package org.apache.ws.security;

import java.lang.reflect.Field;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.Security;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.action.Action;
import org.apache.ws.security.action.EncryptionAction;
import org.apache.ws.security.action.SAMLTokenSignedAction;
import org.apache.ws.security.action.SAMLTokenUnsignedAction;
import org.apache.ws.security.action.SignatureAction;
import org.apache.ws.security.action.SignatureConfirmationAction;
import org.apache.ws.security.action.TimestampAction;
import org.apache.ws.security.action.UsernameTokenAction;
import org.apache.ws.security.action.UsernameTokenSignedAction;
import org.apache.ws.security.processor.BinarySecurityTokenProcessor;
import org.apache.ws.security.processor.DerivedKeyTokenProcessor;
import org.apache.ws.security.processor.EncryptedAssertionProcessor;
import org.apache.ws.security.processor.EncryptedDataProcessor;
import org.apache.ws.security.processor.EncryptedKeyProcessor;
import org.apache.ws.security.processor.Processor;
import org.apache.ws.security.processor.ReferenceListProcessor;
import org.apache.ws.security.processor.SAMLTokenProcessor;
import org.apache.ws.security.processor.SecurityContextTokenProcessor;
import org.apache.ws.security.processor.SignatureConfirmationProcessor;
import org.apache.ws.security.processor.SignatureProcessor;
import org.apache.ws.security.processor.TimestampProcessor;
import org.apache.ws.security.processor.UsernameTokenProcessor;
import org.apache.ws.security.transform.STRTransformProvider;
import org.apache.ws.security.util.Loader;
import org.apache.ws.security.util.UUIDGenerator;
import org.apache.ws.security.util.WSCurrentTimeSource;
import org.apache.ws.security.util.WSTimeSource;
import org.apache.ws.security.validate.SamlAssertionValidator;
import org.apache.ws.security.validate.SignatureTrustValidator;
import org.apache.ws.security.validate.TimestampValidator;
import org.apache.ws.security.validate.UsernameTokenValidator;
import org.apache.ws.security.validate.Validator;
import org.apache.xml.security.Init;
import org.apache.xml.security.utils.XMLUtils;

/* loaded from: input_file:wss4j-1.6.17.redhat-1.jar:org/apache/ws/security/WSSConfig.class */
public class WSSConfig {
    private static final Log LOG = LogFactory.getLog(WSSConfig.class);
    private static final Map<Integer, Class<?>> DEFAULT_ACTIONS;
    private static final Map<QName, Class<?>> DEFAULT_PROCESSORS;
    private static final Map<QName, Class<?>> DEFAULT_VALIDATORS;
    private WSTimeSource currentTime;
    public static final WsuIdAllocator DEFAULT_ID_ALLOCATOR;
    private static boolean addJceProviders;
    private static boolean staticallyInitialized;
    protected boolean wsiBSPCompliant = true;
    protected boolean precisionInMilliSeconds = true;
    protected boolean enableSignatureConfirmation = false;
    protected boolean timeStampStrict = true;
    protected String requiredPasswordType = null;
    protected boolean allowUsernameTokenNoPassword = false;
    protected int timeStampTTL = 300;
    protected int timeStampFutureTTL = 60;
    protected int utTTL = 300;
    protected int utFutureTTL = 60;
    protected boolean handleCustomPasswordTypes = false;
    protected boolean allowNamespaceQualifiedPasswordTypes = false;
    protected int secretKeyLength = 16;
    protected boolean passwordsAreEncoded = false;
    protected WsuIdAllocator idAllocator = DEFAULT_ID_ALLOCATOR;
    private final Map<Integer, Object> actionMap = new HashMap(DEFAULT_ACTIONS);
    private final Map<QName, Object> processorMap = new HashMap(DEFAULT_PROCESSORS);
    private final Map<QName, Object> validatorMap = new HashMap(DEFAULT_VALIDATORS);

    public static void setAddJceProviders(boolean z) {
        addJceProviders = z;
    }

    private static void setXmlSecIgnoreLineBreak() {
        boolean z = false;
        try {
            z = ((Boolean) AccessController.doPrivileged(new PrivilegedAction<Boolean>() { // from class: org.apache.ws.security.WSSConfig.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public Boolean run() {
                    if (System.getProperty("org.apache.xml.security.ignoreLineBreaks") != null) {
                        return true;
                    }
                    System.setProperty("org.apache.xml.security.ignoreLineBreaks", "true");
                    return false;
                }
            })).booleanValue();
        } catch (Throwable th) {
        }
        Init.init();
        if (z) {
            return;
        }
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction<Boolean>() { // from class: org.apache.ws.security.WSSConfig.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Boolean run() throws Exception {
                    Field declaredField = XMLUtils.class.getDeclaredField("ignoreLineBreaks");
                    declaredField.setAccessible(true);
                    declaredField.set(null, Boolean.TRUE);
                    return false;
                }
            });
        } catch (Throwable th2) {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void useIvParameterSpec() {
        try {
            AccessController.doPrivileged(new PrivilegedAction<Boolean>() { // from class: org.apache.ws.security.WSSConfig.4
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public Boolean run() {
                    if (System.getProperty("org.apache.xml.security.cipher.gcm.useIvParameterSpec") != null) {
                        return true;
                    }
                    System.setProperty("org.apache.xml.security.cipher.gcm.useIvParameterSpec", "true");
                    return false;
                }
            });
        } catch (Throwable th) {
        }
    }

    public static synchronized void init() {
        if (staticallyInitialized) {
            return;
        }
        if (addJceProviders) {
            setXmlSecIgnoreLineBreak();
            AccessController.doPrivileged(new PrivilegedAction<Boolean>() { // from class: org.apache.ws.security.WSSConfig.5
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public Boolean run() {
                    WSSConfig.addXMLDSigRI();
                    String addJceProvider = WSSConfig.addJceProvider("BC", "org.bouncycastle.jce.provider.BouncyCastleProvider");
                    if (addJceProvider != null && Security.getProvider(addJceProvider).getInfo().contains("v1.49")) {
                        WSSConfig.useIvParameterSpec();
                    }
                    Security.removeProvider("STRTransform");
                    WSSConfig.appendJceProvider("STRTransform", new STRTransformProvider());
                    return true;
                }
            });
        }
        staticallyInitialized = true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void addXMLDSigRI() {
        try {
            addXMLDSigRIInternal();
        } catch (Throwable th) {
        }
    }

    public static void addXMLDSigRIInternal() {
        addJceProvider("ApacheXMLDSig", SantuarioUtil.getSantuarioProvider());
    }

    public static WSSConfig getNewInstance() {
        init();
        return new WSSConfig();
    }

    public boolean isWsiBSPCompliant() {
        return this.wsiBSPCompliant;
    }

    public void setWsiBSPCompliant(boolean z) {
        this.wsiBSPCompliant = z;
    }

    public boolean isPrecisionInMilliSeconds() {
        return this.precisionInMilliSeconds;
    }

    public void setPrecisionInMilliSeconds(boolean z) {
        this.precisionInMilliSeconds = z;
    }

    public boolean isEnableSignatureConfirmation() {
        return this.enableSignatureConfirmation;
    }

    public void setEnableSignatureConfirmation(boolean z) {
        this.enableSignatureConfirmation = z;
    }

    public void setHandleCustomPasswordTypes(boolean z) {
        this.handleCustomPasswordTypes = z;
    }

    public boolean getHandleCustomPasswordTypes() {
        return this.handleCustomPasswordTypes;
    }

    public void setAllowNamespaceQualifiedPasswordTypes(boolean z) {
        this.allowNamespaceQualifiedPasswordTypes = z;
    }

    public boolean getAllowNamespaceQualifiedPasswordTypes() {
        return this.allowNamespaceQualifiedPasswordTypes;
    }

    public boolean isTimeStampStrict() {
        return this.timeStampStrict;
    }

    public void setTimeStampStrict(boolean z) {
        this.timeStampStrict = z;
    }

    public String getRequiredPasswordType() {
        return this.requiredPasswordType;
    }

    public void setRequiredPasswordType(String str) {
        this.requiredPasswordType = str;
    }

    public int getTimeStampTTL() {
        return this.timeStampTTL;
    }

    public void setTimeStampTTL(int i) {
        this.timeStampTTL = i;
    }

    public int getTimeStampFutureTTL() {
        return this.timeStampFutureTTL;
    }

    public void setTimeStampFutureTTL(int i) {
        this.timeStampFutureTTL = i;
    }

    public void setSecretKeyLength(int i) {
        this.secretKeyLength = i;
    }

    public int getSecretKeyLength() {
        return this.secretKeyLength;
    }

    public void setPasswordsAreEncoded(boolean z) {
        this.passwordsAreEncoded = z;
    }

    public boolean getPasswordsAreEncoded() {
        return this.passwordsAreEncoded;
    }

    public WsuIdAllocator getIdAllocator() {
        return this.idAllocator;
    }

    public void setIdAllocator(WsuIdAllocator wsuIdAllocator) {
        this.idAllocator = wsuIdAllocator;
    }

    public Class<?> setAction(int i, Action action) {
        Object put = this.actionMap.put(Integer.valueOf(i), action);
        if (put instanceof Class) {
            return (Class) put;
        }
        if (put instanceof Action) {
            return put.getClass();
        }
        return null;
    }

    public Class<?> setAction(int i, Class<?> cls) {
        Object put = this.actionMap.put(Integer.valueOf(i), cls);
        if (put instanceof Class) {
            return (Class) put;
        }
        if (put instanceof Action) {
            return put.getClass();
        }
        return null;
    }

    public Action getAction(int i) throws WSSecurityException {
        Object obj = this.actionMap.get(Integer.valueOf(i));
        if (!(obj instanceof Class)) {
            if (obj instanceof Action) {
                return (Action) obj;
            }
            return null;
        }
        try {
            return (Action) ((Class) obj).newInstance();
        } catch (Throwable th) {
            if (LOG.isDebugEnabled()) {
                LOG.debug(th.getMessage(), th);
            }
            throw new WSSecurityException(0, "unableToLoadClass", new Object[]{((Class) obj).getName()}, th);
        }
    }

    public Class<?> setProcessor(QName qName, Processor processor) {
        Object put = this.processorMap.put(qName, processor);
        if (put instanceof Class) {
            return (Class) put;
        }
        if (put instanceof Processor) {
            return put.getClass();
        }
        return null;
    }

    public Class<?> setProcessor(QName qName, Class<?> cls) {
        Object put = this.processorMap.put(qName, cls);
        if (put instanceof Class) {
            return (Class) put;
        }
        if (put instanceof Processor) {
            return put.getClass();
        }
        return null;
    }

    public Class<?> setValidator(QName qName, Validator validator) {
        Object put = this.validatorMap.put(qName, validator);
        if (put instanceof Class) {
            return (Class) put;
        }
        if (put instanceof Validator) {
            return put.getClass();
        }
        return null;
    }

    public Class<?> setValidator(QName qName, Class<?> cls) {
        Object put = this.validatorMap.put(qName, cls);
        if (put instanceof Class) {
            return (Class) put;
        }
        if (put instanceof Validator) {
            return put.getClass();
        }
        return null;
    }

    public Validator getValidator(QName qName) throws WSSecurityException {
        Object obj = this.validatorMap.get(qName);
        if (!(obj instanceof Class)) {
            if (obj instanceof Validator) {
                return (Validator) obj;
            }
            return null;
        }
        try {
            return (Validator) ((Class) obj).newInstance();
        } catch (Throwable th) {
            if (LOG.isDebugEnabled()) {
                LOG.debug(th.getMessage(), th);
            }
            throw new WSSecurityException(0, "unableToLoadClass", new Object[]{((Class) obj).getName()}, th);
        }
    }

    public Processor getProcessor(QName qName) throws WSSecurityException {
        Object obj = this.processorMap.get(qName);
        if (!(obj instanceof Class)) {
            if (obj instanceof Processor) {
                return (Processor) obj;
            }
            return null;
        }
        try {
            return (Processor) ((Class) obj).newInstance();
        } catch (Throwable th) {
            if (LOG.isDebugEnabled()) {
                LOG.debug(th.getMessage(), th);
            }
            throw new WSSecurityException(0, "unableToLoadClass", new Object[]{((Class) obj).getName()}, th);
        }
    }

    public static String addJceProvider(String str, String str2) {
        Provider provider = Security.getProvider(str);
        if (provider != null) {
            return provider.getName();
        }
        try {
            return addJceProvider(str, (Provider) Loader.loadClass(str2, false, Provider.class).newInstance());
        } catch (Throwable th) {
            if (!LOG.isDebugEnabled()) {
                return null;
            }
            LOG.debug("The provider " + str + " could not be added: " + th.getMessage(), th);
            return null;
        }
    }

    public static String addJceProvider(String str, Provider provider) {
        Provider provider2 = Security.getProvider(str);
        if (provider2 != null) {
            return provider2.getName();
        }
        try {
            int i = 0;
            Provider[] providers = Security.getProviders();
            for (int i2 = 0; i2 < providers.length; i2++) {
                if ("SUN".equals(providers[i2].getName()) || "IBMJCE".equals(providers[i2].getName())) {
                    i = Security.insertProviderAt(provider, i2 + 2);
                    break;
                }
            }
            if (i == 0) {
                i = Security.insertProviderAt(provider, 2);
            }
            if (LOG.isDebugEnabled()) {
                LOG.debug("The provider " + provider.getName() + " - " + provider.getVersion() + " was added at position: " + i);
            }
            return provider.getName();
        } catch (Throwable th) {
            if (!LOG.isDebugEnabled()) {
                return null;
            }
            LOG.debug("The provider " + str + " could not be added: " + th.getMessage(), th);
            return null;
        }
    }

    public static String appendJceProvider(String str, String str2) {
        Provider provider = Security.getProvider(str);
        if (provider != null) {
            return provider.getName();
        }
        try {
            Provider provider2 = (Provider) Loader.loadClass(str2, false, Provider.class).newInstance();
            int addProvider = Security.addProvider(provider2);
            if (LOG.isDebugEnabled()) {
                LOG.debug("The provider " + provider2.getName() + " was added at position: " + addProvider);
            }
            return provider2.getName();
        } catch (Throwable th) {
            if (!LOG.isDebugEnabled()) {
                return null;
            }
            LOG.debug("The provider " + str + " could not be added: " + th.getMessage(), th);
            return null;
        }
    }

    public static String appendJceProvider(String str, Provider provider) {
        Provider provider2 = Security.getProvider(str);
        if (provider2 != null) {
            return provider2.getName();
        }
        try {
            int addProvider = Security.addProvider(provider);
            if (LOG.isDebugEnabled()) {
                LOG.debug("The provider " + provider.getName() + " was added at position: " + addProvider);
            }
            return provider.getName();
        } catch (Throwable th) {
            if (!LOG.isDebugEnabled()) {
                return null;
            }
            LOG.debug("The provider " + str + " could not be added: " + th.getMessage(), th);
            return null;
        }
    }

    public boolean isAllowUsernameTokenNoPassword() {
        return this.allowUsernameTokenNoPassword;
    }

    public void setAllowUsernameTokenNoPassword(boolean z) {
        this.allowUsernameTokenNoPassword = z;
    }

    public int getUtTTL() {
        return this.utTTL;
    }

    public void setUtTTL(int i) {
        this.utTTL = i;
    }

    public int getUtFutureTTL() {
        return this.utFutureTTL;
    }

    public void setUtFutureTTL(int i) {
        this.utFutureTTL = i;
    }

    public WSTimeSource getCurrentTime() {
        return this.currentTime != null ? this.currentTime : new WSCurrentTimeSource();
    }

    public void setCurrentTime(WSTimeSource wSTimeSource) {
        this.currentTime = wSTimeSource;
    }

    static {
        HashMap hashMap = new HashMap();
        try {
            hashMap.put(1, UsernameTokenAction.class);
            hashMap.put(4, EncryptionAction.class);
            hashMap.put(2, SignatureAction.class);
            hashMap.put(16, SAMLTokenSignedAction.class);
            hashMap.put(8, SAMLTokenUnsignedAction.class);
            hashMap.put(32, TimestampAction.class);
            hashMap.put(64, UsernameTokenSignedAction.class);
            hashMap.put(128, SignatureConfirmationAction.class);
        } catch (Exception e) {
            if (LOG.isDebugEnabled()) {
                LOG.debug(e.getMessage(), e);
            }
        }
        DEFAULT_ACTIONS = Collections.unmodifiableMap(hashMap);
        HashMap hashMap2 = new HashMap();
        try {
            hashMap2.put(WSSecurityEngine.SAML_TOKEN, SAMLTokenProcessor.class);
            hashMap2.put(WSSecurityEngine.SAML2_TOKEN, SAMLTokenProcessor.class);
            hashMap2.put(WSSecurityEngine.ENCRYPTED_ASSERTION, EncryptedAssertionProcessor.class);
            hashMap2.put(WSSecurityEngine.ENCRYPTED_KEY, EncryptedKeyProcessor.class);
            hashMap2.put(WSSecurityEngine.SIGNATURE, SignatureProcessor.class);
            hashMap2.put(WSSecurityEngine.TIMESTAMP, TimestampProcessor.class);
            hashMap2.put(WSSecurityEngine.USERNAME_TOKEN, UsernameTokenProcessor.class);
            hashMap2.put(WSSecurityEngine.REFERENCE_LIST, ReferenceListProcessor.class);
            hashMap2.put(WSSecurityEngine.SIGNATURE_CONFIRMATION, SignatureConfirmationProcessor.class);
            hashMap2.put(WSSecurityEngine.DERIVED_KEY_TOKEN_05_02, DerivedKeyTokenProcessor.class);
            hashMap2.put(WSSecurityEngine.DERIVED_KEY_TOKEN_05_12, hashMap2.get(WSSecurityEngine.DERIVED_KEY_TOKEN_05_02));
            hashMap2.put(WSSecurityEngine.SECURITY_CONTEXT_TOKEN_05_02, SecurityContextTokenProcessor.class);
            hashMap2.put(WSSecurityEngine.SECURITY_CONTEXT_TOKEN_05_12, hashMap2.get(WSSecurityEngine.SECURITY_CONTEXT_TOKEN_05_02));
            hashMap2.put(WSSecurityEngine.BINARY_TOKEN, BinarySecurityTokenProcessor.class);
            hashMap2.put(WSSecurityEngine.ENCRYPTED_DATA, EncryptedDataProcessor.class);
        } catch (Exception e2) {
            if (LOG.isDebugEnabled()) {
                LOG.debug(e2.getMessage(), e2);
            }
        }
        DEFAULT_PROCESSORS = Collections.unmodifiableMap(hashMap2);
        HashMap hashMap3 = new HashMap();
        try {
            hashMap3.put(WSSecurityEngine.SAML_TOKEN, SamlAssertionValidator.class);
            hashMap3.put(WSSecurityEngine.SAML2_TOKEN, SamlAssertionValidator.class);
            hashMap3.put(WSSecurityEngine.SIGNATURE, SignatureTrustValidator.class);
            hashMap3.put(WSSecurityEngine.TIMESTAMP, TimestampValidator.class);
            hashMap3.put(WSSecurityEngine.USERNAME_TOKEN, UsernameTokenValidator.class);
        } catch (Exception e3) {
            if (LOG.isDebugEnabled()) {
                LOG.debug(e3.getMessage(), e3);
            }
        }
        DEFAULT_VALIDATORS = Collections.unmodifiableMap(hashMap3);
        DEFAULT_ID_ALLOCATOR = new WsuIdAllocator() { // from class: org.apache.ws.security.WSSConfig.1
            @Override // org.apache.ws.security.WsuIdAllocator
            public String createId(String str, Object obj) {
                return str == null ? "_" + UUIDGenerator.getUUID() : str + UUIDGenerator.getUUID();
            }

            @Override // org.apache.ws.security.WsuIdAllocator
            public String createSecureId(String str, Object obj) {
                return str == null ? UUIDGenerator.getUUID() : str + UUIDGenerator.getUUID();
            }
        };
        addJceProviders = true;
        staticallyInitialized = false;
    }
}
