package org.apache.wss4j.stax.impl.securityToken;

import java.security.Key;
import java.security.Principal;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.Subject;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.principal.UsernameTokenPrincipal;
import org.apache.wss4j.common.util.UsernameTokenUtil;
import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.securityToken.UsernameSecurityToken;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityTokenConstants;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.2.1.redhat-219.zip:modules/system/layers/fuse/org/apache/ws/security/2.0/wss4j-ws-security-stax-2.0.3.jar:org/apache/wss4j/stax/impl/securityToken/UsernameSecurityTokenImpl.class */
public class UsernameSecurityTokenImpl extends AbstractInboundSecurityToken implements UsernameSecurityToken {
    private static final long DEFAULT_ITERATION = 1000;
    private WSSConstants.UsernameTokenPasswordType usernameTokenPasswordType;
    private String username;
    private String password;
    private String createdTime;
    private byte[] nonce;
    private byte[] salt;
    private Long iteration;
    private final WSInboundSecurityContext wsInboundSecurityContext;
    private Subject subject;
    private Principal principal;

    public UsernameSecurityTokenImpl(WSSConstants.UsernameTokenPasswordType usernameTokenPasswordType, String str, String str2, String str3, byte[] bArr, byte[] bArr2, Long l, WSInboundSecurityContext wSInboundSecurityContext, String str4, SecurityTokenConstants.KeyIdentifier keyIdentifier) {
        super(wSInboundSecurityContext, str4, keyIdentifier, true);
        this.usernameTokenPasswordType = usernameTokenPasswordType;
        this.username = str;
        this.password = str2;
        this.createdTime = str3;
        this.nonce = bArr;
        this.salt = bArr2;
        this.iteration = l;
        this.wsInboundSecurityContext = wSInboundSecurityContext;
    }

    @Override // org.apache.xml.security.stax.impl.securityToken.AbstractSecurityToken, org.apache.xml.security.stax.securityToken.SecurityToken
    public boolean isAsymmetric() throws XMLSecurityException {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken
    public Key getKey(String str, XMLSecurityConstants.AlgorithmUsage algorithmUsage, String str2) throws XMLSecurityException {
        Key key = getSecretKey().get(str);
        if (key != null) {
            return key;
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(generateDerivedKey(this.wsInboundSecurityContext), JCEAlgorithmMapper.getJCEKeyAlgorithmFromURI(str));
        setSecretKey(str, secretKeySpec);
        return secretKeySpec;
    }

    @Override // org.apache.xml.security.stax.securityToken.SecurityToken
    public SecurityTokenConstants.TokenType getTokenType() {
        return WSSecurityTokenConstants.UsernameToken;
    }

    @Override // org.apache.wss4j.stax.securityToken.UsernameSecurityToken
    public byte[] generateDerivedKey() throws WSSecurityException {
        return generateDerivedKey(this.wsInboundSecurityContext);
    }

    protected byte[] generateDerivedKey(WSInboundSecurityContext wSInboundSecurityContext) throws WSSecurityException {
        if (wSInboundSecurityContext != null) {
            if (this.salt == null || this.salt.length == 0) {
                wSInboundSecurityContext.handleBSPRule(BSPRule.R4217);
            }
            if (this.iteration == null || this.iteration.longValue() < 1000) {
                wSInboundSecurityContext.handleBSPRule(BSPRule.R4218);
            }
        }
        return UsernameTokenUtil.generateDerivedKey(this.password, this.salt, this.iteration.intValue());
    }

    @Override // org.apache.wss4j.stax.securityToken.SubjectAndPrincipalSecurityToken
    public Principal getPrincipal() throws WSSecurityException {
        if (this.principal == null) {
            this.principal = new UsernameTokenPrincipal() { // from class: org.apache.wss4j.stax.impl.securityToken.UsernameSecurityTokenImpl.1
                @Override // org.apache.wss4j.common.principal.UsernameTokenPrincipal
                public boolean isPasswordDigest() {
                    return UsernameSecurityTokenImpl.this.usernameTokenPasswordType == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST;
                }

                @Override // org.apache.wss4j.common.principal.UsernameTokenPrincipal
                public String getPasswordType() {
                    return UsernameSecurityTokenImpl.this.usernameTokenPasswordType.getNamespace();
                }

                @Override // java.security.Principal
                public String getName() {
                    return UsernameSecurityTokenImpl.this.username;
                }

                @Override // org.apache.wss4j.common.principal.UsernameTokenPrincipal
                public String getPassword() {
                    return UsernameSecurityTokenImpl.this.password;
                }

                @Override // org.apache.wss4j.common.principal.UsernameTokenPrincipal
                public String getCreatedTime() {
                    return UsernameSecurityTokenImpl.this.createdTime;
                }

                @Override // org.apache.wss4j.common.principal.UsernameTokenPrincipal
                public byte[] getNonce() {
                    return UsernameSecurityTokenImpl.this.nonce;
                }
            };
        }
        return this.principal;
    }

    @Override // org.apache.wss4j.stax.securityToken.UsernameSecurityToken
    public WSSConstants.UsernameTokenPasswordType getUsernameTokenPasswordType() {
        return this.usernameTokenPasswordType;
    }

    @Override // org.apache.wss4j.stax.securityToken.UsernameSecurityToken
    public String getCreatedTime() {
        return this.createdTime;
    }

    @Override // org.apache.wss4j.stax.securityToken.UsernameSecurityToken
    public String getPassword() {
        return this.password;
    }

    @Override // org.apache.wss4j.stax.securityToken.UsernameSecurityToken
    public String getUsername() {
        return this.username;
    }

    @Override // org.apache.wss4j.stax.securityToken.UsernameSecurityToken
    public byte[] getNonce() {
        return this.nonce;
    }

    @Override // org.apache.wss4j.stax.securityToken.UsernameSecurityToken
    public byte[] getSalt() {
        return this.salt;
    }

    @Override // org.apache.wss4j.stax.securityToken.UsernameSecurityToken
    public Long getIteration() {
        return this.iteration;
    }

    public void setSubject(Subject subject) {
        this.subject = subject;
    }

    @Override // org.apache.wss4j.stax.securityToken.SubjectAndPrincipalSecurityToken
    public Subject getSubject() throws WSSecurityException {
        return this.subject;
    }
}
