package com.ibm.security.krb5.wss.util;

import com.ibm.ws.wssecurity.util.KRBTokenProfileConstants;
import com.ibm.ws.wssecurity.xss4j.dsig.util.Base64;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.Map;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:com/ibm/security/krb5/wss/util/BinarySecurityToken.class */
public class BinarySecurityToken extends Programmable implements I2Dom, LocalConstants {
    public static final String PREFIX = "prefix";
    public static final String VALUETYPE = "ValueType";
    public static final String ENCODINGTYPE = "EncodingType";
    public static final String CERTIFICATE = "certificate";
    public static final String BYTEARRAY = "bytearray";
    public static final String ID = "id";
    public static final String ADDNSWSU = "addnswsu";

    public BinarySecurityToken() {
        super(BinarySecurityToken.class);
        put("prefix", "wsse");
    }

    public BinarySecurityToken(Map map) {
        super(BinarySecurityToken.class, map);
    }

    @Override // com.ibm.security.krb5.wss.util.I2Dom
    public Element toDom(Document document) {
        String encode;
        Element createElementNS = document.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "BinarySecurityToken");
        String str = (String) this.props.get("prefix");
        if (str != null) {
            createElementNS.setPrefix(str);
        }
        String str2 = (String) this.props.get("ValueType");
        if (str2 == null) {
            throw new IllegalStateException("need ValueType");
        }
        if (!str2.equals(ValueTypes.X509SKID) && !str2.equals(ValueTypes.X509V3) && !str2.equals("http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ") && !str2.equals(TokenTypes.KRB5_GSSAPREQ_1510) && !str2.equals(TokenTypes.KRB5_GSSAPREQ_4120) && !str2.equals(TokenTypes.KRB5_APREQ) && !str2.equals(TokenTypes.KRB5_APREQ_1510) && !str2.equals(TokenTypes.KRB5_APREQ_4120)) {
            throw new IllegalArgumentException("unknown VALUETYPE");
        }
        createElementNS.setAttribute("ValueType", str2);
        String str3 = (String) this.props.get("EncodingType");
        if (str3 == null) {
            throw new IllegalStateException("need EncodingType");
        }
        createElementNS.setAttribute("EncodingType", str3);
        String str4 = (String) this.props.get("id");
        if (str4 == null) {
            throw new IllegalStateException("need ID");
        }
        if ("true".equals((String) this.props.get(ADDNSWSU))) {
            createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
        }
        createElementNS.setAttributeNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", KRBTokenProfileConstants.STR_WSU_ID, str4);
        Object obj = this.props.get(CERTIFICATE);
        if (obj == null) {
            encode = Base64.encode((byte[]) this.props.get(BYTEARRAY));
        } else {
            Certificate certificate = (Certificate) obj;
            if (str2.equals(ValueTypes.X509SKID)) {
                encode = KeyStoreUtils.getB64Skid(certificate, false);
            } else {
                try {
                    encode = Base64.encode(certificate.getEncoded());
                } catch (CertificateEncodingException e) {
                    throw new IllegalStateException("could not encode cert");
                }
            }
        }
        if (encode == null) {
            throw new IllegalStateException("need Certificate or byte array");
        }
        createElementNS.appendChild(document.createTextNode(encode));
        return createElementNS;
    }
}
