package com.ibm.wsspi.wssecurity.auth.callback;

import com.ibm.wsspi.wssecurity.SoapSecurityException;
import com.ibm.wsspi.wssecurity.auth.callback.BSTokenCallbackHandler;
import com.ibm.wsspi.wssecurity.auth.token.X509BSToken;
import com.ibm.xml.soapsec.util.CertificateUtil;
import com.ibm.xml.soapsec.util.ConfigUtil;
import com.ibm.xml.soapsec.util.Tr;
import com.ibm.xml.soapsec.util.TraceComponent;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.Provider;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.UnsupportedCallbackException;

/* loaded from: input_file:wasJars/was-wssecurity.jar:com/ibm/wsspi/wssecurity/auth/callback/PKCS7CallbackHandler.class */
public class PKCS7CallbackHandler extends BSTokenCallbackHandler {
    private static final String comp = "security.wssecurity";
    private static final TraceComponent tc = Tr.register(PKCS7CallbackHandler.class, "Web Services Security", "com.ibm.ws.webservices.wssecurity.resources.was-wssecurity");
    private static final String clsName = PKCS7CallbackHandler.class.getName();

    public PKCS7CallbackHandler(Map map) {
        super(map);
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "PKCS7CallbackHandler(Map properties)");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "PKCS7CallbackHandler(Map properties)");
        }
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "handle(Callback[] callbacks[" + callbackArr + "])");
        }
        BSTokenCallbackHandler.TokenInformation _handle = super._handle(callbackArr);
        if (_handle != null && _handle._config != null) {
            Provider provider = (Provider) _handle._properties.get(X509BSToken.PROVIDER);
            List list = (List) _handle._properties.get(X509BSToken.CERT_STORES);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Provider [" + provider + "], CertStores [" + list + "].");
            }
            try {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Getting the X509 Certificate with the alias [" + _handle._alias + "].");
                }
                Certificate certificate = _handle._config.getCertificate(_handle._alias);
                if (certificate == null) {
                    throw processError(_handle);
                }
                if (certificate instanceof X509Certificate) {
                    _handle._bsCallback.setCert((X509Certificate) certificate);
                    _handle._bsCallback.setKeyStorePath(_handle._config.getKeyStorePath());
                    _handle._bsCallback.setAlias(_handle._alias);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Succeeded to get the X509 Certificate with the alias [" + _handle._alias + "].");
                    }
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Genarating the pkcs7 with the alias [" + _handle._alias + "].");
                }
                byte[] encodePKCS7 = CertificateUtil.encodePKCS7(provider, list, _handle._config.getKeyStore(), _handle._alias);
                if (encodePKCS7 == null) {
                    throw new IOException(ConfigUtil.getMessage("security.wssecurity.PkiPathCallbackHandler.s02"));
                }
                _handle._bsCallback.setBinary(encodePKCS7);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Succeeded to generate the pkcs7 with the alias [" + _handle._alias + "].");
                }
            } catch (SoapSecurityException e) {
                Tr.processException(e, clsName + ".handle", "153", this);
                Tr.error(tc, "security.wssecurity.PkiPathCallbackHandler.s01", new Object[]{e});
                IOException iOException = new IOException(ConfigUtil.getMessage("security.wssecurity.PkiPathCallbackHandler.s01", new String[]{e.getClass().getName() + ": " + e.getMessage()}));
                iOException.initCause(e);
                throw iOException;
            } catch (KeyStoreException e2) {
                Tr.processException(e2, clsName + ".handle", "146", this);
                Tr.error(tc, "security.wssecurity.PkiPathCallbackHandler.s01", new Object[]{e2});
                IOException iOException2 = new IOException(ConfigUtil.getMessage("security.wssecurity.PkiPathCallbackHandler.s01", new String[]{e2.getClass().getName() + ": " + e2.getMessage()}));
                iOException2.initCause(e2);
                throw iOException2;
            } catch (CertStoreException e3) {
                Tr.processException(e3, clsName + ".handle", "139", this);
                Tr.error(tc, "security.wssecurity.PkiPathCallbackHandler.s01", new Object[]{e3});
                IOException iOException3 = new IOException(ConfigUtil.getMessage("security.wssecurity.PkiPathCallbackHandler.s01", new String[]{e3.getClass().getName() + ": " + e3.getMessage()}));
                iOException3.initCause(e3);
                throw iOException3;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "handle()");
        }
    }
}
