package com.sun.xml.wss.impl.apachecrypto;

import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.encryption.EncryptedKey;
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.xml.jaxws.JAXWSMessage;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.core.EncryptedDataHeaderBlock;
import com.sun.xml.wss.core.EncryptedDataImpl;
import com.sun.xml.wss.core.KeyInfoHeaderBlock;
import com.sun.xml.wss.core.ReferenceListHeaderBlock;
import com.sun.xml.wss.core.SecurityHeader;
import com.sun.xml.wss.core.SecurityTokenReference;
import com.sun.xml.wss.core.X509SecurityToken;
import com.sun.xml.wss.impl.FilterProcessingContext;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.SecurableSoapMessage;
import com.sun.xml.wss.impl.XMLUtil;
import com.sun.xml.wss.impl.keyinfo.KeyIdentifierStrategy;
import com.sun.xml.wss.impl.keyinfo.KeyInfoStrategy;
import com.sun.xml.wss.impl.keyinfo.KeyNameStrategy;
import com.sun.xml.wss.impl.misc.KeyResolver;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
import com.sun.xml.wss.impl.policy.mls.EncryptionTarget;
import com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding;
import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
import com.sun.xml.wss.impl.resolver.AttachmentSignatureInput;
import com.sun.xml.wss.logging.LogDomainConstants;
import com.sun.xml.wss.saml.SAMLException;
import com.sun.xml.wss.saml.assertion.saml11.jaxb20.Assertion;
import com.sun.xml.wss.swa.MimeConstants;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.activation.DataHandler;
import javax.activation.DataSource;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.xml.soap.AttachmentPart;
import javax.xml.soap.MimeHeader;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPPart;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/sun/xml/wss/impl/apachecrypto/EncryptionProcessor.class */
public class EncryptionProcessor {
    private static byte[] crlf;
    protected static Logger log = Logger.getLogger(LogDomainConstants.IMPL_CRYPTO_DOMAIN, LogDomainConstants.IMPL_CRYPTO_DOMAIN_BUNDLE);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/sun/xml/wss/impl/apachecrypto/EncryptionProcessor$EncryptedAttachmentDataHandler.class */
    public static class EncryptedAttachmentDataHandler extends DataHandler {
        EncryptedAttachmentDataHandler(DataSource dataSource) {
            super(dataSource);
        }

        public void writeTo(OutputStream outputStream) throws IOException {
            ((ByteArrayOutputStream) getDataSource().getOutputStream()).writeTo(outputStream);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/sun/xml/wss/impl/apachecrypto/EncryptionProcessor$EncryptedAttachmentDataSource.class */
    public static class EncryptedAttachmentDataSource implements DataSource {
        byte[] datasource;

        EncryptedAttachmentDataSource(byte[] bArr) {
            this.datasource = bArr;
        }

        public String getContentType() {
            return MimeConstants.APPLICATION_OCTET_STREAM_TYPE;
        }

        public InputStream getInputStream() throws IOException {
            return new ByteArrayInputStream(this.datasource);
        }

        public String getName() {
            return "Encrypted Attachment DataSource";
        }

        public OutputStream getOutputStream() throws IOException {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(this.datasource, 0, this.datasource.length);
            return byteArrayOutputStream;
        }
    }

    public static void encrypt(FilterProcessingContext filterProcessingContext) throws XWSSecurityException {
        KeyInfoStrategy keyIdentifierStrategy;
        SymmetricKeyBinding symmetricKeyBinding;
        Node encryptElement;
        AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding;
        SecurableSoapMessage securableSoapMessage = filterProcessingContext.getSecurableSoapMessage();
        SecurityHeader findOrCreateSecurityHeader = securableSoapMessage.findOrCreateSecurityHeader();
        SecretKey secretKey = null;
        SecretKey secretKey2 = null;
        X509Certificate x509Certificate = null;
        String str = null;
        String str2 = MessageConstants.RSA_15_KEY_TRANSPORT;
        String str3 = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
        String str4 = null;
        WSSPolicy wSSPolicy = (WSSPolicy) filterProcessingContext.getSecurityPolicy();
        EncryptionPolicy.FeatureBinding featureBinding = (EncryptionPolicy.FeatureBinding) wSSPolicy.getFeatureBinding();
        WSSPolicy wSSPolicy2 = (WSSPolicy) wSSPolicy.getKeyBinding();
        SecurityTokenReference securityTokenReference = null;
        SOAPElement sOAPElement = null;
        String dataEncryptionAlgorithm = featureBinding.getDataEncryptionAlgorithm();
        if (dataEncryptionAlgorithm != null && !MessageConstants.EMPTY_STRING.equals(dataEncryptionAlgorithm)) {
            str3 = dataEncryptionAlgorithm;
        }
        if (PolicyTypeUtil.x509CertificateBinding(wSSPolicy2)) {
            if (filterProcessingContext.getX509CertificateBinding() != null) {
                x509CertificateBinding = filterProcessingContext.getX509CertificateBinding();
                filterProcessingContext.setX509CertificateBinding(null);
            } else {
                x509CertificateBinding = (AuthenticationTokenPolicy.X509CertificateBinding) wSSPolicy2;
            }
            x509Certificate = x509CertificateBinding.getX509Certificate();
            String referenceType = x509CertificateBinding.getReferenceType();
            keyIdentifierStrategy = KeyInfoStrategy.getInstance(referenceType);
            keyIdentifierStrategy.setCertificate(x509Certificate);
            String certificateIdentifier = x509CertificateBinding.getCertificateIdentifier();
            X509SecurityToken x509SecurityToken = (X509SecurityToken) filterProcessingContext.getInsertedX509Cache().get(certificateIdentifier);
            if (x509SecurityToken != null && !x509SecurityToken.getCertificate().equals(x509Certificate)) {
                x509SecurityToken = null;
            }
            if (x509SecurityToken != null) {
                str = x509SecurityToken.getId();
            } else {
                str = x509CertificateBinding.getUUID();
                if (str == null || str.equals(MessageConstants.EMPTY_STRING)) {
                    str = securableSoapMessage.generateId();
                }
            }
            if ("Direct".equals(referenceType)) {
                if (x509SecurityToken == null) {
                    X509SecurityToken x509SecurityToken2 = new X509SecurityToken(securableSoapMessage.getSOAPPart(), x509Certificate, str);
                    securableSoapMessage.findOrCreateSecurityHeader().insertHeaderBlock(x509SecurityToken2);
                    sOAPElement = securableSoapMessage.findOrCreateSecurityHeader().getFirstChildElement();
                    filterProcessingContext.getInsertedX509Cache().put(certificateIdentifier, x509SecurityToken2);
                } else {
                    sOAPElement = securableSoapMessage.getElementByWsuId(str);
                }
            }
            String keyAlgorithm = x509CertificateBinding.getKeyAlgorithm();
            if (keyAlgorithm != null && !keyAlgorithm.equals(MessageConstants.EMPTY_STRING)) {
                str2 = keyAlgorithm;
            }
            secretKey = generateSymmetricKey(str3);
        } else if (PolicyTypeUtil.symmetricKeyBinding(wSSPolicy2)) {
            if (filterProcessingContext.getSymmetricKeyBinding() != null) {
                symmetricKeyBinding = filterProcessingContext.getSymmetricKeyBinding();
                filterProcessingContext.setSymmetricKeyBinding(null);
            } else {
                symmetricKeyBinding = (SymmetricKeyBinding) wSSPolicy2;
            }
            str2 = symmetricKeyBinding.getKeyAlgorithm();
            if (str2 != null && !MessageConstants.EMPTY_STRING.equals(str2)) {
                secretKey = generateSymmetricKey(str3);
            }
            keyIdentifierStrategy = KeyInfoStrategy.getInstance(MessageConstants.KEY_NAME_TYPE);
            secretKey2 = symmetricKeyBinding.getSecretKey();
            str4 = symmetricKeyBinding.getKeyIdentifier();
            secretKey2.getAlgorithm();
            if (secretKey == null) {
                ((KeyNameStrategy) keyIdentifierStrategy).setKeyName(str4);
                secretKey = secretKey2;
                secretKey2 = null;
            }
        } else {
            if (!PolicyTypeUtil.samlTokenPolicy(wSSPolicy2)) {
                throw new XWSSecurityException("Unsupported Key Binding for EncryptionPolicy");
            }
            AuthenticationTokenPolicy.SAMLAssertionBinding sAMLAssertionBinding = (AuthenticationTokenPolicy.SAMLAssertionBinding) wSSPolicy2;
            Assertion assertion = null;
            com.sun.xml.wss.saml.assertion.saml11.jaxb10.Assertion assertion2 = null;
            try {
                if (System.getProperty("com.sun.xml.wss.saml.binding.jaxb").equals("false") || System.getProperty("com.sun.xml.wss.saml.binding.jaxb") == null) {
                    assertion = Assertion.fromElement(sAMLAssertionBinding.getAssertion());
                } else if (System.getProperty("com.sun.xml.wss.saml.binding.jaxb").equals("true")) {
                    assertion2 = com.sun.xml.wss.saml.assertion.saml11.jaxb10.Assertion.fromElement(sAMLAssertionBinding.getAssertion());
                }
            } catch (SAMLException e) {
            }
            if (assertion != null) {
                filterProcessingContext.getTokenCache().put(assertion.getAssertionID(), assertion);
            } else {
                if (assertion2 == null) {
                    throw new XWSSecurityException("SAML Assertion is NULL");
                }
                filterProcessingContext.getTokenCache().put(assertion.getAssertionID(), assertion2);
            }
            Object obj = null;
            if (assertion != null) {
                obj = KeyResolver.resolveSamlAssertion(filterProcessingContext.getSecurableSoapMessage(), assertion, true, filterProcessingContext);
            } else if (assertion2 != null) {
                obj = KeyResolver.resolveSamlAssertion(filterProcessingContext.getSecurableSoapMessage(), assertion2, true, filterProcessingContext);
            }
            x509Certificate = filterProcessingContext.getSecurityEnvironment().getCertificate(filterProcessingContext.getExtraneousProperties(), (PublicKey) obj, false);
            if (x509Certificate == null) {
                throw new XWSSecurityException("Could not locate Certificate corresponding to Key in SubjectConfirmation of SAML Assertion");
            }
            if (!MessageConstants.EMPTY_STRING.equals(sAMLAssertionBinding.getKeyAlgorithm())) {
                str2 = sAMLAssertionBinding.getKeyAlgorithm();
            }
            secretKey = generateSymmetricKey(str3);
            if (sAMLAssertionBinding.getReferenceType().equals("Embedded")) {
                throw new XWSSecurityException("Embedded Reference Type for SAML Assertions not supported yet");
            }
            String str5 = null;
            if (assertion != null) {
                str5 = assertion.getAssertionID();
            } else if (assertion2 != null) {
                str5 = assertion2.getAssertionID();
            }
            Element authorityBinding = sAMLAssertionBinding.getAuthorityBinding();
            securityTokenReference = new SecurityTokenReference((Document) securableSoapMessage.getSOAPPart());
            String strid = sAMLAssertionBinding.getSTRID();
            if (strid == null) {
                strid = securableSoapMessage.generateId();
            }
            securityTokenReference.setWsuId(strid);
            if (authorityBinding != null) {
                securityTokenReference.setSamlAuthorityBinding(authorityBinding, securableSoapMessage.getSOAPPart());
            }
            keyIdentifierStrategy = new KeyIdentifierStrategy(str5);
            keyIdentifierStrategy.insertKey(securityTokenReference, securableSoapMessage);
        }
        XMLCipher xMLCipher = null;
        Cipher cipher = null;
        try {
            if (x509Certificate != null) {
                xMLCipher = XMLCipher.getInstance(str2);
                xMLCipher.init(3, x509Certificate.getPublicKey());
            } else if (secretKey2 != null) {
                xMLCipher = XMLCipher.getInstance(str2);
                xMLCipher.init(3, secretKey2);
            }
            Cipher cipher2 = Cipher.getInstance(JCEMapper.translateURItoJCEID(str3));
            XMLCipher xMLCipher2 = XMLCipher.getInstance(str3, cipher2);
            cipher2.init(1, secretKey);
            xMLCipher2.init(1, secretKey);
            ArrayList targetBindings = featureBinding.getTargetBindings();
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            Iterator it = targetBindings.iterator();
            while (it.hasNext()) {
                EncryptionTarget encryptionTarget = (EncryptionTarget) it.next();
                Boolean bool = new Boolean(encryptionTarget.getContentOnly());
                if (encryptionTarget.getValue() == MessageConstants.PROCESS_ALL_ATTACHMENTS) {
                    Iterator attachments = securableSoapMessage.getAttachments();
                    while (attachments.hasNext()) {
                        arrayList.add(new Object[]{(AttachmentPart) attachments.next(), bool});
                    }
                } else {
                    Object messageParts = securableSoapMessage.getMessageParts(encryptionTarget);
                    encryptionTarget.getCipherReferenceTransforms();
                    if (messageParts instanceof AttachmentPart) {
                        arrayList.add(new Object[]{messageParts, bool});
                    } else if (messageParts instanceof Node) {
                        arrayList2.add(new Object[]{messageParts, bool});
                    } else if (messageParts instanceof NodeList) {
                        for (int i = 0; i < ((NodeList) messageParts).getLength(); i++) {
                            arrayList2.add(new Object[]{((NodeList) messageParts).item(i), bool});
                        }
                    }
                }
            }
            EncryptedKey encryptedKey = null;
            ReferenceListHeaderBlock referenceListHeaderBlock = null;
            if (xMLCipher != null) {
                try {
                    encryptedKey = xMLCipher.encryptKey(securableSoapMessage.getSOAPPart(), secretKey);
                    KeyInfoHeaderBlock keyInfoHeaderBlock = new KeyInfoHeaderBlock((Document) securableSoapMessage.getSOAPPart());
                    if (securityTokenReference != null) {
                        keyInfoHeaderBlock.addSecurityTokenReference(securityTokenReference);
                    } else if (x509Certificate != null) {
                        keyIdentifierStrategy.insertKey(keyInfoHeaderBlock, securableSoapMessage, str);
                    } else if (secretKey2 != null) {
                        keyInfoHeaderBlock.addKeyName(str4);
                    }
                    encryptedKey.setKeyInfo(keyInfoHeaderBlock.getKeyInfo());
                } catch (Exception e2) {
                    throw new XWSSecurityException(e2);
                }
            }
            ReferenceListHeaderBlock referenceListHeaderBlock2 = encryptedKey != null ? new ReferenceListHeaderBlock((Document) securableSoapMessage.getSOAPPart()) : null;
            Node node = sOAPElement != null ? (SOAPElement) sOAPElement.getNextSibling() : null;
            Iterator it2 = arrayList.iterator();
            if (it2.hasNext()) {
                try {
                    cipher = Cipher.getInstance(JCEMapper.translateURItoJCEID(str3));
                    cipher.init(1, secretKey);
                } catch (Exception e3) {
                    log.log(Level.SEVERE, "WSS1205.unableto.initialize.xml.cipher");
                    throw new XWSSecurityException("Unable to initialize XML Cipher", e3);
                }
            }
            while (it2.hasNext()) {
                Object[] objArr = (Object[]) it2.next();
                AttachmentPart attachmentPart = (AttachmentPart) objArr[0];
                boolean booleanValue = ((Boolean) objArr[1]).booleanValue();
                EncryptedDataHeaderBlock encryptedDataHeaderBlock = new EncryptedDataHeaderBlock();
                String generateId = securableSoapMessage.generateId();
                encryptedDataHeaderBlock.setId(generateId);
                encryptedDataHeaderBlock.setType(booleanValue ? MessageConstants.ATTACHMENT_CONTENT_ONLY_URI : MessageConstants.ATTACHMENT_COMPLETE_URI);
                encryptedDataHeaderBlock.setMimeType(attachmentPart.getContentType());
                String contentId = attachmentPart.getContentId();
                encryptedDataHeaderBlock.getCipherReference(true, contentId != null ? new StringBuffer().append("cid:").append(contentId.substring(1, contentId.length() - 1)).toString() : attachmentPart.getContentLocation());
                encryptedDataHeaderBlock.setEncryptionMethod(str3);
                encryptedDataHeaderBlock.addTransform(MessageConstants.ATTACHMENT_CONTENT_ONLY_TRANSFORM_URI);
                encryptAttachment(attachmentPart, booleanValue, cipher);
                if (referenceListHeaderBlock2 != null) {
                    referenceListHeaderBlock2.addReference(new StringBuffer().append("#").append(generateId).toString());
                }
                if (node == null && sOAPElement == null) {
                    findOrCreateSecurityHeader.insertHeaderBlock(encryptedDataHeaderBlock);
                } else if (node != null) {
                    findOrCreateSecurityHeader.insertBefore(encryptedDataHeaderBlock, node);
                } else {
                    findOrCreateSecurityHeader.appendChild(encryptedDataHeaderBlock);
                }
            }
            Iterator it3 = arrayList2.iterator();
            while (it3.hasNext()) {
                Object[] objArr2 = (Object[]) it3.next();
                SOAPElement sOAPElement2 = (Node) objArr2[0];
                boolean booleanValue2 = ((Boolean) objArr2[1]).booleanValue();
                if (filterProcessingContext.getConfigType() != MessageConstants.SIGN_ENCRYPT_BODY) {
                    encryptElement = encryptElement(securableSoapMessage, sOAPElement2, booleanValue2, xMLCipher2);
                } else if (0 != 0) {
                    encryptElement = encryptBodyContent(securableSoapMessage, filterProcessingContext.getCanonicalizedData(), xMLCipher2);
                } else {
                    signEncrypt(filterProcessingContext, cipher2, referenceListHeaderBlock2, referenceListHeaderBlock, keyIdentifierStrategy, str3);
                }
                EncryptedDataHeaderBlock encryptedDataHeaderBlock2 = new EncryptedDataHeaderBlock(XMLUtil.convertToSoapElement(securableSoapMessage.getSOAPPart(), encryptElement));
                String generateId2 = securableSoapMessage.generateId();
                String stringBuffer = new StringBuffer().append("#").append(generateId2).toString();
                encryptedDataHeaderBlock2.setId(generateId2);
                if (referenceListHeaderBlock2 != null) {
                    referenceListHeaderBlock2.addReference(stringBuffer);
                } else {
                    if (referenceListHeaderBlock == null) {
                        referenceListHeaderBlock = new ReferenceListHeaderBlock((Document) securableSoapMessage.getSOAPPart());
                    }
                    referenceListHeaderBlock.addReference(stringBuffer);
                    KeyInfoHeaderBlock keyInfoHeaderBlock2 = new KeyInfoHeaderBlock((Document) securableSoapMessage.getSOAPPart());
                    keyIdentifierStrategy.insertKey(keyInfoHeaderBlock2, securableSoapMessage, null);
                    encryptedDataHeaderBlock2.setKeyInfo(keyInfoHeaderBlock2);
                }
                encryptElement.getParentNode().replaceChild(encryptedDataHeaderBlock2.getAsSoapElement(), encryptElement);
            }
            Node node2 = null;
            if (sOAPElement != null) {
                try {
                    node2 = (SOAPElement) sOAPElement.getNextSibling();
                } catch (Exception e4) {
                    throw new XWSSecurityException(e4);
                }
            }
            if (encryptedKey != null) {
                Node makeUsable = findOrCreateSecurityHeader.makeUsable(xMLCipher.martial(encryptedKey));
                makeUsable.appendChild(referenceListHeaderBlock2.getAsSoapElement());
                if (node2 != null) {
                    findOrCreateSecurityHeader.insertBefore(makeUsable, node2);
                } else if (sOAPElement == null) {
                    findOrCreateSecurityHeader.insertHeaderBlockElement(makeUsable);
                } else {
                    findOrCreateSecurityHeader.appendChild(makeUsable);
                }
            } else if (referenceListHeaderBlock != null) {
                findOrCreateSecurityHeader.insertHeaderBlock(referenceListHeaderBlock);
            }
        } catch (Exception e5) {
            log.log(Level.SEVERE, "WSS1205.unableto.initialize.xml.cipher", (Throwable) e5);
            throw new XWSSecurityException("Unable to initialize XML Cipher", e5);
        }
    }

    private static Element encryptElement(SecurableSoapMessage securableSoapMessage, SOAPElement sOAPElement, boolean z, XMLCipher xMLCipher) throws XWSSecurityException {
        SOAPElement parentNode;
        String localName = sOAPElement.getLocalName();
        if (!z && ((MessageConstants.SOAP_1_1_NS.equalsIgnoreCase(sOAPElement.getNamespaceURI()) || MessageConstants.SOAP_1_2_NS.equalsIgnoreCase(sOAPElement.getNamespaceURI())) && (MessageConstants.SOAP_HEADER_LNAME.equalsIgnoreCase(localName) || "Envelope".equalsIgnoreCase(localName) || MessageConstants.SOAP_BODY_LNAME.equalsIgnoreCase(localName)))) {
            log.log(Level.SEVERE, "WSS1206.illegal.target", sOAPElement.getElementName().getQualifiedName());
            throw new XWSSecurityException(new StringBuffer().append("Encryption of SOAP ").append(localName).append(" is not allowed").toString());
        }
        SOAPPart sOAPPart = securableSoapMessage.getSOAPPart();
        Node node = null;
        if (z) {
            parentNode = sOAPElement;
        } else {
            parentNode = sOAPElement.getParentNode();
            node = sOAPElement.getNextSibling();
        }
        try {
            xMLCipher.doFinal(sOAPPart, sOAPElement, z);
            return z ? (Element) parentNode.getFirstChild() : node == null ? (Element) parentNode.getLastChild() : (Element) node.getPreviousSibling();
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS1207.unableto.encrypt.message");
            throw new XWSSecurityException("Unable to encrypt element", e);
        }
    }

    private static Element encryptBodyContent(SecurableSoapMessage securableSoapMessage, byte[] bArr, XMLCipher xMLCipher) throws XWSSecurityException {
        try {
            Element martial = xMLCipher.martial(xMLCipher.encryptData(securableSoapMessage.getSOAPPart(), bArr, true));
            securableSoapMessage.getSOAPMessage().getEMBody().appendChild(martial);
            return martial;
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS1207.unableto.encrypt.message");
            throw new XWSSecurityException("Unable to encrypt element", e);
        }
    }

    private static void signEncrypt(FilterProcessingContext filterProcessingContext, Cipher cipher, ReferenceListHeaderBlock referenceListHeaderBlock, ReferenceListHeaderBlock referenceListHeaderBlock2, KeyInfoStrategy keyInfoStrategy, String str) throws XWSSecurityException {
        try {
            byte[] doFinal = cipher.doFinal(filterProcessingContext.getCanonicalizedData());
            byte[] iv = cipher.getIV();
            EncryptedDataImpl encryptedDataImpl = new EncryptedDataImpl();
            encryptedDataImpl.setEncryptedData(doFinal);
            encryptedDataImpl.setIv(iv);
            encryptedDataImpl.setEncAlgo(str);
            String generateId = filterProcessingContext.getSecurableSoapMessage().generateId();
            String stringBuffer = new StringBuffer().append("#").append(generateId).toString();
            encryptedDataImpl.setId(generateId);
            if (referenceListHeaderBlock != null) {
                referenceListHeaderBlock.addReference(stringBuffer);
            } else {
                if (referenceListHeaderBlock2 == null) {
                    referenceListHeaderBlock2 = new ReferenceListHeaderBlock((Document) filterProcessingContext.getSecurableSoapMessage().getSOAPPart());
                }
                referenceListHeaderBlock2.addReference(stringBuffer);
                KeyInfoHeaderBlock keyInfoHeaderBlock = new KeyInfoHeaderBlock((Document) filterProcessingContext.getSecurableSoapMessage().getSOAPPart());
                keyInfoStrategy.insertKey(keyInfoHeaderBlock, filterProcessingContext.getSecurableSoapMessage(), null);
                encryptedDataImpl.setKeyInfo(keyInfoHeaderBlock);
            }
            JAXWSMessage jAXWSMessage = filterProcessingContext.getSOAPMessage().getJAXWSMessage();
            encryptedDataImpl.setXMLSerializer(jAXWSMessage.getXmlSerializer());
            jAXWSMessage.setEncryptedBody(encryptedDataImpl);
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS1207.unableto.encrypt.message");
            throw new XWSSecurityException("Unable to encrypt element", e);
        }
    }

    private static void encryptAttachment(AttachmentPart attachmentPart, boolean z, Cipher cipher) throws XWSSecurityException {
        byte[] bArr;
        try {
            if (z) {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                attachmentPart.getDataHandler().writeTo(byteArrayOutputStream);
                bArr = byteArrayOutputStream.toByteArray();
            } else {
                Object[] _getSignatureInput = AttachmentSignatureInput._getSignatureInput(attachmentPart);
                byte[] serializeHeaders = serializeHeaders((Vector) _getSignatureInput[0]);
                byte[] bArr2 = (byte[]) _getSignatureInput[1];
                bArr = new byte[serializeHeaders.length + bArr2.length];
                System.arraycopy(serializeHeaders, 0, bArr, 0, serializeHeaders.length);
                System.arraycopy(bArr2, 0, bArr, serializeHeaders.length, bArr2.length);
            }
            byte[] doFinal = cipher.doFinal(bArr);
            byte[] iv = cipher.getIV();
            byte[] bArr3 = new byte[iv.length + doFinal.length];
            System.arraycopy(iv, 0, bArr3, 0, iv.length);
            System.arraycopy(doFinal, 0, bArr3, iv.length, doFinal.length);
            int length = bArr3.length;
            String contentId = attachmentPart.getContentId();
            if (!z) {
                attachmentPart.removeAllMimeHeaders();
            }
            if (contentId != null) {
                attachmentPart.setMimeHeader(MimeConstants.CONTENT_ID, contentId);
            } else {
                String contentLocation = attachmentPart.getContentLocation();
                if (contentLocation != null) {
                    attachmentPart.setMimeHeader(MimeConstants.CONTENT_LOCATION, contentLocation);
                }
            }
            attachmentPart.setContentType(MimeConstants.APPLICATION_OCTET_STREAM_TYPE);
            attachmentPart.setMimeHeader(MimeConstants.CONTENT_LENGTH, new Integer(length).toString());
            attachmentPart.setMimeHeader(MimeConstants.CONTENT_TRANSFER_ENCODING, "base64");
            attachmentPart.setDataHandler(new EncryptedAttachmentDataHandler(new EncryptedAttachmentDataSource(bArr3)));
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    private static byte[] serializeHeaders(Vector vector) throws XWSSecurityException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        for (int i = 0; i < vector.size(); i++) {
            try {
                MimeHeader mimeHeader = (MimeHeader) vector.elementAt(i);
                byte[] bytes = new StringBuffer().append(mimeHeader.getName()).append(":").append(mimeHeader.getValue()).append("\r\n").toString().getBytes(MimeConstants.US_ASCII);
                byteArrayOutputStream.write(bytes, 0, bytes.length);
            } catch (Exception e) {
                throw new XWSSecurityException(e);
            }
        }
        byteArrayOutputStream.write(crlf, 0, crlf.length);
        return byteArrayOutputStream.toByteArray();
    }

    private static SecretKey generateSymmetricKey(String str) throws XWSSecurityException {
        try {
            String jCEKeyAlgorithmFromURI = JCEMapper.getJCEKeyAlgorithmFromURI(str);
            KeyGenerator keyGenerator = KeyGenerator.getInstance(jCEKeyAlgorithmFromURI);
            keyGenerator.init(jCEKeyAlgorithmFromURI.startsWith("DES") ? 168 : JCEMapper.getKeyLengthFromURI(str));
            return keyGenerator.generateKey();
        } catch (Exception e) {
            log.log(Level.SEVERE, "WSS1208.failedto.generate.random.symmetrickey", new Object[]{e.getMessage()});
            throw new XWSSecurityException("Unable to Generate Symmetric Key", e);
        }
    }

    static {
        crlf = null;
        try {
            crlf = "\r\n".getBytes(MimeConstants.US_ASCII);
        } catch (UnsupportedEncodingException e) {
            if (log != null) {
                log.log(Level.SEVERE, "WSS1204.crlf.init.failed", (Throwable) e);
            }
        }
    }
}
