package com.ibm.ws.webservices.wssecurity.confimpl;

import com.ibm.ws.webservices.wssecurity.WSSAlgorithmFactory;
import com.ibm.ws.webservices.wssecurity.config.AlgorithmConfig;
import com.ibm.ws.webservices.wssecurity.config.CollectionCertStore;
import com.ibm.ws.webservices.wssecurity.config.EncryptionGeneratorConfig;
import com.ibm.ws.webservices.wssecurity.config.KeyInfoContentGeneratorConfig;
import com.ibm.ws.webservices.wssecurity.config.KeyInfoGeneratorConfig;
import com.ibm.ws.webservices.wssecurity.config.ReferencePartConfig;
import com.ibm.ws.webservices.wssecurity.config.SignatureGeneratorConfig;
import com.ibm.ws.webservices.wssecurity.config.TimestampGeneratorConfig;
import com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig;
import com.ibm.ws.webservices.wssecurity.confimpl.PrivateCommonConfig;
import com.ibm.ws.webservices.wssecurity.core.WSSecurityDefaultGeneratorConfig;
import com.ibm.ws.webservices.wssecurity.dsig.STRDereferenceTransformer;
import com.ibm.ws.webservices.wssecurity.keyinfo.KeyInfoContentGeneratorComponent;
import com.ibm.ws.webservices.wssecurity.util.ConfigConstants;
import com.ibm.ws.webservices.wssecurity.util.ConfigValidation;
import com.ibm.ws.webservices.wssecurity.util.DOMUtil;
import com.ibm.ws.wssecurity.xss4j.dsig.KeyInfo;
import com.ibm.wsspi.wssecurity.Constants;
import com.ibm.wsspi.wssecurity.SoapSecurityException;
import com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig;
import com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig;
import com.ibm.wsspi.wssecurity.keyinfo.KeyLocator;
import com.ibm.wsspi.wssecurity.token.TokenGeneratorComponent;
import com.ibm.xml.soapsec.token.NonceManager;
import com.ibm.xml.soapsec.util.ConfigUtil;
import com.ibm.xml.soapsec.util.Duration;
import com.ibm.xml.soapsec.util.Tr;
import com.ibm.xml.soapsec.util.TraceComponent;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Provider;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import org.eclipse.jst.j2ee.internal.webservices.WebServicesClientDataRegistry;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/webservices/wssecurity/confimpl/PrivateGeneratorConfig.class */
public abstract class PrivateGeneratorConfig extends PrivateCommonConfig implements WSSGeneratorConfig {
    private static final String comp = "security.wssecurity";
    protected String _myActor = null;
    protected String _targetActor = null;
    protected boolean _indentation = false;
    protected final Set _allowedTransforms = new HashSet();
    protected final Set _allowedCanonicalizationMethods = new HashSet();
    protected final Set _allowedSignatureMethods = new HashSet();
    protected final Set _allowedDigestMethods = new HashSet();
    protected final Set _allowedDataEncryptionMethods = new HashSet();
    protected final Set _allowedKeyEncryptionMethods = new HashSet();
    protected final WSSAlgorithmFactory _algorithmFactory = (WSSAlgorithmFactory) WSSAlgorithmFactory.getInstance();
    protected final Set _defaultKeyInfoContentGenerators = new HashSet();
    protected final Set _defaultTokenGenerators = new HashSet();
    protected final Set _defaultCallbackHandlers = new HashSet();
    protected final Set _defaultKeyLocators = new HashSet();
    protected boolean _userDefinedComponentsUsed = false;
    protected boolean _signatureEnabled = false;
    protected boolean _encryptionEnabled = false;
    protected boolean _tokenEnabled = false;
    protected boolean _timestampEnabled = false;
    protected final List _integralParts = new ArrayList();
    protected final List _confidentialParts = new ArrayList();
    protected final List _securityTokens = new ArrayList();
    protected final List _operationGenerators = new ArrayList();
    protected final Set _tokenGenerators = new HashSet();
    protected NonceManager _nonceManager = null;
    protected Map _properties = null;
    protected TimestampGeneratorConfImpl _timestampGenerator = null;
    protected boolean _clientSetMustUnderstand = true;
    protected boolean _serviceGetMustUnderstand = true;
    protected boolean _checkCacheUnt = false;
    private static final TraceComponent tc = Tr.register(PrivateGeneratorConfig.class, ConfigConstants.TR_GROUP, ConfigConstants.TR_NLSPROPS);
    private static final String clsName = PrivateGeneratorConfig.class.getName();

    /* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/webservices/wssecurity/confimpl/PrivateGeneratorConfig$CallbackHandlerConfImpl.class */
    public static class CallbackHandlerConfImpl implements CallbackHandlerConfig {
        private static final int ITSHA1_OCTETS = 20;
        private static final int IT60SHA1_OCTETS = 8;
        private static final String OID_KEYIDENTIFIER = "2.5.29.14";
        private static final byte BER_SEQUENCE = 48;
        private static final byte BER_BITSTRING = 3;
        private static final int STATUS_OK = 0;
        private static final int STATUS_CERT_ERROR = 1;
        private static final int STATUS_KEYID_ERROR = 2;
        private static final int STATUS_KEY_ERROR = 4;
        public String _className = null;
        public PrivateCommonConfig.KeyStoreConfImpl _keyStoreConfig = null;
        public final Set _keyInformationList = new HashSet();
        public String _userId = null;
        public char[] _userPassword = null;
        public final Map _properties = new HashMap();
        private volatile boolean _initialized = false;
        private CallbackHandler _instance = null;
        private KeyStore _keystore = null;
        private final Map _certlist = new HashMap();

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/webservices/wssecurity/confimpl/PrivateGeneratorConfig$CallbackHandlerConfImpl$CertInformation.class */
        public class CertInformation {
            private String _kspath;
            private String _alias;
            private String _name;
            private Certificate _certificate;
            private String _subjectDN;
            private String _encSubjectDN;
            private int _status;
            private long _expiration;
            private String _errorMes;

            private CertInformation(String str, String str2, String str3, Certificate certificate, String str4, String str5, long j, int i, String str6) {
                this._kspath = str;
                this._alias = str2;
                this._name = str3;
                this._certificate = certificate;
                this._subjectDN = str4;
                this._encSubjectDN = str5;
                this._expiration = j;
                this._status = i;
                this._errorMes = str6;
            }

            /* JADX INFO: Access modifiers changed from: private */
            public Certificate getCertificate() throws SoapSecurityException {
                if ((this._status & 1) == 1) {
                    throw new SoapSecurityException(this._errorMes);
                }
                checkExpiration();
                return this._certificate;
            }

            private void checkExpiration() throws SoapSecurityException {
                if (this._expiration >= 0) {
                    long currentTimeMillis = this._expiration - System.currentTimeMillis();
                    if (currentTimeMillis < 0) {
                        this._status++;
                        this._errorMes = ConfigUtil.getMessage("security.wssecurity.WSEC5181E", new String[]{this._subjectDN, this._alias, this._kspath, "expiration time - current system time = " + currentTimeMillis + " ms."});
                        throw new SoapSecurityException(this._errorMes);
                    }
                }
            }

            public String toString() {
                StringBuffer append = new StringBuffer(getClass().getName()).append("(");
                append.append("keystorePath=[").append(this._kspath).append("], ");
                append.append("alias=[").append(this._alias).append("], ");
                append.append("name=[").append(this._name).append("], ");
                append.append("status=[").append(this._status).append("], ");
                append.append(")");
                return append.toString();
            }
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.Configuration
        public void validate() throws SoapSecurityException {
            if (this._className == null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s05", toString());
            }
            if (this._userId == null && this._userPassword != null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s06", toString());
            }
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public String getClassName() {
            return this._className;
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public CallbackHandler getInstance() {
            return this._instance;
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public void setInstance(CallbackHandler callbackHandler) {
            this._instance = callbackHandler;
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public Set getKeyInformationList() {
            return this._keyInformationList;
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public KeyStore getKeyStore() throws SoapSecurityException {
            if (!this._initialized) {
                doInit();
            }
            return this._keystore;
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public String getKeyStorePath() {
            if (this._keyStoreConfig == null) {
                return null;
            }
            return this._keyStoreConfig._path;
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public Certificate getCertificate(String str) throws SoapSecurityException {
            Certificate certificate = null;
            if (!this._initialized) {
                doInit();
            }
            CertInformation certInformation = (CertInformation) this._certlist.get(str);
            if (certInformation != null) {
                certificate = certInformation.getCertificate();
            }
            return certificate;
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public String getUserId() {
            return this._userId;
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public char[] getUserPassword() {
            return this._userPassword;
        }

        @Override // com.ibm.wsspi.wssecurity.config.CallbackHandlerConfig
        public Map getProperties() {
            return this._properties;
        }

        public String toString() {
            StringBuffer append = new StringBuffer(getClass().getName()).append("(");
            append.append("className=[").append(this._className).append("], ");
            append.append("keyInformationList=[").append(this._keyInformationList).append("], ");
            append.append("certInfomationList=[").append(this._certlist).append("], ");
            append.append("userId=[").append(this._userId).append("], ");
            append.append("userPassword=[XXXXXXXX], ");
            append.append("properties=[").append(this._properties).append("]");
            append.append(")");
            return append.toString();
        }

        protected synchronized void doInit() throws SoapSecurityException {
            if (PrivateGeneratorConfig.tc.isEntryEnabled()) {
                Tr.entry(PrivateGeneratorConfig.tc, "doInit()");
            }
            if (this._initialized && PrivateGeneratorConfig.tc.isEntryEnabled()) {
                Tr.exit(PrivateGeneratorConfig.tc, "doInit()");
            }
            PrivateCommonConfig.KeyStoreConfImpl keyStoreConfImpl = this._keyStoreConfig;
            Set<PrivateCommonConfig.KeyInformationConfImpl> set = this._keyInformationList;
            if (keyStoreConfImpl != null && set != null) {
                if (keyStoreConfImpl._ksRef != null) {
                    this._keystore = ConfigUtil.getKeyStore(keyStoreConfImpl._ksRef);
                } else if (keyStoreConfImpl._type != null && keyStoreConfImpl._path != null && keyStoreConfImpl._password != null && keyStoreConfImpl._path != null) {
                    this._keystore = ConfigUtil.getKeyStore(keyStoreConfImpl._type, keyStoreConfImpl._path, keyStoreConfImpl._password.toCharArray());
                }
                if (this._keystore == null) {
                    throw SoapSecurityException.format("security.wssecurity.KeyStoreKeyLocator.loadKeyStore01");
                }
                for (PrivateCommonConfig.KeyInformationConfImpl keyInformationConfImpl : set) {
                    try {
                        String encodeDName = KeyInfo.X509Data.encodeDName(keyInformationConfImpl._name);
                        if (encodeDName == null || encodeDName.length() == 0) {
                            encodeDName = keyInformationConfImpl._name;
                        }
                        Certificate certificate = this._keystore.getCertificate(keyInformationConfImpl._alias);
                        int i = 0;
                        String str = null;
                        if (certificate != null && (certificate instanceof X509Certificate)) {
                            X509Certificate x509Certificate = (X509Certificate) certificate;
                            String name = x509Certificate.getSubjectDN().getName();
                            String encodeDName2 = KeyInfo.X509Data.encodeDName(name);
                            long time = x509Certificate.getNotAfter().getTime();
                            try {
                                try {
                                    x509Certificate.checkValidity();
                                } catch (CertificateExpiredException e) {
                                    i = 0 + 2;
                                    Tr.processException(e, PrivateGeneratorConfig.clsName + ".doInit", "1397", this);
                                    Tr.error(PrivateGeneratorConfig.tc, "security.wssecurity.WSEC5181E", new Object[]{name, keyInformationConfImpl.getAlias(), keyStoreConfImpl.getPath(), e});
                                    str = ConfigUtil.getMessage("security.wssecurity.WSEC5181E", new String[]{name, keyInformationConfImpl.getAlias(), keyStoreConfImpl.getPath(), e.getClass().getName() + ": " + e.getMessage()});
                                }
                            } catch (CertificateException e2) {
                                i = 0 + 1;
                                Tr.processException(e2, PrivateGeneratorConfig.clsName + ".doInit", "1404", this);
                                Tr.error(PrivateGeneratorConfig.tc, "security.wssecurity.WSEC5182E", new Object[]{name, keyInformationConfImpl.getAlias(), keyStoreConfImpl.getPath(), e2});
                                str = ConfigUtil.getMessage("security.wssecurity.WSEC5182E", new String[]{name, keyInformationConfImpl.getAlias(), keyStoreConfImpl.getPath(), e2.getClass().getName() + ": " + e2.getMessage()});
                            }
                            this._certlist.put(keyInformationConfImpl._alias, new CertInformation(keyStoreConfImpl._path, keyInformationConfImpl._alias, encodeDName, certificate, name, encodeDName2, time, i, str));
                        }
                    } catch (KeyStoreException e3) {
                        Tr.processException(e3, PrivateGeneratorConfig.clsName + ".doInit", "1424", this);
                        Tr.error(PrivateGeneratorConfig.tc, "security.wssecurity.KeyStoreKeyLocator.exception", new Object[]{keyStoreConfImpl.getPath(), e3});
                        throw new SoapSecurityException(e3);
                    }
                }
            }
            if (PrivateGeneratorConfig.tc.isDebugEnabled()) {
                Tr.debug(PrivateGeneratorConfig.tc, "KeyLocatorConfig [" + this._keyStoreConfig + "], CertInformationList [" + this._certlist + "].");
            }
            this._initialized = true;
            if (PrivateGeneratorConfig.tc.isEntryEnabled()) {
                Tr.exit(PrivateGeneratorConfig.tc, "doInit()");
            }
        }
    }

    /* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/webservices/wssecurity/confimpl/PrivateGeneratorConfig$EncryptionGeneratorConfImpl.class */
    public static class EncryptionGeneratorConfImpl implements EncryptionGeneratorConfig {
        public PrivateCommonConfig.AlgorithmConfImpl _dataEncryptionMethod = null;
        public PrivateCommonConfig.AlgorithmConfImpl _keyEncryptionMethod = null;
        public KeyInfoGeneratorConfImpl _encryptionKeyInfo = null;
        public PrivateCommonConfig.ReferencePartConfImpl _reference = null;
        public final Map _properties = new HashMap();
        public boolean _sigAfterEnc = false;

        @Override // com.ibm.ws.webservices.wssecurity.config.Configuration
        public void validate() throws SoapSecurityException {
            validate(false);
        }

        public void validate(boolean z) throws SoapSecurityException {
            if (this._dataEncryptionMethod == null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s19", toString());
            }
            if (this._encryptionKeyInfo == null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s02", toString());
            }
            if (this._reference == null && !z) {
                throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s21", toString());
            }
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.EncryptionGeneratorConfig
        public AlgorithmConfig getDataEncryptionMethod() {
            return this._dataEncryptionMethod;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.EncryptionGeneratorConfig
        public AlgorithmConfig getKeyEncryptionMethod() {
            return this._keyEncryptionMethod;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.EncryptionGeneratorConfig
        public KeyInfoGeneratorConfig getEncryptionKeyInfo() {
            return this._encryptionKeyInfo;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.EncryptionGeneratorConfig
        public ReferencePartConfig getReference() {
            return this._reference;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.EncryptionGeneratorConfig
        public Map getProperties() {
            return this._properties;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.EncryptionGeneratorConfig
        public boolean remainSignatureAfterEncryption() {
            return this._sigAfterEnc;
        }

        public String toString() {
            StringBuffer append = new StringBuffer(getClass().getName()).append("(");
            append.append("dataEncryptionMethod=[").append(this._dataEncryptionMethod).append("], ");
            append.append("keyEncryptionMethod=[").append(this._keyEncryptionMethod).append("], ");
            append.append("encryptionKeyInfo=[").append(this._encryptionKeyInfo).append("], ");
            append.append("reference=[").append(this._reference).append("], ");
            append.append("properties=[").append(this._properties).append("], ");
            append.append("signatureAfterEncryption=[").append(this._sigAfterEnc).append("]");
            append.append(")");
            return append.toString();
        }
    }

    /* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/webservices/wssecurity/confimpl/PrivateGeneratorConfig$KeyInfoContentGeneratorConfImpl.class */
    public static class KeyInfoContentGeneratorConfImpl implements KeyInfoContentGeneratorConfig {
        public String _className = null;
        public KeyInfoContentGeneratorComponent _instance = null;
        public String _keyInfoType = null;
        public KeyLocator _keyLocator = null;
        public String _keyName = null;
        public TokenGeneratorConfImpl _tokenGenerator = null;
        public final Map _properties = new HashMap();

        @Override // com.ibm.ws.webservices.wssecurity.config.Configuration
        public void validate() throws SoapSecurityException {
            if (this._instance == null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s25", toString());
            }
            if (this._keyInfoType == null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s26", toString());
            }
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.KeyInfoContentGeneratorConfig
        public KeyInfoContentGeneratorComponent getInstance() {
            return this._instance;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.KeyInfoContentGeneratorConfig
        public String getKeyInfoType() {
            return this._keyInfoType;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.KeyInfoContentGeneratorConfig
        public KeyLocator getKeyLocator() {
            return this._keyLocator;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.KeyInfoContentGeneratorConfig
        public String getKeyName() {
            return this._keyName;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.KeyInfoContentGeneratorConfig
        public TokenGeneratorConfig getTokenGenerator() {
            return this._tokenGenerator;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.KeyInfoContentGeneratorConfig
        public Map getProperties() {
            return this._properties;
        }

        public String toString() {
            StringBuffer append = new StringBuffer(getClass().getName()).append("(");
            append.append("className=[").append(this._className).append("], ");
            append.append("keyInfoType=[").append(this._keyInfoType).append("], ");
            append.append("keyLocator=[").append(this._keyLocator).append("], ");
            append.append("keyName=[").append(this._keyName).append("], ");
            append.append("tokenGenerator=[").append(this._tokenGenerator).append("], ");
            append.append("properties=[").append(this._properties).append("]");
            append.append(")");
            return append.toString();
        }
    }

    /* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/webservices/wssecurity/confimpl/PrivateGeneratorConfig$KeyInfoGeneratorConfImpl.class */
    public static class KeyInfoGeneratorConfImpl implements KeyInfoGeneratorConfig {
        public KeyInfoContentGeneratorConfImpl _contentGenerator = null;

        @Override // com.ibm.ws.webservices.wssecurity.config.Configuration
        public void validate() throws SoapSecurityException {
            if (this._contentGenerator == null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s07", toString());
            }
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.KeyInfoGeneratorConfig
        public KeyInfoContentGeneratorConfig getContentGenerator() {
            return this._contentGenerator;
        }

        public String toString() {
            StringBuffer append = new StringBuffer(getClass().getName()).append("(");
            append.append("contentGenerator=[").append(this._contentGenerator).append("]");
            append.append(")");
            return append.toString();
        }
    }

    /* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/webservices/wssecurity/confimpl/PrivateGeneratorConfig$SignatureGeneratorConfImpl.class */
    public static class SignatureGeneratorConfImpl implements SignatureGeneratorConfig {
        public PrivateCommonConfig.AlgorithmConfImpl _canonicalizationMethod = null;
        public PrivateCommonConfig.AlgorithmConfImpl _signatureMethod = null;
        public PrivateCommonConfig.AlgorithmConfImpl _keyInfoSignature = null;
        public KeyInfoGeneratorConfImpl _signingKeyInfo = null;
        public final List _references = new ArrayList();
        public boolean _inclusiveNamespaces = true;
        public final Map _properties = new HashMap();

        @Override // com.ibm.ws.webservices.wssecurity.config.Configuration
        public void validate() throws SoapSecurityException {
            validate(false);
        }

        public void validate(boolean z) throws SoapSecurityException {
            checkInclusiveNsProperty();
            if (this._signingKeyInfo == null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s01", toString());
            }
            if (this._references.isEmpty() && !z) {
                throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s18", toString());
            }
        }

        public void putInclusiveNsProperty(Map map) {
            String str = (String) map.get(Constants.WSSECURITY_INCLUSIVE_NAMESPACES);
            if (ConfigUtil.hasValue(str)) {
                this._properties.put(Constants.WSSECURITY_INCLUSIVE_NAMESPACES, str);
            }
        }

        private void checkInclusiveNsProperty() {
            if (this._properties.containsKey(Constants.WSSECURITY_INCLUSIVE_NAMESPACES)) {
                this._inclusiveNamespaces = ConfigUtil.isTrue((String) this._properties.get(Constants.WSSECURITY_INCLUSIVE_NAMESPACES));
            }
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.SignatureGeneratorConfig
        public AlgorithmConfig getCanonicalizationMethod() {
            return this._canonicalizationMethod;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.SignatureGeneratorConfig
        public AlgorithmConfig getSignatureMethod() {
            return this._signatureMethod;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.SignatureGeneratorConfig
        public AlgorithmConfig getKeyInfoSignature() {
            return this._keyInfoSignature;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.SignatureGeneratorConfig
        public KeyInfoGeneratorConfig getSigningKeyInfo() {
            return this._signingKeyInfo;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.SignatureGeneratorConfig
        public List getReferences() {
            return this._references;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.SignatureGeneratorConfig
        public boolean addInclusiveNamespaces() {
            return this._inclusiveNamespaces;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.SignatureGeneratorConfig
        public Map getProperties() {
            return this._properties;
        }

        public String toString() {
            StringBuffer append = new StringBuffer(getClass().getName()).append("(");
            append.append("canonicalizationMethod=[").append(this._canonicalizationMethod).append("], ");
            append.append("signatureMethod=[").append(this._signatureMethod).append("], ");
            append.append("keyInfoSignature=[").append(this._keyInfoSignature).append("], ");
            append.append("signingKeyInfo=[").append(this._signingKeyInfo).append("], ");
            append.append("refereces=[").append(this._references).append("], ");
            append.append("addInclusiveNamespaces=[").append(this._inclusiveNamespaces).append("], ");
            append.append("properties=[").append(this._properties).append("]");
            append.append(")");
            return append.toString();
        }
    }

    /* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/webservices/wssecurity/confimpl/PrivateGeneratorConfig$TimestampGeneratorConfImpl.class */
    public static class TimestampGeneratorConfImpl implements TimestampGeneratorConfig {
        public String _myActor = null;
        public String _targetActor = null;
        public Duration _duration = null;
        private boolean _signed = false;
        private boolean _headerAttribute = false;
        private boolean _default = true;
        private boolean _soapHeader = false;
        public final Map _properties = new HashMap();

        @Override // com.ibm.ws.webservices.wssecurity.config.Configuration
        public void validate() throws SoapSecurityException {
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.TimestampGeneratorConfig
        public String getMyActor() {
            return this._myActor;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.TimestampGeneratorConfig
        public String getTargetActor() {
            return this._targetActor;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.TimestampGeneratorConfig
        public Duration getDuration() {
            return this._duration;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.TimestampGeneratorConfig
        public boolean toBeSigned() {
            return this._signed;
        }

        public void setToBeSigned(boolean z) {
            this._signed = z;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.TimestampGeneratorConfig
        public boolean getSOAPHeaderAttribute() {
            return this._headerAttribute;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.TimestampGeneratorConfig
        public boolean isSOAPHeaderElement() {
            return this._soapHeader;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.TimestampGeneratorConfig
        public boolean isDefault() {
            return this._default;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.TimestampGeneratorConfig
        public Map getProperties() {
            return this._properties;
        }

        public String toString() {
            StringBuffer append = new StringBuffer(getClass().getName()).append("(");
            append.append("myActor=[").append(this._myActor).append("], ");
            append.append("targetActor=[").append(this._targetActor).append("], ");
            append.append("duration=[").append(this._duration).append("], ");
            append.append("signed=[").append(this._signed).append("], ");
            append.append("headerAttribute=[").append(this._headerAttribute).append("], ");
            append.append("soapHeader=[").append(this._soapHeader).append("], ");
            append.append("properties=[").append(this._properties).append("]");
            append.append(")");
            return append.toString();
        }
    }

    /* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/webservices/wssecurity/confimpl/PrivateGeneratorConfig$TokenGeneratorConfImpl.class */
    public static class TokenGeneratorConfImpl implements TokenGeneratorConfig {
        public String _name;
        public String _className;
        public TokenGeneratorComponent _instance;
        public String _usage;
        public QName _type;
        public boolean _standAlone;
        public Provider _provider;
        public List _certStores;
        public CallbackHandlerConfImpl _callbackHandler;
        public boolean _usedForSignature;
        public boolean _usedForEncryption;
        public final Map _properties;
        private volatile boolean _initialized;

        public TokenGeneratorConfImpl() {
            this._name = null;
            this._className = null;
            this._instance = null;
            this._usage = null;
            this._type = null;
            this._standAlone = false;
            this._provider = null;
            this._certStores = null;
            this._callbackHandler = null;
            this._usedForSignature = false;
            this._usedForEncryption = false;
            this._properties = new HashMap();
            this._initialized = false;
        }

        public TokenGeneratorConfImpl(TokenGeneratorConfImpl tokenGeneratorConfImpl) {
            this._name = null;
            this._className = null;
            this._instance = null;
            this._usage = null;
            this._type = null;
            this._standAlone = false;
            this._provider = null;
            this._certStores = null;
            this._callbackHandler = null;
            this._usedForSignature = false;
            this._usedForEncryption = false;
            this._properties = new HashMap();
            this._initialized = false;
            this._name = tokenGeneratorConfImpl._name;
            this._className = tokenGeneratorConfImpl._className;
            this._instance = tokenGeneratorConfImpl._instance;
            this._usage = tokenGeneratorConfImpl._usage;
            this._type = tokenGeneratorConfImpl._type;
            this._standAlone = tokenGeneratorConfImpl._standAlone;
            this._provider = tokenGeneratorConfImpl._provider;
            this._certStores = tokenGeneratorConfImpl._certStores;
            this._callbackHandler = tokenGeneratorConfImpl._callbackHandler;
            this._usedForSignature = tokenGeneratorConfImpl._usedForSignature;
            this._usedForEncryption = tokenGeneratorConfImpl._usedForEncryption;
            this._properties.putAll(tokenGeneratorConfImpl._properties);
            this._initialized = tokenGeneratorConfImpl._initialized;
        }

        @Override // com.ibm.ws.webservices.wssecurity.config.Configuration
        public void validate() throws SoapSecurityException {
            if (this._instance == null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s03", toString());
            }
            if (this._type == null) {
                throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s04", toString());
            }
        }

        protected synchronized void initCerts() {
            if (PrivateGeneratorConfig.tc.isEntryEnabled()) {
                Tr.entry(PrivateGeneratorConfig.tc, "initCerts()");
            }
            if (this._initialized) {
                if (PrivateGeneratorConfig.tc.isEntryEnabled()) {
                    Tr.exit(PrivateGeneratorConfig.tc, "initCerts()");
                    return;
                }
                return;
            }
            if (this._certStores != null) {
                if (PrivateGeneratorConfig.tc.isDebugEnabled()) {
                    Tr.debug(PrivateGeneratorConfig.tc, "_certStores is non-null");
                }
                Iterator it = this._certStores.iterator();
                if (!it.hasNext() && PrivateGeneratorConfig.tc.isDebugEnabled()) {
                    Tr.debug(PrivateGeneratorConfig.tc, "_certStores is empty");
                }
                ArrayList arrayList = new ArrayList();
                while (it.hasNext()) {
                    Object next = it.next();
                    if (next instanceof CollectionCertStore) {
                        if (PrivateGeneratorConfig.tc.isDebugEnabled()) {
                            Tr.debug(PrivateGeneratorConfig.tc, "Instance is a CollectionCertStore, creating CertStore instance.");
                        }
                        CertStore collectionCertStore = ((CollectionCertStore) next).getInstance();
                        if (collectionCertStore != null) {
                            this._provider = collectionCertStore.getProvider();
                            arrayList.add(collectionCertStore);
                        } else if (PrivateGeneratorConfig.tc.isDebugEnabled()) {
                            Tr.debug(PrivateGeneratorConfig.tc, "CollectionCertStore.getInstance() returned null.");
                        }
                    } else {
                        if (PrivateGeneratorConfig.tc.isDebugEnabled()) {
                            Tr.debug(PrivateGeneratorConfig.tc, "Instance not a CollectionCertStore, nothing to do.");
                        }
                        arrayList.add(next);
                    }
                }
                this._certStores = arrayList;
            } else if (PrivateGeneratorConfig.tc.isDebugEnabled()) {
                Tr.debug(PrivateGeneratorConfig.tc, "_certStores is null");
            }
            this._initialized = true;
            if (PrivateGeneratorConfig.tc.isEntryEnabled()) {
                Tr.exit(PrivateGeneratorConfig.tc, "initCerts()");
            }
        }

        @Override // com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig
        public TokenGeneratorComponent getInstance() {
            return this._instance;
        }

        @Override // com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig
        public String getUsage() {
            return this._usage;
        }

        @Override // com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig
        public QName getType() {
            return this._type;
        }

        @Override // com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig
        public boolean isStandAlone() {
            return this._standAlone;
        }

        @Override // com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig
        public Provider getProvider() {
            initCerts();
            return this._provider;
        }

        @Override // com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig
        public List getCertStores() {
            initCerts();
            return this._certStores;
        }

        @Override // com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig
        public CallbackHandlerConfig getCallbackHandler() {
            return this._callbackHandler;
        }

        @Override // com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig
        public Map getProperties() {
            return this._properties;
        }

        public String toString() {
            StringBuffer append = new StringBuffer(getClass().getName()).append("(");
            append.append("className=[").append(this._className).append("], ");
            append.append("usage=[").append(this._usage).append("], ");
            append.append("type=[").append(this._type).append("], ");
            append.append("standAlone=[").append(this._standAlone).append("], ");
            append.append("provider=[").append(this._provider).append("], ");
            append.append("certStores=[").append(this._certStores).append("], ");
            append.append("callbackHandler=[").append(this._callbackHandler).append("], ");
            append.append("properties=[").append(this._properties).append("]");
            append.append(")");
            return append.toString();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processPrivateConfig(Document document) throws SoapSecurityException {
        boolean z;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processPrivateConfig(Document pconfig[" + document + "])");
        }
        if (ConfigValidation.isFipsEnabled()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "isFipsEnabled() is true; getting FIPS algorithms");
            }
            z = true;
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "isFipsEnabled() is false; getting non-FIPS algorithms");
            }
            z = false;
        }
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "Transform");
        int length = elementsByTagNameNS.getLength();
        for (int i = 0; i < length; i++) {
            this._allowedTransforms.add(DOMUtil.getAttribute((Element) elementsByTagNameNS.item(i), "algorithm"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Allowed Transforms:", new Object[]{this._allowedTransforms});
        }
        if (this._allowedTransforms.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.PrivateGeneratorConfig.s11");
        }
        NodeList elementsByTagNameNS2 = document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "canonicalizationMethod");
        int length2 = elementsByTagNameNS2.getLength();
        for (int i2 = 0; i2 < length2; i2++) {
            this._allowedCanonicalizationMethods.add(DOMUtil.getAttribute((Element) elementsByTagNameNS2.item(i2), "algorithm"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Allowed canonicalizationMethods:", new Object[]{this._allowedCanonicalizationMethods});
        }
        if (this._allowedCanonicalizationMethods.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.PrivateGeneratorConfig.s12");
        }
        NodeList elementsByTagNameNS3 = z ? document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "fipsSignatureMethod") : document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "signatureMethod");
        int length3 = elementsByTagNameNS3.getLength();
        for (int i3 = 0; i3 < length3; i3++) {
            this._allowedSignatureMethods.add(DOMUtil.getAttribute((Element) elementsByTagNameNS3.item(i3), "algorithm"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Allowed signatureMethods:", new Object[]{this._allowedSignatureMethods});
        }
        if (this._allowedSignatureMethods.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.PrivateGeneratorConfig.s13");
        }
        NodeList elementsByTagNameNS4 = z ? document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "fipsDigestMethod") : document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "digestMethod");
        int length4 = elementsByTagNameNS4.getLength();
        for (int i4 = 0; i4 < length4; i4++) {
            this._allowedDigestMethods.add(DOMUtil.getAttribute((Element) elementsByTagNameNS4.item(i4), "algorithm"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Allowed digestMethods:", new Object[]{this._allowedDigestMethods});
        }
        if (this._allowedDigestMethods.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.PrivateGeneratorConfig.s14");
        }
        NodeList elementsByTagNameNS5 = z ? document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "fipsEncryptionMethod") : document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "encryptionMethod");
        int length5 = elementsByTagNameNS5.getLength();
        for (int i5 = 0; i5 < length5; i5++) {
            this._allowedDataEncryptionMethods.add(DOMUtil.getAttribute((Element) elementsByTagNameNS5.item(i5), "algorithm"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Allowed encryptionMethods:", new Object[]{this._allowedDataEncryptionMethods});
        }
        if (this._allowedDataEncryptionMethods.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.PrivateGeneratorConfig.s15");
        }
        NodeList elementsByTagNameNS6 = z ? document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "fipsKeyEncryptionMethod") : document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "keyEncryptionMethod");
        int length6 = elementsByTagNameNS6.getLength();
        for (int i6 = 0; i6 < length6; i6++) {
            String attribute = DOMUtil.getAttribute((Element) elementsByTagNameNS6.item(i6), "algorithm");
            if (ConfigValidation.isAlgoSupportedByRuntime(attribute)) {
                this._allowedKeyEncryptionMethods.add(attribute);
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Allowed keyEncryptionMethods:", new Object[]{this._allowedKeyEncryptionMethods});
        }
        if (this._allowedKeyEncryptionMethods.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.PrivateGeneratorConfig.s16");
        }
        NodeList elementsByTagNameNS7 = document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "KeyInfoContentGenerator");
        int length7 = elementsByTagNameNS7.getLength();
        for (int i7 = 0; i7 < length7; i7++) {
            this._defaultKeyInfoContentGenerators.add(DOMUtil.getAttribute((Element) elementsByTagNameNS7.item(i7), "class"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Default KeyInfoContentGenerator:", new Object[]{this._defaultKeyInfoContentGenerators});
        }
        if (this._defaultKeyInfoContentGenerators.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.WSEC6715W");
        }
        NodeList elementsByTagNameNS8 = document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "TokenGenerator");
        int length8 = elementsByTagNameNS8.getLength();
        for (int i8 = 0; i8 < length8; i8++) {
            this._defaultTokenGenerators.add(DOMUtil.getAttribute((Element) elementsByTagNameNS8.item(i8), "class"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Default TokenGenerator:", new Object[]{this._defaultTokenGenerators});
        }
        if (this._defaultTokenGenerators.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.WSEC6716W");
        }
        NodeList elementsByTagNameNS9 = document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "CallbackHandler");
        int length9 = elementsByTagNameNS9.getLength();
        for (int i9 = 0; i9 < length9; i9++) {
            this._defaultCallbackHandlers.add(DOMUtil.getAttribute((Element) elementsByTagNameNS9.item(i9), "class"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Default CallbackHandler:", new Object[]{this._defaultCallbackHandlers});
        }
        if (this._defaultCallbackHandlers.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.WSEC6717W");
        }
        NodeList elementsByTagNameNS10 = document.getElementsByTagNameNS("http://www.ibm.com/xml/soapsec/config", "KeyLocator");
        int length10 = elementsByTagNameNS10.getLength();
        for (int i10 = 0; i10 < length10; i10++) {
            this._defaultKeyLocators.add(DOMUtil.getAttribute((Element) elementsByTagNameNS10.item(i10), "class"));
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Default KeyLocator:", new Object[]{this._defaultKeyLocators});
        }
        if (this._defaultKeyLocators.isEmpty()) {
            Tr.warning(tc, "security.wssecurity.WSEC6714W");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processPrivateConfig(Document pconfig)");
        }
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.Configuration
    public void validate() throws SoapSecurityException {
        validate(false);
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:381:0x08f9. Please report as an issue. */
    public void validate(boolean z) throws SoapSecurityException {
        String trim;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate(boolean defaultConfig[" + z + "])");
        }
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        for (PrivateCommonConfig.ReferencePartConfImpl referencePartConfImpl : this._integralParts) {
            int i = 0;
            int i2 = 0;
            int i3 = 0;
            referencePartConfImpl.validate();
            for (PrivateCommonConfig.PartConfImpl partConfImpl : referencePartConfImpl._parts) {
                partConfImpl.validate();
                if (partConfImpl.isNonce()) {
                    i2++;
                } else if (partConfImpl.isTimestamp()) {
                    i3++;
                } else {
                    i++;
                }
                String str = partConfImpl._dialect;
                String str2 = partConfImpl._keyword;
                if (com.ibm.ws.webservices.wssecurity.Constants.DIALECT_WAS.equals(str)) {
                    int isIntegralWASDialect = ConfigUtil.isIntegralWASDialect(str2);
                    if (isIntegralWASDialect == 1) {
                        if (partConfImpl.isTimestamp()) {
                            throw SoapSecurityException.format("security.wssecurity.TimestampGenerator.s02");
                        }
                        if (this._timestampGenerator != null) {
                            this._timestampGenerator._signed = true;
                        }
                    } else if (isIntegralWASDialect == 3) {
                        hashSet.add(referencePartConfImpl);
                    } else if (isIntegralWASDialect == 4) {
                        hashSet2.add(referencePartConfImpl);
                    } else if (isIntegralWASDialect < 0) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s03", str2, partConfImpl.toString());
                    }
                } else if (com.ibm.ws.webservices.wssecurity.Constants.DIALECT_FUNCTION.equals(str)) {
                    if (str2 == null) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s04", str, partConfImpl.toString());
                    }
                } else {
                    if (!com.ibm.ws.webservices.wssecurity.Constants.DIALECT_XPATH.equals(str)) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s05", str, partConfImpl.toString());
                    }
                    if (str2 == null) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s04", str, partConfImpl.toString());
                    }
                }
            }
            if (i2 > 0 || i3 > 0) {
                if (i <= 0) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s36");
                }
            }
        }
        for (PrivateCommonConfig.ReferencePartConfImpl referencePartConfImpl2 : this._confidentialParts) {
            int i4 = 0;
            int i5 = 0;
            int i6 = 0;
            referencePartConfImpl2.validate();
            for (PrivateCommonConfig.PartConfImpl partConfImpl2 : referencePartConfImpl2._parts) {
                partConfImpl2.validate();
                if (partConfImpl2.isNonce()) {
                    i5++;
                } else if (partConfImpl2.isTimestamp()) {
                    i6++;
                } else {
                    i4++;
                }
                String str3 = partConfImpl2._dialect;
                String str4 = partConfImpl2._keyword;
                if (com.ibm.ws.webservices.wssecurity.Constants.DIALECT_WAS.equals(str3)) {
                    if (ConfigUtil.isConfidentialWASDialect(str4) < 0) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s03", str4, partConfImpl2.toString());
                    }
                } else if (com.ibm.ws.webservices.wssecurity.Constants.DIALECT_FUNCTION.equals(str3)) {
                    if (str4 == null) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s04", str3, partConfImpl2.toString());
                    }
                } else {
                    if (!com.ibm.ws.webservices.wssecurity.Constants.DIALECT_XPATH.equals(str3)) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s05", str3, partConfImpl2.toString());
                    }
                    if (str4 == null) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s04", str3, partConfImpl2.toString());
                    }
                }
            }
            if (i5 > 0 || i6 > 0) {
                if (i4 <= 0) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s36");
                }
            }
        }
        if (z) {
            HashMap hashMap = new HashMap();
            for (TokenGeneratorConfImpl tokenGeneratorConfImpl : this._tokenGenerators) {
                hashMap.put(tokenGeneratorConfImpl.getType(), tokenGeneratorConfImpl);
            }
            for (TokenGeneratorConfImpl tokenGeneratorConfImpl2 : this._securityTokens) {
                QName type = tokenGeneratorConfImpl2.getType();
                if (((TokenGeneratorConfImpl) hashMap.get(type)) == null) {
                    throw new SoapSecurityException("There is a security token that does not have a matching token generator. Its name is [" + tokenGeneratorConfImpl2._name + "] and its type is [" + type + "]");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found token generator of type [" + type + "].");
                }
            }
        } else {
            for (TokenGeneratorConfImpl tokenGeneratorConfImpl3 : this._securityTokens) {
                if (!this._tokenGenerators.contains(tokenGeneratorConfImpl3)) {
                    throw new SoapSecurityException("There is the security token that no token generator references. Its name is [" + tokenGeneratorConfImpl3._name + "].");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found token generator in _tokenGenerators: " + tokenGeneratorConfImpl3);
                }
            }
        }
        ArrayList arrayList = new ArrayList();
        for (Object obj : this._operationGenerators) {
            if (obj instanceof SignatureGeneratorConfig) {
                SignatureGeneratorConfImpl signatureGeneratorConfImpl = (SignatureGeneratorConfImpl) obj;
                signatureGeneratorConfImpl.validate(z);
                PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl = signatureGeneratorConfImpl._canonicalizationMethod;
                if (algorithmConfImpl != null) {
                    algorithmConfImpl.validate();
                    if (!this._allowedCanonicalizationMethods.contains(algorithmConfImpl._algorithm)) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s08", algorithmConfImpl._algorithm);
                    }
                }
                PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl2 = signatureGeneratorConfImpl._signatureMethod;
                boolean z2 = false;
                String str5 = null;
                if (algorithmConfImpl2 != null) {
                    algorithmConfImpl2.validate();
                    if (!this._allowedSignatureMethods.contains(algorithmConfImpl2._algorithm)) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s09", algorithmConfImpl2._algorithm);
                    }
                    str5 = algorithmConfImpl2._algorithm;
                    z2 = ConfigUtil.isSecretKeyAlgorithm(str5);
                }
                PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl3 = signatureGeneratorConfImpl._keyInfoSignature;
                if (algorithmConfImpl3 != null) {
                    algorithmConfImpl3.validate();
                    if (ConfigUtil.isKeyInfoSignature(algorithmConfImpl3._algorithm) < 0) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s10", algorithmConfImpl3._algorithm);
                    }
                }
                PrivateCommonConfig.ReferencePartConfImpl referencePartConfImpl3 = null;
                for (PrivateCommonConfig.SigningReferenceConfImpl signingReferenceConfImpl : signatureGeneratorConfImpl._references) {
                    signingReferenceConfImpl.validate(z);
                    PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl4 = signingReferenceConfImpl._digestMethod;
                    if (algorithmConfImpl4 != null) {
                        algorithmConfImpl4.validate();
                        if (!this._allowedDigestMethods.contains(algorithmConfImpl4._algorithm)) {
                            throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s11", algorithmConfImpl4._algorithm);
                        }
                    }
                    boolean z3 = false;
                    for (PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl5 : signingReferenceConfImpl._transforms) {
                        algorithmConfImpl5.validate();
                        if (!this._allowedTransforms.contains(algorithmConfImpl5._algorithm)) {
                            throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s12", algorithmConfImpl5._algorithm);
                        }
                        if (STRDereferenceTransformer.STRT.equals(algorithmConfImpl5._algorithm)) {
                            z3 = true;
                        } else if ("http://www.w3.org/TR/1999/REC-xpath-19991116".equals(algorithmConfImpl5._algorithm) && ((trim = ConfigUtil.trim((String) algorithmConfImpl5._properties.get(Constants.WSSECURITY_XPATH_EXPRESSION))) == null || trim.length() == 0)) {
                            throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s27");
                        }
                    }
                    if (z3 && referencePartConfImpl3 == null) {
                        if (hashSet.contains(signingReferenceConfImpl._reference)) {
                            referencePartConfImpl3 = signingReferenceConfImpl._reference;
                        } else if (hashSet2.contains(signingReferenceConfImpl._reference)) {
                            referencePartConfImpl3 = signingReferenceConfImpl._reference;
                        }
                    }
                }
                KeyInfoGeneratorConfImpl keyInfoGeneratorConfImpl = signatureGeneratorConfImpl._signingKeyInfo;
                keyInfoGeneratorConfImpl.validate();
                KeyInfoContentGeneratorConfImpl keyInfoContentGeneratorConfImpl = keyInfoGeneratorConfImpl._contentGenerator;
                keyInfoContentGeneratorConfImpl.validate();
                if (ConfigUtil.isKeyInfoType(keyInfoContentGeneratorConfImpl._keyInfoType) < 0) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s13", keyInfoContentGeneratorConfImpl.toString());
                }
                if (z2) {
                    if (ConfigUtil.isKeyInfoEmb(keyInfoContentGeneratorConfImpl._keyInfoType)) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s08", str5, keyInfoContentGeneratorConfImpl._keyInfoType);
                    }
                    if (ConfigUtil.isKeyInfoX509issuer(keyInfoContentGeneratorConfImpl._keyInfoType)) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s08", str5, keyInfoContentGeneratorConfImpl._keyInfoType);
                    }
                } else if (referencePartConfImpl3 != null && keyInfoContentGeneratorConfImpl._tokenGenerator == null) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s35");
                }
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    ((EncryptionGeneratorConfImpl) it.next())._sigAfterEnc = true;
                }
            } else {
                if (!(obj instanceof EncryptionGeneratorConfig)) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s01", toString());
                }
                EncryptionGeneratorConfImpl encryptionGeneratorConfImpl = (EncryptionGeneratorConfImpl) obj;
                encryptionGeneratorConfImpl.validate(z);
                PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl6 = encryptionGeneratorConfImpl._dataEncryptionMethod;
                algorithmConfImpl6.validate();
                if (!this._allowedDataEncryptionMethods.contains(algorithmConfImpl6._algorithm)) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s14", algorithmConfImpl6._algorithm);
                }
                String str6 = algorithmConfImpl6._algorithm;
                boolean isSecretKeyAlgorithm = ConfigUtil.isSecretKeyAlgorithm(str6);
                PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl7 = encryptionGeneratorConfImpl._keyEncryptionMethod;
                if (algorithmConfImpl7 != null) {
                    algorithmConfImpl7.validate();
                    if (!this._allowedKeyEncryptionMethods.contains(algorithmConfImpl7._algorithm)) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s15", algorithmConfImpl7._algorithm);
                    }
                    str6 = algorithmConfImpl7._algorithm;
                    isSecretKeyAlgorithm = ConfigUtil.isSecretKeyAlgorithm(str6);
                }
                KeyInfoGeneratorConfImpl keyInfoGeneratorConfImpl2 = encryptionGeneratorConfImpl._encryptionKeyInfo;
                keyInfoGeneratorConfImpl2.validate();
                KeyInfoContentGeneratorConfImpl keyInfoContentGeneratorConfImpl2 = keyInfoGeneratorConfImpl2._contentGenerator;
                keyInfoContentGeneratorConfImpl2.validate();
                if (ConfigUtil.isKeyInfoType(keyInfoContentGeneratorConfImpl2._keyInfoType) < 0) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s13", keyInfoContentGeneratorConfImpl2.toString());
                }
                if (isSecretKeyAlgorithm) {
                    if (ConfigUtil.isKeyInfoEmb(keyInfoContentGeneratorConfImpl2._keyInfoType)) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s08", str6, keyInfoContentGeneratorConfImpl2._keyInfoType);
                    }
                    if (ConfigUtil.isKeyInfoX509issuer(keyInfoContentGeneratorConfImpl2._keyInfoType)) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s08", str6, keyInfoContentGeneratorConfImpl2._keyInfoType);
                    }
                }
                arrayList.add(encryptionGeneratorConfImpl);
            }
        }
        Iterator it2 = this._tokenGenerators.iterator();
        while (it2.hasNext()) {
            TokenGeneratorConfImpl tokenGeneratorConfImpl4 = (TokenGeneratorConfImpl) it2.next();
            tokenGeneratorConfImpl4.validate();
            CallbackHandlerConfImpl callbackHandlerConfImpl = tokenGeneratorConfImpl4._callbackHandler;
            if (callbackHandlerConfImpl != null) {
                callbackHandlerConfImpl.validate();
                PrivateCommonConfig.KeyStoreConfImpl keyStoreConfImpl = callbackHandlerConfImpl._keyStoreConfig;
                if (keyStoreConfImpl != null) {
                    keyStoreConfImpl.validate();
                }
                it2 = callbackHandlerConfImpl._keyInformationList.iterator();
                while (it2.hasNext()) {
                    ((PrivateCommonConfig.KeyInformationConfImpl) it2.next()).validate();
                }
            }
            if (tokenGeneratorConfImpl4._standAlone) {
                if (tokenGeneratorConfImpl4._usedForSignature) {
                    tokenGeneratorConfImpl4._standAlone = false;
                    throw new SoapSecurityException("The token generator [" + tokenGeneratorConfImpl4._name + "] that refers to the security token in DD is used for signature. The security token should be used for \"stand-alone\" tokens.  Please check the configuration.");
                }
                if (tokenGeneratorConfImpl4._usedForEncryption) {
                    tokenGeneratorConfImpl4._standAlone = false;
                    if (tc.isDebugEnabled()) {
                        throw new SoapSecurityException("The token generator [" + tokenGeneratorConfImpl4._name + "] that refers to the security token in DD is used for encryption. The security token should be used for \"stand-alone\" tokens.  Please check the configuration.");
                    }
                } else {
                    continue;
                }
            }
        }
        if (this._timestampGenerator != null) {
            this._timestampGenerator.validate();
            String str7 = (String) this._timestampGenerator._properties.get(Constants.WSSECURITY_TIMESTAMP_SOAPHEADER);
            if (str7 != null) {
                this._timestampGenerator._headerAttribute = ConfigUtil.isTrue(str7);
                this._timestampGenerator._soapHeader = true;
            }
            String str8 = (String) this._timestampGenerator._properties.get(Constants.WSSECURITY_TIMESTAMP_DIALECT);
            if (str8 != null) {
                if (com.ibm.ws.webservices.wssecurity.Constants.DIALECT_WAS.equals(str8)) {
                    String str9 = (String) this._timestampGenerator._properties.get(Constants.WSSECURITY_TIMESTAMP_KEYWORD);
                    if (str9 != null) {
                        switch (ConfigUtil.isTimestampWASDialect(str9)) {
                            case 0:
                                this._timestampGenerator._default = false;
                                break;
                            case 1:
                                break;
                            case 2:
                            case 3:
                                this._timestampGenerator._soapHeader = true;
                                this._timestampGenerator._default = false;
                                break;
                            default:
                                throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s03", str9, this._timestampGenerator.toString());
                        }
                    }
                } else {
                    this._timestampGenerator._default = false;
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validate(boolean)");
        }
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public boolean getServiceGetMustUnderstand() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getServiceGetMustUnderstand");
            Tr.exit(tc, "getServiceGetMustUnderstand=" + this._serviceGetMustUnderstand);
        }
        return this._serviceGetMustUnderstand;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public boolean getClientSetMustUnderstand() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getClientSetMustUnderstand");
            Tr.exit(tc, "getClientSetMustUnderstand=" + this._clientSetMustUnderstand);
        }
        return this._clientSetMustUnderstand;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public boolean getCheckCacheUnt() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCheckCacheUnt");
            Tr.exit(tc, "getCheckCacheUnt=" + this._checkCacheUnt);
        }
        return this._checkCacheUnt;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public String getMyActor() {
        return this._myActor;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public String getTargetActor() {
        return this._targetActor;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public boolean doIndentation() {
        return this._indentation;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public void setIndentation(boolean z) {
        this._indentation = z;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public Set getAllowedTransforms() {
        return this._allowedTransforms;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public Set getAllowedCanonicalizationMethods() {
        return this._allowedCanonicalizationMethods;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public Set getAllowedSignatureMethods() {
        return this._allowedSignatureMethods;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public Set getAllowedDigestMethods() {
        return this._allowedDigestMethods;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public Set getAllowedDataEncryptionMethods() {
        return this._allowedDataEncryptionMethods;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public Set getAllowedKeyEncryptionMethods() {
        return this._allowedKeyEncryptionMethods;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public WSSAlgorithmFactory getAlgorithmFactory() {
        return this._algorithmFactory;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public boolean isSignatureEnabled() {
        return this._signatureEnabled;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public boolean isEncryptionEnabled() {
        return this._encryptionEnabled;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public boolean isTokenEnabled() {
        return this._tokenEnabled;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public boolean isTimestampEnabled() {
        return this._timestampEnabled;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public List getIntegralParts() {
        return this._integralParts;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public List getConfidentialParts() {
        return this._confidentialParts;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public List getOperationGenerators() {
        return this._operationGenerators;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public Set getTokenGenerators() {
        return this._tokenGenerators;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public TimestampGeneratorConfig getTimestampGenerator() {
        return this._timestampGenerator;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public NonceManager getNonceManager() {
        return this._nonceManager;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public boolean isUserDefinedComponentsUsed() {
        return this._userDefinedComponentsUsed;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public Map getProperties() {
        return this._properties;
    }

    @Override // com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig
    public Object getProperty(Object obj) {
        if (this._properties != null) {
            return this._properties.get(obj);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getLogProperties(Map map, Map map2, Map map3, String str) {
        String str2 = null;
        if (tc.isDebugEnabled()) {
            str2 = super.getLogProperties(map, map2, map3, this._properties, str, WebServicesClientDataRegistry.GENERATOR);
        }
        return str2;
    }

    public String toString() {
        StringBuffer append = new StringBuffer(getClass().getName()).append("(");
        append.append("myActor=[").append(this._myActor).append("], ");
        append.append("targetActor=[").append(this._targetActor).append("], ");
        append.append("indentation=[").append(this._indentation).append("], ");
        append.append("allowedTransforms=[").append(this._allowedTransforms).append("], ");
        append.append("allowedCanonicalizations=[").append(this._allowedCanonicalizationMethods).append("], ");
        append.append("allowedSignatures=[").append(this._allowedSignatureMethods).append("], ");
        append.append("allowedDigests=[").append(this._allowedDigestMethods).append("], ");
        append.append("allowedDataEncryptions=[").append(this._allowedDataEncryptionMethods).append("], ");
        append.append("allowedKeyEncryptions=[").append(this._allowedKeyEncryptionMethods).append("], ");
        append.append("algorithmFactory=[").append(this._algorithmFactory).append("], ");
        append.append("signatureEnabled=[").append(this._signatureEnabled).append("], ");
        append.append("encryptionEnabled=[").append(this._encryptionEnabled).append("], ");
        append.append("tokenEnabled=[").append(this._tokenEnabled).append("], ");
        append.append("timestampEnabled=[").append(this._timestampEnabled).append("], ");
        append.append("integralParts=[").append(this._integralParts).append("], ");
        append.append("confidentialParts=[").append(this._confidentialParts).append("], ");
        append.append("operationGenerators=[").append(this._operationGenerators).append("], ");
        append.append("tokenGenerators=[").append(this._tokenGenerators).append("], ");
        append.append("timestampGenerator=[").append(this._timestampGenerator).append("], ");
        append.append("nonceManager=[").append(this._nonceManager).append("], ");
        append.append("userDefinedComponentsUsed=[").append(this._userDefinedComponentsUsed).append("], ");
        if (!(this instanceof WSSecurityDefaultGeneratorConfig)) {
            append.append("*clientSetMustUnderstand=[").append(this._clientSetMustUnderstand).append("], ");
            append.append("*serviceGetMustUnderstand=[").append(this._serviceGetMustUnderstand).append("], ");
        }
        append.append("properties=[").append(this._properties).append("]");
        append.append(")");
        return append.toString();
    }
}
