package org.apache.ws.security.action;

import java.security.cert.X509Certificate;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoType;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.handler.WSHandler;
import org.apache.ws.security.message.WSSecEncrypt;
import org.w3c.dom.Document;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/wss4j-1.6.1.jar:org/apache/ws/security/action/EncryptionAction.class
 */
/* loaded from: input_file:lib/wss4j-1.6.11.jar:org/apache/ws/security/action/EncryptionAction.class */
public class EncryptionAction implements Action {
    @Override // org.apache.ws.security.action.Action
    public void execute(WSHandler wSHandler, int i, Document document, RequestData requestData) throws WSSecurityException {
        WSSecEncrypt wSSecEncrypt = new WSSecEncrypt(requestData.getWssConfig());
        if (requestData.getEncKeyId() != 0) {
            wSSecEncrypt.setKeyIdentifierType(requestData.getEncKeyId());
        }
        if (requestData.getEncKeyId() == 5) {
            wSSecEncrypt.setEmbeddedKeyName(wSHandler.getString("embeddedKeyName", requestData.getMsgContext()));
            wSSecEncrypt.setKey(wSHandler.getPasswordCB(requestData.getEncUser(), i, wSHandler.getCallbackHandler("embeddedKeyCallbackClass", "embeddedKeyCallbackRef", requestData), requestData).getKey());
            wSSecEncrypt.setDocument(document);
        }
        if (requestData.getEncSymmAlgo() != null) {
            wSSecEncrypt.setSymmetricEncAlgorithm(requestData.getEncSymmAlgo());
        }
        if (requestData.getEncKeyTransport() != null) {
            wSSecEncrypt.setKeyEnc(requestData.getEncKeyTransport());
        }
        if (requestData.getEncDigestAlgorithm() != null) {
            wSSecEncrypt.setDigestAlgorithm(requestData.getEncDigestAlgorithm());
        }
        wSSecEncrypt.setUserInfo(requestData.getEncUser());
        wSSecEncrypt.setUseThisCert(requestData.getEncCert());
        Crypto encCrypto = requestData.getEncCrypto();
        boolean booleanValue = Boolean.valueOf(wSHandler.getStringOption("enableRevocation")).booleanValue();
        if (booleanValue && encCrypto != null) {
            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
            cryptoType.setAlias(requestData.getEncUser());
            X509Certificate[] x509Certificates = encCrypto.getX509Certificates(cryptoType);
            if (x509Certificates != null && x509Certificates.length > 0) {
                encCrypto.verifyTrust(x509Certificates, booleanValue);
            }
        }
        if (requestData.getEncryptParts().size() > 0) {
            wSSecEncrypt.setParts(requestData.getEncryptParts());
        }
        if (!requestData.getEncryptSymmetricEncryptionKey()) {
            wSSecEncrypt.setEphemeralKey(wSHandler.getPasswordCB(requestData.getEncUser(), i, wSHandler.getPasswordCallbackHandler(requestData), requestData).getKey());
            wSSecEncrypt.setEncryptSymmKey(requestData.getEncryptSymmetricEncryptionKey());
        }
        try {
            wSSecEncrypt.build(document, requestData.getEncCrypto(), requestData.getSecHeader());
        } catch (WSSecurityException e) {
            throw new WSSecurityException("Error during encryption: ", e);
        }
    }
}
