package org.apache.ws.security.action;

import java.util.List;
import javax.xml.crypto.dsig.Reference;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.handler.WSHandler;
import org.apache.ws.security.message.WSSecSignature;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:org/apache/ws/security/action/SignatureAction.class */
public class SignatureAction implements Action {
    @Override // org.apache.ws.security.action.Action
    public void execute(WSHandler wSHandler, int i, Document document, RequestData requestData) throws WSSecurityException {
        int originalSignatureActionPosition;
        WSPasswordCallback passwordCB = wSHandler.getPasswordCB(requestData.getSignatureUser(), i, wSHandler.getPasswordCallbackHandler(requestData), requestData);
        WSSecSignature wSSecSignature = new WSSecSignature(requestData.getWssConfig());
        if (requestData.getSigKeyId() != 0) {
            wSSecSignature.setKeyIdentifierType(requestData.getSigKeyId());
        }
        if (requestData.getSigAlgorithm() != null) {
            wSSecSignature.setSignatureAlgorithm(requestData.getSigAlgorithm());
        }
        if (requestData.getSigDigestAlgorithm() != null) {
            wSSecSignature.setDigestAlgo(requestData.getSigDigestAlgorithm());
        }
        wSSecSignature.setUserInfo(requestData.getSignatureUser(), passwordCB.getPassword());
        wSSecSignature.setUseSingleCertificate(requestData.isUseSingleCert());
        if (requestData.getSignatureParts().size() > 0) {
            wSSecSignature.setParts(requestData.getSignatureParts());
        }
        if (passwordCB.getKey() != null) {
            wSSecSignature.setSecretKey(passwordCB.getKey());
        }
        try {
            wSSecSignature.prepare(document, requestData.getSigCrypto(), requestData.getSecHeader());
            Element element = null;
            for (WSEncryptionPart wSEncryptionPart : requestData.getSignatureParts()) {
                if ("STRTransform".equals(wSEncryptionPart.getName()) && wSEncryptionPart.getId() == null) {
                    wSEncryptionPart.setId(wSSecSignature.getSecurityTokenReferenceURI());
                } else if (requestData.isAppendSignatureAfterTimestamp() && WSConstants.WSU_NS.equals(wSEncryptionPart.getNamespace()) && "Timestamp".equals(wSEncryptionPart.getName()) && (originalSignatureActionPosition = requestData.getOriginalSignatureActionPosition()) > 0) {
                    Node lastChild = requestData.getSecHeader().getSecurityHeader().getLastChild();
                    for (int i2 = 0; lastChild != null && i2 < originalSignatureActionPosition; i2++) {
                        while (lastChild != null && lastChild.getNodeType() != 1) {
                            lastChild = lastChild.getPreviousSibling();
                        }
                    }
                    if (lastChild instanceof Element) {
                        element = (Element) lastChild;
                    }
                }
            }
            List<Reference> addReferencesToSign = wSSecSignature.addReferencesToSign(requestData.getSignatureParts(), requestData.getSecHeader());
            if (requestData.isAppendSignatureAfterTimestamp() && element == null) {
                wSSecSignature.computeSignature(addReferencesToSign, false, null);
            } else {
                wSSecSignature.computeSignature(addReferencesToSign, true, element);
            }
            wSSecSignature.prependBSTElementToHeader(requestData.getSecHeader());
            requestData.getSignatureValues().add(wSSecSignature.getSignatureValue());
        } catch (WSSecurityException e) {
            throw new WSSecurityException("Error during Signature: ", e);
        }
    }
}
