package com.ibm.ws.webservices.wssecurity.handler;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.etools.webservice.wscbnd.BasicAuth;
import com.ibm.etools.webservice.wscbnd.LoginBinding;
import com.ibm.etools.webservice.wscbnd.PortQnameBinding;
import com.ibm.etools.webservice.wscbnd.SecurityRequestSenderBindingConfig;
import com.ibm.etools.webservice.wscext.LoginConfig;
import com.ibm.etools.webservice.wscext.SecurityRequestSenderServiceConfig;
import com.ibm.etools.webservice.wscommonbnd.CanonicalizationMethod;
import com.ibm.etools.webservice.wscommonbnd.DataEncryptionMethod;
import com.ibm.etools.webservice.wscommonbnd.DigestMethod;
import com.ibm.etools.webservice.wscommonbnd.EncryptionInfo;
import com.ibm.etools.webservice.wscommonbnd.EncryptionKey;
import com.ibm.etools.webservice.wscommonbnd.KeyEncryptionMethod;
import com.ibm.etools.webservice.wscommonbnd.Property;
import com.ibm.etools.webservice.wscommonbnd.SignatureMethod;
import com.ibm.etools.webservice.wscommonbnd.SigningInfo;
import com.ibm.etools.webservice.wscommonbnd.SigningKey;
import com.ibm.etools.webservice.wscommonbnd.TokenValueType;
import com.ibm.etools.webservice.wscommonext.AddCreatedTimeStamp;
import com.ibm.etools.webservice.wscommonext.ConfidentialPart;
import com.ibm.etools.webservice.wscommonext.Confidentiality;
import com.ibm.etools.webservice.wscommonext.IDAssertion;
import com.ibm.etools.webservice.wscommonext.Integrity;
import com.ibm.etools.webservice.wscommonext.Reference;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.runtime.service.VariableMap;
import com.ibm.ws.runtime.service.WSSecurityService;
import com.ibm.ws.webservices.wssecurity.config.WSSGeneratorConfig;
import com.ibm.ws.webservices.wssecurity.core.NonceManagerFactory;
import com.ibm.ws.webservices.wssecurity.core.WSSecurityDefaultConfiguration;
import com.ibm.ws.webservices.wssecurity.util.ClientVariableMap;
import com.ibm.ws.webservices.wssecurity.util.ConfigConstants;
import com.ibm.ws.webservices.wssecurity.util.ConfigValidation;
import com.ibm.wsspi.wssecurity.SoapSecurityException;
import com.ibm.wsspi.wssecurity.config.KeyLocator;
import com.ibm.xml.soapsec.Constants;
import com.ibm.xml.soapsec.confimpl.PrivateSenderConfig;
import com.ibm.xml.soapsec.enc.EncryptionSettings;
import com.ibm.xml.soapsec.util.ConfigUtil;
import com.ibm.xml.soapsec.util.DOMUtil;
import com.ibm.xml.soapsec.util.Duration;
import com.ibm.xml.soapsec.util.NamespaceUtil;
import java.text.ParseException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import org.eclipse.emf.common.util.EList;

/* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/webservices/wssecurity/handler/WSEMFRequestSenderConfig.class */
public class WSEMFRequestSenderConfig extends PrivateSenderConfig {
    private String wsseNS;
    private String wsuNS;
    private String origin;
    private static final String comp = "security.wssecurity";
    private static final TraceComponent tc = Tr.register((Class<?>) WSEMFRequestSenderConfig.class, "Web Services Security", "com.ibm.ws.webservices.wssecurity.resources.was-wssecurity");
    private static final String clsName = WSEMFRequestSenderConfig.class.getName();

    public WSEMFRequestSenderConfig(SecurityRequestSenderBindingConfig securityRequestSenderBindingConfig, SecurityRequestSenderServiceConfig securityRequestSenderServiceConfig, String str, VariableMap variableMap, WSSecurityService wSSecurityService) throws SoapSecurityException {
        this(securityRequestSenderBindingConfig, securityRequestSenderServiceConfig, str, variableMap, wSSecurityService, null, null);
    }

    public WSEMFRequestSenderConfig(SecurityRequestSenderBindingConfig securityRequestSenderBindingConfig, SecurityRequestSenderServiceConfig securityRequestSenderServiceConfig, String str, VariableMap variableMap, WSSecurityService wSSecurityService, ClassLoader classLoader) throws SoapSecurityException {
        this(securityRequestSenderBindingConfig, securityRequestSenderServiceConfig, str, variableMap, wSSecurityService, null, null);
    }

    public WSEMFRequestSenderConfig(SecurityRequestSenderBindingConfig securityRequestSenderBindingConfig, SecurityRequestSenderServiceConfig securityRequestSenderServiceConfig, String str, VariableMap variableMap, WSSecurityService wSSecurityService, ClassLoader classLoader, PortQnameBinding portQnameBinding) throws SoapSecurityException {
        this.wsseNS = Constants.NS_WSSE;
        this.wsuNS = Constants.NS_WSU;
        this.origin = "non-ws-security";
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "WSEMFRequestSenderConfig(SecurityRequestSenderBindingConfig, SecurityRequestSenderServiceConfig, actorURI, VariableMap, WSSecurityService, ClassLoader, portQnBnd):", new Object[]{securityRequestSenderBindingConfig, securityRequestSenderServiceConfig, str, variableMap, wSSecurityService, classLoader});
        }
        init(securityRequestSenderBindingConfig, securityRequestSenderServiceConfig, str, variableMap, wSSecurityService, classLoader, portQnameBinding);
        this.origin = "ws-security";
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "WSEMFRequestSenderConfig()");
        }
    }

    WSEMFRequestSenderConfig() {
        this.wsseNS = Constants.NS_WSSE;
        this.wsuNS = Constants.NS_WSU;
        this.origin = "non-ws-security";
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "WSEMFRequestSenderConfig()");
            Tr.exit(tc, "WSEMFRequestSenderConfig()");
        }
    }

    final void init(SecurityRequestSenderBindingConfig securityRequestSenderBindingConfig, SecurityRequestSenderServiceConfig securityRequestSenderServiceConfig, String str, VariableMap variableMap, WSSecurityService wSSecurityService, ClassLoader classLoader, PortQnameBinding portQnameBinding) throws SoapSecurityException {
        EList properties;
        EList parameters;
        EList properties2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "init(SecurityRequestSenderBindingConfig, SecurityRequestSenderServiceConfig, actorURI, VariableMap, Object, ClassLoader, portQnBnd):", new Object[]{securityRequestSenderBindingConfig, securityRequestSenderServiceConfig, str, variableMap, wSSecurityService, classLoader});
        }
        AddCreatedTimeStamp addCreatedTimeStamp = null;
        Confidentiality confidentiality = null;
        Integrity integrity = null;
        LoginConfig loginConfig = null;
        IDAssertion iDAssertion = null;
        String str2 = null;
        if (variableMap == null) {
            variableMap = ClientVariableMap.getInstance();
        }
        WSSecurityDefaultConfiguration wSSecurityDefaultConfiguration = null;
        if (wSSecurityService != null) {
            Object config = wSSecurityService.getConfig();
            if (config instanceof WSSecurityDefaultConfiguration) {
                wSSecurityDefaultConfiguration = (WSSecurityDefaultConfiguration) config;
            }
        }
        Map map = null;
        Map map2 = null;
        Map map3 = null;
        Map map4 = null;
        this._properties = new HashMap();
        if (wSSecurityDefaultConfiguration != null) {
            WSSGeneratorConfig defaultGeneratorBinding = wSSecurityDefaultConfiguration.getDefaultGeneratorBinding();
            if (defaultGeneratorBinding != null) {
                map = defaultGeneratorBinding.getProperties();
                if (map != null) {
                    this._properties.putAll(map);
                }
            } else {
                map = wSSecurityDefaultConfiguration.getProperties();
                if (map != null) {
                    this._properties.putAll(map);
                }
            }
        }
        if (securityRequestSenderServiceConfig != null && (properties2 = securityRequestSenderServiceConfig.getProperties()) != null) {
            map2 = ConfigConstants.getProperties(properties2, variableMap);
            if (map2 != null) {
                this._properties.putAll(map2);
            }
        }
        if (portQnameBinding != null && (parameters = portQnameBinding.getParameters()) != null) {
            map4 = ConfigConstants.getProperties(parameters, variableMap);
            if (map4 != null) {
                this._properties.putAll(map4);
            }
        }
        if (securityRequestSenderBindingConfig != null && (properties = securityRequestSenderBindingConfig.getProperties()) != null) {
            map3 = ConfigConstants.getProperties(properties, variableMap);
            if (map3 != null) {
                this._properties.putAll(map3);
            }
        }
        if (securityRequestSenderServiceConfig != null) {
            confidentiality = securityRequestSenderServiceConfig.getConfidentiality();
            integrity = securityRequestSenderServiceConfig.getIntegrity();
            str2 = securityRequestSenderServiceConfig.getActor();
            loginConfig = securityRequestSenderServiceConfig.getLoginConfig();
            iDAssertion = securityRequestSenderServiceConfig.getIdAssertion();
            addCreatedTimeStamp = securityRequestSenderServiceConfig.getAddCreatedTimeStamp();
            if (tc.isDebugEnabled()) {
                if (map2 != null) {
                    Tr.debug(tc, "Request Sender Service Config(Confidentiality, Integrity, Actor, LoginConfig, IdAssertion, AddCreatedTimeStamp, Properties):", new Object[]{confidentiality, integrity, str2, loginConfig, iDAssertion, addCreatedTimeStamp, map2});
                } else {
                    Tr.debug(tc, "Request Sender Service Config(Confidentiality, Integrity, Actor, LoginConfig, IdAssertion, AddCreatedTimeStamp):", new Object[]{confidentiality, integrity, str2, loginConfig, iDAssertion, addCreatedTimeStamp});
                }
            }
        }
        this.clientSetMustUnderstand = ConfigUtil.getIsFalseProperty(this._properties, com.ibm.wsspi.wssecurity.Constants.WSSECURITY_SET_MUSTUNDERSTAND);
        ConfigValidation configValidation = new ConfigValidation(variableMap, wSSecurityDefaultConfiguration);
        if (!configValidation.confidentialityValid(confidentiality)) {
            throw new SoapSecurityException("Invalid Confidentiality");
        }
        if (!configValidation.integrityValid(integrity)) {
            throw new SoapSecurityException("Invalid Integrity");
        }
        if (!configValidation.idAssertionValid(iDAssertion)) {
            throw new SoapSecurityException("Invalid IDAssertion");
        }
        if (str != null) {
            String trim = str.trim();
            if (trim.length() != 0) {
                this.myactor = trim;
            }
        } else {
            this.myactor = null;
        }
        if (str2 != null) {
            String trim2 = str2.trim();
            if (trim2.length() != 0) {
                this.targetactor = trim2;
            }
        } else {
            this.targetactor = null;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "actorURI = " + this.myactor + ", actor = " + this.targetactor);
        }
        if (addCreatedTimeStamp != null) {
            this.enableCreatedTimestamp = addCreatedTimeStamp.isFlag();
            String expires = addCreatedTimeStamp.getExpires();
            if (expires != null && expires.length() > 0) {
                try {
                    this.duration = Duration.parse(expires);
                } catch (ParseException e) {
                    FFDCFilter.processException(e, clsName + ".WSEMFRequestSenderConfig", "205", this);
                    Tr.error(tc, "security.wssecurity.CommonSenderConfig.sconf07", expires);
                    throw SoapSecurityException.format("security.wssecurity.CommonSenderConfig.sconf07", expires, e);
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "addCreatedTimeStamp = " + this.enableCreatedTimestamp + ", expires = " + addCreatedTimeStamp.getExpires() + ", duration = " + this.duration);
            }
        }
        if (integrity != null) {
            int size = integrity.getReferences().size();
            for (int i = 0; i < size; i++) {
                String name = ((Reference) integrity.getReferences().get(i)).getPart().getName();
                this.integralParts.add(name);
                if (name.equals("securitytoken")) {
                    this.isSecTokenSigned = true;
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "integrity constraints = " + this.integralParts + "signed security token = " + this.isSecTokenSigned);
            }
        }
        if (confidentiality != null) {
            int size2 = confidentiality.getConfidentialParts().size();
            for (int i2 = 0; i2 < size2; i2++) {
                String name2 = ((ConfidentialPart) confidentiality.getConfidentialParts().get(i2)).getPart().getName();
                this.confidentialParts.add(name2);
                if (name2.equals("usernametoken")) {
                    this.isUsernameTokenEncrypted = true;
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "confidentiality constraints = " + this.confidentialParts + "encrypt username token = " + this.isUsernameTokenEncrypted);
            }
        }
        if (iDAssertion != null) {
            this.idType = iDAssertion.getIdType();
            this.idType = this.idType == null ? this.idType : this.idType.trim();
            this.trustMode = iDAssertion.getTrustMode();
            this.trustMode = this.trustMode == null ? this.trustMode : this.trustMode.trim();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "IDType = " + this.idType + "Trust Mode = " + this.trustMode);
            }
        }
        this.nonceManager = NonceManagerFactory.getInstance();
        if (loginConfig != null) {
            this.authMethod = loginConfig.getAuthMethod().trim();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "AuthMethod = " + this.authMethod);
            }
            if (map2 != null && !map2.isEmpty()) {
                String str3 = (String) map2.get(ConfigConstants.BASICAUTH_NONCE);
                if (str3 != null) {
                    String trim3 = str3.trim();
                    if (trim3.length() != 0) {
                        this.addNonce = Boolean.valueOf(trim3).booleanValue();
                        if (this.addNonce) {
                            if (Constants.STR_BASIC.equals(this.authMethod)) {
                                this.addNonceTimestamp = true;
                            } else {
                                this.addNonce = false;
                                this.addNonceTimestamp = false;
                                Tr.warning(tc, "security.wssecurity.WSEC0113W", new Object[]{this.authMethod});
                            }
                        }
                    }
                } else {
                    this.addNonce = false;
                    this.addNonceTimestamp = false;
                }
                String str4 = (String) map2.get(ConfigConstants.BASICAUTH_NONCE_TIMESTAMP);
                if (str4 != null) {
                    String trim4 = str4.trim();
                    if (trim4.length() != 0) {
                        this.addNonceTimestamp = Boolean.valueOf(trim4).booleanValue();
                        if (this.addNonceTimestamp && !this.addNonce) {
                            this.addNonceTimestamp = false;
                            Tr.warning(tc, "security.wssecurity.WSEC0114W");
                        }
                    }
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Nonce enabled: " + this.addNonce + ", Nonce timestamp: " + this.addNonceTimestamp);
            }
        }
        EncryptionInfo encryptionInfo = null;
        EList eList = null;
        LoginBinding loginBinding = null;
        SigningInfo signingInfo = null;
        if (securityRequestSenderBindingConfig != null) {
            encryptionInfo = securityRequestSenderBindingConfig.getEncryptionInfo();
            eList = securityRequestSenderBindingConfig.getKeyLocators();
            loginBinding = securityRequestSenderBindingConfig.getLoginBinding();
            signingInfo = securityRequestSenderBindingConfig.getSigningInfo();
            if (tc.isDebugEnabled()) {
                if (map3 != null) {
                    Tr.debug(tc, "Request Sender Service Config (EncryptionInfo, KeyLocators, LoginBinding, SigningInfo, Properties):", new Object[]{encryptionInfo, eList, loginBinding, signingInfo, map3});
                } else {
                    Tr.debug(tc, "Request Sender Service Config (EncryptionInfo, KeyLocators, LoginBinding, SigningInfo):", new Object[]{encryptionInfo, eList, loginBinding, signingInfo});
                }
            }
            if (map3 != null || map3.size() != 0) {
                String str5 = (String) map3.get(ConfigConstants.WSSE_NS);
                if (str5 != null && str5.length() != 0) {
                    if (!NamespaceUtil.isWsse(str5)) {
                        throw SoapSecurityException.format("security.wssecurity.WSEC0152E", str5);
                    }
                    this.wsseNS = str5;
                    this.wsuNS = NamespaceUtil.getCorrespondingWSUNS(this.wsseNS);
                }
                this.inclusiveNamespaces = ConfigUtil.isTrue((String) map3.get(com.ibm.wsspi.wssecurity.Constants.WSSECURITY_INCLUSIVE_NAMESPACES));
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Namespace configured to be used to send the request, wsse=" + this.wsseNS + ", wsu=" + this.wsuNS);
            }
        }
        if (!configValidation.senderSigningInfoValid(signingInfo, null, null, integrity)) {
            throw new SoapSecurityException("Invalid sender SigningInfo");
        }
        if (!configValidation.encryptionInfoValid(encryptionInfo, eList, confidentiality)) {
            throw new SoapSecurityException("Invalid EncryptionInfo");
        }
        if (!configValidation.loginBindingValid(loginBinding, loginConfig)) {
            throw new SoapSecurityException("Invalid LoginBinding");
        }
        if (encryptionInfo != null) {
            String name3 = encryptionInfo.getName();
            EncryptionKey encryptionKey = encryptionInfo.getEncryptionKey();
            String str6 = null;
            String str7 = null;
            if (encryptionKey != null) {
                str6 = encryptionKey.getName();
                str7 = encryptionKey.getLocatorRef();
            }
            DataEncryptionMethod encryptionMethod = encryptionInfo.getEncryptionMethod();
            String algorithm = encryptionMethod != null ? encryptionMethod.getAlgorithm() : null;
            KeyEncryptionMethod keyEncryptionMethod = encryptionInfo.getKeyEncryptionMethod();
            String algorithm2 = keyEncryptionMethod != null ? keyEncryptionMethod.getAlgorithm() : null;
            KeyLocator findKeyLocator = ConfigConstants.findKeyLocator(eList, str7, variableMap, wSSecurityDefaultConfiguration, classLoader);
            if (algorithm == null || str6 == null || findKeyLocator == null) {
                if (algorithm == null) {
                    Tr.warning(tc, "security.wssecurity.IncompleteEncryptionInfo", "Data Encryption Algorithm");
                }
                if (str6 == null) {
                    Tr.warning(tc, "security.wssecurity.IncompleteEncryptionInfo", "Encryption Key Name");
                }
                if (findKeyLocator == null) {
                    Tr.warning(tc, "security.wssecurity.IncompleteEncryptionInfo", "Key Locator");
                }
            }
            this.encryptionSettings = new EncryptionSettings(algorithm, algorithm2, str6, findKeyLocator);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Encryption Info Name = " + name3 + "Encryption Key Name = " + str6 + "Encryption KeyLocatorRef = " + str7 + "Encryption Data Algorithm = " + algorithm + "Encryption Key Algorithm = " + algorithm2);
            }
        }
        if (loginBinding != null) {
            String str8 = null;
            char[] cArr = null;
            Map map5 = null;
            BasicAuth basicAuth = loginBinding.getBasicAuth();
            if (basicAuth != null) {
                str8 = basicAuth.getUserid();
                cArr = basicAuth.getPassword().toCharArray();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Basic-Auth(" + str8 + ", XXXXXXXX)");
                }
            }
            TokenValueType tokenValueType = loginBinding.getTokenValueType();
            if (tokenValueType != null) {
                this.tokenValueType = new QName(tokenValueType.getUri(), tokenValueType.getLocalName());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "TokenValue(" + tokenValueType.getUri() + ", " + tokenValueType.getLocalName() + ")");
                }
            }
            String callbackHandler = loginBinding.getCallbackHandler();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "CallbackHandler Class Name = " + callbackHandler);
            }
            int size3 = loginBinding.getProperties().size();
            for (int i3 = 0; i3 < size3; i3++) {
                Property property = (Property) loginBinding.getProperties().get(i3);
                if (variableMap == null) {
                    map5.put(property.getName(), property.getValue());
                } else {
                    map5.put(property.getName(), variableMap.expand(property.getValue()));
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "CallbackHandler Properties = " + ((Object) null));
                }
            }
            if (callbackHandler != null) {
                try {
                    this.callbackHandler = (CallbackHandler) Class.forName(callbackHandler).getConstructor(String.class, char[].class, Map.class).newInstance(str8, cArr, null);
                } catch (Exception e2) {
                    throw SoapSecurityException.format(Constants.getQName(getWSSENS(), Constants.INVALID_SECURITY_QNAME), "security.wssecurity.RequestSenderConfig.token28", e2.toString());
                }
            }
        }
        if (signingInfo != null) {
            CanonicalizationMethod canonicalizationMethod = signingInfo.getCanonicalizationMethod();
            String str9 = null;
            if (canonicalizationMethod == null) {
                Tr.warning(tc, "security.wssecurity.nocanonicalization.algo");
            } else {
                str9 = canonicalizationMethod.getAlgorithm();
            }
            this.c14nMethod = str9;
            SignatureMethod signatureMethod = signingInfo.getSignatureMethod();
            String str10 = null;
            if (signatureMethod == null) {
                Tr.warning(tc, "security.wssecurity.nosignature.algo");
            } else {
                str10 = signatureMethod.getAlgorithm();
            }
            this.signatureMethod = str10;
            DigestMethod digestMethod = signingInfo.getDigestMethod();
            String str11 = null;
            if (digestMethod == null) {
                Tr.warning(tc, "security.wssecurity.nodigest.algo");
            } else {
                str11 = digestMethod.getAlgorithm();
            }
            this.digestMethod = str11;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Signature Canonicalization Algorithm = " + this.c14nMethod + "Signature Algorithm = " + this.signatureMethod + "Signature Digest Algorithm = " + this.digestMethod);
            }
            SigningKey signingKey = signingInfo.getSigningKey();
            if (signingKey != null) {
                String locatorRef = signingKey.getLocatorRef();
                this.keyName = signingKey.getName();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Signature Keyname = " + this.keyName + "Signature KeyLocatorRef = " + locatorRef);
                }
                this.keyLocator = ConfigConstants.findKeyLocator(eList, locatorRef, variableMap, wSSecurityDefaultConfiguration, classLoader);
            }
        }
        processPrivateConfig(DOMUtil.getPrivateConfig(true));
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, getLogProperties(map, map4, map2, map3, "request", "sender"));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "init()");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String getOrigin() {
        return this.origin;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String getWSSENS() {
        return this.wsseNS;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String getWSUNS() {
        return this.wsuNS;
    }
}
