Base64.encode(subjectKeyIdentifier);
            x509SubjectKeyIdentifier = new X509SubjectKeyIdentifier(securableSoapMessage.getSOAPPart());
            x509SubjectKeyIdentifier.setReferenceValue(encode);
        }
        return x509SubjectKeyIdentifier;
    }

    @Override // com.sun.xml.wss.KeyInfoStrategy
    public void setCertificate(X509Certificate x509Certificate) {
        this.cert = x509Certificate;
    }

    @Override // com.sun.xml.wss.KeyInfoStrategy
    public String getAlias() {
        return this.alias;
    }
}
