package com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.util;

import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.parser.ApacheSecModelUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.parser.ContainsNamesWithinTheRootScope;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.parser.PolicyParser;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.parser.PolicyParserPatterns;
import org.apache.neethi.Policy;
import org.apache.ws.secpolicy.model.AsymmetricBinding;
import org.apache.ws.secpolicy.model.IssuedToken;
import org.apache.ws.secpolicy.model.ProtectionToken;
import org.apache.ws.secpolicy.model.SecureConversationToken;
import org.apache.ws.secpolicy.model.SignedEncryptedParts;
import org.apache.ws.secpolicy.model.SupportingToken;
import org.apache.ws.secpolicy.model.X509Token;

/* loaded from: input_file:coremdl.jar:com/ibm/rational/test/lt/models/wscore/datamodel/security/policy/util/PolicyEncryptionCase.class */
class PolicyEncryptionCase {
    PolicyEncryptionCase() {
    }

    public static PolicyResult requireAnEncryptionKeyStore(Policy policy, boolean z) {
        PolicyParser policyParser = new PolicyParser();
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope = new ContainsNamesWithinTheRootScope(new String[]{"AsymmetricBinding"}, z ? PolicyParserPatterns.ROOT_ASYMMETRICBINDING_STS : PolicyParserPatterns.ROOT_ASYMMETRICBINDING);
        policyParser.parse(policy, containsNamesWithinTheRootScope);
        if (containsNamesWithinTheRootScope.doContain()) {
            return checkEncryptionAtRootSide(policy, z);
        }
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope2 = new ContainsNamesWithinTheRootScope(new String[]{"SymmetricBinding"}, z ? PolicyParserPatterns.ROOT_SYMMETRICBINDING_STS : PolicyParserPatterns.ROOT_SYMMETRICBINDING);
        policyParser.parse(policy, containsNamesWithinTheRootScope2);
        return containsNamesWithinTheRootScope2.doContain() ? requireAnEncryptionKeyStoreSymmetricBinding(policy, z) : new PolicyResult(false, WSMSG.POLICY_NO_SYMMETRIC_OR_ASSYMETRIC_BINDING);
    }

    private static PolicyResult requireAnEncryptionKeyStoreSymmetricBinding(Policy policy, boolean z) {
        if (CaseUtil.checkOnlyX509TokensSymmetricBinding(policy)) {
            return checkEncryptionAtRootSide(policy, z);
        }
        ProtectionToken protectionToken = CaseUtil.getProtectionToken(policy);
        return protectionToken.getProtectionToken() instanceof SecureConversationToken ? requireAnEncryptionKeyStore(((SecureConversationToken) protectionToken.getProtectionToken()).getBootstrapPolicy(), z) : protectionToken.getProtectionToken() instanceof IssuedToken ? new PolicyResult(true, WSMSG.POLICY_ENCRYPTION_ISSUED_TOKEN_TO_BE_ENCRYPTED) : protectionToken.getProtectionToken() instanceof X509Token ? checkEncryptionAtRootSide(policy, z).getResult() ? new PolicyResult(true, WSMSG.POLICY_ENCRYPTION_PROTECTION_TOKEN_X509) : new PolicyResult(false, WSMSG.POLICY_ENCRYPTION_STORE_NOT_REQUIRED) : new PolicyResult(false, WSMSG.POLICY_WITH_AN_UNKNOWN_PROTECTION_TOKEN);
    }

    private static PolicyResult checkEncryptionAtRootSide(Policy policy, boolean z) {
        PolicyParser policyParser = new PolicyParser();
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope = new ContainsNamesWithinTheRootScope(new String[]{ApacheSecModelUtil.SIGNEDENCRYPTEDPARTS}, z ? PolicyParserPatterns.ROOT_STS : PolicyParserPatterns.ROOT);
        policyParser.parse(policy, containsNamesWithinTheRootScope);
        if (containsNamesWithinTheRootScope.doContain()) {
            for (int i = 0; i < containsNamesWithinTheRootScope.getResults().length; i++) {
                if (!ApacheSecModelUtil.isSignature((SignedEncryptedParts) containsNamesWithinTheRootScope.getResults()[i])) {
                    return new PolicyResult(true, WSMSG.POLICY_ENCRYPTION_WITH_SIGNEDENCRYPTEDPART);
                }
            }
        }
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope2 = new ContainsNamesWithinTheRootScope(new String[]{ApacheSecModelUtil.SUPPORTINGTOKEN}, z ? PolicyParserPatterns.ROOT_STS : PolicyParserPatterns.ROOT);
        policyParser.parse(policy, containsNamesWithinTheRootScope2);
        for (int i2 = 0; i2 < containsNamesWithinTheRootScope2.getResults().length; i2++) {
            if (ApacheSecModelUtil.isEncryption((SupportingToken) containsNamesWithinTheRootScope2.getResults()[i2])) {
                return new PolicyResult(true, WSMSG.POLICY_ENCRYPTION_WITH_SUPPORTING_TOKEN_ENCRYPTED_PART);
            }
        }
        ContainsNamesWithinTheRootScope containsNamesWithinTheRootScope3 = new ContainsNamesWithinTheRootScope(new String[]{"AsymmetricBinding"}, z ? PolicyParserPatterns.ROOT_ASYMMETRICBINDING_STS : PolicyParserPatterns.ROOT_ASYMMETRICBINDING);
        policyParser.parse(policy, containsNamesWithinTheRootScope3);
        return (containsNamesWithinTheRootScope3.doContain() && ApacheSecModelUtil.isEncryption((AsymmetricBinding) containsNamesWithinTheRootScope3.getResults()[0])) ? new PolicyResult(true, WSMSG.POLICY_ENCRYPTION_SIGNATURE_PROTECTION) : new PolicyResult(false, WSMSG.POLICY_ENCRYPTION_STORE_NOT_REQUIRED);
    }
}
