package org.apache.ws.security.handler;

import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Hashtable;
import java.util.Vector;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.message.WSAddTimestamp;
import org.apache.ws.security.message.WSEncryptBody;
import org.apache.ws.security.message.WSSAddSAMLToken;
import org.apache.ws.security.message.WSSAddUsernameToken;
import org.apache.ws.security.message.WSSignEnvelope;
import org.apache.ws.security.message.token.Timestamp;
import org.apache.ws.security.saml.SAMLIssuer;
import org.apache.ws.security.saml.SAMLIssuerFactory;
import org.apache.ws.security.util.Loader;
import org.apache.ws.security.util.StringUtil;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.apache.xml.security.signature.XMLSignature;
import org.opensaml.SAMLAssertion;
import org.w3c.dom.Document;

/* loaded from: input_file:lib/wss4j.jar:org/apache/ws/security/handler/WSHandler.class */
public abstract class WSHandler {
    protected static Log log;
    protected static final WSSecurityEngine secEngine;
    protected static boolean doDebug;
    protected static Hashtable cryptos;
    static Class class$org$apache$ws$security$handler$WSHandler;

    /* JADX INFO: Access modifiers changed from: protected */
    public void doSenderAction(int i, Document document, RequestData requestData, Vector vector) throws WSSecurityException {
        boolean decodeMustUnderstand = decodeMustUnderstand(requestData);
        secEngine.setPrecisionInMilliSeconds(decodeTimestampPrecision(requestData));
        String str = (String) getOption("actor");
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), "actor");
        }
        requestData.setActor(str2);
        requestData.setSoapConstants(WSSecurityUtil.getSOAPConstants(document.getDocumentElement()));
        if ((i & 1) == 1) {
            decodeUTParameter(requestData);
        }
        if ((i & 64) == 64) {
            decodeUTParameter(requestData);
            decodeSignatureParameter(requestData);
        }
        if ((i & 2) == 2) {
            requestData.setSigCrypto(loadSignatureCrypto(requestData));
            decodeSignatureParameter(requestData);
        }
        if ((i & 16) == 16) {
            decodeSignatureParameter(requestData);
        }
        if ((i & 4) == 4) {
            requestData.setEncCrypto(loadEncryptionCrypto(requestData));
            decodeEncryptionParameter(requestData);
        }
        for (int i2 = 0; i2 < vector.size(); i2++) {
            int intValue = ((Integer) vector.get(i2)).intValue();
            if (doDebug) {
                log.debug(new StringBuffer().append("Performing Action: ").append(intValue).toString());
            }
            switch (intValue) {
                case 1:
                    performUTAction(intValue, decodeMustUnderstand, document, requestData);
                    break;
                case 2:
                    performSIGNAction(intValue, decodeMustUnderstand, document, requestData);
                    break;
                case 4:
                    performENCRAction(intValue, decodeMustUnderstand, document, requestData);
                    break;
                case 8:
                    performSTAction(intValue, decodeMustUnderstand, document, requestData);
                    break;
                case 16:
                    performST_SIGNAction(intValue, decodeMustUnderstand, document, requestData);
                    break;
                case 32:
                    performTSAction(intValue, decodeMustUnderstand, document, requestData);
                    break;
                case 64:
                    performUT_SIGNAction(intValue, decodeMustUnderstand, document, requestData);
                    break;
                case 256:
                    requestData.setNoSerialization(true);
                    break;
            }
        }
    }

    protected void performSIGNAction(int i, boolean z, Document document, RequestData requestData) throws WSSecurityException {
        String password = getPassword(requestData.getUsername(), i, "passwordCallbackClass", WSHandlerConstants.PW_CALLBACK_REF, requestData).getPassword();
        WSSignEnvelope wSSignEnvelope = new WSSignEnvelope(requestData.getActor(), z);
        if (requestData.getSigKeyId() != 0) {
            wSSignEnvelope.setKeyIdentifierType(requestData.getSigKeyId());
        }
        if (requestData.getSigAlgorithm() != null) {
            wSSignEnvelope.setSignatureAlgorithm(requestData.getSigAlgorithm());
        }
        wSSignEnvelope.setUserInfo(requestData.getUsername(), password);
        if (requestData.getSignatureParts().size() > 0) {
            wSSignEnvelope.setParts(requestData.getSignatureParts());
        }
        try {
            wSSignEnvelope.build(document, requestData.getSigCrypto());
        } catch (WSSecurityException e) {
            throw new WSSecurityException(new StringBuffer().append("WSHandler: Signature: error during message procesing").append(e).toString());
        }
    }

    protected void performENCRAction(int i, boolean z, Document document, RequestData requestData) throws WSSecurityException {
        WSEncryptBody wSEncryptBody = new WSEncryptBody(requestData.getActor(), z);
        if (requestData.getEncKeyId() != 0) {
            wSEncryptBody.setKeyIdentifierType(requestData.getEncKeyId());
        }
        if (requestData.getEncKeyId() == 5) {
            String str = (String) getOption(WSHandlerConstants.ENC_KEY_NAME);
            String str2 = str;
            if (str == null) {
                str2 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.ENC_KEY_NAME);
            }
            wSEncryptBody.setEmbeddedKeyName(str2);
            wSEncryptBody.setKey(getPassword(requestData.getEncUser(), i, WSHandlerConstants.ENC_CALLBACK_CLASS, WSHandlerConstants.ENC_CALLBACK_REF, requestData).getKey());
        }
        if (requestData.getEncSymmAlgo() != null) {
            wSEncryptBody.setSymmetricEncAlgorithm(requestData.getEncSymmAlgo());
        }
        if (requestData.getEncKeyTransport() != null) {
            wSEncryptBody.setKeyEnc(requestData.getEncKeyTransport());
        }
        wSEncryptBody.setUserInfo(requestData.getEncUser());
        wSEncryptBody.setUseThisCert(requestData.getEncCert());
        if (requestData.getEncryptParts().size() > 0) {
            wSEncryptBody.setParts(requestData.getEncryptParts());
        }
        try {
            wSEncryptBody.build(document, requestData.getEncCrypto());
        } catch (WSSecurityException e) {
            throw new WSSecurityException(new StringBuffer().append("WSHandler: Encryption: error during message processing").append(e).toString());
        }
    }

    protected void performUTAction(int i, boolean z, Document document, RequestData requestData) throws WSSecurityException {
        String password = getPassword(requestData.getUsername(), i, "passwordCallbackClass", WSHandlerConstants.PW_CALLBACK_REF, requestData).getPassword();
        WSSAddUsernameToken wSSAddUsernameToken = new WSSAddUsernameToken(requestData.getActor(), z);
        wSSAddUsernameToken.setPasswordType(requestData.getPwType());
        wSSAddUsernameToken.build(document, requestData.getUsername(), password);
        if (requestData.getUtElements() == null || requestData.getUtElements().length <= 0) {
            return;
        }
        for (int i2 = 0; i2 < requestData.getUtElements().length; i2++) {
            requestData.getUtElements()[i2].trim();
            if (requestData.getUtElements()[i2].equals("Nonce")) {
                wSSAddUsernameToken.addNonce(document);
            }
            if (requestData.getUtElements()[i2].equals("Created")) {
                wSSAddUsernameToken.addCreated(document);
            }
            requestData.getUtElements()[i2] = null;
        }
    }

    protected void performUT_SIGNAction(int i, boolean z, Document document, RequestData requestData) throws WSSecurityException {
        String password = getPassword(requestData.getUsername(), i, "passwordCallbackClass", WSHandlerConstants.PW_CALLBACK_REF, requestData).getPassword();
        WSSAddUsernameToken wSSAddUsernameToken = new WSSAddUsernameToken(requestData.getActor(), z);
        wSSAddUsernameToken.setPasswordType(WSConstants.PASSWORD_TEXT);
        wSSAddUsernameToken.preSetUsernameToken(document, requestData.getUsername(), password);
        wSSAddUsernameToken.addCreated(document);
        wSSAddUsernameToken.addNonce(document);
        WSSignEnvelope wSSignEnvelope = new WSSignEnvelope(requestData.getActor(), z);
        if (requestData.getSignatureParts().size() > 0) {
            wSSignEnvelope.setParts(requestData.getSignatureParts());
        }
        wSSignEnvelope.setUsernameToken(wSSAddUsernameToken);
        wSSignEnvelope.setKeyIdentifierType(7);
        wSSignEnvelope.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
        try {
            wSSignEnvelope.build(document, null);
            wSSAddUsernameToken.build(document, null, null);
        } catch (WSSecurityException e) {
            throw new WSSecurityException(new StringBuffer().append("WSHandler: Error during Signatur with UsernameToken secret").append(e).toString());
        }
    }

    protected void performSTAction(int i, boolean z, Document document, RequestData requestData) throws WSSecurityException {
        WSSAddSAMLToken wSSAddSAMLToken = new WSSAddSAMLToken(requestData.getActor(), z);
        SAMLIssuer loadSamlIssuer = loadSamlIssuer(requestData);
        loadSamlIssuer.setUsername(requestData.getUsername());
        wSSAddSAMLToken.build(document, loadSamlIssuer.newAssertion());
    }

    protected void performST_SIGNAction(int i, boolean z, Document document, RequestData requestData) throws WSSecurityException {
        Crypto crypto = null;
        try {
            crypto = loadSignatureCrypto(requestData);
        } catch (WSSecurityException e) {
        }
        SAMLIssuer loadSamlIssuer = loadSamlIssuer(requestData);
        loadSamlIssuer.setUsername(requestData.getUsername());
        loadSamlIssuer.setUserCrypto(crypto);
        loadSamlIssuer.setInstanceDoc(document);
        SAMLAssertion newAssertion = loadSamlIssuer.newAssertion();
        if (newAssertion == null) {
            throw new WSSecurityException("WSHandler: Signed SAML: no SAML token received");
        }
        String str = null;
        String str2 = null;
        Crypto crypto2 = null;
        WSSignEnvelope wSSignEnvelope = new WSSignEnvelope(requestData.getActor(), z);
        if (loadSamlIssuer.isSenderVouches()) {
            str = loadSamlIssuer.getIssuerKeyName();
            str2 = loadSamlIssuer.getIssuerKeyPassword();
            crypto2 = loadSamlIssuer.getIssuerCrypto();
        } else {
            wSSignEnvelope.setUserInfo(requestData.getUsername(), getPassword(requestData.getUsername(), i, "passwordCallbackClass", WSHandlerConstants.PW_CALLBACK_REF, requestData).getPassword());
        }
        if (requestData.getSigKeyId() != 0) {
            wSSignEnvelope.setKeyIdentifierType(requestData.getSigKeyId());
        }
        try {
            wSSignEnvelope.build(document, crypto, newAssertion, crypto2, str, str2);
        } catch (WSSecurityException e2) {
            throw new WSSecurityException(new StringBuffer().append("WSHandler: Signed SAML: error during message processing").append(e2).toString());
        }
    }

    protected void performTSAction(int i, boolean z, Document document, RequestData requestData) throws WSSecurityException {
        new WSAddTimestamp(requestData.getActor(), z).build(document, decodeTimeToLive(requestData));
    }

    protected Crypto loadSignatureCrypto(RequestData requestData) throws WSSecurityException {
        String str = (String) getOption(WSHandlerConstants.SIG_PROP_FILE);
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.SIG_PROP_FILE);
        }
        if (str2 == null) {
            throw new WSSecurityException("WSHandler: Signature: no crypto property file");
        }
        Crypto crypto = (Crypto) cryptos.get(str2);
        Crypto crypto2 = crypto;
        if (crypto == null) {
            crypto2 = CryptoFactory.getInstance(str2);
            cryptos.put(str2, crypto2);
        }
        return crypto2;
    }

    protected Crypto loadEncryptionCrypto(RequestData requestData) throws WSSecurityException {
        Crypto crypto;
        String str = (String) getOption(WSHandlerConstants.ENC_PROP_FILE);
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.ENC_PROP_FILE);
        }
        if (str2 != null) {
            Crypto crypto2 = (Crypto) cryptos.get(str2);
            crypto = crypto2;
            if (crypto2 == null) {
                crypto = CryptoFactory.getInstance(str2);
                cryptos.put(str2, crypto);
            }
        } else {
            Crypto sigCrypto = requestData.getSigCrypto();
            crypto = sigCrypto;
            if (sigCrypto == null) {
                throw new WSSecurityException("WSHandler: Encryption: no crypto property file");
            }
        }
        return crypto;
    }

    protected SAMLIssuer loadSamlIssuer(RequestData requestData) {
        String str = (String) getOption(WSHandlerConstants.SAML_PROP_FILE);
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.SAML_PROP_FILE);
        }
        return SAMLIssuerFactory.getInstance(str2);
    }

    protected void decodeUTParameter(RequestData requestData) throws WSSecurityException {
        requestData.setPwType((String) getOption("passwordType"));
        if (requestData.getPwType() == null) {
            requestData.setPwType((String) getProperty(requestData.getMsgContext(), "passwordType"));
        }
        if (requestData.getPwType() != null) {
            requestData.setPwType(requestData.getPwType().equals(WSConstants.PW_TEXT) ? WSConstants.PASSWORD_TEXT : WSConstants.PASSWORD_DIGEST);
        }
        String str = (String) getOption(WSHandlerConstants.ADD_UT_ELEMENTS);
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.ADD_UT_ELEMENTS);
        }
        if (str2 != null) {
            requestData.setUtElements(StringUtil.split(str2, ' '));
        }
    }

    protected void decodeSignatureParameter(RequestData requestData) throws WSSecurityException {
        String str = (String) getOption(WSHandlerConstants.SIG_KEY_ID);
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.SIG_KEY_ID);
        }
        if (str2 != null) {
            Integer num = (Integer) WSHandlerConstants.keyIdentifier.get(str2);
            if (num == null) {
                throw new WSSecurityException("WSHandler: Signature: unknown key identification");
            }
            requestData.setSigKeyId(num.intValue());
            if (requestData.getSigKeyId() != 2 && requestData.getSigKeyId() != 1 && requestData.getSigKeyId() != 3 && requestData.getSigKeyId() != 4) {
                throw new WSSecurityException("WSHandler: Signature: illegal key identification");
            }
        }
        requestData.setSigAlgorithm((String) getOption(WSHandlerConstants.SIG_ALGO));
        if (requestData.getSigAlgorithm() == null) {
        }
        String str3 = (String) getOption("signatureParts");
        String str4 = str3;
        if (str3 == null) {
            str4 = (String) getProperty(requestData.getMsgContext(), "signatureParts");
        }
        if (str4 != null) {
            splitEncParts(str4, requestData.getSignatureParts(), requestData);
        }
    }

    protected void decodeEncryptionParameter(RequestData requestData) throws WSSecurityException {
        requestData.setEncUser((String) getOption(WSHandlerConstants.ENCRYPTION_USER));
        if (requestData.getEncUser() == null) {
            requestData.setEncUser((String) getProperty(requestData.getMsgContext(), WSHandlerConstants.ENCRYPTION_USER));
        }
        if (requestData.getEncUser() == null) {
            requestData.setEncUser(requestData.getUsername());
        }
        if (requestData.getEncUser() == null) {
            throw new WSSecurityException("WSHandler: Encryption: no username");
        }
        handleSpecialUser(requestData);
        String str = (String) getOption(WSHandlerConstants.ENC_KEY_ID);
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.ENC_KEY_ID);
        }
        if (str2 != null) {
            Integer num = (Integer) WSHandlerConstants.keyIdentifier.get(str2);
            if (num == null) {
                throw new WSSecurityException("WSHandler: Encryption: unknown key identification");
            }
            requestData.setEncKeyId(num.intValue());
            if (requestData.getEncKeyId() != 2 && requestData.getEncKeyId() != 3 && requestData.getEncKeyId() != 4 && requestData.getEncKeyId() != 1 && requestData.getEncKeyId() != 5) {
                throw new WSSecurityException("WSHandler: Encryption: illegal key identification");
            }
        }
        requestData.setEncSymmAlgo((String) getOption(WSHandlerConstants.ENC_SYM_ALGO));
        if (requestData.getEncSymmAlgo() == null) {
            requestData.setEncSymmAlgo((String) getProperty(requestData.getMsgContext(), WSHandlerConstants.ENC_SYM_ALGO));
        }
        requestData.setEncKeyTransport((String) getOption(WSHandlerConstants.ENC_KEY_TRANSPORT));
        if (requestData.getEncKeyTransport() == null) {
            requestData.setEncKeyTransport((String) getProperty(requestData.getMsgContext(), WSHandlerConstants.ENC_KEY_TRANSPORT));
        }
        String str3 = (String) getOption(WSHandlerConstants.ENCRYPTION_PARTS);
        String str4 = str3;
        if (str3 == null) {
            str4 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.ENCRYPTION_PARTS);
        }
        if (str4 != null) {
            splitEncParts(str4, requestData.getEncryptParts(), requestData);
        }
    }

    protected boolean decodeMustUnderstand(RequestData requestData) throws WSSecurityException {
        boolean z = true;
        String str = (String) getOption("mustUnderstand");
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), "mustUnderstand");
        }
        if (str2 != null) {
            if (str2.equals("0") || str2.equals("false")) {
                z = false;
            } else {
                if (!str2.equals("1") && !str2.equals("true")) {
                    throw new WSSecurityException("WSHandler: illegal mustUnderstand parameter");
                }
                z = true;
            }
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int decodeTimeToLive(RequestData requestData) {
        String str = (String) getOption("timeToLive");
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), "timeToLive");
        }
        int i = 0;
        if (str2 != null) {
            try {
                i = Integer.parseInt(str2);
            } catch (NumberFormatException e) {
                i = requestData.getTimeToLive();
            }
        }
        if (i <= 0) {
            i = requestData.getTimeToLive();
        }
        return i;
    }

    protected boolean decodeTimestampPrecision(RequestData requestData) throws WSSecurityException {
        boolean z = true;
        String str = (String) getOption(WSHandlerConstants.TIMESTAMP_PRECISION);
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.TIMESTAMP_PRECISION);
        }
        if (str2 != null) {
            if (str2.equals("0") || str2.equals("false")) {
                z = false;
            } else {
                if (!str2.equals("1") && !str2.equals("true")) {
                    throw new WSSecurityException("WSHandler: illegal precisionInMilliSeconds parameter");
                }
                z = true;
            }
        }
        return z;
    }

    private WSPasswordCallback getPassword(String str, int i, String str2, String str3, RequestData requestData) throws WSSecurityException {
        WSPasswordCallback wSPasswordCallback;
        String str4 = (String) getOption(str2);
        String str5 = str4;
        if (str4 == null) {
            str5 = (String) getProperty(requestData.getMsgContext(), str2);
        }
        if (str5 != null) {
            wSPasswordCallback = readPwViaCallbackClass(str5, str, i);
            if (wSPasswordCallback.getPassword() == null && wSPasswordCallback.getKey() == null) {
                throw new WSSecurityException("WSHandler: password callback class provided null or empty password");
            }
        } else {
            CallbackHandler callbackHandler = (CallbackHandler) getProperty(requestData.getMsgContext(), str3);
            if (callbackHandler != null) {
                wSPasswordCallback = performCallback(callbackHandler, str, i);
                if (wSPasswordCallback.getPassword() == null && wSPasswordCallback.getKey() == null) {
                    throw new WSSecurityException("WSHandler: password callback provided null or empty password");
                }
            } else {
                String password = getPassword(requestData.getMsgContext());
                if (password == null) {
                    throw new WSSecurityException("WSHandler: application provided null or empty password");
                }
                setPassword(requestData.getMsgContext(), null);
                wSPasswordCallback = new WSPasswordCallback("", 0);
                wSPasswordCallback.setPassword(password);
            }
        }
        return wSPasswordCallback;
    }

    private WSPasswordCallback readPwViaCallbackClass(String str, String str2, int i) throws WSSecurityException {
        try {
            try {
                return performCallback((CallbackHandler) Loader.loadClass(str).newInstance(), str2, i);
            } catch (Exception e) {
                throw new WSSecurityException(new StringBuffer().append("WSHandler: cannot create instance of password callback: ").append(str).toString(), e);
            }
        } catch (ClassNotFoundException e2) {
            throw new WSSecurityException(new StringBuffer().append("WSHandler: cannot load password callback class: ").append(str).toString(), e2);
        }
    }

    private WSPasswordCallback performCallback(CallbackHandler callbackHandler, String str, int i) throws WSSecurityException {
        int i2 = 0;
        switch (i) {
            case 1:
            case 64:
                i2 = 2;
                break;
            case 2:
                i2 = 3;
                break;
            case 4:
                i2 = 4;
                break;
        }
        WSPasswordCallback wSPasswordCallback = new WSPasswordCallback(str, i2);
        try {
            callbackHandler.handle(new Callback[]{wSPasswordCallback});
            return wSPasswordCallback;
        } catch (Exception e) {
            throw new WSSecurityException("WSHandler: password callback failed", e);
        }
    }

    private void splitEncParts(String str, Vector vector, RequestData requestData) throws WSSecurityException {
        String substring;
        WSEncryptionPart wSEncryptionPart;
        for (String str2 : StringUtil.split(str, ';')) {
            String[] split = StringUtil.split(str2, '}');
            if (split.length == 1) {
                if (doDebug) {
                    log.debug(new StringBuffer().append("single partDef: '").append(split[0]).append("'").toString());
                }
                wSEncryptionPart = new WSEncryptionPart(split[0].trim(), requestData.getSoapConstants().getEnvelopeURI(), "Content");
            } else {
                if (split.length != 3) {
                    throw new WSSecurityException(new StringBuffer().append("WSHandler: wrong part definition: ").append(str).toString());
                }
                String trim = split[0].trim();
                String substring2 = trim.length() <= 1 ? "Content" : trim.substring(1);
                String trim2 = split[1].trim();
                if (trim2.length() <= 1) {
                    substring = requestData.getSoapConstants().getEnvelopeURI();
                } else {
                    substring = trim2.substring(1);
                    if (substring.equals(WSConstants.NULL_NS)) {
                        substring = null;
                    }
                }
                String trim3 = split[2].trim();
                if (doDebug) {
                    log.debug(new StringBuffer().append("partDefs: '").append(substring2).append("' ,'").append(substring).append("' ,'").append(trim3).append("'").toString());
                }
                wSEncryptionPart = new WSEncryptionPart(trim3, substring, substring2);
            }
            vector.add(wSEncryptionPart);
        }
    }

    private void handleSpecialUser(RequestData requestData) {
        Vector vector;
        if (WSHandlerConstants.USE_REQ_SIG_CERT.equals(requestData.getEncUser()) && (vector = (Vector) getProperty(requestData.getMsgContext(), WSHandlerConstants.RECV_RESULTS)) != null) {
            for (int i = 0; i < vector.size(); i++) {
                WSHandlerResult wSHandlerResult = (WSHandlerResult) vector.get(i);
                if (WSSecurityUtil.isActorEqual(requestData.getActor(), wSHandlerResult.getActor())) {
                    Vector results = wSHandlerResult.getResults();
                    for (int i2 = 0; i2 < results.size(); i2++) {
                        WSSecurityEngineResult wSSecurityEngineResult = (WSSecurityEngineResult) results.get(i2);
                        if (wSSecurityEngineResult.getAction() == 2) {
                            requestData.setEncCert(wSSecurityEngineResult.getCertificate());
                            return;
                        }
                    }
                }
            }
        }
    }

    protected Crypto loadDecryptionCrypto(RequestData requestData) throws WSSecurityException {
        Crypto crypto;
        String str = (String) getOption(WSHandlerConstants.DEC_PROP_FILE);
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), WSHandlerConstants.DEC_PROP_FILE);
        }
        if (str2 != null) {
            Crypto crypto2 = (Crypto) cryptos.get(str2);
            crypto = crypto2;
            if (crypto2 == null) {
                crypto = CryptoFactory.getInstance(str2);
                cryptos.put(str2, crypto);
            }
        } else {
            Crypto sigCrypto = requestData.getSigCrypto();
            crypto = sigCrypto;
            if (sigCrypto == null) {
                throw new WSSecurityException("WSHandler: Encryption: no crypto property file");
            }
        }
        return crypto;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void decodeSignatureParameter2(RequestData requestData) throws WSSecurityException {
        requestData.setSigCrypto(loadSignatureCrypto(requestData));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void decodeDecryptionParameter(RequestData requestData) throws WSSecurityException {
        requestData.setDecCrypto(loadDecryptionCrypto(requestData));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CallbackHandler getPasswordCB(RequestData requestData) throws WSSecurityException {
        CallbackHandler callbackHandler;
        String str = (String) getOption("passwordCallbackClass");
        String str2 = str;
        if (str == null) {
            str2 = (String) getProperty(requestData.getMsgContext(), "passwordCallbackClass");
        }
        if (str2 != null) {
            try {
                try {
                    callbackHandler = (CallbackHandler) Loader.loadClass(str2).newInstance();
                } catch (Exception e) {
                    throw new WSSecurityException(new StringBuffer().append("WSHandler: cannot create instance of password callback: ").append(str2).toString(), e);
                }
            } catch (ClassNotFoundException e2) {
                throw new WSSecurityException(new StringBuffer().append("WSHandler: cannot load password callback class: ").append(str2).toString(), e2);
            }
        } else {
            callbackHandler = (CallbackHandler) getProperty(requestData.getMsgContext(), WSHandlerConstants.PW_CALLBACK_REF);
            if (callbackHandler == null) {
                throw new WSSecurityException("WSHandler: no reference in callback property");
            }
        }
        return callbackHandler;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean verifyTrust(X509Certificate x509Certificate, RequestData requestData) throws WSSecurityException {
        if (x509Certificate == null) {
            return false;
        }
        String name = x509Certificate.getSubjectDN().getName();
        String name2 = x509Certificate.getIssuerDN().getName();
        BigInteger serialNumber = x509Certificate.getSerialNumber();
        if (doDebug) {
            log.debug(new StringBuffer().append("WSHandler: Transmitted certificate has subject ").append(name).toString());
            log.debug(new StringBuffer().append("WSHandler: Transmitted certificate has issuer ").append(name2).append(" (serial ").append(serialNumber).append(")").toString());
        }
        try {
            String aliasForX509Cert = requestData.getSigCrypto().getAliasForX509Cert(name2, serialNumber);
            if (aliasForX509Cert != null) {
                try {
                    X509Certificate[] certificates = requestData.getSigCrypto().getCertificates(aliasForX509Cert);
                    if (certificates != null && certificates.length > 0 && x509Certificate.equals(certificates[0])) {
                        if (!doDebug) {
                            return true;
                        }
                        log.debug(new StringBuffer().append("Direct trust for certificate with ").append(name).toString());
                        return true;
                    }
                } catch (WSSecurityException e) {
                    throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get certificates for alias ").append(aliasForX509Cert).toString(), (Throwable) e);
                }
            } else if (doDebug) {
                log.debug(new StringBuffer().append("No alias found for subject from issuer with ").append(name2).append(" (serial ").append(serialNumber).append(")").toString());
            }
            try {
                String[] aliasesForDN = requestData.getSigCrypto().getAliasesForDN(name2);
                if (aliasesForDN == null || aliasesForDN.length < 1) {
                    if (!doDebug) {
                        return false;
                    }
                    log.debug(new StringBuffer().append("No aliases found in keystore for issuer ").append(name2).append(" of certificate for ").append(name).toString());
                    return false;
                }
                for (int i = 0; i < aliasesForDN.length; i++) {
                    String str = aliasesForDN[i];
                    if (doDebug) {
                        log.debug(new StringBuffer().append("Preparing to validate certificate path with alias ").append(str).append(" for issuer ").append(name2).toString());
                    }
                    try {
                        X509Certificate[] certificates2 = requestData.getSigCrypto().getCertificates(str);
                        if ((certificates2 == null) || (certificates2.length < 1)) {
                            throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get certificates for alias ").append(str).toString());
                        }
                        X509Certificate[] x509CertificateArr = new X509Certificate[certificates2.length + 1];
                        x509CertificateArr[0] = x509Certificate;
                        for (int i2 = 0; i2 < certificates2.length; i2++) {
                            x509Certificate = certificates2[i];
                            x509CertificateArr[certificates2.length + i2] = x509Certificate;
                        }
                        try {
                            if (requestData.getSigCrypto().validateCertPath(x509CertificateArr)) {
                                if (!doDebug) {
                                    return true;
                                }
                                log.debug(new StringBuffer().append("WSHandler: Certificate path has been verified for certificate with subject ").append(name).toString());
                                return true;
                            }
                        } catch (WSSecurityException e2) {
                            throw new WSSecurityException(new StringBuffer().append("WSHandler: Certificate path verification failed for certificate with subject ").append(name).toString(), (Throwable) e2);
                        }
                    } catch (WSSecurityException e3) {
                        throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get certificates for alias ").append(str).toString(), (Throwable) e3);
                    }
                }
                log.debug(new StringBuffer().append("WSHandler: Certificate path could not be verified for certificate with subject ").append(name).toString());
                return false;
            } catch (WSSecurityException e4) {
                throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get alias for certificate with ").append(name2).toString(), (Throwable) e4);
            }
        } catch (WSSecurityException e5) {
            throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get alias for certificate with ").append(name).toString(), (Throwable) e5);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean verifyTimestamp(Timestamp timestamp, int i) throws WSSecurityException {
        Calendar calendar = Calendar.getInstance();
        calendar.setTimeInMillis(calendar.getTimeInMillis() - (i * 1000));
        if (doDebug) {
            log.debug("Preparing to verify the timestamp");
            XmlSchemaDateFormat xmlSchemaDateFormat = new XmlSchemaDateFormat();
            log.debug(new StringBuffer().append("Validation of Timestamp: Current time is ").append(xmlSchemaDateFormat.format(Calendar.getInstance().getTime())).toString());
            log.debug(new StringBuffer().append("Validation of Timestamp: Valid creation is ").append(xmlSchemaDateFormat.format(calendar.getTime())).toString());
            log.debug(new StringBuffer().append("Validation of Timestamp: Timestamp created is ").append(xmlSchemaDateFormat.format(timestamp.getCreated().getTime())).toString());
        }
        if (timestamp.getCreated().after(calendar)) {
            log.debug("Validation of Timestamp: Everything is ok");
            return true;
        }
        if (!doDebug) {
            return false;
        }
        log.debug("Validation of Timestamp: The message was created too long ago");
        return false;
    }

    public abstract Object getOption(String str);

    public abstract Object getProperty(Object obj, String str);

    public abstract String getPassword(Object obj);

    public abstract void setPassword(Object obj, String str);

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$ws$security$handler$WSHandler == null) {
            cls = class$("org.apache.ws.security.handler.WSHandler");
            class$org$apache$ws$security$handler$WSHandler = cls;
        } else {
            cls = class$org$apache$ws$security$handler$WSHandler;
        }
        log = LogFactory.getLog(cls.getName());
        secEngine = WSSecurityEngine.getInstance();
        doDebug = true;
        cryptos = new Hashtable(5);
    }
}
