package com.ibm.ws.wssecurity.core;

import com.ibm.websphere.management.application.AppConstants;
import com.ibm.ws.policyset.runtime.VariableExpander;
import com.ibm.ws.policyset.runtime.VariableExpanderFactory;
import com.ibm.ws.wssecurity.config.DerivedKeyInfoConfig;
import com.ibm.ws.wssecurity.confimpl.PrivateCommonConfig;
import com.ibm.ws.wssecurity.confimpl.PrivateGeneratorConfig;
import com.ibm.ws.wssecurity.core.token.TokenGeneratorComponent;
import com.ibm.ws.wssecurity.handler.WSSBasicAuth;
import com.ibm.ws.wssecurity.handler.WSSBinding;
import com.ibm.ws.wssecurity.handler.WSSBindings;
import com.ibm.ws.wssecurity.handler.WSSCallbackHandler;
import com.ibm.ws.wssecurity.handler.WSSCertPathSettings;
import com.ibm.ws.wssecurity.handler.WSSCollectionCertStores;
import com.ibm.ws.wssecurity.handler.WSSDerivedKeyInfo;
import com.ibm.ws.wssecurity.handler.WSSEncryptionInfo;
import com.ibm.ws.wssecurity.handler.WSSJaasConfig;
import com.ibm.ws.wssecurity.handler.WSSKey;
import com.ibm.ws.wssecurity.handler.WSSKeyInfo;
import com.ibm.ws.wssecurity.handler.WSSKeyStore;
import com.ibm.ws.wssecurity.handler.WSSLdapCertStores;
import com.ibm.ws.wssecurity.handler.WSSOutboundBinding;
import com.ibm.ws.wssecurity.handler.WSSSigningInfo;
import com.ibm.ws.wssecurity.handler.WSSSigningPartReference;
import com.ibm.ws.wssecurity.handler.WSSToken;
import com.ibm.ws.wssecurity.handler.WSSTransform;
import com.ibm.ws.wssecurity.keyinfo.KeyInfoContentGeneratorComponent;
import com.ibm.ws.wssecurity.platform.util.PasswordUtilFactory;
import com.ibm.ws.wssecurity.util.ConfigConstants;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.DOMUtils;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.wsspi.wssecurity.core.Constants;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import java.io.File;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.cert.CertStore;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.LDAPCertStoreParameters;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import javax.xml.namespace.QName;

/* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/core/WSSecurityDefaultGeneratorConfig.class */
public class WSSecurityDefaultGeneratorConfig extends PrivateGeneratorConfig {
    private static final String comp = "security.wssecurity";
    private static WSSBindings securityBindings;
    private static final TraceComponent tc = Tr.register(WSSecurityDefaultGeneratorConfig.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = WSSecurityDefaultGeneratorConfig.class.getName();

    public WSSecurityDefaultGeneratorConfig(WSSBindings wSSBindings) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "WSSecurityDefaultGeneratorConfig(Generator):", new Object[]{wSSBindings});
        }
        init(wSSBindings);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "WSSecurityDefaultGeneratorConfig(Generator)");
        }
    }

    protected final void init(WSSBindings wSSBindings) throws SoapSecurityException {
        String str;
        String dataEncryptionKeyInfo;
        String str2;
        String certStoreRef;
        int size;
        CertStore certStore;
        int size2;
        List<Object> properties;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "init(Generator", new Object[]{wSSBindings});
        }
        HashMap hashMap = new HashMap();
        this._properties = new HashMap();
        WSSFactory wSSFactory = WSSFactory.getInstance("soap");
        HashMap hashMap2 = new HashMap();
        securityBindings = wSSBindings;
        VariableExpander variableExpander = VariableExpanderFactory.getVariableExpander();
        processPrivateConfig(DOMUtils.getPrivateConfig());
        WSSBinding applicationBindings = securityBindings.getApplicationBindings();
        WSSOutboundBinding securityOutboundBindingConfig = applicationBindings != null ? applicationBindings.getSecurityOutboundBindingConfig() : null;
        List<WSSEncryptionInfo> list = null;
        List<WSSKeyInfo> list2 = null;
        List<WSSSigningInfo> list3 = null;
        List<WSSToken> list4 = null;
        List<WSSCollectionCertStores> list5 = null;
        List<WSSLdapCertStores> list6 = null;
        HashMap hashMap3 = new HashMap();
        boolean z = false;
        boolean z2 = false;
        Map<? extends Object, ? extends Object> map = null;
        if (applicationBindings != null) {
            List<Object> parameters = applicationBindings.getParameters();
            r40 = parameters != null ? ConfigConstants.getProperties(parameters, variableExpander) : null;
            if (r40 != null) {
                this._properties.putAll(r40);
            }
            if (securityOutboundBindingConfig != null && (properties = securityOutboundBindingConfig.getProperties()) != null) {
                map = ConfigConstants.getProperties(properties, variableExpander);
                if (map != null) {
                    this._properties.putAll(map);
                }
            }
        }
        inspectGeneralProperties();
        if (securityOutboundBindingConfig != null) {
            list = securityOutboundBindingConfig.getEncryptionInfos();
            list5 = securityOutboundBindingConfig.getCollectionCertStores();
            list6 = securityOutboundBindingConfig.getLdapCertStores();
            list2 = securityOutboundBindingConfig.getKeyInfos();
            list3 = securityOutboundBindingConfig.getSigningInfos();
            list4 = securityOutboundBindingConfig.getTokens();
            z = securityOutboundBindingConfig.isExplicitlyProtectSignatureConfirmation();
            z2 = securityOutboundBindingConfig.isOnlySignEntireHeadersAndBody();
            this._defaultBindingNamespace = securityOutboundBindingConfig.getTargetNamespace();
            if (tc.isDebugEnabled()) {
                String obj = r40 == null ? AppConstants.NULL_STRING : r40.toString();
                String obj2 = map == null ? AppConstants.NULL_STRING : map.toString();
                Tr.debug(tc, "Default bindings name space = " + this._defaultBindingNamespace);
                Tr.debug(tc, "Default Outbound Binding (SigningInfos, EncryptionInfos, KeyInfos, TokenGenerators, ExplicitlyProtectSignatureConfirmation, OnlySignEntireHeadersAndBody, Property):", new Object[]{list3, list, list2, list4, Boolean.valueOf(z), Boolean.valueOf(z2), obj, obj2});
            }
        }
        this._explicitlyProtectSignatureConfirmation = z;
        this._onlySignEntireHeadersAndBody = z2;
        if (securityOutboundBindingConfig != null) {
            String timestampExpires = securityOutboundBindingConfig.getTimestampExpires();
            if (ConfigUtil.hasValue(timestampExpires)) {
                if (this._timestampGenerator == null) {
                    this._timestampGenerator = new PrivateGeneratorConfig.TimestampGeneratorConfImpl();
                }
                this._timestampGenerator.setDuration(timestampExpires);
            }
        }
        if (list4 != null) {
            int size3 = list4.size();
            for (int i = 0; i < size3; i++) {
                WSSToken wSSToken = list4.get(i);
                QName valueType = wSSToken.getValueType();
                if (valueType == null) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.nullValueType", wSSToken.getName());
                }
                String securityTokenReference = wSSToken.getSecurityTokenReference();
                if (securityTokenReference != null && securityTokenReference.length() > 0) {
                    throw SoapSecurityException.format("security.wssecurity.WSSecurityDefaultGeneratorConfig.s01", securityTokenReference, valueType.toString());
                }
                PrivateGeneratorConfig.TokenGeneratorConfImpl tokenGeneratorConfImpl = new PrivateGeneratorConfig.TokenGeneratorConfImpl();
                tokenGeneratorConfImpl._type = valueType;
                tokenGeneratorConfImpl._className = wSSToken.getClassname();
                if (!this._defaultTokenGenerators.contains(tokenGeneratorConfImpl._className)) {
                    this._userDefinedComponentsUsed = true;
                    tokenGeneratorConfImpl._userDefinedComponentsUsed = true;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "userDefinedComponentsUsed set to true; token generator = " + tokenGeneratorConfImpl._className);
                    }
                }
                WSSCallbackHandler callbackHandler = wSSToken.getCallbackHandler();
                if (callbackHandler != null) {
                    PrivateCommonConfig.CallbackHandlerConfImpl callbackHandlerConfImpl = new PrivateCommonConfig.CallbackHandlerConfImpl();
                    callbackHandlerConfImpl._className = callbackHandler.getClassname();
                    if (!this._defaultCallbackHandlers.contains(callbackHandlerConfImpl._className)) {
                        this._userDefinedComponentsUsed = true;
                        tokenGeneratorConfImpl._userDefinedComponentsUsed = true;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "userDefinedComponentsUsed set to true; callback handler = " + callbackHandlerConfImpl._className);
                        }
                    }
                    WSSKeyStore keyStore = callbackHandler.getKeyStore();
                    if (keyStore != null) {
                        PrivateCommonConfig.KeyStoreConfImpl keyStoreConfImpl = new PrivateCommonConfig.KeyStoreConfImpl();
                        keyStoreConfImpl._type = keyStore.getType();
                        keyStoreConfImpl._path = ConfigUtil.expandInstallLocation(keyStore.getPath());
                        keyStoreConfImpl._password = PasswordUtilFactory.getInstance().passwordDecode(keyStore.getStorepass());
                        keyStoreConfImpl._ksRef = keyStore.getKeyStoreRef();
                        callbackHandlerConfImpl._keyStore = keyStoreConfImpl;
                        if (keyStoreConfImpl._ksRef != null && keyStoreConfImpl._ksRef.length() != 0) {
                            tokenGeneratorConfImpl._properties.put("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", keyStoreConfImpl._ksRef);
                        }
                    }
                    WSSKey key = callbackHandler.getKey();
                    if (key != null) {
                        PrivateCommonConfig.KeyInformationConfImpl keyInformationConfImpl = new PrivateCommonConfig.KeyInformationConfImpl();
                        keyInformationConfImpl._alias = key.getAlias();
                        keyInformationConfImpl._keypass = PasswordUtilFactory.getInstance().passwordDecode(key.getKeypass());
                        keyInformationConfImpl._name = key.getName();
                        callbackHandlerConfImpl._keyInformation = keyInformationConfImpl;
                    }
                    WSSCertPathSettings certPathSettings = callbackHandler.getCertPathSettings();
                    if (certPathSettings != null && (certStoreRef = certPathSettings.getCertStoreRef()) != null) {
                        ArrayList arrayList = new ArrayList();
                        Provider provider = null;
                        if (certStoreRef != null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "CertStoreRef = " + certStoreRef);
                            }
                            boolean z3 = false;
                            if (list5 != null || list6 != null) {
                                if (list5 != null && (size2 = list5.size()) > 0) {
                                    int i2 = 0;
                                    while (true) {
                                        if (i2 >= size2) {
                                            break;
                                        }
                                        WSSCollectionCertStores wSSCollectionCertStores = list5.get(i2);
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "collectionCertStore.get(" + i2 + ") = " + wSSCollectionCertStores.getName());
                                        }
                                        if (certStoreRef == null || !certStoreRef.equals(wSSCollectionCertStores.getName())) {
                                            i2++;
                                        } else {
                                            provider = Security.getProvider(wSSCollectionCertStores.getProvider());
                                            HashMap hashMap4 = new HashMap();
                                            HashSet hashSet = new HashSet();
                                            List<String> x509Paths = wSSCollectionCertStores.getX509Paths();
                                            int size4 = x509Paths.size();
                                            if (size4 > 0) {
                                                for (int i3 = 0; i3 < size4; i3++) {
                                                    String expandInstallLocation = ConfigUtil.expandInstallLocation(x509Paths.get(i3));
                                                    CertificateFactory certificateFactory = (CertificateFactory) hashMap4.get("");
                                                    if (certificateFactory == null) {
                                                        certificateFactory = ConfigUtil.createCertificateFactory("");
                                                        hashMap4.put("", certificateFactory);
                                                    }
                                                    hashSet.add(ConfigUtil.getX509Certificate(new File(expandInstallLocation), certificateFactory));
                                                    if (tc.isDebugEnabled()) {
                                                        Tr.debug(tc, "Adding the X509 certificate: " + expandInstallLocation);
                                                    }
                                                }
                                            }
                                            List<String> cRLPaths = wSSCollectionCertStores.getCRLPaths();
                                            int size5 = cRLPaths.size();
                                            if (size5 > 0) {
                                                for (int i4 = 0; i4 < size5; i4++) {
                                                    String expandInstallLocation2 = ConfigUtil.expandInstallLocation(cRLPaths.get(i4));
                                                    CertificateFactory certificateFactory2 = (CertificateFactory) hashMap4.get("");
                                                    if (certificateFactory2 == null) {
                                                        certificateFactory2 = ConfigUtil.createCertificateFactory("");
                                                        hashMap4.put("", certificateFactory2);
                                                    }
                                                    hashSet.add(ConfigUtil.getX509CRL(new File(expandInstallLocation2), certificateFactory2));
                                                    if (tc.isDebugEnabled()) {
                                                        Tr.debug(tc, "Adding the X509 CRL: " + expandInstallLocation2);
                                                    }
                                                }
                                            }
                                            CollectionCertStoreParameters collectionCertStoreParameters = null;
                                            try {
                                                collectionCertStoreParameters = new CollectionCertStoreParameters(hashSet);
                                                arrayList.add(provider == null ? CertStore.getInstance("Collection", collectionCertStoreParameters) : CertStore.getInstance("Collection", collectionCertStoreParameters, provider));
                                                if (tc.isDebugEnabled()) {
                                                    Tr.debug(tc, "Found CertStore for " + certStoreRef);
                                                }
                                                z3 = true;
                                            } catch (InvalidAlgorithmParameterException e) {
                                                TraceComponent traceComponent = tc;
                                                Object[] objArr = new Object[1];
                                                objArr[0] = collectionCertStoreParameters.toString() == null ? "" : collectionCertStoreParameters.toString();
                                                Tr.error(traceComponent, "security.wssecurity.CommonReceiverConfig.s21", objArr);
                                                throw SoapSecurityException.format("security.wssecurity.CommonReceiverConfig.s21", collectionCertStoreParameters.toString() == null ? "" : collectionCertStoreParameters.toString(), e);
                                            } catch (NoSuchAlgorithmException e2) {
                                                Tr.error(tc, "security.wssecurity.CommonReceiverConfig.s20", new Object[]{"Collection"});
                                                throw SoapSecurityException.format("security.wssecurity.CommonReceiverConfig.s20", "Collection", e2);
                                            } catch (Throwable th) {
                                                Tr.error(tc, "security.wssecurity.load.collectioncertstore.failed", new String[]{wSSCollectionCertStores.getName(), th.getMessage()});
                                                throw SoapSecurityException.format("security.wssecurity.load.collectioncertstore.failed", new String[]{wSSCollectionCertStores.getName(), th.getMessage()}, th);
                                            }
                                        }
                                    }
                                }
                                if (!z3 && list6 != null && (size = list6.size()) > 0) {
                                    int i5 = 0;
                                    while (true) {
                                        if (i5 >= size) {
                                            break;
                                        }
                                        WSSLdapCertStores wSSLdapCertStores = list6.get(i5);
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "ldapCertStores.get(" + i5 + ") = " + wSSLdapCertStores.getName());
                                        }
                                        if (certStoreRef == null || !certStoreRef.equals(wSSLdapCertStores.getName())) {
                                            i5++;
                                        } else {
                                            String host = wSSLdapCertStores.getHost();
                                            try {
                                                int parseInt = Integer.parseInt(wSSLdapCertStores.getPort());
                                                provider = Security.getProvider(wSSLdapCertStores.getProvider());
                                                LDAPCertStoreParameters lDAPCertStoreParameters = new LDAPCertStoreParameters(host, parseInt);
                                                if (provider == null) {
                                                    try {
                                                        certStore = CertStore.getInstance("LDAP", lDAPCertStoreParameters);
                                                    } catch (InvalidAlgorithmParameterException e3) {
                                                        Tr.processException(e3, clsName + ".PolicyOutboundConfig", "1654", this);
                                                        Tr.error(tc, "security.wssecurity.PrivateGeneratorConfig.s21", lDAPCertStoreParameters.toString());
                                                        throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s21", lDAPCertStoreParameters.toString());
                                                    } catch (NoSuchAlgorithmException e4) {
                                                        Tr.processException(e4, clsName + ".PolicyOutboundConfig", "1649", this);
                                                        Tr.error(tc, "security.wssecurity.PrivateGeneratorConfig.s20", "LDAP");
                                                        throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s20", "LDAP");
                                                    }
                                                } else {
                                                    certStore = CertStore.getInstance("LDAP", lDAPCertStoreParameters, provider);
                                                }
                                                arrayList.add(certStore);
                                                if (tc.isDebugEnabled()) {
                                                    Tr.debug(tc, "Found CertStore for " + certStoreRef);
                                                }
                                            } catch (NumberFormatException e5) {
                                                String port = wSSLdapCertStores.getPort();
                                                Tr.processException(e5, clsName + ".PolicyOutboundConfig", "1632", this);
                                                Tr.error(tc, "security.wssecurity.PrivateGeneratorConfig.s19", port);
                                                throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s19", port, e5);
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        callbackHandlerConfImpl._provider = provider;
                        callbackHandlerConfImpl._certStores = arrayList;
                    }
                    WSSBasicAuth basicAuth = callbackHandler.getBasicAuth();
                    if (basicAuth != null) {
                        String userid = basicAuth.getUserid();
                        if (userid != null && userid.length() > 0) {
                            callbackHandlerConfImpl._userId = userid;
                        }
                        String passwordDecode = PasswordUtilFactory.getInstance().passwordDecode(basicAuth.getPassword());
                        if (passwordDecode != null && passwordDecode.length() > 0) {
                            callbackHandlerConfImpl._userPassword = passwordDecode.toCharArray();
                        }
                    }
                    ConfigConstants.getProperties(callbackHandlerConfImpl._properties, callbackHandler.getProperties(), variableExpander);
                    tokenGeneratorConfImpl._callbackHandler = callbackHandlerConfImpl;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Adding the callback handler: " + callbackHandlerConfImpl.getClassName());
                    }
                }
                WSSJaasConfig jaasConfig = wSSToken.getJaasConfig();
                if (jaasConfig == null) {
                    throw SoapSecurityException.format("security.wssecurity.PolicyInOutboundConfig.s17", valueType.toString());
                }
                tokenGeneratorConfImpl._jaasConfig = jaasConfig.getConfigName();
                if (!this._defaultJAASConfigs.contains(tokenGeneratorConfImpl._jaasConfig)) {
                    this._userDefinedComponentsUsed = true;
                    tokenGeneratorConfImpl._userDefinedComponentsUsed = true;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "userDefinedComponentsUsed set to true; JAAS config = " + tokenGeneratorConfImpl._jaasConfig);
                    }
                }
                ConfigConstants.getProperties(tokenGeneratorConfImpl._jaasConfigProperties, jaasConfig.getProperties(), variableExpander);
                ConfigConstants.getProperties(tokenGeneratorConfImpl._properties, wSSToken.getProperties(), variableExpander);
                hashMap2.clear();
                hashMap2.put(WSSFactory.TYPE, WSSFactory.PLUGGABLE);
                hashMap2.put(WSSFactory.CLASSNAME, tokenGeneratorConfImpl._className);
                if (0 != 0) {
                    hashMap2.put(WSSFactory.CLASSLOADER, null);
                }
                try {
                    tokenGeneratorConfImpl._instance = (TokenGeneratorComponent) wSSFactory.createGenerator(hashMap2, new HashMap());
                } catch (SoapSecurityException e6) {
                    Tr.warning(tc, "security.wssecurity.Instantiate", new Object[]{tokenGeneratorConfImpl._className});
                }
                this._tokenGenerators.add(tokenGeneratorConfImpl);
                String name = wSSToken.getName();
                if (name == null || name.length() == 0) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s26");
                }
                if (hashMap3.containsKey(name) && tc.isDebugEnabled()) {
                    Tr.debug(tc, "WARNING: token generator [" + name + "] is overwritten.");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Adding token generator: " + name);
                }
                hashMap3.put(name, tokenGeneratorConfImpl);
                tokenGeneratorConfImpl._name = name;
            }
        }
        if (list2 != null) {
            int size6 = list2.size();
            for (int i6 = 0; i6 < size6; i6++) {
                WSSKeyInfo wSSKeyInfo = list2.get(i6);
                PrivateGeneratorConfig.KeyInfoContentGeneratorConfImpl keyInfoContentGeneratorConfImpl = new PrivateGeneratorConfig.KeyInfoContentGeneratorConfImpl();
                keyInfoContentGeneratorConfImpl._className = wSSKeyInfo.getClassname();
                boolean z4 = true;
                if (!this._defaultKeyInfoContentGenerators.contains(keyInfoContentGeneratorConfImpl._className)) {
                    this._userDefinedComponentsUsed = true;
                    z4 = false;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "userDefinedComponentsUsed set to true; key info content generator = " + keyInfoContentGeneratorConfImpl._className);
                    }
                }
                keyInfoContentGeneratorConfImpl._keyInfoType = wSSKeyInfo.getType();
                String tokenReference = wSSKeyInfo.getTokenReference();
                if (tokenReference != null) {
                    if (tokenReference != null && tokenReference.length() > 0) {
                        keyInfoContentGeneratorConfImpl._tokenGenerator = (PrivateGeneratorConfig.TokenGeneratorConfImpl) hashMap3.get(tokenReference);
                        if (keyInfoContentGeneratorConfImpl._tokenGenerator == null) {
                            throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s31", tokenReference);
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Got the token reference: " + tokenReference);
                        }
                        if (!z4) {
                            keyInfoContentGeneratorConfImpl._tokenGenerator._userDefinedComponentsUsed = true;
                        }
                        if (0 == 0 && (str2 = (String) keyInfoContentGeneratorConfImpl._tokenGenerator._properties.get("com.ibm.ws.wssecurity.config.keystore.keyStoreRef")) != null) {
                            keyInfoContentGeneratorConfImpl._properties.put("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", str2);
                        }
                    } else if (keyInfoContentGeneratorConfImpl._className.equals("com.ibm.ws.webservices.wssecurity.keyinfo.STRReferenceContentGenerator")) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s29");
                    }
                } else if (keyInfoContentGeneratorConfImpl._className.equals("com.ibm.ws.webservices.wssecurity.keyinfo.STRReferenceContentGenerator")) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s29");
                }
                if (wSSKeyInfo.getDerivedKeyInfo() != null) {
                    WSSDerivedKeyInfo derivedKeyInfo = wSSKeyInfo.getDerivedKeyInfo();
                    DerivedKeyInfoConfig derivedKeyInfoConfig = new DerivedKeyInfoConfig();
                    derivedKeyInfoConfig.setClientLabel(derivedKeyInfo.getClientLabel());
                    derivedKeyInfoConfig.setServiceLabel(derivedKeyInfo.getServiceLabel());
                    derivedKeyInfoConfig.setKeyLength(derivedKeyInfo.getKeyLength());
                    derivedKeyInfoConfig.setNonceLength(derivedKeyInfo.getNonceLength());
                    derivedKeyInfoConfig.setRequireDerivedKeys(derivedKeyInfo.isRequireDerivedKeys());
                    derivedKeyInfoConfig.setRequireExplicitDerivedKeys(derivedKeyInfo.isRequireExplicitDerivedKeys());
                    derivedKeyInfoConfig.setRequireImpliedDerivedKeys(derivedKeyInfo.isRequireImpliedDerivedKeys());
                    keyInfoContentGeneratorConfImpl._derivedKeyInfo = derivedKeyInfoConfig;
                } else {
                    Map<Object, Object> properties2 = keyInfoContentGeneratorConfImpl._tokenGenerator.getProperties();
                    String str3 = (String) properties2.get(Constants.DERIVED_KEY_LENGTH);
                    String str4 = (String) properties2.get("com.ibm.ws.wssecurity.sc.dkt.ServiceLabel");
                    String str5 = (String) properties2.get("com.ibm.ws.wssecurity.sc.dkt.ClientLabel");
                    String str6 = (String) properties2.get(com.ibm.ws.wssecurity.common.Constants.REQUIRED_IMPLIED_DERIVED_KEYS);
                    if (com.ibm.ws.wssecurity.common.Constants.SC_200502.equals(keyInfoContentGeneratorConfImpl._tokenGenerator._type)) {
                        DerivedKeyInfoConfig derivedKeyInfoConfig2 = new DerivedKeyInfoConfig();
                        derivedKeyInfoConfig2.setRequireDerivedKeys(true);
                        derivedKeyInfoConfig2.setRequireExplicitDerivedKeys(true);
                        if (str3 != null && str3.length() > 0) {
                            derivedKeyInfoConfig2.setKeyLength(str3);
                        }
                        if (str4 != null && str4.length() > 0) {
                            derivedKeyInfoConfig2.setServiceLabel(str4);
                        }
                        if (str5 != null && str5.length() > 0) {
                            derivedKeyInfoConfig2.setClientLabel(str5);
                        }
                        if ("true".equals(str6)) {
                            derivedKeyInfoConfig2.setRequireImpliedDerivedKeys(true);
                        }
                        keyInfoContentGeneratorConfImpl._derivedKeyInfo = derivedKeyInfoConfig2;
                    }
                }
                ConfigConstants.getProperties(keyInfoContentGeneratorConfImpl._properties, wSSKeyInfo.getProperties(), variableExpander);
                hashMap2.clear();
                hashMap2.put(WSSFactory.TYPE, WSSFactory.PLUGGABLE);
                hashMap2.put(WSSFactory.CLASSNAME, keyInfoContentGeneratorConfImpl._className);
                if (keyInfoContentGeneratorConfImpl._className == null || keyInfoContentGeneratorConfImpl._className.length() == 0) {
                    throw SoapSecurityException.format("security.wssecurity.WSSFactorySOAPImpl.s03");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "KeyInfoContentGenerator classname = " + keyInfoContentGeneratorConfImpl._className);
                }
                if (z4) {
                    hashMap2.put(WSSFactory.CLASSLOADER, getClass().getClassLoader());
                } else if (0 != 0) {
                    hashMap2.put(WSSFactory.CLASSLOADER, null);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "ClassLoader used = " + hashMap2.get(WSSFactory.CLASSLOADER));
                }
                try {
                    keyInfoContentGeneratorConfImpl._instance = (KeyInfoContentGeneratorComponent) wSSFactory.createGenerator(hashMap2, new HashMap());
                } catch (SoapSecurityException e7) {
                    Tr.warning(tc, "security.wssecurity.Instantiate", new Object[]{keyInfoContentGeneratorConfImpl._className});
                }
                String name2 = wSSKeyInfo.getName();
                if (name2 == null || name2.length() == 0) {
                    throw SoapSecurityException.format("security.wssecurity.PrivateGeneratorConfig.s28");
                }
                if (hashMap.containsKey(name2) && tc.isDebugEnabled()) {
                    Tr.debug(tc, "WARNING: key info [" + name2 + "] is overwritten.");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Adding key info: " + name2);
                }
                hashMap.put(name2, keyInfoContentGeneratorConfImpl);
            }
        }
        if (list != null) {
            int size7 = list.size();
            for (int i7 = 0; i7 < size7; i7++) {
                WSSEncryptionInfo wSSEncryptionInfo = list.get(i7);
                PrivateGeneratorConfig.EncryptionGeneratorConfImpl encryptionGeneratorConfImpl = new PrivateGeneratorConfig.EncryptionGeneratorConfImpl();
                PrivateGeneratorConfig.KeyInfoGeneratorConfImpl keyInfoGeneratorConfImpl = new PrivateGeneratorConfig.KeyInfoGeneratorConfImpl();
                String str7 = null;
                String order = wSSEncryptionInfo.getOrder();
                if (order == null) {
                    throw SoapSecurityException.format("security.wssecurity.PolicyOutboundConfig.encorder");
                }
                encryptionGeneratorConfImpl._properties.put(com.ibm.ws.wssecurity.common.Constants.ORDER, Integer.valueOf(Integer.parseInt(order)));
                List<String> keyEncryptionKeyInfos = wSSEncryptionInfo.getKeyEncryptionKeyInfos();
                if (keyEncryptionKeyInfos != null && keyEncryptionKeyInfos.size() == 1) {
                    encryptionGeneratorConfImpl._isKeyEncryption = true;
                    String str8 = keyEncryptionKeyInfos.get(0);
                    if (str8 != null && str8.length() > 0) {
                        PrivateGeneratorConfig.KeyInfoContentGeneratorConfImpl keyInfoContentGeneratorConfImpl2 = (PrivateGeneratorConfig.KeyInfoContentGeneratorConfImpl) hashMap.get(str8);
                        if (keyInfoContentGeneratorConfImpl2 == null) {
                            throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s31", str8);
                        }
                        str7 = (String) keyInfoContentGeneratorConfImpl2._properties.get("com.ibm.ws.wssecurity.config.keystore.keyStoreRef");
                        PrivateGeneratorConfig.TokenGeneratorConfImpl tokenGeneratorConfImpl2 = keyInfoContentGeneratorConfImpl2._tokenGenerator;
                        if (tokenGeneratorConfImpl2 != null) {
                            tokenGeneratorConfImpl2._usedForEncryption = true;
                        }
                        keyInfoGeneratorConfImpl._contentGenerator = keyInfoContentGeneratorConfImpl2;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Got the key info reference: " + str8);
                        }
                    }
                }
                if (wSSEncryptionInfo.getEncryptionPartReference() != null && (dataEncryptionKeyInfo = wSSEncryptionInfo.getEncryptionPartReference().getDataEncryptionKeyInfo()) != null) {
                    encryptionGeneratorConfImpl._isKeyEncryption = false;
                    if (dataEncryptionKeyInfo != null && dataEncryptionKeyInfo.length() > 0) {
                        PrivateGeneratorConfig.KeyInfoContentGeneratorConfImpl keyInfoContentGeneratorConfImpl3 = (PrivateGeneratorConfig.KeyInfoContentGeneratorConfImpl) hashMap.get(dataEncryptionKeyInfo);
                        if (keyInfoContentGeneratorConfImpl3 == null) {
                            throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s31", dataEncryptionKeyInfo);
                        }
                        str7 = (String) keyInfoContentGeneratorConfImpl3._properties.get("com.ibm.ws.wssecurity.config.keystore.keyStoreRef");
                        PrivateGeneratorConfig.TokenGeneratorConfImpl tokenGeneratorConfImpl3 = keyInfoContentGeneratorConfImpl3._tokenGenerator;
                        if (tokenGeneratorConfImpl3 != null) {
                            tokenGeneratorConfImpl3._usedForEncryption = true;
                        }
                        keyInfoGeneratorConfImpl._contentGenerator = keyInfoContentGeneratorConfImpl3;
                        encryptionGeneratorConfImpl._encryptionKeyInfo = keyInfoGeneratorConfImpl;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Got the key info reference: " + dataEncryptionKeyInfo);
                        }
                    }
                }
                encryptionGeneratorConfImpl._encryptionKeyInfo = keyInfoGeneratorConfImpl;
                if (str7 != null && ConfigUtil.isHWKeyStore(str7)) {
                    encryptionGeneratorConfImpl._properties.put("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", str7);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Hardware KeyStore is used: " + str7);
                    }
                }
                ConfigConstants.getProperties(encryptionGeneratorConfImpl._properties, wSSEncryptionInfo.getProperties(), variableExpander);
                this._operationGenerators.add(encryptionGeneratorConfImpl);
            }
        }
        if (list3 != null) {
            int size8 = list3.size();
            for (int i8 = 0; i8 < size8; i8++) {
                WSSSigningInfo wSSSigningInfo = list3.get(i8);
                PrivateGeneratorConfig.SignatureGeneratorConfImpl signatureGeneratorConfImpl = new PrivateGeneratorConfig.SignatureGeneratorConfImpl();
                String order2 = wSSSigningInfo.getOrder();
                if (order2 == null) {
                    throw SoapSecurityException.format("security.wssecurity.PolicyOutboundConfig.sigorder");
                }
                signatureGeneratorConfImpl._properties.put(com.ibm.ws.wssecurity.common.Constants.ORDER, Integer.valueOf(Integer.parseInt(order2)));
                List<WSSSigningPartReference> signingPartReferences = wSSSigningInfo.getSigningPartReferences();
                if (signingPartReferences != null) {
                    int size9 = signingPartReferences.size();
                    for (int i9 = 0; i9 < size9; i9++) {
                        WSSSigningPartReference wSSSigningPartReference = signingPartReferences.get(i9);
                        PrivateCommonConfig.SigningReferenceConfImpl signingReferenceConfImpl = new PrivateCommonConfig.SigningReferenceConfImpl();
                        List<WSSTransform> transforms = wSSSigningPartReference.getTransforms();
                        if (transforms != null) {
                            int size10 = transforms.size();
                            for (int i10 = 0; i10 < size10; i10++) {
                                WSSTransform wSSTransform = transforms.get(i10);
                                if (wSSTransform != null) {
                                    PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl = new PrivateCommonConfig.AlgorithmConfImpl();
                                    algorithmConfImpl._algorithm = wSSTransform.getAlgorithm();
                                    ConfigConstants.getProperties(algorithmConfImpl._properties, wSSTransform.getProperties(), variableExpander);
                                    if ("http://www.w3.org/2000/09/xmldsig#enveloped-signature".equals(algorithmConfImpl._algorithm)) {
                                        signingReferenceConfImpl._transforms.add(0, algorithmConfImpl);
                                    } else {
                                        signingReferenceConfImpl._transforms.add(algorithmConfImpl);
                                    }
                                }
                            }
                        }
                        signatureGeneratorConfImpl._references.add(signingReferenceConfImpl);
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "WARNING: PartReference not found on SigningInfo. PartReference is required in order to retrieve the signature algorithms from Policy.");
                }
                PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl2 = new PrivateCommonConfig.AlgorithmConfImpl();
                algorithmConfImpl2._algorithm = null;
                signatureGeneratorConfImpl._canonicalizationMethod = algorithmConfImpl2;
                PrivateCommonConfig.AlgorithmConfImpl algorithmConfImpl3 = new PrivateCommonConfig.AlgorithmConfImpl();
                algorithmConfImpl3._algorithm = null;
                signatureGeneratorConfImpl._signatureMethod = algorithmConfImpl3;
                PrivateGeneratorConfig.KeyInfoGeneratorConfImpl keyInfoGeneratorConfImpl2 = new PrivateGeneratorConfig.KeyInfoGeneratorConfImpl();
                String str9 = null;
                List<String> signingKeyInfos = wSSSigningInfo.getSigningKeyInfos();
                if (signingKeyInfos != null && (str = signingKeyInfos.get(0)) != null && str.length() > 0) {
                    PrivateGeneratorConfig.KeyInfoContentGeneratorConfImpl keyInfoContentGeneratorConfImpl4 = (PrivateGeneratorConfig.KeyInfoContentGeneratorConfImpl) hashMap.get(str);
                    if (keyInfoContentGeneratorConfImpl4 == null) {
                        throw SoapSecurityException.format("security.wssecurity.PrivateConsumerConfig.s31", str);
                    }
                    str9 = (String) keyInfoContentGeneratorConfImpl4._properties.get("com.ibm.ws.wssecurity.config.keystore.keyStoreRef");
                    PrivateGeneratorConfig.TokenGeneratorConfImpl tokenGeneratorConfImpl4 = keyInfoContentGeneratorConfImpl4._tokenGenerator;
                    if (tokenGeneratorConfImpl4 != null) {
                        tokenGeneratorConfImpl4._usedForSignature = true;
                    }
                    keyInfoGeneratorConfImpl2._contentGenerator = keyInfoContentGeneratorConfImpl4;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Got the key info reference: " + str);
                    }
                }
                signatureGeneratorConfImpl._signingKeyInfo = keyInfoGeneratorConfImpl2;
                if (str9 != null && ConfigUtil.isHWKeyStore(str9)) {
                    signatureGeneratorConfImpl._properties.put("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", str9);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Hardware KeyStore is used: " + str9);
                    }
                }
                ConfigConstants.getProperties(signatureGeneratorConfImpl._properties, wSSSigningInfo.getProperties(), variableExpander);
                this._operationGenerators.add(signatureGeneratorConfImpl);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "init(Consumer, HashMap):", new Object[]{wSSBindings, variableExpander});
        }
    }
}
