package com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.impl;

import com.ibm.rational.test.lt.models.ws.LoggingUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.KeystoreManager;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.PolicyConfiguration;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.PolicyMdl;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.policy.util.PolicyAnalyzisUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.IChainedAlgorithm;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.KeyInformation;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.PolicyAlgorithm;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.X509Key;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.impl.CryptoIdentifierTypeUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.wsdl.WsdlPort;
import com.ibm.rational.test.lt.models.wscore.datamodel.wsdl.WsdlPortInformation;
import com.ibm.rational.test.lt.models.wscore.datamodel.wsdl.policy.util.OMAndPolicyParserUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.wsdl.policy.util.ValidationConfiguration;
import com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationResult;
import com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationRule;
import com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.WSSEVALIDMSG;
import com.ibm.rational.ttt.common.ui.factories.WF;
import com.ibm.rational.ttt.common.ustc.resources.util.WSDLInformationContainerManager;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import org.apache.ws.security.components.crypto.Crypto;

/* loaded from: input_file:com/ibm/rational/ttt/common/ui/editors/wsecurity/validation/internal/impl/CheckKeyStoreRelatedToPolicyForEncryption.class */
public class CheckKeyStoreRelatedToPolicyForEncryption implements IValidationRule {
    @Override // com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationRule
    public boolean applyTo(IChainedAlgorithm iChainedAlgorithm) {
        return iChainedAlgorithm instanceof PolicyAlgorithm;
    }

    @Override // com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationRule
    public String getTitle() {
        return WSSEVALIDMSG.CHECK_POLICY_KEYSTORES_ENCRYPTION;
    }

    @Override // com.ibm.rational.ttt.common.ui.editors.wsecurity.validation.internal.IValidationRule
    public final IValidationResult validate(IChainedAlgorithm iChainedAlgorithm, KeystoreManager keystoreManager, ValidationConfiguration validationConfiguration) {
        PolicyMdl policy = ((PolicyAlgorithm) iChainedAlgorithm).getPolicy();
        PolicyConfiguration policyConfiguration = policy.getPolicyConfiguration();
        if (validationConfiguration.GLOBAL_ANALYZIZ) {
            WsdlPortInformation[] allWsdlPortIdInvolved = PolicyAnalyzisUtil.getAllWsdlPortIdInvolved((WsdlPort) null, validationConfiguration);
            if (allWsdlPortIdInvolved.length == 0) {
                return IValidationResult.OK_RESULT;
            }
            for (int i = 0; i < allWsdlPortIdInvolved.length; i++) {
                IValidationResult result = getResult(PolicyAnalyzisUtil.getPolicyFor(allWsdlPortIdInvolved[i], policy), policy, extractKeyInformation(policyConfiguration), keystoreManager, true);
                if (!IValidationResult.OK_RESULT.equals(result)) {
                    return result;
                }
                IValidationResult result2 = getResult(PolicyAnalyzisUtil.getPolicyFor(allWsdlPortIdInvolved[i], policy), policy, extractKeyInformation(policyConfiguration), keystoreManager, false);
                if (!IValidationResult.OK_RESULT.equals(result2)) {
                    return result2;
                }
            }
            return IValidationResult.OK_RESULT;
        }
        WsdlPortInformation[] allWsdlPortIdInvolved2 = PolicyAnalyzisUtil.getAllWsdlPortIdInvolved(WSDLInformationContainerManager.getInstance().getWsdlStore().getWsdlPortById(validationConfiguration.wsdlPortId), validationConfiguration);
        if (allWsdlPortIdInvolved2.length == 0) {
            return IValidationResult.OK_RESULT;
        }
        for (int i2 = 0; i2 < allWsdlPortIdInvolved2.length; i2++) {
            if (validationConfiguration.forCALL) {
                IValidationResult result3 = getResult(PolicyAnalyzisUtil.getPolicyFor(allWsdlPortIdInvolved2[i2], policy), policy, extractKeyInformation(policyConfiguration), keystoreManager, true);
                if (!IValidationResult.OK_RESULT.equals(result3)) {
                    return result3;
                }
            } else {
                IValidationResult result4 = getResult(PolicyAnalyzisUtil.getPolicyFor(allWsdlPortIdInvolved2[i2], policy), policy, extractKeyInformation(policyConfiguration), keystoreManager, false);
                if (!IValidationResult.OK_RESULT.equals(result4)) {
                    return result4;
                }
            }
        }
        return IValidationResult.OK_RESULT;
    }

    private IValidationResult getResult(InputStream inputStream, PolicyMdl policyMdl, KeyInformation keyInformation, KeystoreManager keystoreManager, boolean z) {
        try {
            IValidationResult checkStore = checkStore(inputStream, policyMdl, extractKeyInformation(policyMdl.getPolicyConfiguration()), keystoreManager, useKeyInformation(policyMdl.getPolicyConfiguration()));
            return !IValidationResult.OK_RESULT.equals(checkStore) ? checkStore : IValidationResult.OK_RESULT;
        } catch (Exception e) {
            LoggingUtil.INSTANCE.error(getClass(), e);
            return new ValidationResult(3, WSSEVALIDMSG.POLICY_ERROR_REFER_TO_LOG);
        }
    }

    protected boolean useKeyInformation(PolicyConfiguration policyConfiguration) {
        return policyConfiguration.isUseEncryption();
    }

    protected KeyInformation extractKeyInformation(PolicyConfiguration policyConfiguration) {
        return policyConfiguration.getEncryptionstore();
    }

    private final IValidationResult checkStore(InputStream inputStream, PolicyMdl policyMdl, KeyInformation keyInformation, KeystoreManager keystoreManager, boolean z) {
        if ((keyInformation instanceof X509Key) && z) {
            X509Key x509Key = (X509Key) keyInformation;
            if (keyHasName(x509Key)) {
                if (keystoreManager.getKeyStoreConfiguration(x509Key.getKeyStoreAliasName()) == null) {
                    return new ValidationResult(3, WSSEVALIDMSG.NO_STORE_FOR_POLICY);
                }
                try {
                    Crypto createNEWCustomCryptoAndDoNotStore = CryptoIdentifierTypeUtil.createNEWCustomCryptoAndDoNotStore(keystoreManager, x509Key.getKeyStoreAliasName());
                    String value = x509Key.getName().getValue();
                    String value2 = x509Key.getPassWord().getValue();
                    if (createNEWCustomCryptoAndDoNotStore.getCertificates(value) == null) {
                        return new ValidationResult(3, WSSEVALIDMSG.THE_STORE_HAS_NO_CERTIFICATS);
                    }
                    try {
                        if (createNEWCustomCryptoAndDoNotStore.getPrivateKey(value, value2) == null) {
                            return new ValidationResult(3, WSSEVALIDMSG.THE_STORE_HAS_NO_PRIVATEKEYACCESSIBLE);
                        }
                    } catch (Throwable th) {
                        LoggingUtil.INSTANCE.error(getClass(), th);
                        return new ValidationResult(3, WSSEVALIDMSG.THE_STORE_HAS_NO_PRIVATEKEYACCESSIBLE);
                    }
                } catch (Throwable th2) {
                    LoggingUtil.INSTANCE.error(getClass(), th2);
                    return new ValidationResult(3, WSSEVALIDMSG.ERROR_WHEN_ACCESSING_THE_KEYSTORE);
                }
            } else if (doNeedToHaveAKeyHere(inputStream, policyMdl)) {
                return new ValidationResult(3, WSSEVALIDMSG.POLICY_ERROR_AKEY_IS_REQUIRED);
            }
        }
        return IValidationResult.OK_RESULT;
    }

    private boolean doNeedToHaveAKeyHere(InputStream inputStream, PolicyMdl policyMdl) {
        try {
            String streamAsString = OMAndPolicyParserUtil.getStreamAsString(inputStream);
            if (PolicyAnalyzisUtil.containsNonTransportBindingAssertions(OMAndPolicyParserUtil.parsePolicy(OMAndPolicyParserUtil.getItFromInputStreamWithoutSECURITYrelatedToAttacks(new ByteArrayInputStream(streamAsString.getBytes("UTF-8")))))) {
                return doContainKeyRequirmentForContext(new ByteArrayInputStream(streamAsString.getBytes("UTF-8")));
            }
            return false;
        } catch (Exception e) {
            e.printStackTrace();
            LoggingUtil.INSTANCE.error(CheckKeyStoreRelatedToPolicyForEncryption.class, e);
            return false;
        }
    }

    protected boolean doContainKeyRequirmentForContext(InputStream inputStream) {
        return PolicyAnalyzisUtil.requireAnEncryptionKeyStore(inputStream);
    }

    private boolean keyHasName(X509Key x509Key) {
        return (x509Key.getName() == null || x509Key.getName().getValue() == null || WF.EMPTY_STR.equals(x509Key.getName().getValue())) ? false : true;
    }
}
