package com.ibm.ws.wssecurity.dsig;

import com.ibm.security.krb5.wss.util.ElementLocalNames;
import com.ibm.websphere.wssecurity.admin.PolicyAttributesConstants;
import com.ibm.ws.wssecurity.common.Constants;
import com.ibm.ws.wssecurity.common.WSSAlgorithmFactory;
import com.ibm.ws.wssecurity.config.AlgorithmConfig;
import com.ibm.ws.wssecurity.config.EncryptionGeneratorConfig;
import com.ibm.ws.wssecurity.config.KeyInfoGeneratorConfig;
import com.ibm.ws.wssecurity.config.ReferencePartConfig;
import com.ibm.ws.wssecurity.config.SignatureGeneratorConfig;
import com.ibm.ws.wssecurity.config.SigningReferenceConfig;
import com.ibm.ws.wssecurity.config.TimestampGeneratorConfig;
import com.ibm.ws.wssecurity.config.WSSGeneratorConfig;
import com.ibm.ws.wssecurity.confimpl.PrivateGeneratorConfig;
import com.ibm.ws.wssecurity.core.ElementSelector;
import com.ibm.ws.wssecurity.core.RequestMessagePool;
import com.ibm.ws.wssecurity.core.WSSGeneratorComponent;
import com.ibm.ws.wssecurity.handler.WSSecurityGeneratorHandler;
import com.ibm.ws.wssecurity.keyinfo.KeyInfoGenerator;
import com.ibm.ws.wssecurity.keyinfo.WSSKeyInfoComponent;
import com.ibm.ws.wssecurity.time.TimestampGenerator;
import com.ibm.ws.wssecurity.token.NonceManager;
import com.ibm.ws.wssecurity.util.CommonLogUtils;
import com.ibm.ws.wssecurity.util.ConfigConstants;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.DOMUtils;
import com.ibm.ws.wssecurity.util.IdUtils;
import com.ibm.ws.wssecurity.util.IntegralDialectElementSelector;
import com.ibm.ws.wssecurity.util.NamespaceUtil;
import com.ibm.ws.wssecurity.util.QNameHeaderSelector;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.util.WSPFunctionElementSelector;
import com.ibm.ws.wssecurity.util.XPathElementSelector;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.OMNamespaceWithOwner;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.Reference;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.ResourceShower;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.TemplateGenerator;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.XSignatureException;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.transform.DecryptionTransformer;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.util.HWKeyCache;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.EncryptedData;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.core.config.Configuration;
import java.io.ByteArrayInputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMContainer;
import org.apache.axiom.om.OMDocument;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.om.OMNode;
import org.apache.axiom.om.impl.llom.OMSourcedElementImpl;
import org.apache.axiom.soap.SOAPBody;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.engine.Handler;
import org.apache.axis2.engine.Phase;
import org.apache.axis2.saaj.SOAPElementImpl;
import org.eclipse.core.runtime.internal.adaptor.IModel;

/* loaded from: input_file:com/ibm/ws/wssecurity/dsig/SignatureGenerator.class */
public class SignatureGenerator implements WSSGeneratorComponent {
    private static final String comp = "security.wssecurity";
    private static final String SIGNATURE_PREFIX = "ds";
    private IdUtils _idResolver = null;
    private Map<Object, Object> _selectors = null;
    private boolean _initialized = false;
    private static final TraceComponent tc = Tr.register(SignatureGenerator.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = SignatureGenerator.class.getName();
    private static QName ID_Q = new QName("", "Id");

    /* loaded from: input_file:com/ibm/ws/wssecurity/dsig/SignatureGenerator$ShowerImpl.class */
    private static class ShowerImpl implements ResourceShower {
        private static ShowerImpl _instance = new ShowerImpl();

        private ShowerImpl() {
        }

        private static ShowerImpl getInstance() {
            return _instance;
        }

        @Override // com.ibm.ws.wssecurity.xml.xss4j.dsig.ResourceShower
        public void showSignedResource(OMElement oMElement, int i, String str, String str2, byte[] bArr, String str3) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            if (i < 0) {
                Tr.debug(SignatureGenerator.tc, "ResourceShower logs sign-SignedInfo: ");
                CommonLogUtils.logDebug(byteArrayInputStream, str3, SignatureGenerator.tc);
            } else if (str == null || str.length() == 0) {
                Tr.debug(SignatureGenerator.tc, "ResourceShower logs sign-resource_" + i + ": ");
                CommonLogUtils.logDebug(byteArrayInputStream, str3, SignatureGenerator.tc);
            } else {
                Tr.debug(SignatureGenerator.tc, "ResourceShower logs sign-" + str + ": ");
                CommonLogUtils.logDebug(byteArrayInputStream, str3, SignatureGenerator.tc);
            }
            try {
                byteArrayInputStream.close();
            } catch (Exception e) {
                Tr.debug(SignatureGenerator.tc, "Caugh exception closing input stream: e=" + e.getMessage());
            }
        }

        @Override // com.ibm.ws.wssecurity.xml.xss4j.dsig.ResourceShower
        public void showSignedResource(OMElement oMElement, int i, String str, String str2, byte[] bArr, int i2, int i3, String str3) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr, i2, i3);
            if (i < 0) {
                Tr.debug(SignatureGenerator.tc, "ResourceShower logs sign-SignedInfo: ");
                CommonLogUtils.logDebug(byteArrayInputStream, str3, SignatureGenerator.tc);
            } else if (str == null || str.length() == 0) {
                Tr.debug(SignatureGenerator.tc, "ResourceShower logs sign-resource_" + i + ": ");
                CommonLogUtils.logDebug(byteArrayInputStream, str3, SignatureGenerator.tc);
            } else {
                Tr.debug(SignatureGenerator.tc, "ResourceShower logs sign-" + str + ": ");
                CommonLogUtils.logDebug(byteArrayInputStream, str3, SignatureGenerator.tc);
            }
            try {
                byteArrayInputStream.close();
            } catch (Exception e) {
                Tr.debug(SignatureGenerator.tc, "Caugh exception closing input stream: e=" + e.getMessage());
            }
        }

        static /* synthetic */ ShowerImpl access$000() {
            return getInstance();
        }
    }

    @Override // com.ibm.ws.wssecurity.core.WSSComponent, com.ibm.ws.wssecurity.core.Initializable
    public void init(Map<Object, Object> map) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "init(Map map)");
        }
        if (!this._initialized) {
            this._selectors = map;
            this._idResolver = (IdUtils) map.get(ElementSelector.IDRESOLVER);
            this._initialized = true;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "init(Map map)");
        }
    }

    @Override // com.ibm.ws.wssecurity.core.WSSGeneratorComponent
    public void invoke(OMDocument oMDocument, OMElement oMElement, Map<Object, Object> map) throws SoapSecurityException {
        OMElement firstChildElementNamed;
        OMElement oneChildElement;
        OMElement createInclusiveNamespaces;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invoke(Document doc[" + DOMUtils.getDisplayName(oMDocument) + "],Element parent[" + DOMUtils.getDisplayName(oMElement) + "],Map context)");
        }
        OMFactory oMFactory = oMDocument.getOMDocumentElement().getOMFactory();
        Object obj = map.get(Constants.WSS_VERSION);
        int i = 0;
        if (obj != null && (obj instanceof Integer)) {
            i = ((Integer) obj).intValue();
        }
        String str = Constants.NAMESPACES[0][i];
        String str2 = Constants.NAMESPACES[1][i];
        String namespacePrefix = DOMUtils.getNamespacePrefix(oMElement, str);
        if (oMElement == null) {
            throw SoapSecurityException.format("security.wssecurity.SignatureGenerator.s13", "ds:Signature");
        }
        String localName = oMElement.getLocalName();
        if (NamespaceUtil.isWsse(oMElement.getNamespace() == null ? null : oMElement.getNamespace().getName()) != i || !"Security".equals(localName)) {
            throw SoapSecurityException.format("security.wssecurity.WSSGenerator.s03", DOMUtils.getQualifiedName(oMElement), "Security");
        }
        WSSGeneratorConfig wSSGeneratorConfig = (WSSGeneratorConfig) map.get("com.ibm.wsspi.wssecurity.config.wssGenerator.configKey");
        SignatureGeneratorConfig signatureGeneratorConfig = (SignatureGeneratorConfig) map.remove(SignatureGeneratorConfig.CONFIG_KEY);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SignatureGeneratorConfig [" + signatureGeneratorConfig + "].");
        }
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap(map);
        hashMap2.put(ElementSelector.IDRESOLVER, this._idResolver);
        hashMap2.put(NonceManager.class, wSSGeneratorConfig.getNonceManager());
        String algorithm = signatureGeneratorConfig.getCanonicalizationMethod().getAlgorithm();
        TemplateGenerator templateGenerator = new TemplateGenerator(oMFactory, null, algorithm, signatureGeneratorConfig.getSignatureMethod().getAlgorithm());
        templateGenerator.setPrefix("ds");
        boolean z = false;
        if (wSSGeneratorConfig instanceof PrivateGeneratorConfig) {
            boolean isNormalBodyProcessing = wSSGeneratorConfig.isNormalBodyProcessing();
            boolean isNormalBodyProcessingWithEncryptedKey = wSSGeneratorConfig.isNormalBodyProcessingWithEncryptedKey();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "isNormalBodyProcessing = " + isNormalBodyProcessing);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "isNormalBodyProcessingWithEncryptedKey = " + isNormalBodyProcessingWithEncryptedKey);
            }
            if (isNormalBodyProcessing || isNormalBodyProcessingWithEncryptedKey) {
                MessageContext messageContext = (MessageContext) map.get(com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_MESSAGE_CONTEXT);
                if (messageContext != null) {
                    boolean z2 = false;
                    List<Phase> outFlowPhases = messageContext.getConfigurationContext().getAxisConfiguration().getOutFlowPhases();
                    if (outFlowPhases != null && outFlowPhases.size() > 0) {
                        Phase phase = outFlowPhases.get(outFlowPhases.size() - 1);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "last phase = " + phase.getName());
                        }
                        if ("Security".equals(phase.getName())) {
                            Iterator<Handler> it = phase.getHandlers().iterator();
                            while (true) {
                                if (!it.hasNext()) {
                                    break;
                                }
                                Handler next = it.next();
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "handler class = " + next.getClass().getName());
                                }
                                if (next instanceof WSSecurityGeneratorHandler) {
                                    z2 = true;
                                    break;
                                }
                            }
                        }
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "securityIsLastPhase = " + z2);
                    }
                    if (z2) {
                        if (isNormalBodyProcessing) {
                            map.put(Constants.IS_OUTBOUND_GOLDEN_PATH, Boolean.TRUE);
                            if (signatureGeneratorConfig.addInclusiveNamespaces()) {
                                map.put(Constants.IS_INCL_NS_ALL_PREFIXES, Boolean.TRUE);
                            }
                        } else if (isNormalBodyProcessingWithEncryptedKey) {
                            map.put(Constants.IS_OUTBOUND_BODY_VIA_ENCRYPTED_KEY_GOLDEN_PATH, Boolean.TRUE);
                            if (signatureGeneratorConfig.addInclusiveNamespaces()) {
                                map.put(Constants.IS_INCL_NS_ALL_PREFIXES, Boolean.TRUE);
                            }
                        }
                        z = true;
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "no MessageContext");
                }
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "isGoldenPth = " + z);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Examining signing parts.");
        }
        OMElement oMDocumentElement = oMDocument.getOMDocumentElement();
        boolean z3 = false;
        boolean z4 = false;
        HashSet<ReferencePartConfig.PartConfig> hashSet = new HashSet();
        HashMap hashMap3 = new HashMap();
        HashMap hashMap4 = new HashMap();
        boolean z5 = false;
        HashSet<ReferencePartConfig.PartConfig> hashSet2 = new HashSet();
        HashMap hashMap5 = new HashMap();
        HashMap hashMap6 = new HashMap();
        hashMap2.put(ElementSelector.CONFIG, wSSGeneratorConfig.getTokenGenerators());
        ArrayList arrayList = new ArrayList();
        Iterator<SigningReferenceConfig> it2 = null;
        if (signatureGeneratorConfig != null && signatureGeneratorConfig.getReferences() != null && signatureGeneratorConfig.getReferences().iterator() != null) {
            it2 = signatureGeneratorConfig.getReferences().iterator();
        }
        if (it2 != null) {
            while (it2.hasNext()) {
                HashMap hashMap7 = new HashMap(hashMap2);
                SigningReferenceConfig next2 = it2.next();
                prepareTransform(next2, hashMap7);
                ReferencePartConfig reference = next2.getReference();
                if (reference != null && reference.getParts() != null && reference.getParts().iterator() != null) {
                    for (ReferencePartConfig.PartConfig partConfig : reference.getParts()) {
                        if (partConfig.isTimestamp() || partConfig.isNonce()) {
                            z4 = true;
                            hashSet.add(partConfig);
                            hashMap3.put(partConfig, next2);
                            hashMap4.put(partConfig, hashMap7);
                        } else if ((Constants.DIALECT_WAS.equals(partConfig.getDialect()) && (IntegralDialectElementSelector.WASDIALECTS[2].equals(partConfig.getKeyword()) || IntegralDialectElementSelector.WASDIALECTS[3].equals(partConfig.getKeyword()))) || Constants.DIALECT_XPATH.equals(partConfig.getDialect())) {
                            z5 = true;
                            hashSet2.add(partConfig);
                            hashMap5.put(partConfig, next2);
                            hashMap6.put(partConfig, hashMap7);
                        } else {
                            String dialect = partConfig.getDialect();
                            String keyword = partConfig.getKeyword();
                            Class cls = IntegralDialectElementSelector.class;
                            if (dialect.equals(Constants.DIALECT_HEADER)) {
                                hashMap7.put(ElementSelector.HEADERNAME, partConfig.getHeaderName());
                                hashMap7.put(ElementSelector.HEADERNAMESPACE, partConfig.getHeaderNamespace());
                                cls = QNameHeaderSelector.class;
                            }
                            OMDocument oMDocument2 = oMDocument;
                            int i2 = -1;
                            while (true) {
                                if (oMDocument2 == null) {
                                    break;
                                }
                                ArrayList<OMNode> messagePart = getMessagePart(oMDocument2, dialect, keyword, ElementSelector.SIGNATURE_MODE, this._selectors, cls, hashMap7);
                                if (messagePart == null || messagePart.size() <= 0) {
                                    i2++;
                                    oMDocument2 = RequestMessagePool.getDocument(map, i2);
                                } else {
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, messagePart.size() + " parts found.");
                                    }
                                    for (int i3 = 0; i3 < messagePart.size(); i3++) {
                                        OMElement oMElement2 = (OMElement) messagePart.get(i3);
                                        if (i2 >= 0) {
                                            RequestMessagePool.EncryptedObject convertElement = RequestMessagePool.convertElement(map, oMElement2, i2);
                                            if (convertElement != null) {
                                                if (convertElement.getEncryptedData() != null) {
                                                    Reference createReference = templateGenerator.createReference("#" + addWsuId(oMDocument, convertElement.getEncryptedData(), str2, map));
                                                    createReference.setDigestMethod(next2.getDigestMethod().getAlgorithm());
                                                    addTransforms(createReference, oMDocument, oMFactory, convertElement.getEncryptedData(), next2.getTransforms(), namespacePrefix, str, signatureGeneratorConfig.addInclusiveNamespaces(), z, map);
                                                    templateGenerator.addReference(createReference);
                                                    z3 = true;
                                                    arrayList.add(oMElement2);
                                                    if (tc.isDebugEnabled()) {
                                                        Tr.debug(tc, "Added the encrypted data[" + DOMUtils.getDisplayName(convertElement.getEncryptedData()) + "] because the element[" + DOMUtils.getDisplayName(oMElement2) + "] has already encrypted.");
                                                    }
                                                }
                                                if (convertElement.getHeaderInfo() != null) {
                                                    Reference createReference2 = templateGenerator.createReference("#" + addWsuId(oMDocument, convertElement.getHeaderInfo(), str2, map));
                                                    createReference2.setDigestMethod(next2.getDigestMethod().getAlgorithm());
                                                    addTransforms(createReference2, oMDocument, oMFactory, convertElement.getHeaderInfo(), next2.getTransforms(), namespacePrefix, str, signatureGeneratorConfig.addInclusiveNamespaces(), z, map);
                                                    templateGenerator.addReference(createReference2);
                                                    z3 = true;
                                                    arrayList.add(oMElement2);
                                                    if (tc.isDebugEnabled()) {
                                                        Tr.debug(tc, "Added the header info[" + DOMUtils.getDisplayName(convertElement.getHeaderInfo()) + "] because the element[" + DOMUtils.getDisplayName(oMElement2) + "] has already encrypted.");
                                                    }
                                                }
                                            }
                                        } else {
                                            Reference createReference3 = templateGenerator.createReference(DOMUtils.equals((OMNode) oMElement2, (OMNode) oMDocumentElement) ? "" : "#" + addWsuId(oMDocument, oMElement2, str2, map));
                                            createReference3.setDigestMethod(next2.getDigestMethod().getAlgorithm());
                                            addTransforms(createReference3, oMDocument, oMFactory, oMElement2, next2.getTransforms(), namespacePrefix, str, signatureGeneratorConfig.addInclusiveNamespaces(), z, map);
                                            templateGenerator.addReference(createReference3);
                                            z3 = true;
                                            arrayList.add(oMElement2);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "Added the element[" + DOMUtils.getDisplayName(oMElement2) + "].");
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
        if (!z3 && !z5) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "invoke(Document doc, Element parent, Map context)");
                return;
            }
            return;
        }
        boolean z6 = false;
        if (!z3) {
            z6 = true;
            templateGenerator.addReference(templateGenerator.createReference("#dummy001"));
        }
        WSSAlgorithmFactory algorithmFactory = wSSGeneratorConfig.getAlgorithmFactory();
        AlgorithmConfig signatureMethod = signatureGeneratorConfig.getSignatureMethod();
        try {
            AlgorithmParameterSpec convertParameter = algorithmFactory.convertParameter(signatureMethod.getAlgorithm(), signatureMethod.getProperties());
            if (convertParameter != null) {
                templateGenerator.setSignatureMethodParameter(convertParameter);
            }
            OMElement signatureElement = templateGenerator.getSignatureElement(algorithmFactory);
            if (wSSGeneratorConfig.isUserDefinedComponentsUsed()) {
                signatureElement.addChild(oMFactory.createOMElement("KeyInfo", Constants.NS_DSIG, "ds"));
            }
            OMElement insertSignatureElement = insertSignatureElement(oMElement, signatureElement);
            TimestampGeneratorConfig timestampGenerator = wSSGeneratorConfig.getTimestampGenerator();
            if (timestampGenerator != null && !timestampGenerator.isDefault()) {
                TimestampGenerator.moveTimestamp(oMDocument, wSSGeneratorConfig.getTimestampGenerator(), this._selectors, map);
            }
            map.put(Constants.KEY_ALGORITHM, signatureGeneratorConfig.getSignatureMethod().getAlgorithm());
            Key callKeyInfoGenerator = callKeyInfoGenerator(signatureGeneratorConfig.getSigningKeyInfo(), WSSKeyInfoComponent.KEY_SIGNING, hashMap, this._selectors, oMDocument, insertSignatureElement, map);
            OMElement oneChildElement2 = DOMUtils.getOneChildElement(insertSignatureElement, Constants.NS_DSIG, ElementLocalNames.DS_SIGNED_INFO);
            if (signatureGeneratorConfig.addInclusiveNamespaces() && (("http://www.w3.org/2001/10/xml-exc-c14n#".equals(algorithm) || "http://www.w3.org/2001/10/xml-exc-c14n#WithComments".equals(algorithm)) && (createInclusiveNamespaces = createInclusiveNamespaces(oMFactory, (oneChildElement = DOMUtils.getOneChildElement(oneChildElement2, Constants.NS_DSIG, "CanonicalizationMethod")))) != null)) {
                oneChildElement.addChild(createInclusiveNamespaces);
            }
            if (z6) {
                DOMUtils.getOneChildElement(oneChildElement2, Constants.NS_DSIG, "Reference").detach();
            }
            if (z5) {
                for (ReferencePartConfig.PartConfig partConfig2 : hashSet2) {
                    SigningReferenceConfig signingReferenceConfig = (SigningReferenceConfig) hashMap5.get(partConfig2);
                    Map map2 = (Map) hashMap6.get(partConfig2);
                    partConfig2.getDialect();
                    partConfig2.getKeyword();
                    OMDocument oMDocument3 = oMDocument;
                    int i4 = -1;
                    while (true) {
                        if (oMDocument3 == null) {
                            break;
                        }
                        ArrayList<OMNode> specialPart = getSpecialPart(oMDocument3, partConfig2, ElementSelector.SIGNATURE_MODE, this._selectors, map2);
                        if (specialPart == null || specialPart.size() <= 0) {
                            i4++;
                            oMDocument3 = RequestMessagePool.getDocument(map, i4);
                        } else {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, specialPart.size() + " parts found.");
                            }
                            for (int i5 = 0; i5 < specialPart.size(); i5++) {
                                OMElement oMElement3 = (OMElement) specialPart.get(i5);
                                if (i4 >= 0) {
                                    RequestMessagePool.EncryptedObject convertElement2 = RequestMessagePool.convertElement(map, oMElement3, i4);
                                    if (convertElement2 != null) {
                                        if (convertElement2.getEncryptedData() != null) {
                                            Reference createReference4 = templateGenerator.createReference("#" + addWsuId(oMDocument, convertElement2.getEncryptedData(), str2, map));
                                            createReference4.setDigestMethod(signingReferenceConfig.getDigestMethod().getAlgorithm());
                                            addTransforms(createReference4, oMDocument, oMFactory, convertElement2.getEncryptedData(), signingReferenceConfig.getTransforms(), namespacePrefix, str, signatureGeneratorConfig.addInclusiveNamespaces(), z, map);
                                            oneChildElement2.addChild(createReference4.getReferenceElement());
                                            arrayList.add(oMElement3);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "Added the encrypted data[" + DOMUtils.getDisplayName(convertElement2.getEncryptedData()) + "] because the element[" + DOMUtils.getDisplayName(oMElement3) + "] has already encrypted.");
                                            }
                                        }
                                        if (convertElement2.getHeaderInfo() != null) {
                                            Reference createReference5 = templateGenerator.createReference("#" + addWsuId(oMDocument, convertElement2.getHeaderInfo(), str2, map));
                                            createReference5.setDigestMethod(signingReferenceConfig.getDigestMethod().getAlgorithm());
                                            addTransforms(createReference5, oMDocument, oMFactory, convertElement2.getHeaderInfo(), signingReferenceConfig.getTransforms(), namespacePrefix, str, signatureGeneratorConfig.addInclusiveNamespaces(), z, map);
                                            oneChildElement2.addChild(createReference5.getReferenceElement());
                                            arrayList.add(oMElement3);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "Added the header info[" + DOMUtils.getDisplayName(convertElement2.getHeaderInfo()) + "] because the element[" + DOMUtils.getDisplayName(oMElement3) + "] has already encrypted.");
                                            }
                                        }
                                    }
                                } else {
                                    Reference createReference6 = templateGenerator.createReference(DOMUtils.equals((OMNode) oMElement3, (OMNode) oMDocumentElement) ? "" : "#" + addWsuId(oMDocument, oMElement3, str2, map));
                                    createReference6.setDigestMethod(signingReferenceConfig.getDigestMethod().getAlgorithm());
                                    addTransforms(createReference6, oMDocument, oMFactory, oMElement3, signingReferenceConfig.getTransforms(), namespacePrefix, str, signatureGeneratorConfig.addInclusiveNamespaces(), z, map);
                                    oneChildElement2.addChild(createReference6.getReferenceElement());
                                    arrayList.add(oMElement3);
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "Added the element[" + DOMUtils.getDisplayName(oMElement3) + "].");
                                    }
                                }
                            }
                        }
                    }
                }
            }
            if (z4) {
                Object[] array = arrayList.toArray();
                for (ReferencePartConfig.PartConfig partConfig3 : hashSet) {
                    SigningReferenceConfig signingReferenceConfig2 = (SigningReferenceConfig) hashMap3.get(partConfig3);
                    ArrayList<OMNode> noncePart = getNoncePart(oMDocument, array, partConfig3, ElementSelector.SIGNATURE_MODE, this._selectors, IntegralDialectElementSelector.class, (Map) hashMap4.get(partConfig3));
                    if (noncePart != null && noncePart.size() > 0) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, noncePart.size() + " parts found.");
                        }
                        for (int i6 = 0; i6 < noncePart.size(); i6++) {
                            OMElement oMElement4 = (OMElement) noncePart.get(i6);
                            Reference createReference7 = templateGenerator.createReference(DOMUtils.equals((OMNode) oMElement4, (OMNode) oMDocumentElement) ? "" : "#" + addWsuId(oMDocument, oMElement4, str2, map));
                            createReference7.setDigestMethod(signingReferenceConfig2.getDigestMethod().getAlgorithm());
                            addTransforms(createReference7, oMDocument, oMFactory, oMElement4, signingReferenceConfig2.getTransforms(), namespacePrefix, str, signatureGeneratorConfig.addInclusiveNamespaces(), z, map);
                            oneChildElement2.addChild(createReference7.getReferenceElement());
                            arrayList.add(oMElement4);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Added the element[" + DOMUtils.getDisplayName(oMElement4) + "].");
                            }
                        }
                    }
                }
            }
            if (wSSGeneratorConfig.doIndentation()) {
                DOMUtils.indent(insertSignatureElement, 6, 2);
                insertSignatureElement.insertSiblingBefore(oMFactory.createOMText("\n      "));
            }
            WSSSignatureContext wSSSignatureContext = new WSSSignatureContext();
            if (tc.isDebugEnabled()) {
                wSSSignatureContext.setResourceShower(ShowerImpl.access$000());
            }
            wSSSignatureContext.setIDResolver(this._idResolver);
            wSSSignatureContext.setAlgorithmFactory(algorithmFactory);
            wSSSignatureContext.setDocument(oMDocument);
            if (signatureGeneratorConfig.getKeyInfoSignature() != null) {
                wSSSignatureContext.setKeyInfoSignature(signatureGeneratorConfig.getKeyInfoSignature().getAlgorithm());
            } else {
                wSSSignatureContext.setKeyInfoSignature(null);
            }
            if (z) {
                wSSSignatureContext.setContext(map);
            }
            wSSSignatureContext.setOnlySignEntireHeadersAndBody(wSSGeneratorConfig.isOnlySignEntireHeadersAndBody());
            if (map.get(Constants.ADD_INC_NAMESPACES_FOR_STRD) != null) {
                wSSSignatureContext.setInclusiveNamespacesForSTRDT(((Boolean) map.get(Constants.ADD_INC_NAMESPACES_FOR_STRD)).booleanValue());
            }
            HashSet hashSet3 = new HashSet();
            HashSet hashSet4 = new HashSet();
            for (Configuration configuration : wSSGeneratorConfig.getOperationGenerators()) {
                if (configuration instanceof SignatureGeneratorConfig) {
                    hashSet3.add(((SignatureGeneratorConfig) configuration).getSigningKeyInfo());
                } else if (configuration instanceof EncryptionGeneratorConfig) {
                    hashSet4.add(((EncryptionGeneratorConfig) configuration).getEncryptionKeyInfo());
                }
            }
            STRDTKeyInfoResolver sTRDTKeyInfoResolver = new STRDTKeyInfoResolver();
            sTRDTKeyInfoResolver.setContext(map);
            sTRDTKeyInfoResolver.setSelectors(this._selectors);
            sTRDTKeyInfoResolver.setDsigKeyInfoSet(hashSet3);
            sTRDTKeyInfoResolver.setEncKeyInfoSet(hashSet4);
            sTRDTKeyInfoResolver.setGeneration(true);
            wSSSignatureContext.setSTRDTKeyInfoResolver(sTRDTKeyInfoResolver);
            AlgorithmConfig signatureMethod2 = signatureGeneratorConfig.getSignatureMethod();
            String algorithm2 = signatureMethod2 != null ? signatureMethod2.getAlgorithm() : null;
            wSSSignatureContext.setSigAlgorithm(algorithm2);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Signature Algorithm = " + algorithm2);
            }
            Map<Object, Object> properties = signatureGeneratorConfig.getProperties();
            Map<Object, Object> properties2 = wSSGeneratorConfig.getProperties();
            wSSSignatureContext.setHWConfigName((String) properties2.get("HWCONFIG"));
            wSSSignatureContext.setOffload(Boolean.TRUE);
            if (wSSSignatureContext.shouldChangeProvider()) {
                HWKeyCache hWKeyCache = HWKeyCache.getInstance();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "HARDWARE Acceleration enabled, Key Store Name is: " + wSSSignatureContext.getHWConfigName());
                }
                Provider hWCryptoProviderInstance = ConfigUtil.getHWCryptoProviderInstance(wSSSignatureContext.getHWConfigName());
                if (hWCryptoProviderInstance == null) {
                    Tr.audit(tc, "Failure to get Hardware crypto provider instance to use hardware acceleration, continue processing.");
                } else {
                    wSSSignatureContext.setHWAccelerationProvider(hWCryptoProviderInstance);
                    hWKeyCache.setProvider(hWCryptoProviderInstance, (Integer) properties2.get(ConfigConstants.HARDWARE_CACHE_SIZE));
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "HW crypto provider instance for HW Acceleration" + hWCryptoProviderInstance.getName());
                    }
                }
                try {
                    callKeyInfoGenerator = hWKeyCache.translate(callKeyInfoGenerator);
                } catch (Exception e) {
                    throw new SoapSecurityException(e);
                }
            }
            wSSSignatureContext.setHWKeyStoreName((String) properties.get("com.ibm.ws.wssecurity.config.keystore.keyStoreRef"));
            if (wSSSignatureContext.useHWKeyStore()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "HARDWARE Key Store Name is: " + wSSSignatureContext.getHWKeyStoreName());
                }
                Provider hWCryptoProviderInstance2 = ConfigUtil.getHWCryptoProviderInstance(wSSSignatureContext.getHWKeyStoreName());
                if (hWCryptoProviderInstance2 == null) {
                    Tr.audit(tc, "Failure to get Hardware crypto provider instance to use hardware keystore, continue processing.");
                } else {
                    wSSSignatureContext.setHWKeyStoreProvider(hWCryptoProviderInstance2);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "HW crypto provider instance for the HW KeyStore" + hWCryptoProviderInstance2.getName());
                    }
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Signing started.");
            }
            try {
                try {
                    OMElement sign = wSSSignatureContext.sign(insertSignatureElement, callKeyInfoGenerator);
                    List list = (List) map.get(Constants.SIGNATURE_CONFIRMATION_CACHE);
                    if (list != null && (firstChildElementNamed = DOMUtil.getFirstChildElementNamed(sign, "http://www.w3.org/2000/09/xmldsig#", "SignatureValue")) != null) {
                        String stringValue = DOMUtil.getStringValue(firstChildElementNamed);
                        list.add(stringValue);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Cached signature value for SignatureConfirmation: " + stringValue);
                        }
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Signing done.");
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "invoke(Document doc, Element parent, Map context)");
                    }
                } finally {
                    if (wSSSignatureContext.isHWAccelerationProvider()) {
                        ConfigUtil.returnHWCryptoProviderInstance(wSSSignatureContext.getHWConfigName(), wSSSignatureContext.getHWAccelerationProvider());
                    }
                    if (wSSSignatureContext.useHWKeyStore()) {
                        ConfigUtil.returnHWCryptoProviderInstance(wSSSignatureContext.getHWKeyStoreName(), wSSSignatureContext.getHWKeyStoreProvider());
                    }
                }
            } catch (XSignatureException e2) {
                Exception exception = e2.getException();
                Tr.processException(exception, clsName + ".invoke", "711");
                Tr.error(tc, "security.wssecurity.SignatureGenerator.s12", exception);
                throw SoapSecurityException.format("security.wssecurity.SignatureGenerator.s12", new String[]{exception.getMessage()}, exception);
            }
        } catch (InvalidAlgorithmParameterException e3) {
            Tr.processException(e3, clsName + ".invoke", "424");
            Tr.error(tc, "security.wssecurity.SignatureGenerator.s11", new Object[]{e3});
            throw SoapSecurityException.format("security.wssecurity.SignatureGenerator.s11", new String[]{e3.getMessage()}, e3);
        } catch (NoSuchAlgorithmException e4) {
            Tr.processException(e4, clsName + ".invoke", "428");
            Tr.error(tc, "security.wssecurity.SignatureGenerator.s11", new Object[]{e4});
            throw SoapSecurityException.format("security.wssecurity.SignatureGenerator.s11", new String[]{e4.getMessage()}, e4);
        } catch (NoSuchProviderException e5) {
            Tr.processException(e5, clsName + ".invoke", "432");
            Tr.error(tc, "security.wssecurity.SignatureGenerator.s11", new Object[]{e5});
            throw SoapSecurityException.format("security.wssecurity.SignatureGenerator.s11", new String[]{e5.getMessage()}, e5);
        }
    }

    public static ArrayList<OMNode> getMessagePart(OMDocument oMDocument, String str, String str2, String str3, Map<Object, Object> map, Class cls, Map<Object, Object> map2) throws SoapSecurityException {
        ElementSelector elementSelector;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getMessagePart(OMDocument doc[" + DOMUtils.getDisplayName(oMDocument) + "],String dialect[" + str + "],String keyword[" + str2 + "],String type[" + str3 + "],Map selectors,Class dialectSelector[" + cls + "],Map selectorMap)");
        }
        map2.put(ElementSelector.DIALECT, str);
        map2.put(ElementSelector.KEYWORD, str2);
        map2.put(ElementSelector.MODE, str3);
        if (Constants.DIALECT_WAS.equals(str)) {
            elementSelector = (ElementSelector) map.get(cls);
        } else if (Constants.DIALECT_FUNCTION.equals(str)) {
            elementSelector = (ElementSelector) map.get(WSPFunctionElementSelector.class);
        } else if (Constants.DIALECT_XPATH.equals(str)) {
            elementSelector = (ElementSelector) map.get(XPathElementSelector.class);
        } else {
            if (!Constants.DIALECT_HEADER.equals(str)) {
                throw SoapSecurityException.format("security.wssecurity.SignatureGenerator.s02", str);
            }
            elementSelector = (ElementSelector) map.get(QNameHeaderSelector.class);
        }
        ArrayList<OMNode> elements = elementSelector.getElements(oMDocument.getOMDocumentElement(), map2);
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "getMessagePart returns an OMNodeList. Contents follow:");
            CommonLogUtils.logDebug(elements, tc);
            Tr.exit(tc, "getMessagePart(OMDocument doc,String dialect,String keyword,String type,Map selectors,Class dialectSelector,Map selectorMap,Map context) returns NodeList[list]");
        }
        return elements;
    }

    private static ArrayList<OMNode> getSpecialPart(OMDocument oMDocument, ReferencePartConfig.PartConfig partConfig, String str, Map map, Map<Object, Object> map2) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSpecialPart(OMDocument doc[" + DOMUtils.getDisplayName(oMDocument) + "],PartConfig pconfig[" + partConfig + "],String type[" + str + "],Map selectors,Map selectorMap)");
        }
        String dialect = partConfig.getDialect();
        String keyword = partConfig.getKeyword();
        map2.put(ElementSelector.DIALECT, dialect);
        map2.put(ElementSelector.KEYWORD, keyword);
        map2.put(ElementSelector.MODE, str);
        ElementSelector elementSelector = (ElementSelector) map.get(IntegralDialectElementSelector.class);
        if (Constants.DIALECT_XPATH.equals(dialect)) {
            elementSelector = (ElementSelector) map.get(XPathElementSelector.class);
        }
        ArrayList<OMNode> elements = elementSelector.getElements(oMDocument.getOMDocumentElement(), map2);
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "getSpecialPart returns an OMNodeList. Contents follow:");
            CommonLogUtils.logDebug(elements, tc);
            Tr.exit(tc, "getSpecialPart(OMDocument doc,PartConfig pconfig,String type,Map selectors,Map selectorMap) returns NodeList[list]");
        }
        return elements;
    }

    public static ArrayList<OMNode> getNoncePart(OMDocument oMDocument, Object[] objArr, ReferencePartConfig.PartConfig partConfig, String str, Map<Object, Object> map, Class cls, Map<Object, Object> map2) throws SoapSecurityException {
        ElementSelector elementSelector;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getNoncePart(OMDocument doc[" + DOMUtils.getDisplayName(oMDocument) + "],Object[] parents[" + objArr + "],PartConfig pconfig[" + partConfig + "],String type[" + str + "],Map selectors,Class dialectSelector[" + cls + "],Map selectorMap)");
        }
        String dialect = partConfig.getDialect();
        String keyword = partConfig.getKeyword();
        map2.put(ElementSelector.DIALECT, dialect);
        map2.put(ElementSelector.KEYWORD, keyword);
        map2.put(ElementSelector.MODE, str);
        if (objArr != null) {
            map2.put(ElementSelector.ELEMENT, objArr);
        }
        if (partConfig.isTimestamp()) {
            map2.put(ElementSelector.PROCESS_TYPE, ElementSelector.PROCESS_TIMESTAMP);
        } else if (partConfig.isNonce()) {
            map2.put(ElementSelector.PROCESS_TYPE, ElementSelector.PROCESS_NONCE);
        }
        if (Constants.DIALECT_WAS.equals(dialect)) {
            elementSelector = (ElementSelector) map.get(cls);
        } else if (Constants.DIALECT_FUNCTION.equals(dialect)) {
            elementSelector = (ElementSelector) map.get(WSPFunctionElementSelector.class);
        } else if (Constants.DIALECT_XPATH.equals(dialect)) {
            elementSelector = (ElementSelector) map.get(XPathElementSelector.class);
        } else {
            if (!Constants.DIALECT_HEADER.equals(dialect)) {
                throw SoapSecurityException.format("security.wssecurity.SignatureGenerator.s02", dialect);
            }
            elementSelector = (ElementSelector) map.get(QNameHeaderSelector.class);
            map2.put(ElementSelector.HEADERNAME, partConfig.getHeaderName());
            map2.put(ElementSelector.HEADERNAMESPACE, partConfig.getHeaderNamespace());
        }
        ArrayList<OMNode> elements = elementSelector.getElements(oMDocument.getOMDocumentElement(), map2);
        if (tc.isEntryEnabled()) {
            Tr.debug(tc, "getNoncePart returns an OMNodeList. Contents follow:");
            CommonLogUtils.logDebug(elements, tc);
            Tr.exit(tc, "getNoncePart(OMDocument doc,Object[] parents,PartConfig pconfig,String typeMap selectors,Class dialectSelector,Map selectorMap) returns ArrayList[list]");
        }
        return elements;
    }

    private static String addWsuId(OMDocument oMDocument, OMElement oMElement, String str, Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addWsuId(OMDocument doc[" + DOMUtils.getDisplayName(oMDocument) + "],OMElement part[" + DOMUtils.getDisplayName(oMElement) + "],String nsWsu[" + str + "],Map context");
        }
        String str2 = null;
        QName idAttributeName = IdUtils.getInstance().getIdAttributeName(oMElement);
        if (idAttributeName != null) {
            str2 = oMElement.getAttributeValue(idAttributeName);
        }
        if (str2 == null || str2.length() == 0) {
            String name = oMElement.getNamespace() == null ? null : oMElement.getNamespace().getName();
            String localName = oMElement.getLocalName();
            int hashCode = name == null ? 0 : name.hashCode();
            int hashCode2 = (hashCode * 31) + (localName == null ? 0 : localName.hashCode());
            if (hashCode == Constants.HASH_DS) {
                if (hashCode2 == Constants.HASH_DS_SIGNATURE || hashCode2 == Constants.HASH_DS_SIGNATUREVALUE || hashCode2 == Constants.HASH_DS_SIGNEDINFO || hashCode2 == Constants.HASH_DS_REFERENCE || hashCode2 == Constants.HASH_DS_KEYINFO || hashCode2 == Constants.HASH_DS_OBJECT || hashCode2 == Constants.HASH_DS_MANIFEST || hashCode2 == Constants.HASH_DS_SIGNATUREPROPS || hashCode2 == Constants.HASH_DS_SIGNATUREPROP) {
                    str2 = IdUtils.getInstance().makeUniqueId(map, "wssecurity_signature_id_");
                    oMElement.addAttribute("Id", str2, null);
                }
            } else if (hashCode == Constants.HASH_ENC && (hashCode2 == Constants.HASH_ENC_ENCRYPTEDKEY || hashCode2 == Constants.HASH_ENC_ENCRYPTEDDATA || hashCode2 == Constants.HASH_ENC_ENCRYPTIONPROPS || hashCode2 == Constants.HASH_ENC_ENCRYPTIONPROP)) {
                str2 = IdUtils.getInstance().makeUniqueId(map, "wssecurity_signature_id_");
                oMElement.addAttribute("Id", str2, null);
            }
            if (str2 == null) {
                str2 = IdUtils.getInstance().makeUniqueId(map, "wssecurity_signature_id_");
                String namespacePrefix = DOMUtils.getNamespacePrefix(oMElement, str);
                if (namespacePrefix == null) {
                    namespacePrefix = "wsu";
                }
                oMElement.declareNamespace(str, namespacePrefix);
                oMElement.addAttribute("Id", str2, oMElement.getOMFactory().createOMNamespace(str, namespacePrefix));
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addWsuId(Document doc,Element part,String nsWsu,Map context) returns String[" + str2 + "]");
        }
        return str2;
    }

    private static void addTransforms(Reference reference, OMDocument oMDocument, OMFactory oMFactory, OMElement oMElement, List list, String str, String str2, boolean z, boolean z2, Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addTransforms(Reference gen[" + reference + "],OMDocument doc[" + DOMUtils.getDisplayName(oMDocument) + "],OMFactory factory[" + oMFactory + "],OMElement part[" + DOMUtils.getDisplayName(oMElement) + "],List config[" + list + "],String pWsse[" + str + "],String nsWsse[" + str2 + "],boolean addIncNS[" + z + "])");
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            AlgorithmConfig algorithmConfig = (AlgorithmConfig) it.next();
            String algorithm = algorithmConfig.getAlgorithm();
            Map<Object, Object> properties = algorithmConfig.getProperties();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Adding the transform [" + algorithm + "]...");
            }
            if ("http://www.w3.org/2001/10/xml-exc-c14n#".equals(algorithm) || "http://www.w3.org/2001/10/xml-exc-c14n#WithComments".equals(algorithm)) {
                reference.addTransform(createInclusiveTransform(oMFactory, oMElement, algorithm, z, z2));
            } else if (DecryptionTransformer.XML2.equals(algorithm)) {
                reference.addTransform(createDecryptionTransform(oMFactory, collectIdsOfEncryptedData(oMElement, map), algorithm));
            } else if ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform".equals(algorithm)) {
                reference.addTransform(createSTRTransform(oMFactory, oMElement, algorithm, str, str2, z));
                if (z) {
                    map.put(Constants.ADD_INC_NAMESPACES_FOR_STRD, Boolean.valueOf(z));
                }
            } else if ("http://www.w3.org/TR/1999/REC-xpath-19991116".equals(algorithm)) {
                reference.addTransform(createXPathTransform(oMFactory, algorithm, properties));
            } else if ("http://www.w3.org/2002/06/xmldsig-filter2".equals(algorithm)) {
                reference.addTransform(createXPath2Transform(oMFactory, algorithm, properties));
            } else {
                reference.addTransform(algorithm);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addTransforms(Reference gen,OMDocument doc,OMFactory factory,OMElement part,List config,String pWsse,String nsWsse,boolean addIncNS)");
        }
    }

    private static OMElement createInclusiveTransform(OMFactory oMFactory, OMElement oMElement, String str, boolean z, boolean z2) {
        OMNode firstOMChild;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createInclusiveTransform(OMFactory factory[" + oMFactory + "],OMElement part[" + DOMUtils.getDisplayName(oMElement) + "],String transform[" + str + "],boolean addIncNS[" + z + "])");
        }
        OMElement createOMElement = oMFactory.createOMElement("Transform", Constants.NS_DSIG, "ds");
        createOMElement.addAttribute("Algorithm", str, null);
        if (z) {
            if (z2 && (oMElement instanceof SOAPBody) && (firstOMChild = oMElement.getFirstOMChild()) != null && (firstOMChild instanceof OMSourcedElementImpl)) {
                return createOMElement;
            }
            OMElement createInclusiveNamespaces = createInclusiveNamespaces(oMFactory, oMElement);
            if (createInclusiveNamespaces != null) {
                createOMElement.addChild(createInclusiveNamespaces);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createInclusiveTransform(OMFactory factory,OMElement part,String transform,boolean addIncNS) returns Element[" + DOMUtils.getDisplayName(createOMElement) + "]");
        }
        return createOMElement;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private static OMElement createInclusiveNamespaces(OMFactory oMFactory, OMElement oMElement) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createInclusiveNamespaces(OMFactory factory[" + oMFactory + "],OMElement part[" + DOMUtils.getDisplayName(oMElement) + "])");
        }
        StringBuffer stringBuffer = null;
        if (oMElement == 0 || !(oMElement instanceof SOAPElementImpl)) {
            OMNode oMNode = oMElement;
            HashSet hashSet = new HashSet();
            while (oMNode != null && oMNode.getType() == 1) {
                Iterator allDeclaredNamespaces = ((OMElement) oMNode).getAllDeclaredNamespaces();
                while (allDeclaredNamespaces.hasNext()) {
                    OMNamespace oMNamespace = (OMNamespace) allDeclaredNamespaces.next();
                    if (!(oMNamespace instanceof OMNamespaceWithOwner)) {
                        String prefix = oMNamespace.getPrefix();
                        if (prefix == null || prefix.length() == 0) {
                            hashSet.add("#default");
                        } else {
                            hashSet.add(prefix);
                        }
                    }
                }
                OMContainer parent = oMNode.getParent();
                if (parent instanceof OMDocument) {
                    break;
                }
                oMNode = (OMNode) parent;
            }
            scanNamespaceDecls(oMElement, hashSet);
            if (hashSet.size() > 0) {
                stringBuffer = new StringBuffer();
                Iterator it = hashSet.iterator();
                while (it.hasNext()) {
                    stringBuffer.append(it.next());
                    stringBuffer.append(" ");
                }
            }
        } else {
            Iterator namespacePrefixes = ((SOAPElementImpl) oMElement).getNamespacePrefixes();
            if (namespacePrefixes != null) {
                stringBuffer = new StringBuffer();
                while (namespacePrefixes.hasNext()) {
                    OMNamespace oMNamespace2 = (OMNamespace) namespacePrefixes.next();
                    if (!(oMNamespace2 instanceof OMNamespaceWithOwner)) {
                        String prefix2 = oMNamespace2.getPrefix();
                        if (prefix2 == null || prefix2.length() == 0) {
                            stringBuffer.append("#default ");
                        } else {
                            stringBuffer.append(prefix2);
                            stringBuffer.append(" ");
                        }
                    }
                }
            }
        }
        OMElement oMElement2 = null;
        if (stringBuffer != null) {
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "node search generated PrefixList: " + ((Object) stringBuffer));
            }
            oMElement2 = oMFactory.createOMElement("InclusiveNamespaces", "http://www.w3.org/2001/10/xml-exc-c14n#", "ec");
            oMElement2.declareNamespace("http://www.w3.org/2001/10/xml-exc-c14n#", "ec");
            oMElement2.addAttribute("PrefixList", new String(stringBuffer), null);
        } else if (tc.isEntryEnabled()) {
            Tr.debug(tc, "node search generated an empty list");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createInclusiveNamespaces(OMFactory factory,OMElement part) returns OMElement[" + DOMUtils.getDisplayName(oMElement2) + "]");
        }
        return oMElement2;
    }

    private static void scanNamespaceDecls(OMNode oMNode, Set<String> set) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "scanNamespaceDecls(OMNode node[" + DOMUtils.getDisplayName(oMNode) + "],Set prefixes[" + set + "])");
        }
        if (oMNode.getType() == 1) {
            Iterator allDeclaredNamespaces = ((OMElement) oMNode).getAllDeclaredNamespaces();
            while (allDeclaredNamespaces.hasNext()) {
                OMNamespace oMNamespace = (OMNamespace) allDeclaredNamespaces.next();
                if (!(oMNamespace instanceof OMNamespaceWithOwner)) {
                    String prefix = oMNamespace.getPrefix();
                    if (prefix == null || prefix.length() == 0) {
                        set.add("#default");
                    } else {
                        set.add(prefix);
                    }
                }
            }
            OMNode firstOMChild = ((OMElement) oMNode).getFirstOMChild();
            while (true) {
                OMNode oMNode2 = firstOMChild;
                if (oMNode2 == null) {
                    break;
                }
                if (oMNode2.getType() == 1) {
                    scanNamespaceDecls(oMNode2, set);
                }
                firstOMChild = oMNode2.getNextOMSibling();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "scanNamespaceDecls(OMNode node, Set prefixes)");
        }
    }

    private static void scanNamespaceDecls(OMNode oMNode, Set<String> set, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "scanNamespaceDecls(OMNode node[" + DOMUtils.getDisplayName(oMNode) + "],Set prefixes[" + set + "String nsWsse[" + str + "])");
        }
        if (oMNode.getType() == 1) {
            Iterator allDeclaredNamespaces = ((OMElement) oMNode).getAllDeclaredNamespaces();
            while (allDeclaredNamespaces.hasNext()) {
                OMNamespace oMNamespace = (OMNamespace) allDeclaredNamespaces.next();
                if (!(oMNamespace instanceof OMNamespaceWithOwner)) {
                    String prefix = oMNamespace.getPrefix();
                    if (prefix == null || prefix.length() == 0) {
                        set.add("#default");
                    } else {
                        set.add(prefix);
                    }
                }
            }
            OMNode firstOMChild = ((OMElement) oMNode).getFirstOMChild();
            while (true) {
                OMNode oMNode2 = firstOMChild;
                if (oMNode2 == null) {
                    break;
                }
                if (oMNode2.getType() == 1 && !DOMUtils.equals(oMNode2, str, "SecurityTokenReference")) {
                    scanNamespaceDecls(oMNode2, set, str);
                }
                firstOMChild = oMNode2.getNextOMSibling();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "scanNamespaceDecls(OMNode node, Set prefixes, String nsWsse)");
        }
    }

    private static Set<String> collectIdsOfEncryptedData(OMNode oMNode, Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "collectIdsOfEncryptedData(OMNode node[" + DOMUtils.getDisplayName(oMNode) + "])");
        }
        HashSet hashSet = new HashSet();
        if (oMNode != null) {
            collectIdsOfEncryptedData(oMNode, hashSet, map);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "collectIdsOfEncryptedData(OMNode node) returns Set[" + hashSet + "]");
        }
        return hashSet;
    }

    private static void collectIdsOfEncryptedData(OMNode oMNode, Set<String> set, Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "collectIdsOfEncryptedData(OMNode node[" + DOMUtils.getDisplayName(oMNode) + "],Set ids[" + set + "])");
        }
        if (oMNode.getType() == 1) {
            if (!EncryptedData.isOfType((OMElement) oMNode)) {
                OMNode firstOMChild = ((OMElement) oMNode).getFirstOMChild();
                while (true) {
                    OMNode oMNode2 = firstOMChild;
                    if (oMNode2 == null) {
                        break;
                    }
                    if (oMNode2.getType() == 1 || oMNode2.getType() == 9) {
                        collectIdsOfEncryptedData(oMNode2, set, map);
                    }
                    firstOMChild = oMNode2.getNextOMSibling();
                }
            } else {
                OMElement oMElement = (OMElement) oMNode;
                String attributeValue = oMElement.getAttributeValue(ID_Q);
                if (attributeValue == null) {
                    attributeValue = IdUtils.getInstance().makeUniqueId(map, "wssecurity_encryption_id_");
                    oMElement.addAttribute("Id", attributeValue, null);
                }
                set.add(attributeValue);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "collectIdsOfEncryptedData(OMNode node, Set ids)");
        }
    }

    private static OMElement createDecryptionTransform(OMFactory oMFactory, Set<String> set, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createDecryptionTransform(OMFactory factory[" + oMFactory + "],Set ids[" + set + "],String transform[" + str + "])");
        }
        OMElement createOMElement = oMFactory.createOMElement("Transform", Constants.NS_DSIG, "ds");
        createOMElement.addAttribute("Algorithm", str, null);
        DOMUtils.declareDecryptionNamespace(createOMElement);
        for (String str2 : set) {
            OMElement createDecryptionOMElement = DOMUtils.createDecryptionOMElement("Except", oMFactory, createOMElement);
            createDecryptionOMElement.addAttribute("URI", "#" + str2, null);
            createOMElement.addChild(createDecryptionOMElement);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createDecryptionTransform(OMFactory factory,Set ids) returns OMElement[" + DOMUtils.getDisplayName(createOMElement) + "]");
        }
        return createOMElement;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [org.apache.axiom.om.OMElement, org.apache.axiom.om.OMNode] */
    /* JADX WARN: Type inference failed for: r0v67, types: [org.apache.axiom.om.OMNode] */
    /* JADX WARN: Type inference failed for: r0v83, types: [org.apache.axiom.om.OMNode] */
    private static OMElement createSTRTransform(OMFactory oMFactory, OMElement oMElement, String str, String str2, String str3, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createSTRTransform(OMFactory factory[" + oMFactory + "],OMElement part[" + DOMUtils.getDisplayName(oMElement) + "],String transform[" + str + "],String pWsse[" + str2 + "],String nsWsse[" + str3 + "],boolean addIncNS[" + z + "])");
        }
        OMElement oMElement2 = oMElement;
        HashSet hashSet = new HashSet();
        OMContainer parent = oMElement2.getParent();
        boolean z2 = false;
        if (DOMUtils.equals(oMElement, str3, "SecurityTokenReference")) {
            oMElement2 = (OMNode) parent;
            z2 = true;
        }
        while (oMElement2 != null && oMElement2.getType() == 1) {
            Iterator allDeclaredNamespaces = oMElement2.getAllDeclaredNamespaces();
            while (allDeclaredNamespaces.hasNext()) {
                OMNamespace oMNamespace = (OMNamespace) allDeclaredNamespaces.next();
                if (!(oMNamespace instanceof OMNamespaceWithOwner)) {
                    String prefix = oMNamespace.getPrefix();
                    if (prefix == null || prefix.length() == 0) {
                        hashSet.add("#default");
                    } else {
                        hashSet.add(prefix);
                    }
                }
            }
            OMContainer parent2 = oMElement2.getParent();
            if (parent2 instanceof OMDocument) {
                break;
            }
            oMElement2 = (OMNode) parent2;
        }
        if (!z2) {
            scanNamespaceDecls(oMElement, hashSet, str3);
        }
        ?? createOMElement = oMFactory.createOMElement("Transform", Constants.NS_DSIG, "ds");
        createOMElement.addAttribute("Algorithm", str, null);
        boolean z3 = false;
        String str4 = str2;
        if (str4 == null) {
            str4 = "wsse";
            z3 = true;
        }
        OMElement createOMElement2 = oMFactory.createOMElement("TransformationParameters", str3, str4);
        if (z3) {
            createOMElement2.declareNamespace(str3, "wsse");
        }
        createOMElement.addChild(createOMElement2);
        OMElement createOMElement3 = oMFactory.createOMElement("CanonicalizationMethod", Constants.NS_DSIG, "ds");
        createOMElement3.addAttribute("Algorithm", "http://www.w3.org/2001/10/xml-exc-c14n#", null);
        createOMElement2.addChild(createOMElement3);
        if (z && hashSet.size() > 0) {
            StringBuffer stringBuffer = new StringBuffer();
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                stringBuffer.append(it.next());
                stringBuffer.append(" ");
            }
            OMElement createOMElement4 = oMFactory.createOMElement("InclusiveNamespaces", "http://www.w3.org/2001/10/xml-exc-c14n#", "ec");
            createOMElement4.declareNamespace("http://www.w3.org/2001/10/xml-exc-c14n#", "ec");
            createOMElement4.addAttribute("PrefixList", new String(stringBuffer), null);
            createOMElement3.addChild(createOMElement4);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createSTRTransform(OMFactory factory,OMElement part,String transform,String pWsse,String nsWsse,boolean addIncNS) returns OMElement[" + DOMUtils.getDisplayName((OMNode) createOMElement) + "]");
        }
        return createOMElement;
    }

    public static OMElement createXPathTransform(OMFactory oMFactory, String str, Map<Object, Object> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createXPathTransform(OMFactory factory[" + oMFactory + "],String transform[" + str + "],Map properties)");
        }
        String str2 = (String) map.get(com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_XPATH_EXPRESSION);
        OMElement createOMElement = oMFactory.createOMElement("Transform", Constants.NS_DSIG, "ds");
        createOMElement.addAttribute("Algorithm", str, null);
        OMElement createOMElement2 = oMFactory.createOMElement(PolicyAttributesConstants.XPATH, Constants.NS_DSIG, "ds");
        createOMElement.addChild(createOMElement2);
        createOMElement2.addChild(oMFactory.createOMText(str2));
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createXPathTransform(OMFactory factory,String transform,Map properties) returns OMElement[" + DOMUtils.getDisplayName(createOMElement) + "]");
        }
        return createOMElement;
    }

    public static OMElement createXPath2Transform(OMFactory oMFactory, String str, Map<Object, Object> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createXPath2Transform(OMFactory doc[" + oMFactory + "],String transform[" + str + "],Map properties)");
        }
        OMElement createOMElement = oMFactory.createOMElement("Transform", Constants.NS_DSIG, "ds");
        createOMElement.addAttribute("Algorithm", str, null);
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        String str2 = com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_XPATH2_ORDER + IModel.PLUGIN_KEY_VERSION_SEPARATOR;
        String str3 = com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_XPATH2_FILTER + IModel.PLUGIN_KEY_VERSION_SEPARATOR;
        String str4 = com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_XPATH2_EXPRESSION + IModel.PLUGIN_KEY_VERSION_SEPARATOR;
        Iterator<Object> it = map.keySet().iterator();
        while (it.hasNext()) {
            String str5 = (String) it.next();
            String str6 = (String) map.get(str5);
            if (str5.startsWith(str4)) {
                hashMap3.put(str5.substring(str4.length()), str6);
            } else if (str5.startsWith(str3)) {
                hashMap2.put(str5.substring(str3.length()), str6);
            } else if (str5.startsWith(str2)) {
                hashMap.put(str5.substring(str2.length()), new Integer(str6));
            }
        }
        int size = hashMap.keySet().size();
        if (size > 0) {
            String[] strArr = new String[size];
            int[] iArr = new int[size];
            int i = -1;
            for (String str7 : hashMap.keySet()) {
                i++;
                int intValue = ((Integer) hashMap.get(str7)).intValue();
                boolean z = false;
                int i2 = 0;
                while (true) {
                    if (i2 >= i) {
                        break;
                    }
                    if (intValue < iArr[i2]) {
                        for (int i3 = i - 1; i3 >= i2; i3--) {
                            strArr[i3 + 1] = strArr[i3];
                            iArr[i3 + 1] = iArr[i3];
                        }
                        strArr[i2] = str7;
                        iArr[i2] = intValue;
                        z = true;
                    } else {
                        i2++;
                    }
                }
                if (!z) {
                    strArr[i] = str7;
                    iArr[i] = intValue;
                }
            }
            for (int i4 = 0; i4 < strArr.length; i4++) {
                String str8 = (String) hashMap2.get(strArr[i4]);
                String str9 = (String) hashMap3.get(strArr[i4]);
                OMElement createOMElement2 = oMFactory.createOMElement(PolicyAttributesConstants.XPATH, "http://www.w3.org/2002/06/xmldsig-filter2", "dsf2");
                createOMElement2.declareNamespace("http://www.w3.org/2002/06/xmldsig-filter2", "dsf2");
                createOMElement2.addAttribute("Filter", str8, null);
                createOMElement.addChild(createOMElement2);
                createOMElement2.addChild(oMFactory.createOMText(str9));
                createOMElement.addChild(createOMElement2);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createXPathTransform(OMFactory factory,String transform,Map properties) returns OMElement[" + DOMUtils.getDisplayName(createOMElement) + "]");
        }
        return createOMElement;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void prepareTransform(SigningReferenceConfig signingReferenceConfig, Map<Object, Object> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "prepareTransform(SigningReferenceConfig srconfig],Map selectorMap)");
        }
        boolean z = false;
        Iterator<AlgorithmConfig> it = signingReferenceConfig.getTransforms().iterator();
        while (it.hasNext()) {
            if ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform".equals(it.next().getAlgorithm())) {
                z = true;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "STR-Transform transform found.");
                }
            }
        }
        if (z) {
            map.put(IntegralDialectElementSelector.EXIST_STRTRANSFORM, Boolean.toString(z));
        } else {
            map.remove(IntegralDialectElementSelector.EXIST_STRTRANSFORM);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "prepareTransform(SigningReferenceConfig srconfig,Map selectorMap)");
        }
    }

    public static Key callKeyInfoGenerator(KeyInfoGeneratorConfig keyInfoGeneratorConfig, String str, Map<Object, Object> map, Map<Object, Object> map2, OMDocument oMDocument, OMElement oMElement, Map<Object, Object> map3) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "callKeyInfoGenerator(KeyInfoGeneratorConfig config,String keytype[" + str + "],Map type,Map properties,OMDocument doc[" + DOMUtils.getDisplayName(oMDocument) + "],OMElement parent[" + DOMUtils.getDisplayName(oMElement) + "],Map context)");
        }
        KeyInfoGenerator keyInfoGenerator = (KeyInfoGenerator) map2.get(KeyInfoGenerator.class);
        map.clear();
        map.put(com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_KEY_TYPE, str);
        map3.put(KeyInfoGeneratorConfig.CONFIG_KEY, keyInfoGeneratorConfig);
        Key key = keyInfoGenerator.getKey(oMDocument, oMElement, map, map3);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "callKeyInfoGenerator(KeyInfoGeneratorConfig config,String keytype,Map type,Map properties,OMDocument doc,OMElement parent,Map context) returns Key[" + key + "]");
        }
        return key;
    }

    private static OMElement insertSignatureElement(OMElement oMElement, OMElement oMElement2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "insertSignatureElement(OMElement parent[" + DOMUtils.getDisplayName(oMElement) + "],OMElement elem[" + DOMUtils.getDisplayName(oMElement2) + "])");
        }
        OMElement oMElement3 = null;
        OMElement oMElement4 = null;
        if (oMElement != null) {
            OMElement firstElement = DOMUtils.getFirstElement(oMElement);
            while (true) {
                OMElement oMElement5 = firstElement;
                if (oMElement5 == null) {
                    break;
                }
                oMElement4 = oMElement5;
                String namespaceURI = oMElement5.getNamespace() == null ? null : oMElement5.getNamespace().getNamespaceURI();
                String localName = oMElement5.getLocalName();
                if ((!Constants.NS_ENC.equals(namespaceURI) || (!"EncryptedKey".equals(localName) && !"ReferenceList".equals(localName))) && (!Constants.NS_DSIG.equals(namespaceURI) || !"Signature".equals(localName))) {
                    firstElement = DOMUtils.getNextElement(oMElement5);
                }
            }
        }
        if (oMElement4 == null) {
            oMElement.addChild(oMElement2);
        } else if (oMElement3 == null) {
            oMElement.addChild(oMElement2);
        } else {
            oMElement3.insertSiblingBefore(oMElement2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "insertSignatureElement(OMElement parent,OMElement elem) returns Element[" + DOMUtils.getDisplayName(oMElement2) + "]");
        }
        return oMElement2;
    }
}
