package com.ibm.ISecurityUtilityImpl;

import com.ibm.IExtendedSecurityReplaceablePriv.Vault;
import com.ibm.IExtendedSecurityReplaceablePrivImpl.SecurityContextImpl;
import com.ibm.ISecurityL13SupportImpl.SecurityLogger;
import com.ibm.ISecurityLocalObjectBaseL13Impl.VaultImpl;
import com.ibm.ISecurityLocalObjectBasicAuthImpl.CredentialsImpl;
import com.ibm.ISecurityLocalObjectBasicAuthImpl.PrincipalAuthenticatorImpl;
import com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.OID;
import org.omg.GSSUP.GSSUPMechOID;
import org.omg.SecurityLevel2.Credentials;
import org.omg.SecurityLevel2.PrincipalAuthenticator;
import org.omg.SecurityReplaceable.SecurityContext;

/* loaded from: input_file:efixes/PQ95485/components/prereq.wsadie.plugins/update.jar:/eclipse/plugins/com.ibm.websphere.v51_5.1.0.4/lib/sas.jar:com/ibm/ISecurityUtilityImpl/MechanismFactory.class */
public class MechanismFactory {
    private SecurityConfiguration secConfig;
    private VaultImpl vault;
    public static final String BasicAuthOverSSL = "1.1";
    public static final String BasicAuthOverSSLtoLTPA = "1.1.1";
    public static final String BasicAuthOverSSLtoLocalOS = "1.1.2";
    public static final String BasicAuthOverSSLtoDCE = "1.1.3";
    public static final String BasicAuthOverSSLtoCustom = "1.1.4";
    public static final String MutualSSL = "1.2";
    public static final String LTPAoverSSL = "1.3";
    public static final String LocalOSoverSSL = "1.4";
    public static final String GSSUPOverSSL = "1.5";
    public static final String GSSUPOverSSLtoLTPA = "1.5.1";
    public static final String GSSUPOverSSLtoLocalOS = "1.5.2";
    public static final String GSSUPOverSSLtoDCE = "1.5.3";
    public static final String GSSUPOverSSLtoCustom = "1.5.4";
    public static final String GSSUPOverSSLtoKRB5 = "1.5.5";
    public static final String Kerberos5overSSL = "1.6";
    public static final String CustomoverSSL = "1.7";
    public static final String BasicAuthOverIPSec = "2.1";
    public static final String MutualIPSec = "2.2";
    public static final String DCEKerberos = "3.1";
    public static final String ClientCerttoDCEKerberos = "3.2";
    public static final String Kerberos5 = "4.1";
    public static final String ClientCerttoKerberos5 = "4.2";
    public static final String ClientCerttoCustom = "4.3";
    public static final String LTPAoverTCP = "5.1";
    public static final String LocalOSoverTCP = "5.2";
    public static final String BasicAuthOverTCPtoLTPA = "5.3";
    public static final String BasicAuthOverTCPtoLocalOS = "5.4";
    public static final String BasicAuthOverTCPtoDCE = "5.5";
    public static final String BasicAuthOverTCP = "5.6";
    public static final String GSSUPOverTCPtoLTPA = "5.7.1";
    public static final String GSSUPOverTCPtoLocalOS = "5.7.2";
    public static final String GSSUPOverTCPtoDCE = "5.7.3";
    public static final String GSSUPOverTCP = "5.7.4";
    public static final String GSSUPOverTCPtoCustom = "5.7.5";
    public static final String GSSUPOverTCPtoKRB5 = "5.7.6";
    public static final String Kerberos5overTCP = "5.8";
    public static final String CustomoverTCP = "5.9";
    public static final String UnauthenticatedOverSSL = "6.1";

    protected MechanismFactory() {
        this.secConfig = null;
        this.vault = null;
    }

    public MechanismFactory(SecurityConfiguration securityConfiguration) {
        this.secConfig = null;
        this.vault = null;
        this.secConfig = securityConfiguration;
    }

    public VaultImpl getVault() {
        if (this.vault == null) {
            this.vault = VaultImpl.getInstance();
        }
        return this.vault;
    }

    public String getMechanismTypeIdentity() throws MechanismAmbiguityException {
        if (!this.secConfig.getProtocol().equalsIgnoreCase(SecurityProtocol.IBMString) && this.secConfig.getProtocol().equalsIgnoreCase(SecurityProtocol.CSIV2String)) {
            return getMechanismTypeIdentity(2);
        }
        return getMechanismTypeIdentity(1);
    }

    public String getMechanismTypeIdentity(int i) throws MechanismAmbiguityException {
        return getMechanismTypeIdentity(i, GSSUPMechOID.value);
    }

    public String getMechanismTypeIdentity(int i, String str) throws MechanismAmbiguityException {
        String str2;
        String str3;
        if (i == 1) {
            if (this.secConfig.SSLTypeIClientAssociationEnabled()) {
                if (this.secConfig.getauthenticationTarget() == 1 && str.compareTo("oid:1.3.18.0.2.30.2") == 0) {
                    str2 = "1.3";
                    str3 = "LTPAoverSSL";
                } else if (this.secConfig.getauthenticationTarget() == 1 && str.compareTo(GSSUPMechOID.value) == 0) {
                    str2 = BasicAuthOverSSLtoLTPA;
                    str3 = "BasicAuthOverSSLtoLTPA";
                } else if (this.secConfig.getauthenticationTarget() == 2) {
                    str2 = BasicAuthOverSSLtoLocalOS;
                    str3 = "BasicAuthOverSSLtoLocalOS";
                } else {
                    if (this.secConfig.getauthenticationTarget() != 4) {
                        throw new MechanismAmbiguityException();
                    }
                    str2 = "1.1";
                    str3 = "BasicAuthOverSSL";
                }
            } else if (this.secConfig.getauthenticationTarget() == 1 && str.compareTo("oid:1.3.18.0.2.30.2") == 0) {
                str2 = LTPAoverTCP;
                str3 = "LTPAoverTCP";
            } else if (this.secConfig.getauthenticationTarget() == 1 && str.compareTo(GSSUPMechOID.value) == 0) {
                str2 = BasicAuthOverTCPtoLTPA;
                str3 = "BasicAuthOverTCPtoLTPA";
            } else if (this.secConfig.getauthenticationTarget() == 2) {
                str2 = BasicAuthOverTCPtoLocalOS;
                str3 = "BasicAuthOverTCPtoLocalOS";
            } else {
                if (this.secConfig.getauthenticationTarget() != 4) {
                    throw new MechanismAmbiguityException();
                }
                str2 = BasicAuthOverTCP;
                str3 = "BasicAuthOverTCP";
            }
        } else {
            if (i != 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getMechanismTypeIdentity", "A specific protocol must be passed into this method, type \"both\" is not allowed here.");
                }
                throw new MechanismAmbiguityException();
            }
            if (this.secConfig.getCSIv2ClaimTransportAssocSSLTLSRequired() || this.secConfig.getCSIv2ClaimTransportAssocSSLTLSSupported()) {
                if (this.secConfig.getauthenticationTarget() == 1 && str.compareTo("oid:1.3.18.0.2.30.2") == 0) {
                    str2 = "1.3";
                    str3 = "LTPAoverSSL";
                } else if (this.secConfig.getauthenticationTarget() == 1 && str.compareTo(GSSUPMechOID.value) == 0) {
                    str2 = GSSUPOverSSLtoLTPA;
                    str3 = "GSSUPOverSSLtoLTPA";
                } else if (this.secConfig.getauthenticationTarget() == 2) {
                    str2 = GSSUPOverSSLtoLocalOS;
                    str3 = "GSSUPOverSSLtoLocalOS";
                } else if (this.secConfig.getauthenticationTarget() == 4) {
                    str2 = "1.5";
                    str3 = "GSSUPOverSSL";
                } else if (this.secConfig.getauthenticationTarget() == 8) {
                    str2 = GSSUPOverSSLtoCustom;
                    str3 = "GSSUPOverSSLtoCustom";
                } else {
                    if (this.secConfig.getauthenticationTarget() != 6) {
                        throw new MechanismAmbiguityException();
                    }
                    str2 = GSSUPOverSSLtoKRB5;
                    str3 = "GSSUPOverSSLtoKRB5";
                }
            } else if (this.secConfig.getauthenticationTarget() == 1 && str.compareTo("oid:1.3.18.0.2.30.2") == 0) {
                str2 = LTPAoverTCP;
                str3 = "LTPAoverTCP";
            } else if (this.secConfig.getauthenticationTarget() == 1 && str.compareTo(GSSUPMechOID.value) == 0) {
                str2 = GSSUPOverTCPtoLTPA;
                str3 = "GSSUPOverTCPtoLTPA";
            } else if (this.secConfig.getauthenticationTarget() == 2) {
                str2 = GSSUPOverTCPtoLocalOS;
                str3 = "GSSUPOverTCPtoLocalOS";
            } else if (this.secConfig.getauthenticationTarget() == 4) {
                str2 = GSSUPOverTCP;
                str3 = "GSSUPOverTCP";
            } else if (this.secConfig.getauthenticationTarget() == 8) {
                str2 = GSSUPOverTCPtoCustom;
                str3 = "GSSUPOverTCPtoCustom";
            } else {
                if (this.secConfig.getauthenticationTarget() != 6) {
                    throw new MechanismAmbiguityException();
                }
                str2 = GSSUPOverTCPtoKRB5;
                str3 = "GSSUPOverTCPtoKRB5";
            }
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("MechanismFactory.getMechanismTypeIdentity", new StringBuffer().append("Returning mechanism type: ").append(str3).toString());
        }
        return str2;
    }

    public PrincipalAuthenticator getPrincipalAuthenticator(Vault vault) throws MechanismAmbiguityException {
        return this.secConfig.getProtocol().equalsIgnoreCase(SecurityProtocol.IBMString) ? getPrincipalAuthenticator(1) : this.secConfig.getProtocol().equalsIgnoreCase(SecurityProtocol.CSIV2String) ? getPrincipalAuthenticator(2) : getPrincipalAuthenticator(2);
    }

    public PrincipalAuthenticator getPrincipalAuthenticator(int i) throws MechanismAmbiguityException {
        PrincipalAuthenticatorImpl principalAuthenticatorImpl;
        if (i == 1) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getPrincipalAuthenticator", "Returning BasicAuth PrincipalAuthenticator.");
            }
            principalAuthenticatorImpl = new PrincipalAuthenticatorImpl(getVault());
        } else {
            if (i != 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getPrincipalAuthenticator", "A specific protocol must be passed into this method, type \"both\" is not allowed here.");
                }
                throw new MechanismAmbiguityException();
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getPrincipalAuthenticator", "Returning GSSUP PrincipalAuthenticator.");
            }
            principalAuthenticatorImpl = new PrincipalAuthenticatorImpl(getVault());
        }
        return principalAuthenticatorImpl;
    }

    public PrincipalAuthenticator getPrincipalAuthenticator(Vault vault, int i) throws MechanismAmbiguityException {
        return this.secConfig.getProtocol().equalsIgnoreCase(SecurityProtocol.IBMString) ? getPrincipalAuthenticator(i, 1) : this.secConfig.getProtocol().equalsIgnoreCase(SecurityProtocol.CSIV2String) ? getPrincipalAuthenticator(i, 2) : getPrincipalAuthenticator(i, 2);
    }

    public PrincipalAuthenticator getPrincipalAuthenticator(int i, int i2) throws MechanismAmbiguityException {
        com.ibm.IExtendedSecurity.PrincipalAuthenticator principalAuthenticatorImpl;
        if (i == 2) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getPrincipalAuthenticator", "Returning LocalOS PrincipalAuthenticator.");
            }
            principalAuthenticatorImpl = new com.ibm.ISecurityLocalObjectLocalOSImpl.PrincipalAuthenticatorImpl(getVault());
        } else if (i != 4) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getPrincipalAuthenticator", "Returning TokenBase PrincipalAuthenticator.");
            }
            principalAuthenticatorImpl = (i2 == 2 || i2 == 3) ? new com.ibm.ISecurityLocalObjectTokenBaseImpl.PrincipalAuthenticatorImpl(getVault(), i) : new com.ibm.ISecurityLocalObjectLTPAImpl.PrincipalAuthenticatorImpl(getVault());
        } else if (i2 == 1) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getPrincipalAuthenticator", "Returning BasicAuth PrincipalAuthenticator.");
            }
            principalAuthenticatorImpl = new PrincipalAuthenticatorImpl(getVault());
        } else {
            if (i2 != 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getPrincipalAuthenticator", "A specific protocol must be passed into this method, type \"both\" is not allowed here.");
                }
                throw new MechanismAmbiguityException();
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getPrincipalAuthenticator", "Returning GSSUP PrincipalAuthenticator.");
            }
            principalAuthenticatorImpl = new PrincipalAuthenticatorImpl(getVault());
        }
        return principalAuthenticatorImpl;
    }

    public SecurityContext getSecurityContext(Vault vault, Credentials credentials, String str) throws MechanismAmbiguityException {
        return getSecurityContext(vault, credentials, str, 1);
    }

    public SecurityContext getSecurityContext(Vault vault, Credentials credentials, String str, int i) throws MechanismAmbiguityException {
        SecurityContextImpl securityContextImpl = null;
        if (credentials instanceof CredentialsImpl) {
            if (i == 1) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning BasicAuth SecurityContext.");
                }
                securityContextImpl = new com.ibm.ISecurityLocalObjectBasicAuthImpl.SecurityContextImpl(getVault(), str);
            } else if (i == 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning GSSUP SecurityContext.");
                }
                securityContextImpl = OID.compareOIDs(((com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl) credentials).getOID(), GSSUPMechOID.value) ? new com.ibm.ISecurityLocalObjectGSSUPImpl.SecurityContextImpl(getVault(), str) : new com.ibm.ISecurityLocalObjectTokenBaseImpl.SecurityContextImpl(getVault(), str);
            }
        } else if (credentials instanceof com.ibm.ISecurityLocalObjectLTPAImpl.CredentialsImpl) {
            SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning LTPA SecurityContext.");
            securityContextImpl = i == 2 ? new com.ibm.ISecurityLocalObjectTokenBaseImpl.SecurityContextImpl(getVault(), str) : new com.ibm.ISecurityLocalObjectLTPAImpl.SecurityContextImpl(getVault(), str);
        } else if (credentials instanceof com.ibm.ISecurityLocalObjectTokenBaseImpl.CredentialsImpl) {
            SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning TokenBase SecurityContext.");
            securityContextImpl = i == 2 ? new com.ibm.ISecurityLocalObjectTokenBaseImpl.SecurityContextImpl(getVault(), str) : new com.ibm.ISecurityLocalObjectLTPAImpl.SecurityContextImpl(getVault(), str);
        } else {
            if (!(credentials instanceof com.ibm.ISecurityLocalObjectLocalOSImpl.CredentialsImpl)) {
                throw new MechanismAmbiguityException();
            }
            SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning LocalOS SecurityContext.");
            securityContextImpl = i == 2 ? new com.ibm.ISecurityLocalObjectTokenBaseImpl.SecurityContextImpl(getVault(), str) : new com.ibm.ISecurityLocalObjectLocalOSImpl.SecurityContextImpl(getVault(), str);
        }
        return securityContextImpl;
    }

    public SecurityContext getSecurityContext(Vault vault, String str, String str2) throws MechanismAmbiguityException {
        if (!this.secConfig.getProtocol().equalsIgnoreCase(SecurityProtocol.IBMString) && this.secConfig.getProtocol().equalsIgnoreCase(SecurityProtocol.CSIV2String)) {
            return getSecurityContext(str, str2, 2);
        }
        return getSecurityContext(str, str2, 1);
    }

    public SecurityContext getSecurityContext(String str, String str2, int i) throws MechanismAmbiguityException {
        SecurityContextImpl securityContextImpl;
        if (str.equals(VaultConstants.LTPA_MECH_TYPE)) {
            if (i == 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning Token Base SecurityContext.");
                }
                securityContextImpl = new com.ibm.ISecurityLocalObjectTokenBaseImpl.SecurityContextImpl(getVault(), str2, str);
            } else {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning LTPA SecurityContext.");
                }
                securityContextImpl = new com.ibm.ISecurityLocalObjectLTPAImpl.SecurityContextImpl(getVault(), str2);
            }
        } else if (str.equals(VaultConstants.LOCAL_OS_MECH_TYPE)) {
            if (i == 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning Token Base SecurityContext.");
                }
                securityContextImpl = new com.ibm.ISecurityLocalObjectTokenBaseImpl.SecurityContextImpl(getVault(), str2, str);
            } else {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning LocalOS SecurityContext.");
                }
                securityContextImpl = new com.ibm.ISecurityLocalObjectLocalOSImpl.SecurityContextImpl(getVault(), str2);
            }
        } else if (str.equals(VaultConstants.CUSTOM_MECH_TYPE)) {
            if (i != 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "The custom mechanism is not supported for the IBM protocol.");
                }
                throw new MechanismAmbiguityException();
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning Token Base SecurityContext.");
            }
            securityContextImpl = new com.ibm.ISecurityLocalObjectTokenBaseImpl.SecurityContextImpl(getVault(), str2, str);
        } else if (str.equals(VaultConstants.KRB5_MECH_TYPE)) {
            if (i != 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Kerberos mechanism is not supported.");
                }
                throw new MechanismAmbiguityException();
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning Token Base SecurityContext.");
            }
            securityContextImpl = new com.ibm.ISecurityLocalObjectTokenBaseImpl.SecurityContextImpl(getVault(), str2, str);
        } else if (str.equals(VaultConstants.CLIENT_CERT_MECH_TYPE)) {
            if (i != 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Client certificate type mechanism is not supported.");
                }
                throw new MechanismAmbiguityException();
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning TokenBase SecurityContext.");
            }
            securityContextImpl = new com.ibm.ISecurityLocalObjectTokenBaseImpl.SecurityContextImpl(getVault(), str2, str);
        } else if (i == 1) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning BasicAuth SecurityContext.");
            }
            securityContextImpl = new com.ibm.ISecurityLocalObjectBasicAuthImpl.SecurityContextImpl(getVault(), str2);
        } else {
            if (i != 2) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "A specific protocol must be passed into this method, type \"both\" is not allowed here.");
                }
                throw new MechanismAmbiguityException();
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("MechanismFactory.getSecurityContext", "Returning GSSUP SecurityContext.");
            }
            securityContextImpl = new com.ibm.ISecurityLocalObjectGSSUPImpl.SecurityContextImpl(getVault(), str2);
        }
        return securityContextImpl;
    }
}
