package com.ibm.ast.ws.was85.policyset.ui.migration;

import com.ibm.ast.ws.policyset.ui.common.BasicAuthentication;
import com.ibm.ast.ws.policyset.ui.common.DerivedKeyInfoObject;
import com.ibm.ast.ws.policyset.ui.common.KeyStoreWithKey;
import com.ibm.ast.ws.policyset.ui.common.PropertyObject;
import com.ibm.ast.ws.policyset.ui.common.SignatureSecurityBindingObject;
import com.ibm.ast.ws.policyset.ui.tokens.KerberosProtectionToken;
import com.ibm.ast.ws.policyset.ui.tokens.X509ProtectionToken;
import com.ibm.ast.ws.was85.policyset.ui.common.PolicyUtils;
import com.ibm.ast.ws.was85.policyset.ui.types.WSSecurityPolicy;
import com.ibm.ws.security.util.PasswordUtil;
import com.ibm.ws.wssecurity.platform.websphere.util.WasPasswordUtil;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.BasicAuth;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.CallbackHandler;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.CertStoreList;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.CollectionCertStores;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.EncryptionInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.Key;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.KeyEncryptionKeyInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.KeyInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.KeyStore;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.Properties;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SecurityBinding;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SecurityBindings;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SecurityInboundBindingConfig;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SecurityOutboundBindingConfig;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SigningInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SigningKeyInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.TimestampExpires;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.TokenConsumer;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.TokenGenerator;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.TrustAnchor;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.X509Certificates;
import java.util.Iterator;
import java.util.List;
import org.eclipse.core.runtime.IPath;

/* loaded from: input_file:com/ibm/ast/ws/was85/policyset/ui/migration/MigrateBindingConfigurationsUtils.class */
public class MigrateBindingConfigurationsUtils {
    public static String BindingContextPath = "com.ibm.xmlns.prod.websphere._200608.ws_securitybinding";

    public static boolean migrate(IPath iPath, String str, WSSecurityPolicy wSSecurityPolicy, WasPasswordUtil wasPasswordUtil) {
        try {
            Object readExistingBindingConfiguration = PolicyUtils.readExistingBindingConfiguration(iPath, str, BindingContextPath);
            if (readExistingBindingConfiguration == null) {
                return false;
            }
            for (SecurityBinding securityBinding : ((SecurityBindings) readExistingBindingConfiguration).getSecurityBinding()) {
                SecurityOutboundBindingConfig securityOutboundBindingConfig = securityBinding.getSecurityOutboundBindingConfig();
                boolean equals = securityBinding.getName().equals(WSSecurityPolicy.ApplicationBindingName);
                if (equals) {
                    wSSecurityPolicy.setOnlySignEntireHeadersAndBodyApp(false);
                } else {
                    wSSecurityPolicy.setOnlySignEntireHeadersAndBodyBoot(false);
                }
                boolean z = equals && wSSecurityPolicy.getGeneratorSymmetricObject() != null;
                List<SigningInfo> signingInfo = securityOutboundBindingConfig.getSigningInfo();
                List<EncryptionInfo> encryptionInfo = securityOutboundBindingConfig.getEncryptionInfo();
                List<KeyInfo> keyInfo = securityOutboundBindingConfig.getKeyInfo();
                List<TokenGenerator> tokenGenerator = securityOutboundBindingConfig.getTokenGenerator();
                TimestampExpires timestampExpires = securityOutboundBindingConfig.getTimestampExpires();
                if (timestampExpires != null) {
                    wSSecurityPolicy.setMessageExpiryTime(timestampExpires.getExpires());
                }
                for (TokenGenerator tokenGenerator2 : tokenGenerator) {
                    CallbackHandler callbackHandler = tokenGenerator2.getCallbackHandler();
                    if (callbackHandler != null) {
                        for (int i = 0; i < keyInfo.size(); i++) {
                            KeyInfo keyInfo2 = keyInfo.get(i);
                            if (tokenGenerator2.getName().equalsIgnoreCase(keyInfo2.getTokenReference().getReference())) {
                                for (int i2 = 0; i2 < signingInfo.size(); i2++) {
                                    SigningInfo signingInfo2 = signingInfo.get(i2);
                                    for (SigningKeyInfo signingKeyInfo : signingInfo2.getSigningKeyInfo()) {
                                        SignatureSecurityBindingObject generatorSymmetricObject = z ? wSSecurityPolicy.getGeneratorSymmetricObject() : wSSecurityPolicy.getSignOutbound();
                                        if (keyInfo2.getName().equalsIgnoreCase(signingKeyInfo.getReference())) {
                                            X509ProtectionToken token = generatorSymmetricObject.getToken();
                                            if (token instanceof X509ProtectionToken) {
                                                token.setKeyStore(readKeyStore(callbackHandler));
                                            }
                                            generatorSymmetricObject.setTransformAlgorithm(signingInfo2.getSigningPartReference().get(0).getTransform().get(0).getAlgorithm());
                                            generatorSymmetricObject.setOrder(signingInfo2.getOrder());
                                            token.setKeyInfoType(keyInfo2.getType());
                                            token.setCallBackHandler(callbackHandler.getClassname());
                                            token.setJAASConfig(tokenGenerator2.getJAASConfig().getConfigName());
                                            generatorSymmetricObject.setDerivedKey((DerivedKeyInfoObject) null);
                                            for (Properties properties : callbackHandler.getProperties()) {
                                                generatorSymmetricObject.addProperty(new PropertyObject(properties.getName(), properties.getValue()));
                                            }
                                        }
                                    }
                                }
                                for (int i3 = 0; i3 < encryptionInfo.size(); i3++) {
                                    SignatureSecurityBindingObject generatorSymmetricObject2 = z ? wSSecurityPolicy.getGeneratorSymmetricObject() : wSSecurityPolicy.getEncOutbound();
                                    EncryptionInfo encryptionInfo2 = encryptionInfo.get(i3);
                                    for (Properties properties2 : encryptionInfo2.getProperties()) {
                                        generatorSymmetricObject2.addProperty(new PropertyObject(properties2.getName(), properties2.getValue()));
                                    }
                                    Iterator<KeyEncryptionKeyInfo> it = encryptionInfo2.getKeyEncryptionKeyInfo().iterator();
                                    while (it.hasNext()) {
                                        if (keyInfo2.getName().equalsIgnoreCase(it.next().getReference())) {
                                            callbackHandler.getKey().setKeypass(null);
                                            X509ProtectionToken token2 = generatorSymmetricObject2.getToken();
                                            if (token2 instanceof X509ProtectionToken) {
                                                token2.setKeyStore(readKeyStore(callbackHandler));
                                            }
                                            token2.setKeyInfoType(keyInfo2.getType());
                                            token2.setCallBackHandler(callbackHandler.getClassname());
                                            token2.setJAASConfig(tokenGenerator2.getJAASConfig().getConfigName());
                                            generatorSymmetricObject2.setDerivedKey((DerivedKeyInfoObject) null);
                                            for (Properties properties3 : callbackHandler.getProperties()) {
                                                generatorSymmetricObject2.addProperty(new PropertyObject(properties3.getName(), properties3.getValue()));
                                            }
                                        }
                                        generatorSymmetricObject2.setOrder(encryptionInfo2.getOrder());
                                    }
                                }
                            }
                        }
                        BasicAuth basicAuth = callbackHandler.getBasicAuth();
                        if (basicAuth != null && wSSecurityPolicy.getAuthenticationToken() != null) {
                            BasicAuthentication basicAuthentication = new BasicAuthentication(basicAuth.getUserid(), wasPasswordUtil.passwordDecode(basicAuth.getPassword()));
                            wSSecurityPolicy.getAuthenticationToken().setBasicAuth(basicAuthentication);
                            wSSecurityPolicy.getAuthenticationToken().setCallBackHandler(callbackHandler.getClassname());
                            wSSecurityPolicy.getAuthenticationToken().setJAASConfig(tokenGenerator2.getJAASConfig().getConfigName());
                            for (Properties properties4 : callbackHandler.getProperties()) {
                                basicAuthentication.addProperty(new PropertyObject(properties4.getName(), properties4.getValue()));
                            }
                        }
                        if (wSSecurityPolicy.getGeneratorSymmetricObject() != null && (wSSecurityPolicy.getGeneratorSymmetricObject().getToken() instanceof KerberosProtectionToken)) {
                            KerberosProtectionToken token3 = wSSecurityPolicy.getGeneratorSymmetricObject().getToken();
                            for (Properties properties5 : tokenGenerator2.getProperties()) {
                                token3.addProperty(new PropertyObject(properties5.getName(), properties5.getValue()));
                            }
                        }
                    }
                }
                SecurityInboundBindingConfig securityInboundBindingConfig = securityBinding.getSecurityInboundBindingConfig();
                List<SigningInfo> signingInfo3 = securityInboundBindingConfig.getSigningInfo();
                List<EncryptionInfo> encryptionInfo3 = securityInboundBindingConfig.getEncryptionInfo();
                List<KeyInfo> keyInfo3 = securityInboundBindingConfig.getKeyInfo();
                for (TokenConsumer tokenConsumer : securityInboundBindingConfig.getTokenConsumer()) {
                    CallbackHandler callbackHandler2 = tokenConsumer.getCallbackHandler();
                    if (callbackHandler2 != null) {
                        for (int i4 = 0; i4 < keyInfo3.size(); i4++) {
                            KeyInfo keyInfo4 = keyInfo3.get(i4);
                            if (tokenConsumer.getName().equalsIgnoreCase(keyInfo4.getTokenReference().getReference())) {
                                for (int i5 = 0; i5 < signingInfo3.size(); i5++) {
                                    SigningInfo signingInfo4 = signingInfo3.get(i5);
                                    for (SigningKeyInfo signingKeyInfo2 : signingInfo4.getSigningKeyInfo()) {
                                        SignatureSecurityBindingObject consumerSymmmetricObject = z ? wSSecurityPolicy.getConsumerSymmmetricObject() : wSSecurityPolicy.getSignInbound();
                                        if (keyInfo4.getName().equalsIgnoreCase(signingKeyInfo2.getReference())) {
                                            X509ProtectionToken token4 = consumerSymmmetricObject.getToken();
                                            if (token4 instanceof X509ProtectionToken) {
                                                token4.setKeyStore(readKeyStore(callbackHandler2));
                                            }
                                            token4.setKeyInfoType(keyInfo4.getType());
                                            token4.setCallBackHandler(callbackHandler2.getClassname());
                                            token4.setJAASConfig(tokenConsumer.getJAASConfig().getConfigName());
                                            consumerSymmmetricObject.setDerivedKey((DerivedKeyInfoObject) null);
                                            consumerSymmmetricObject.setTransformAlgorithm(signingInfo4.getSigningPartReference().get(0).getTransform().get(0).getAlgorithm());
                                            for (Properties properties6 : callbackHandler2.getProperties()) {
                                                consumerSymmmetricObject.addProperty(new PropertyObject(properties6.getName(), properties6.getValue()));
                                            }
                                        }
                                    }
                                }
                                Iterator<EncryptionInfo> it2 = encryptionInfo3.iterator();
                                while (it2.hasNext()) {
                                    for (KeyEncryptionKeyInfo keyEncryptionKeyInfo : it2.next().getKeyEncryptionKeyInfo()) {
                                        SignatureSecurityBindingObject consumerSymmmetricObject2 = z ? wSSecurityPolicy.getConsumerSymmmetricObject() : wSSecurityPolicy.getEncInbound();
                                        if (keyInfo4.getName().equalsIgnoreCase(keyEncryptionKeyInfo.getReference())) {
                                            X509ProtectionToken token5 = consumerSymmmetricObject2.getToken();
                                            if (token5 instanceof X509ProtectionToken) {
                                                token5.setKeyStore(readKeyStore(callbackHandler2));
                                            }
                                            consumerSymmmetricObject2.setDerivedKey((DerivedKeyInfoObject) null);
                                            token5.setKeyInfoType(keyInfo4.getType());
                                            token5.setCallBackHandler(callbackHandler2.getClassname());
                                            token5.setJAASConfig(tokenConsumer.getJAASConfig().getConfigName());
                                            for (Properties properties7 : callbackHandler2.getProperties()) {
                                                consumerSymmmetricObject2.addProperty(new PropertyObject(properties7.getName(), properties7.getValue()));
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
                Iterator<TrustAnchor> it3 = securityInboundBindingConfig.getTrustAnchor().iterator();
                while (it3.hasNext()) {
                    KeyStore keyStore = it3.next().getKeyStore();
                    if (keyStore != null) {
                        wSSecurityPolicy.getSignInbound().getToken().setKeyStore(new com.ibm.ast.ws.policyset.ui.common.KeyStore(wasPasswordUtil.passwordDecode(keyStore.getStorepass()), keyStore.getPath(), keyStore.getType()));
                    }
                }
                CertStoreList certStoreList = securityInboundBindingConfig.getCertStoreList();
                if (certStoreList != null) {
                    List<Object> ldapCertStoresOrCollectionCertStores = certStoreList.getLdapCertStoresOrCollectionCertStores();
                    for (int i6 = 0; i6 < ldapCertStoresOrCollectionCertStores.size(); i6++) {
                        List<Object> x509CertificatesOrCRL = ((CollectionCertStores) ldapCertStoresOrCollectionCertStores.get(i6)).getX509CertificatesOrCRL();
                        for (int i7 = 0; i7 < x509CertificatesOrCRL.size(); i7++) {
                            X509Certificates x509Certificates = (X509Certificates) x509CertificatesOrCRL.get(i7);
                            if (x509Certificates != null) {
                                wSSecurityPolicy.getSignInbound().getToken().setCertificatePathString(x509Certificates.getPath());
                            }
                        }
                    }
                }
            }
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    public static com.ibm.ast.ws.policyset.ui.common.KeyStore readKeyStore(CallbackHandler callbackHandler) {
        KeyStore keyStore = callbackHandler.getKeyStore();
        if (keyStore == null) {
            return null;
        }
        Key key = callbackHandler.getKey();
        KeyStoreWithKey keyStore2 = new com.ibm.ast.ws.policyset.ui.common.KeyStore(PasswordUtil.passwordDecode(keyStore.getStorepass()), keyStore.getPath(), keyStore.getType());
        if (key != null) {
            keyStore2 = new KeyStoreWithKey(keyStore2);
            keyStore2.setKeyAlias(key.getAlias());
            keyStore2.setKeyName(key.getName());
            keyStore2.setKeyPassword(PasswordUtil.passwordDecode(key.getKeypass()));
        }
        return keyStore2;
    }
}
