package org.apache.ws.security.handler;

import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.Hashtable;
import java.util.Properties;
import java.util.Vector;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.action.Action;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.token.SignatureConfirmation;
import org.apache.ws.security.message.token.Timestamp;
import org.apache.ws.security.util.Loader;
import org.apache.ws.security.util.StringUtil;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.w3c.dom.Document;

/* loaded from: input_file:apache-servicemix-4.3.1-fuse-02-05/system/org/apache/ws/security/wss4j/1.5.9/wss4j-1.5.9.jar:org/apache/ws/security/handler/WSHandler.class */
public abstract class WSHandler {
    public static String DONE = "done";
    private static Log log;
    protected static final WSSecurityEngine secEngine;
    protected static Hashtable cryptos;
    private boolean doDebug = log.isDebugEnabled();
    static Class class$org$apache$ws$security$handler$WSHandler;

    /* JADX INFO: Access modifiers changed from: protected */
    public void doSenderAction(int i, Document document, RequestData requestData, Vector vector, boolean z) throws WSSecurityException {
        boolean decodeMustUnderstand = decodeMustUnderstand(requestData);
        WSSConfig wssConfig = requestData.getWssConfig();
        if (wssConfig == null) {
            wssConfig = secEngine.getWssConfig();
        }
        wssConfig.setEnableSignatureConfirmation(decodeEnableSignatureConfirmation(requestData) || (i & 128) != 0);
        wssConfig.setPrecisionInMilliSeconds(decodeTimestampPrecision(requestData));
        requestData.setWssConfig(wssConfig);
        String string = getString("actor", requestData.getMsgContext());
        requestData.setActor(string);
        WSSecHeader wSSecHeader = new WSSecHeader(string, decodeMustUnderstand);
        wSSecHeader.insertSecurityHeader(document);
        requestData.setSecHeader(wSSecHeader);
        requestData.setSoapConstants(WSSecurityUtil.getSOAPConstants(document.getDocumentElement()));
        if ((i & 1) == 1) {
            decodeUTParameter(requestData);
        }
        if ((i & 64) == 64) {
            decodeUTParameter(requestData);
            decodeSignatureParameter(requestData);
        }
        if ((i & 2) == 2) {
            requestData.setSigCrypto(loadSignatureCrypto(requestData));
            decodeSignatureParameter(requestData);
        }
        if ((i & 16) == 16) {
            decodeSignatureParameter(requestData);
        }
        if ((i & 4) == 4) {
            requestData.setEncCrypto(loadEncryptionCrypto(requestData));
            decodeEncryptionParameter(requestData);
        }
        if (requestData.getSignatureParts().isEmpty()) {
            requestData.getSignatureParts().add(new WSEncryptionPart(requestData.getSoapConstants().getBodyQName().getLocalPart(), requestData.getSoapConstants().getEnvelopeURI(), "Content"));
        }
        if (wssConfig.isEnableSignatureConfirmation() && !z) {
            if (!DONE.equals((String) getProperty(requestData.getMsgContext(), WSHandlerConstants.SIG_CONF_DONE)) && getProperty(requestData.getMsgContext(), WSHandlerConstants.RECV_RESULTS) != null) {
                wssConfig.getAction(128).execute(this, 128, document, requestData);
            }
        }
        for (int i2 = 0; i2 < vector.size(); i2++) {
            int intValue = ((Integer) vector.get(i2)).intValue();
            if (this.doDebug) {
                log.debug(new StringBuffer().append("Performing Action: ").append(intValue).toString());
            }
            switch (intValue) {
                case 1:
                case 2:
                case 4:
                case 8:
                case 16:
                case 32:
                case 64:
                    wssConfig.getAction(intValue).execute(this, intValue, document, requestData);
                    break;
                case 256:
                    requestData.setNoSerialization(true);
                    break;
                default:
                    Action action = null;
                    try {
                        action = wssConfig.getAction(intValue);
                    } catch (WSSecurityException e) {
                        log.warn(new StringBuffer().append("Error trying to locate a custom action (").append(intValue).append(")").toString(), e);
                    }
                    if (action != null) {
                        action.execute(this, intValue, document, requestData);
                        break;
                    } else {
                        break;
                    }
            }
        }
        if (wssConfig.isEnableSignatureConfirmation() && z && requestData.getSignatureValues().size() > 0) {
            Vector vector2 = (Vector) getProperty(requestData.getMsgContext(), WSHandlerConstants.SEND_SIGV);
            if (vector2 == null) {
                vector2 = new Vector();
                setProperty(requestData.getMsgContext(), WSHandlerConstants.SEND_SIGV, vector2);
            }
            vector2.addAll(requestData.getSignatureValues());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doReceiverAction(int i, RequestData requestData) throws WSSecurityException {
        WSSConfig wssConfig = requestData.getWssConfig();
        if (wssConfig == null) {
            wssConfig = secEngine.getWssConfig();
        }
        wssConfig.setEnableSignatureConfirmation(decodeEnableSignatureConfirmation(requestData) || (i & 128) != 0);
        wssConfig.setTimeStampStrict(decodeTimestampStrict(requestData));
        wssConfig.setHandleCustomPasswordTypes(decodeCustomPasswordTypes(requestData));
        wssConfig.setAllowNamespaceQualifiedPasswordTypes(decodeNamespaceQualifiedPasswordTypes(requestData));
        wssConfig.setSecretKeyLength(requestData.getSecretKeyLength());
        requestData.setWssConfig(wssConfig);
        if ((i & 2) == 2) {
            decodeSignatureParameter2(requestData);
        }
        if ((i & 16) == 16) {
            decodeSignatureParameter2(requestData);
        }
        if ((i & 4) == 4) {
            decodeDecryptionParameter(requestData);
        }
        if ((i & 256) == 256) {
            requestData.setNoSerialization(true);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkReceiverResults(Vector vector, Vector vector2) {
        int size = vector.size();
        int size2 = vector2.size();
        int i = 0;
        for (int i2 = 0; i2 < size; i2++) {
            int intValue = ((Integer) ((WSSecurityEngineResult) vector.get(i2)).get("action")).intValue();
            if (intValue != 128 && intValue != 4096) {
                if (i >= size2) {
                    return false;
                }
                int i3 = i;
                i++;
                if (((Integer) vector2.get(i3)).intValue() != intValue) {
                    return false;
                }
            }
        }
        return i == size2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkReceiverResultsAnyOrder(Vector vector, Vector vector2) {
        Vector vector3 = new Vector(vector2.size());
        for (int i = 0; i < vector2.size(); i++) {
            vector3.add((Integer) vector2.get(i));
        }
        for (int i2 = 0; i2 < vector.size(); i2++) {
            Integer num = (Integer) ((WSSecurityEngineResult) vector.get(i2)).get("action");
            int intValue = num.intValue();
            if (intValue != 128 && intValue != 4096 && !vector3.remove(num)) {
                return false;
            }
        }
        return vector3.isEmpty();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkSignatureConfirmation(RequestData requestData, Vector vector) throws WSSecurityException {
        if (this.doDebug) {
            log.debug("Check Signature confirmation");
        }
        Vector vector2 = (Vector) getProperty(requestData.getMsgContext(), WSHandlerConstants.SEND_SIGV);
        Vector vector3 = new Vector();
        WSSecurityUtil.fetchAllActionResults(vector, 128, vector3);
        for (int i = 0; i < vector3.size(); i++) {
            byte[] signatureValue = ((SignatureConfirmation) ((WSSecurityEngineResult) vector3.get(i)).get(WSSecurityEngineResult.TAG_SIGNATURE_CONFIRMATION)).getSignatureValue();
            if (signatureValue != null) {
                if (vector2 == null || vector2.size() == 0) {
                    if (signatureValue.length != 0) {
                        throw new WSSecurityException("WSHandler: Check Signature confirmation: got a SC element, but no stored SV");
                    }
                } else {
                    boolean z = false;
                    int i2 = 0;
                    while (true) {
                        if (i2 >= vector2.size()) {
                            break;
                        }
                        if (Arrays.equals(signatureValue, (byte[]) vector2.get(i2))) {
                            z = true;
                            vector2.remove(i2);
                            break;
                        }
                        i2++;
                    }
                    if (!z) {
                        throw new WSSecurityException("WSHandler: Check Signature confirmation: got SC element, but no matching SV");
                    }
                }
            }
        }
        if (requestData.isNoSerialization()) {
            return;
        }
        log.debug("Check Signature confirmation - last handler");
        if (vector2 != null && !vector2.isEmpty()) {
            throw new WSSecurityException("WSHandler: Check Signature confirmation: stored SV vector not empty");
        }
    }

    public Crypto loadSignatureCrypto(RequestData requestData) throws WSSecurityException {
        String string;
        Crypto crypto = null;
        String string2 = getString(WSHandlerConstants.SIG_PROP_FILE, requestData.getMsgContext());
        if (string2 != null) {
            crypto = (Crypto) cryptos.get(string2);
            if (crypto == null) {
                crypto = CryptoFactory.getInstance(string2, getClassLoader(requestData.getMsgContext()));
                cryptos.put(string2, crypto);
            }
        } else if (getString(WSHandlerConstants.SIG_PROP_REF_ID, requestData.getMsgContext()) != null && (string = getString(WSHandlerConstants.SIG_PROP_REF_ID, requestData.getMsgContext())) != null) {
            Object property = getProperty(requestData.getMsgContext(), string);
            if (property instanceof Properties) {
                crypto = (Crypto) cryptos.get(string);
                if (crypto == null) {
                    crypto = CryptoFactory.getInstance((Properties) property);
                    cryptos.put(string, crypto);
                }
            }
        }
        return crypto;
    }

    protected Crypto loadEncryptionCrypto(RequestData requestData) throws WSSecurityException {
        Crypto crypto = null;
        String string = getString(WSHandlerConstants.ENC_PROP_FILE, requestData.getMsgContext());
        if (string != null) {
            crypto = (Crypto) cryptos.get(string);
            if (crypto == null) {
                crypto = CryptoFactory.getInstance(string, getClassLoader(requestData.getMsgContext()));
                cryptos.put(string, crypto);
            }
        } else if (getString(WSHandlerConstants.ENC_PROP_REF_ID, requestData.getMsgContext()) != null) {
            String string2 = getString(WSHandlerConstants.ENC_PROP_REF_ID, requestData.getMsgContext());
            if (string2 != null) {
                Object property = getProperty(requestData.getMsgContext(), string2);
                if (property instanceof Properties) {
                    crypto = (Crypto) cryptos.get(string2);
                    if (crypto == null) {
                        crypto = CryptoFactory.getInstance((Properties) property);
                        cryptos.put(string2, crypto);
                    }
                }
            }
        } else if (requestData.getSigCrypto() != null) {
            crypto = requestData.getSigCrypto();
        }
        return crypto;
    }

    protected void decodeUTParameter(RequestData requestData) throws WSSecurityException {
        Object msgContext = requestData.getMsgContext();
        String string = getString("passwordType", msgContext);
        if (string != null) {
            if (WSConstants.PW_TEXT.equals(string)) {
                requestData.setPwType(WSConstants.PASSWORD_TEXT);
            } else if (WSConstants.PW_DIGEST.equals(string)) {
                requestData.setPwType(WSConstants.PASSWORD_DIGEST);
            } else {
                if (!WSConstants.PW_NONE.equals(string)) {
                    throw new WSSecurityException(new StringBuffer().append("Unknown password type encoding: ").append(string).toString());
                }
                requestData.setPwType(null);
            }
        }
        String string2 = getString(WSHandlerConstants.ADD_UT_ELEMENTS, msgContext);
        if (string2 != null) {
            requestData.setUtElements(StringUtil.split(string2, ' '));
        }
        boolean booleanValue = Boolean.valueOf(getString(WSHandlerConstants.USE_DERIVED_KEY, msgContext)).booleanValue();
        if (booleanValue) {
            requestData.setUseDerivedKey(booleanValue);
        }
        boolean booleanValue2 = Boolean.valueOf(getString(WSHandlerConstants.USE_DERIVED_KEY, msgContext)).booleanValue();
        if (booleanValue2) {
            requestData.setUseDerivedKeyForMAC(booleanValue2);
        }
        String string3 = getString(WSHandlerConstants.DERIVED_KEY_ITERATIONS, msgContext);
        if (string3 != null) {
            requestData.setDerivedKeyIterations(Integer.parseInt(string3));
        }
    }

    protected void decodeSignatureParameter(RequestData requestData) throws WSSecurityException {
        Object msgContext = requestData.getMsgContext();
        String string = getString(WSHandlerConstants.SIGNATURE_USER, msgContext);
        if (string != null) {
            requestData.setSignatureUser(string);
        } else {
            requestData.setSignatureUser(requestData.getUsername());
        }
        String string2 = getString(WSHandlerConstants.SIG_KEY_ID, msgContext);
        if (string2 != null) {
            Integer num = (Integer) WSHandlerConstants.keyIdentifier.get(string2);
            if (num == null) {
                throw new WSSecurityException("WSHandler: Signature: unknown key identification");
            }
            int intValue = num.intValue();
            if (intValue != 2 && intValue != 1 && intValue != 3 && intValue != 4 && intValue != 8 && intValue != 10) {
                throw new WSSecurityException("WSHandler: Signature: illegal key identification");
            }
            requestData.setSigKeyId(intValue);
        }
        requestData.setSigAlgorithm(getString(WSHandlerConstants.SIG_ALGO, msgContext));
        requestData.setSigDigestAlgorithm(getString(WSHandlerConstants.SIG_DIGEST_ALGO, msgContext));
        String string3 = getString(WSHandlerConstants.SIGNATURE_PARTS, msgContext);
        if (string3 != null) {
            splitEncParts(string3, requestData.getSignatureParts(), requestData);
        }
        String string4 = getString(WSHandlerConstants.WSE_SECRET_KEY_LENGTH, msgContext);
        if (string4 != null) {
            requestData.setSecretKeyLength(Integer.parseInt(string4));
        }
    }

    protected void decodeEncryptionParameter(RequestData requestData) throws WSSecurityException {
        Object msgContext = requestData.getMsgContext();
        String string = getString(WSHandlerConstants.ENCRYPTION_USER, msgContext);
        if (string != null) {
            requestData.setEncUser(string);
        } else {
            requestData.setEncUser(requestData.getUsername());
        }
        if (requestData.getEncUser() == null) {
            throw new WSSecurityException("WSHandler: Encryption: no username");
        }
        handleSpecialUser(requestData);
        String string2 = getString(WSHandlerConstants.ENC_KEY_ID, msgContext);
        if (string2 != null) {
            Integer num = (Integer) WSHandlerConstants.keyIdentifier.get(string2);
            if (num == null) {
                throw new WSSecurityException("WSHandler: Encryption: unknown key identification");
            }
            int intValue = num.intValue();
            requestData.setEncKeyId(intValue);
            if (intValue != 2 && intValue != 3 && intValue != 4 && intValue != 1 && intValue != 5 && intValue != 8 && intValue != 10) {
                throw new WSSecurityException("WSHandler: Encryption: illegal key identification");
            }
        }
        requestData.setEncSymmAlgo(getString(WSHandlerConstants.ENC_SYM_ALGO, msgContext));
        requestData.setEncKeyTransport(getString(WSHandlerConstants.ENC_KEY_TRANSPORT, msgContext));
        String string3 = getString(WSHandlerConstants.ENC_SYM_ENC_KEY, msgContext);
        if (string3 != null) {
            requestData.setEncryptSymmetricEncryptionKey(Boolean.valueOf(string3).booleanValue());
        }
        String string4 = getString(WSHandlerConstants.ENCRYPTION_PARTS, msgContext);
        if (string4 != null) {
            splitEncParts(string4, requestData.getEncryptParts(), requestData);
        }
    }

    protected boolean decodeMustUnderstand(RequestData requestData) throws WSSecurityException {
        String string = getString("mustUnderstand", requestData.getMsgContext());
        if (string == null) {
            return true;
        }
        if ("0".equals(string) || "false".equals(string)) {
            return false;
        }
        if ("1".equals(string) || "true".equals(string)) {
            return true;
        }
        throw new WSSecurityException("WSHandler: illegal mustUnderstand parameter");
    }

    public int decodeTimeToLive(RequestData requestData) {
        String string = getString("timeToLive", requestData.getMsgContext());
        int i = 0;
        if (string != null) {
            try {
                i = Integer.parseInt(string);
            } catch (NumberFormatException e) {
                i = requestData.getTimeToLive();
            }
        }
        if (i <= 0) {
            i = requestData.getTimeToLive();
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean decodeEnableSignatureConfirmation(RequestData requestData) throws WSSecurityException {
        String string = getString(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION, requestData.getMsgContext());
        if (string == null) {
            return true;
        }
        if ("0".equals(string) || "false".equals(string)) {
            return false;
        }
        if ("1".equals(string) || "true".equals(string)) {
            return true;
        }
        throw new WSSecurityException("WSHandler: illegal enableSignatureConfirmation parameter");
    }

    protected boolean decodeTimestampPrecision(RequestData requestData) throws WSSecurityException {
        String string = getString(WSHandlerConstants.TIMESTAMP_PRECISION, requestData.getMsgContext());
        if (string == null) {
            return true;
        }
        if ("0".equals(string) || "false".equals(string)) {
            return false;
        }
        if ("1".equals(string) || "true".equals(string)) {
            return true;
        }
        throw new WSSecurityException("WSHandler: illegal precisionInMilliSeconds parameter");
    }

    protected boolean decodeCustomPasswordTypes(RequestData requestData) throws WSSecurityException {
        String string = getString(WSHandlerConstants.HANDLE_CUSTOM_PASSWORD_TYPES, requestData.getMsgContext());
        if (string == null || "0".equals(string) || "false".equals(string)) {
            return false;
        }
        if ("1".equals(string) || "true".equals(string)) {
            return true;
        }
        throw new WSSecurityException("WSHandler: illegal handleCustomPasswordTypes parameter");
    }

    protected boolean decodeNamespaceQualifiedPasswordTypes(RequestData requestData) throws WSSecurityException {
        String string = getString(WSHandlerConstants.ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES, requestData.getMsgContext());
        if (string == null || "0".equals(string) || "false".equals(string)) {
            return false;
        }
        if ("1".equals(string) || "true".equals(string)) {
            return true;
        }
        throw new WSSecurityException("WSHandler: illegal allowNamespaceQualifiedPasswordTypes parameter");
    }

    protected boolean decodeTimestampStrict(RequestData requestData) throws WSSecurityException {
        String string = getString(WSHandlerConstants.TIMESTAMP_STRICT, requestData.getMsgContext());
        if (string == null) {
            return true;
        }
        if ("0".equals(string) || "false".equals(string)) {
            return false;
        }
        if ("1".equals(string) || "true".equals(string)) {
            return true;
        }
        throw new WSSecurityException("WSHandler: illegal timestampStrict parameter");
    }

    public WSPasswordCallback getPassword(String str, int i, String str2, String str3, RequestData requestData) throws WSSecurityException {
        WSPasswordCallback constructPasswordCallback;
        Object msgContext = requestData.getMsgContext();
        String string = getString(str2, msgContext);
        if (string != null) {
            constructPasswordCallback = readPwViaCallbackClass(string, str, i, requestData);
        } else {
            CallbackHandler callbackHandler = (CallbackHandler) getOption(str3);
            if (callbackHandler == null) {
                callbackHandler = (CallbackHandler) getProperty(msgContext, str3);
            }
            if (callbackHandler != null) {
                constructPasswordCallback = performCallback(callbackHandler, str, i);
            } else {
                String password = getPassword(msgContext);
                if (password == null) {
                    throw new WSSecurityException(new StringBuffer().append("WSHandler: application ").append("provided null or empty password").toString());
                }
                constructPasswordCallback = constructPasswordCallback(str, i);
                constructPasswordCallback.setPassword(password);
            }
        }
        return constructPasswordCallback;
    }

    private WSPasswordCallback readPwViaCallbackClass(String str, String str2, int i, RequestData requestData) throws WSSecurityException {
        try {
            try {
                return performCallback((CallbackHandler) Loader.loadClass(getClassLoader(requestData.getMsgContext()), str).newInstance(), str2, i);
            } catch (Exception e) {
                throw new WSSecurityException(new StringBuffer().append("WSHandler: cannot create instance of password callback: ").append(str).toString(), e);
            }
        } catch (ClassNotFoundException e2) {
            throw new WSSecurityException(new StringBuffer().append("WSHandler: cannot load password callback class: ").append(str).toString(), e2);
        }
    }

    private WSPasswordCallback performCallback(CallbackHandler callbackHandler, String str, int i) throws WSSecurityException {
        WSPasswordCallback constructPasswordCallback = constructPasswordCallback(str, i);
        try {
            callbackHandler.handle(new Callback[]{constructPasswordCallback});
            return constructPasswordCallback;
        } catch (Exception e) {
            throw new WSSecurityException("WSHandler: password callback failed", e);
        }
    }

    private WSPasswordCallback constructPasswordCallback(String str, int i) throws WSSecurityException {
        int i2 = 0;
        switch (i) {
            case 1:
            case 64:
                i2 = 2;
                break;
            case 2:
                i2 = 3;
                break;
            case 4:
                i2 = 4;
                break;
        }
        return new WSPasswordCallback(str, i2);
    }

    private void splitEncParts(String str, Vector vector, RequestData requestData) throws WSSecurityException {
        String substring;
        WSEncryptionPart wSEncryptionPart;
        for (String str2 : StringUtil.split(str, ';')) {
            String[] split = StringUtil.split(str2, '}');
            if (split.length == 1) {
                if (this.doDebug) {
                    log.debug(new StringBuffer().append("single partDef: '").append(split[0]).append("'").toString());
                }
                wSEncryptionPart = new WSEncryptionPart(split[0].trim(), requestData.getSoapConstants().getEnvelopeURI(), "Content");
            } else {
                if (split.length != 3) {
                    throw new WSSecurityException(new StringBuffer().append("WSHandler: wrong part definition: ").append(str).toString());
                }
                String trim = split[0].trim();
                String substring2 = trim.length() <= 1 ? "Content" : trim.substring(1);
                String trim2 = split[1].trim();
                if (trim2.length() <= 1) {
                    substring = requestData.getSoapConstants().getEnvelopeURI();
                } else {
                    substring = trim2.substring(1);
                    if (substring.equals(WSConstants.NULL_NS)) {
                        substring = null;
                    }
                }
                String trim3 = split[2].trim();
                if (this.doDebug) {
                    log.debug(new StringBuffer().append("partDefs: '").append(substring2).append("' ,'").append(substring).append("' ,'").append(trim3).append("'").toString());
                }
                wSEncryptionPart = new WSEncryptionPart(trim3, substring, substring2);
            }
            vector.add(wSEncryptionPart);
        }
    }

    private void handleSpecialUser(RequestData requestData) {
        Vector vector;
        if (WSHandlerConstants.USE_REQ_SIG_CERT.equals(requestData.getEncUser()) && (vector = (Vector) getProperty(requestData.getMsgContext(), WSHandlerConstants.RECV_RESULTS)) != null) {
            for (int i = 0; i < vector.size(); i++) {
                WSHandlerResult wSHandlerResult = (WSHandlerResult) vector.get(i);
                if (WSSecurityUtil.isActorEqual(requestData.getActor(), wSHandlerResult.getActor())) {
                    Vector results = wSHandlerResult.getResults();
                    for (int i2 = 0; i2 < results.size(); i2++) {
                        WSSecurityEngineResult wSSecurityEngineResult = (WSSecurityEngineResult) results.get(i2);
                        if (((Integer) wSSecurityEngineResult.get("action")).intValue() == 2) {
                            requestData.setEncCert((X509Certificate) wSSecurityEngineResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE));
                            return;
                        }
                    }
                }
            }
        }
    }

    protected Crypto loadDecryptionCrypto(RequestData requestData) throws WSSecurityException {
        Crypto crypto = null;
        String string = getString(WSHandlerConstants.DEC_PROP_FILE, requestData.getMsgContext());
        if (string != null) {
            crypto = (Crypto) cryptos.get(string);
            if (crypto == null) {
                crypto = CryptoFactory.getInstance(string, getClassLoader(requestData.getMsgContext()));
                cryptos.put(string, crypto);
            }
        } else if (getString(WSHandlerConstants.DEC_PROP_REF_ID, requestData.getMsgContext()) != null) {
            String string2 = getString(WSHandlerConstants.DEC_PROP_REF_ID, requestData.getMsgContext());
            if (string2 != null) {
                Object property = getProperty(requestData.getMsgContext(), string2);
                if (property instanceof Properties) {
                    crypto = (Crypto) cryptos.get(string2);
                    if (crypto == null) {
                        crypto = CryptoFactory.getInstance((Properties) property);
                        cryptos.put(string2, crypto);
                    }
                }
            }
        } else if (requestData.getSigCrypto() != null) {
            crypto = requestData.getSigCrypto();
        }
        return crypto;
    }

    protected void decodeSignatureParameter2(RequestData requestData) throws WSSecurityException {
        requestData.setSigCrypto(loadSignatureCrypto(requestData));
    }

    protected void decodeDecryptionParameter(RequestData requestData) throws WSSecurityException {
        requestData.setDecCrypto(loadDecryptionCrypto(requestData));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CallbackHandler getPasswordCB(RequestData requestData) throws WSSecurityException {
        CallbackHandler callbackHandler;
        Object msgContext = requestData.getMsgContext();
        String string = getString(WSHandlerConstants.PW_CALLBACK_CLASS, msgContext);
        if (string != null) {
            try {
                try {
                    callbackHandler = (CallbackHandler) Loader.loadClass(getClassLoader(requestData.getMsgContext()), string).newInstance();
                } catch (Exception e) {
                    throw new WSSecurityException(new StringBuffer().append("WSHandler: cannot create instance of password callback: ").append(string).toString(), e);
                }
            } catch (ClassNotFoundException e2) {
                throw new WSSecurityException(new StringBuffer().append("WSHandler: cannot load password callback class: ").append(string).toString(), e2);
            }
        } else {
            callbackHandler = (CallbackHandler) getProperty(msgContext, WSHandlerConstants.PW_CALLBACK_REF);
            if (callbackHandler == null) {
                throw new WSSecurityException("WSHandler: no reference in callback property");
            }
        }
        return callbackHandler;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean verifyTrust(X509Certificate x509Certificate, RequestData requestData) throws WSSecurityException {
        if (x509Certificate == null) {
            return false;
        }
        String name = x509Certificate.getSubjectX500Principal().getName();
        String name2 = x509Certificate.getIssuerX500Principal().getName();
        BigInteger serialNumber = x509Certificate.getSerialNumber();
        if (this.doDebug) {
            log.debug(new StringBuffer().append("WSHandler: Transmitted certificate has subject ").append(name).toString());
            log.debug(new StringBuffer().append("WSHandler: Transmitted certificate has issuer ").append(name2).append(" (serial ").append(serialNumber).append(")").toString());
        }
        try {
            String aliasForX509Cert = requestData.getSigCrypto().getAliasForX509Cert(name2, serialNumber);
            if (aliasForX509Cert != null) {
                try {
                    X509Certificate[] certificates = requestData.getSigCrypto().getCertificates(aliasForX509Cert);
                    if (certificates != null && certificates.length > 0 && x509Certificate.equals(certificates[0])) {
                        if (!this.doDebug) {
                            return true;
                        }
                        log.debug(new StringBuffer().append("Direct trust for certificate with ").append(name).toString());
                        return true;
                    }
                } catch (WSSecurityException e) {
                    throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get certificates for alias ").append(aliasForX509Cert).toString(), (Throwable) e);
                }
            } else if (this.doDebug) {
                log.debug(new StringBuffer().append("No alias found for subject from issuer with ").append(name2).append(" (serial ").append(serialNumber).append(")").toString());
            }
            try {
                String[] aliasesForDN = requestData.getSigCrypto().getAliasesForDN(name2);
                if (aliasesForDN == null || aliasesForDN.length < 1) {
                    if (!this.doDebug) {
                        return false;
                    }
                    log.debug(new StringBuffer().append("No aliases found in keystore for issuer ").append(name2).append(" of certificate for ").append(name).toString());
                    return false;
                }
                for (String str : aliasesForDN) {
                    if (this.doDebug) {
                        log.debug(new StringBuffer().append("Preparing to validate certificate path with alias ").append(str).append(" for issuer ").append(name2).toString());
                    }
                    try {
                        X509Certificate[] certificates2 = requestData.getSigCrypto().getCertificates(str);
                        if (certificates2 == null || certificates2.length < 1) {
                            throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get certificates for alias ").append(str).toString());
                        }
                        X509Certificate[] x509CertificateArr = new X509Certificate[certificates2.length + 1];
                        x509CertificateArr[0] = x509Certificate;
                        for (int i = 0; i < certificates2.length; i++) {
                            x509CertificateArr[i + 1] = certificates2[i];
                        }
                        try {
                            if (requestData.getSigCrypto().validateCertPath(x509CertificateArr)) {
                                if (!this.doDebug) {
                                    return true;
                                }
                                log.debug(new StringBuffer().append("WSHandler: Certificate path has been verified for certificate with subject ").append(name).toString());
                                return true;
                            }
                        } catch (WSSecurityException e2) {
                            throw new WSSecurityException(new StringBuffer().append("WSHandler: Certificate path verification failed for certificate with subject ").append(name).toString(), (Throwable) e2);
                        }
                    } catch (WSSecurityException e3) {
                        throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get certificates for alias ").append(str).toString(), (Throwable) e3);
                    }
                }
                if (!this.doDebug) {
                    return false;
                }
                log.debug(new StringBuffer().append("WSHandler: Certificate path could not be verified for certificate with subject ").append(name).toString());
                return false;
            } catch (WSSecurityException e4) {
                throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get alias for certificate with ").append(name2).toString(), (Throwable) e4);
            }
        } catch (WSSecurityException e5) {
            throw new WSSecurityException(new StringBuffer().append("WSHandler: Could not get alias for certificate with ").append(name).toString(), (Throwable) e5);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean verifyTimestamp(Timestamp timestamp, int i) throws WSSecurityException {
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(new Date(calendar.getTime().getTime() - (i * 1000)));
        if (this.doDebug) {
            log.debug("Preparing to verify the timestamp");
            XmlSchemaDateFormat xmlSchemaDateFormat = new XmlSchemaDateFormat();
            log.debug(new StringBuffer().append("Validation of Timestamp: Current time is ").append(xmlSchemaDateFormat.format(Calendar.getInstance().getTime())).toString());
            log.debug(new StringBuffer().append("Validation of Timestamp: Valid creation is ").append(xmlSchemaDateFormat.format(calendar.getTime())).toString());
            if (timestamp.getCreated() != null) {
                log.debug(new StringBuffer().append("Validation of Timestamp: Timestamp created is ").append(xmlSchemaDateFormat.format(timestamp.getCreated().getTime())).toString());
            }
        }
        Calendar created = timestamp.getCreated();
        if (created == null || created.after(calendar)) {
            if (!this.doDebug) {
                return true;
            }
            log.debug("Validation of Timestamp: Everything is ok");
            return true;
        }
        if (!this.doDebug) {
            return false;
        }
        log.debug("Validation of Timestamp: The message was created too long ago");
        return false;
    }

    public String getString(String str, Object obj) {
        if (str == null) {
            throw new IllegalArgumentException("Key cannot be null");
        }
        String stringOption = getStringOption(str);
        if (stringOption != null) {
            return stringOption;
        }
        if (obj == null) {
            throw new IllegalArgumentException("Message context cannot be null");
        }
        return (String) getProperty(obj, str);
    }

    public String getStringOption(String str) {
        Object option = getOption(str);
        if (option instanceof String) {
            return (String) option;
        }
        return null;
    }

    public ClassLoader getClassLoader(Object obj) {
        try {
            return Loader.getTCL();
        } catch (Throwable th) {
            return null;
        }
    }

    public abstract Object getOption(String str);

    public abstract Object getProperty(Object obj, String str);

    public abstract void setProperty(Object obj, String str, Object obj2);

    public abstract String getPassword(Object obj);

    public abstract void setPassword(Object obj, String str);

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$ws$security$handler$WSHandler == null) {
            cls = class$("org.apache.ws.security.handler.WSHandler");
            class$org$apache$ws$security$handler$WSHandler = cls;
        } else {
            cls = class$org$apache$ws$security$handler$WSHandler;
        }
        log = LogFactory.getLog(cls.getName());
        secEngine = WSSecurityEngine.getInstance();
        cryptos = new Hashtable(5);
    }
}
