package com.sun.xml.wss.filter;

import com.sun.xml.wss.KeyInfoHeaderBlock;
import com.sun.xml.wss.KeyInfoStrategy;
import com.sun.xml.wss.MessageFilter;
import com.sun.xml.wss.SecurableSoapMessage;
import com.sun.xml.wss.SignatureHeaderBlock;
import com.sun.xml.wss.XWSSecurityException;
import java.util.logging.Level;
import javax.xml.soap.SOAPPart;

/* loaded from: input_file:119167-15/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/xml/wss/filter/ExportSignatureFilter.class */
public class ExportSignatureFilter extends FilterBase implements MessageFilter {
    private String algorithm;
    private String x509TokenId;

    private ExportSignatureFilter(KeyInfoStrategy keyInfoStrategy, String str) throws XWSSecurityException {
        if (null == keyInfoStrategy) {
            log.log(Level.SEVERE, "WSS0197.keyinfostrategy.null");
            throw new XWSSecurityException("KeyInfoStrategy should not be null");
        }
        this.keyInfoStrategy = keyInfoStrategy;
        this.algorithm = str;
    }

    public ExportSignatureFilter() throws XWSSecurityException {
    }

    public ExportSignatureFilter(KeyInfoStrategy keyInfoStrategy) throws XWSSecurityException {
        this(keyInfoStrategy, "RSA");
    }

    @Override // com.sun.xml.wss.filter.FilterBase, com.sun.xml.wss.MessageFilter
    public void init() throws XWSSecurityException {
        this.algorithm = getParameter("algorithm");
        if (this.algorithm == null) {
            this.algorithm = "RSA";
        }
        if (getParameter("x509TokenId") != null) {
            this.x509TokenId = getParameter("x509TokenId");
        }
        if (this.keyInfoStrategy == null) {
            log.log(Level.SEVERE, "WSS0185.filterparameter.not.set", new Object[]{"keyinfostrategy"});
            throw new XWSSecurityException("filter parameter 'keyinfostrategy' was not set");
        }
    }

    @Override // com.sun.xml.wss.MessageFilter
    public void process(SecurableSoapMessage securableSoapMessage) throws XWSSecurityException {
        SOAPPart sOAPPart = securableSoapMessage.getSOAPPart();
        if (!this.algorithm.equalsIgnoreCase("RSA")) {
            log.log(Level.SEVERE, "WSS0198.unsupported.signature.algorithm", (Object) null);
            throw new XWSSecurityException(new StringBuffer().append("Unsupported Sign Algorithm: ").append(this.algorithm).toString());
        }
        SignatureHeaderBlock signatureHeaderBlock = new SignatureHeaderBlock(sOAPPart, "http://www.w3.org/2000/09/xmldsig#rsa-sha1");
        KeyInfoHeaderBlock keyInfoHeaderBlock = signatureHeaderBlock.getKeyInfoHeaderBlock();
        this.keyInfoStrategy.setCertificate(securableSoapMessage.getSecurityEnvironment().getCertificate(this.keyInfoStrategy.getAlias(), true));
        this.keyInfoStrategy.insertKey(keyInfoHeaderBlock, securableSoapMessage, this.x509TokenId);
        securableSoapMessage.findOrCreateSecurityHeader().insertHeaderBlock(signatureHeaderBlock);
        securableSoapMessage.setFilterParameter("Signature", signatureHeaderBlock);
        securableSoapMessage.setFilterParameter(FilterParameterConstants.KEYINFO_STRATEGY, this.keyInfoStrategy);
    }
}
