package org.apache.tsik.wss.actions;

import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import org.apache.tsik.util.Namespaces;
import org.apache.tsik.wsp.Action;
import org.apache.tsik.wsp.ActionViolation;
import org.apache.tsik.wss.Id;
import org.apache.tsik.wss.elements.EncryptedKey;
import org.apache.tsik.wss.elements.KeyIdentifier;
import org.apache.tsik.wss.elements.KeyInfo;
import org.apache.tsik.wss.elements.ReferenceList;
import org.apache.tsik.wss.elements.SecurityTokenReference;
import org.apache.tsik.xmlenc.AlgorithmType;
import org.apache.tsik.xmlenc.Encryptor;
import org.apache.tsik.xpath.XPath;

/* loaded from: input_file:org/apache/tsik/wss/actions/EncryptBody.class */
public class EncryptBody extends Action {
    private X509Certificate cert;
    private XPath keyOutputXpath;

    private boolean checkPreconditions() {
        this.cert = getX509Certificate("cert");
        this.keyOutputXpath = getXPath("keyoutput");
        if (this.cert == null || this.keyOutputXpath == null) {
            return false;
        }
        return moveOutputToXPath(this.keyOutputXpath);
    }

    public void execute() {
        if (!checkPreconditions()) {
            this.violations.add(new ActionViolation("Precond check failed"));
            return;
        }
        KeyInfo keyInfo = new KeyInfo(new SecurityTokenReference(new KeyIdentifier(this.cert)));
        String generateId = Id.generateId();
        ReferenceList referenceList = new ReferenceList(new StringBuffer().append("#").append(generateId).toString());
        try {
            SecretKey generateKey = KeyGenerator.getInstance("DESede").generateKey();
            EncryptedKey encryptedKey = new EncryptedKey(keyInfo, referenceList);
            try {
                encryptedKey.encrypt(generateKey);
                this.output.moveToXPath(this.keyOutputXpath);
                encryptedKey.toXml(this.output);
                try {
                    Encryptor encryptor = new Encryptor(this.input.getDocument(), encryptedKey.getDekKey(), AlgorithmType.TRIPLEDES);
                    XPath xPath = new XPath("/s:Envelope/s:Body", new String[]{"s", Namespaces.SOAPENV.getUri()});
                    encryptor.setContentEncryption(true);
                    encryptor.encryptInPlace(xPath);
                    this.output.moveToXPath(xPath);
                    this.output.moveToChild(1);
                    Id.insertInto(this.output, generateId);
                } catch (NoSuchAlgorithmException e) {
                    this.violations.add(new ActionViolation(e));
                }
            } catch (NoSuchAlgorithmException e2) {
                this.violations.add(new ActionViolation(e2));
            }
        } catch (NoSuchAlgorithmException e3) {
            this.violations.add(new ActionViolation(e3));
        }
    }

    public boolean needsOutputDocument() {
        return true;
    }
}
