package org.globus.wsrf.impl.security.authentication.signature;

import java.util.HashMap;
import java.util.Vector;
import javax.xml.namespace.QName;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPMessage;
import org.apache.axis.AxisFault;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.SOAPConstants;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.message.WSAddTimestamp;
import org.apache.ws.security.message.WSSignEnvelope;
import org.apache.ws.security.util.WSSecurityUtil;
import org.globus.gsi.GlobusCredential;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.util.I18n;
import org.globus.wsrf.impl.security.authentication.Constants;
import org.globus.wsrf.impl.security.authentication.ContextCredential;
import org.globus.wsrf.impl.security.authentication.ContextCrypto;
import org.globus.wsrf.impl.security.authentication.wssec.GSSConfig;
import org.globus.wsrf.impl.security.util.EnvelopeConverter;
import org.ietf.jgss.GSSCredential;
import org.w3c.dom.Document;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/ghn-core-runtime-1.0.0.jar:org/globus/wsrf/impl/security/authentication/signature/X509WSSignedSOAPEnvelopeBuilder.class
 */
/* loaded from: input_file:WEB-INF/lib/wsrf-core-4.0.4.jar:org/globus/wsrf/impl/security/authentication/signature/X509WSSignedSOAPEnvelopeBuilder.class */
public class X509WSSignedSOAPEnvelopeBuilder extends WSSignEnvelope {
    protected int defaultTTL = 300;
    protected static I18n i18n = I18n.getI18n("org.globus.wsrf.impl.security.authentication.errors");
    private static ContextCrypto crypto = ContextCrypto.getInstance();
    private static Log logger;
    protected GSSCredential credential;
    protected MessageContext msgContext;
    static Class class$org$globus$wsrf$impl$security$authentication$signature$X509WSSignedSOAPEnvelopeBuilder;

    public X509WSSignedSOAPEnvelopeBuilder(MessageContext messageContext, GSSCredential gSSCredential) {
        this.credential = gSSCredential;
        this.msgContext = messageContext;
        setUseSingleCertificate(false);
        setKeyIdentifierType(1);
        setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
    }

    private GSSCredential getCredential() throws Exception {
        if (this.credential != null) {
            if (this.credential instanceof GlobusGSSCredentialImpl) {
                return this.credential;
            }
            return null;
        }
        GlobusCredential defaultCredential = GlobusCredential.getDefaultCredential();
        if (defaultCredential != null) {
            return new GlobusGSSCredentialImpl(defaultCredential, 0);
        }
        return null;
    }

    public SOAPEnvelope build(SOAPEnvelope sOAPEnvelope) throws Exception {
        return buildMessage(sOAPEnvelope).getSOAPPart().getEnvelope();
    }

    public SOAPMessage buildMessage(SOAPEnvelope sOAPEnvelope) throws Exception {
        String str;
        GSSCredential credential = getCredential();
        if (credential == null) {
            throw new Exception(i18n.getMessage("noCreds"));
        }
        logger.debug("Beginning signing...");
        Document document = EnvelopeConverter.getInstance().toDocument(sOAPEnvelope);
        WSAddTimestamp wSAddTimestamp = new WSAddTimestamp(this.actor, true);
        int i = this.defaultTTL;
        if (this.msgContext != null && (str = (String) this.msgContext.getProperty(Constants.TTL)) != null) {
            i = Integer.parseInt(str);
        }
        wSAddTimestamp.build(document, i);
        SOAPConstants sOAPConstants = WSSecurityUtil.getSOAPConstants(sOAPEnvelope);
        Vector vector = new Vector();
        vector.add(new WSEncryptionPart("Timestamp", WSConstants.WSU_NS, "Content"));
        vector.add(new WSEncryptionPart(sOAPConstants.getBodyQName().getLocalPart(), sOAPConstants.getEnvelopeURI(), "Content"));
        HashMap hashMap = (HashMap) this.msgContext.getProperty(Constants.SECURE_HEADERS);
        if (hashMap != null) {
            for (QName qName : hashMap.keySet()) {
                logger.debug(new StringBuffer().append("Header added ").append(qName).toString());
                vector.add(new WSEncryptionPart(qName.getLocalPart(), qName.getNamespaceURI(), "Content"));
            }
        }
        setParts(vector);
        try {
            try {
                ContextCredential.begin(credential);
                build(document, crypto);
                ContextCredential.release();
                logger.debug("Signing complete.");
                return EnvelopeConverter.getInstance().toSOAPMessage(document);
            } catch (WSSecurityException e) {
                throw new AxisFault(i18n.getMessage("signErr"), e);
            }
        } catch (Throwable th) {
            ContextCredential.release();
            throw th;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$globus$wsrf$impl$security$authentication$signature$X509WSSignedSOAPEnvelopeBuilder == null) {
            cls = class$("org.globus.wsrf.impl.security.authentication.signature.X509WSSignedSOAPEnvelopeBuilder");
            class$org$globus$wsrf$impl$security$authentication$signature$X509WSSignedSOAPEnvelopeBuilder = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$authentication$signature$X509WSSignedSOAPEnvelopeBuilder;
        }
        logger = LogFactory.getLog(cls.getName());
        GSSConfig.init();
    }
}
