package com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.util;

import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.parser.ApacheSecModelUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.parser.ContainsNamesWithinTheRootScope;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.parser.PolicyParser;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.parser.PolicyParserPatterns;
import org.apache.neethi.Policy;
import org.apache.ws.secpolicy.model.AsymmetricBinding;
import org.apache.ws.secpolicy.model.IssuedToken;
import org.apache.ws.secpolicy.model.ProtectionToken;
import org.apache.ws.secpolicy.model.SecureConversationToken;
import org.apache.ws.secpolicy.model.SignedEncryptedParts;
import org.apache.ws.secpolicy.model.SupportingToken;
import org.apache.ws.secpolicy.model.SymmetricBinding;
import org.apache.ws.secpolicy.model.X509Token;

/* loaded from: input_file:coremdl.jar:com/ibm/rational/test/lt/models/wscore/datamodel/security/policy/util/PolicySignatureCase.class */
class PolicySignatureCase {
    PolicySignatureCase() {
    }

    public static PolicyResult requireASignatureKeyStore(Policy policy, boolean z, boolean z2) {
        PolicyParser policyParser = new PolicyParser();
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope = new ContainsNamesWithinTheRootScope(new String[]{"AsymmetricBinding"}, z2 ? PolicyParserPatterns.ROOT_ASYMMETRICBINDING_STS : PolicyParserPatterns.ROOT_ASYMMETRICBINDING);
        policyParser.parse(policy, containsNamesWithinTheRootScope);
        if (containsNamesWithinTheRootScope.doContain()) {
            return checkSignatureAtRootSide(policy, z, z2);
        }
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope2 = new ContainsNamesWithinTheRootScope(new String[]{"SymmetricBinding"}, z2 ? PolicyParserPatterns.ROOT_SYMMETRICBINDING_STS : PolicyParserPatterns.ROOT_SYMMETRICBINDING);
        policyParser.parse(policy, containsNamesWithinTheRootScope2);
        return containsNamesWithinTheRootScope2.doContain() ? requireAnSignatureKeyStoreSymmetricBinding(policy, z, z2) : new PolicyResult(false, WSMSG.POLICY_NO_SYMMETRIC_OR_ASSYMETRIC_BINDING);
    }

    private static PolicyResult requireAnSignatureKeyStoreSymmetricBinding(Policy policy, boolean z, boolean z2) {
        if (CaseUtil.checkOnlyX509TokensSymmetricBinding(policy)) {
            return checkSignatureAtRootSide(policy, z, z2);
        }
        ProtectionToken protectionToken = CaseUtil.getProtectionToken(policy);
        return protectionToken.getProtectionToken() instanceof SecureConversationToken ? requireASignatureKeyStore(((SecureConversationToken) protectionToken.getProtectionToken()).getBootstrapPolicy(), true, z2) : protectionToken.getProtectionToken() instanceof IssuedToken ? new PolicyResult(false, WSMSG.POLICY_SIGNATURE_STORE_NOT_REQUIRED) : protectionToken.getProtectionToken() instanceof X509Token ? checkSignatureAtRootSide(policy, z, z2) : new PolicyResult(false, WSMSG.POLICY_WITH_AN_UNKNOWN_PROTECTION_TOKEN);
    }

    private static PolicyResult checkSignatureAtRootSide(Policy policy, boolean z, boolean z2) {
        PolicyParser policyParser = new PolicyParser();
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope = new ContainsNamesWithinTheRootScope(new String[]{ApacheSecModelUtil.SIGNEDENCRYPTEDPARTS}, z2 ? PolicyParserPatterns.ROOT_STS : PolicyParserPatterns.ROOT);
        policyParser.parse(policy, containsNamesWithinTheRootScope);
        if (containsNamesWithinTheRootScope.doContain()) {
            for (Object obj : containsNamesWithinTheRootScope.getResults()) {
                if (ApacheSecModelUtil.isSignature((SignedEncryptedParts) obj)) {
                    return new PolicyResult(true, WSMSG.POLICY_SIGNATURE_WITH_SIGNEDENCRYPTEDPART);
                }
            }
        }
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope2 = new ContainsNamesWithinTheRootScope(new String[]{ApacheSecModelUtil.SUPPORTINGTOKEN}, z2 ? PolicyParserPatterns.ROOT_STS : PolicyParserPatterns.ROOT);
        policyParser.parse(policy, containsNamesWithinTheRootScope2);
        for (int i = 0; i < containsNamesWithinTheRootScope2.getResults().length; i++) {
            if (ApacheSecModelUtil.isSignature((SupportingToken) containsNamesWithinTheRootScope2.getResults()[i])) {
                return new PolicyResult(true, WSMSG.POLICY_SIGNATURE_WITH_SUPPORTING_TOKEN_PART);
            }
        }
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope3 = new ContainsNamesWithinTheRootScope(new String[]{"AsymmetricBinding"}, z2 ? PolicyParserPatterns.ROOT_ASYMMETRICBINDING_STS : PolicyParserPatterns.ROOT_ASYMMETRICBINDING);
        policyParser.parse(policy, containsNamesWithinTheRootScope3);
        if (containsNamesWithinTheRootScope3.doContain() && ApacheSecModelUtil.isSignature((AsymmetricBinding) containsNamesWithinTheRootScope3.getResults()[0])) {
            return new PolicyResult(true, WSMSG.POLICY_SIGNATURE_WITH_SIGNE_HEADERS_OR_TOKEN_PROTECTION);
        }
        if (z) {
            ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope4 = new ContainsNamesWithinTheRootScope(new String[]{"SymmetricBinding"}, z2 ? PolicyParserPatterns.ROOT_SYMMETRICBINDING_STS : PolicyParserPatterns.ROOT_SYMMETRICBINDING);
            policyParser.parse(policy, containsNamesWithinTheRootScope4);
            if (containsNamesWithinTheRootScope4.doContain() && ApacheSecModelUtil.isSignature((SymmetricBinding) containsNamesWithinTheRootScope4.getResults()[0])) {
                return new PolicyResult(true, WSMSG.POLICY_SIGNATURE_WITH_SIGNE_HEADERS_OR_TOKEN_PROTECTION);
            }
        }
        return new PolicyResult(false, WSMSG.POLICY_SIGNATURE_STORE_NOT_REQUIRED);
    }
}
