package com.ibm.ws.wssecurity.wssapi.token.impl;

import com.ibm.websphere.wssecurity.wssapi.token.X509Token;
import com.ibm.ws.wssecurity.common.Constants;
import com.ibm.ws.wssecurity.util.CertificateUtil;
import com.ibm.ws.wssecurity.util.SecurityUIDGenerator;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.KeyInfo;
import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectOutput;
import java.security.AccessController;
import java.security.Key;
import java.security.PrivilegedAction;
import java.security.SecurityPermission;
import java.security.cert.X509Certificate;
import org.apache.axis2.util.ObjectStateUtils;

/* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/wssapi/token/impl/X509TokenImpl.class */
public class X509TokenImpl extends BinarySecurityTokenImpl implements X509Token {
    private static final long serialVersionUID = 3166835820878605529L;
    private static final String VERSION_NUMBER = "1.0";
    private X509Certificate certificate;
    private String issuerName;
    private String issuerSerial;
    protected int hashcode = 0;
    private static final TraceComponent tc = Tr.register(X509TokenImpl.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final SecurityPermission SETCERT_PERM = new SecurityPermission("wssapi.X509Token.setCertificate");

    public X509TokenImpl() {
        this.keyIdentifierValueType = Constants.X509_SKI_OLD;
        this.keyIdentifierEncodingType = Constants.BASE64_BINARY;
        this.valueType = X509Token.ValueType;
        this.tokenQName = X509Token.TokenQname;
    }

    public void setTokenToErrata10() {
        if (this.readOnly) {
            return;
        }
        this.keyIdentifierValueType = Constants.X509_SKI;
        this.valueType = Constants.X509V3;
    }

    @Override // com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenImpl, com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
    public String getId() {
        if (this.id == null || this.id.length() == 0) {
            this.id = "x509_" + String.valueOf(SecurityUIDGenerator.createUID().hashCode());
        }
        return this.id;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.X509Token
    public X509Certificate getCertificate() {
        X509Certificate x509Certificate = this.certificate;
        if (this.readOnly && this.certificate != null) {
            try {
                x509Certificate = CertificateUtil.generateX509Certificate(this.certificate.getEncoded(), null);
            } catch (Exception e) {
                x509Certificate = null;
            }
        }
        return x509Certificate;
    }

    public void setCertificate(X509Certificate x509Certificate) {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Performing Java 2 Security Permission Check ...");
                Tr.debug(tc, "Expecting : " + SETCERT_PERM.toString());
            }
            securityManager.checkPermission(SETCERT_PERM);
        }
        if (this.readOnly) {
            return;
        }
        this.certificate = x509Certificate;
        if (x509Certificate == null) {
            this.principal = null;
            return;
        }
        this.principal = x509Certificate.getSubjectDN().getName();
        String encodeDName = KeyInfo.X509Data.encodeDName(this.principal);
        if (encodeDName == null || encodeDName.length() <= 0) {
            return;
        }
        this.principal = encodeDName;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.X509Token
    public String getIssuerName() {
        return this.issuerName;
    }

    public void setIssuerName(String str) {
        if (this.readOnly) {
            return;
        }
        this.issuerName = str;
    }

    @Override // com.ibm.websphere.wssecurity.wssapi.token.X509Token
    public String getIssuerSerial() {
        return this.issuerSerial;
    }

    public void setIssuerSerial(String str) {
        if (this.readOnly) {
            return;
        }
        this.issuerSerial = str;
    }

    @Override // com.ibm.ws.wssecurity.wssapi.token.impl.BinarySecurityTokenImpl, com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenImpl
    public String toString() {
        return getClass().getName() + ":" + this.id;
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        return (obj instanceof X509TokenImpl) && ((X509TokenImpl) obj).hashCode() == hashCode();
    }

    public int hashCode() {
        if (this.hashcode == 0) {
            if (getCertificate() != null) {
                this.hashcode = getCertificate().hashCode();
                if (returnKey(this, 61) != null) {
                    this.hashcode = (this.hashcode * 31) + 1;
                }
                if (returnKey(this, 63) != null) {
                    this.hashcode = (this.hashcode * 31) + 3;
                }
                if (returnKey(this, 62) != null) {
                    this.hashcode = (this.hashcode * 31) + 5;
                }
                if (returnKey(this, 64) != null) {
                    this.hashcode = (this.hashcode * 31) + 7;
                }
            } else {
                this.hashcode = SecurityUIDGenerator.createUID().hashCode();
            }
        }
        return this.hashcode;
    }

    public void setHashCode(int i) {
        if (i == 0) {
            this.hashcode = 0;
            hashCode();
        }
        this.hashcode = i;
    }

    @Override // com.ibm.ws.wssecurity.wssapi.token.impl.BinarySecurityTokenImpl, com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenImpl, java.io.Externalizable
    public void readExternal(ObjectInput objectInput) throws IOException, ClassNotFoundException {
        super.readExternal(objectInput);
        if ("1.0".equals(ObjectStateUtils.readString(objectInput, "X509Token.version"))) {
            Object readObject = ObjectStateUtils.readObject(objectInput, "X509Token.certificate");
            if (readObject != null) {
                this.certificate = (X509Certificate) readObject;
            }
            this.issuerName = ObjectStateUtils.readString(objectInput, "X509Token.issuerName");
            this.issuerSerial = ObjectStateUtils.readString(objectInput, "X509Token.issuerSerial");
        }
    }

    @Override // com.ibm.ws.wssecurity.wssapi.token.impl.BinarySecurityTokenImpl, com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenImpl, java.io.Externalizable
    public void writeExternal(ObjectOutput objectOutput) throws IOException {
        super.writeExternal(objectOutput);
        ObjectStateUtils.writeString(objectOutput, "1.0", "UsernameToken.version");
        ObjectStateUtils.writeObject(objectOutput, this.certificate, "X509Token.certificate");
        ObjectStateUtils.writeString(objectOutput, this.issuerName, "X509Token.issuerName");
        ObjectStateUtils.writeString(objectOutput, this.issuerSerial, "X509Token.issuerSerial");
    }

    private static Key returnKey(X509TokenImpl x509TokenImpl, final int i) {
        return (Key) AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.wssecurity.wssapi.token.impl.X509TokenImpl.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    return X509TokenImpl.this.getKey(i);
                } catch (Exception e) {
                    return null;
                }
            }
        });
    }
}
