package com.sun.xml.ws.security.impl.policyconv;

import com.sun.xml.ws.policy.AssertionSet;
import com.sun.xml.ws.policy.Policy;
import com.sun.xml.ws.policy.PolicyAssertion;
import com.sun.xml.ws.policy.PolicyException;
import com.sun.xml.ws.security.impl.policy.Constants;
import com.sun.xml.ws.security.impl.policy.LogStringsMessages;
import com.sun.xml.ws.security.impl.policy.PolicyUtil;
import com.sun.xml.ws.security.impl.policy.Trust10;
import com.sun.xml.ws.security.impl.policy.Trust13;
import com.sun.xml.ws.security.policy.AlgorithmSuite;
import com.sun.xml.ws.security.policy.AsymmetricBinding;
import com.sun.xml.ws.security.policy.Binding;
import com.sun.xml.ws.security.policy.EncryptedElements;
import com.sun.xml.ws.security.policy.EncryptedParts;
import com.sun.xml.ws.security.policy.EncryptedSupportingTokens;
import com.sun.xml.ws.security.policy.EndorsingEncryptedSupportingTokens;
import com.sun.xml.ws.security.policy.EndorsingSupportingTokens;
import com.sun.xml.ws.security.policy.RequiredElements;
import com.sun.xml.ws.security.policy.SecurityPolicyVersion;
import com.sun.xml.ws.security.policy.SignedElements;
import com.sun.xml.ws.security.policy.SignedEncryptedSupportingTokens;
import com.sun.xml.ws.security.policy.SignedEndorsingEncryptedSupportingTokens;
import com.sun.xml.ws.security.policy.SignedEndorsingSupportingTokens;
import com.sun.xml.ws.security.policy.SignedParts;
import com.sun.xml.ws.security.policy.SignedSupportingTokens;
import com.sun.xml.ws.security.policy.SupportingTokens;
import com.sun.xml.ws.security.policy.SymmetricBinding;
import com.sun.xml.ws.security.policy.TransportBinding;
import com.sun.xml.ws.security.policy.WSSAssertion;
import com.sun.xml.wss.impl.MessageLayout;
import com.sun.xml.wss.impl.policy.PolicyGenerationException;
import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import java.util.logging.Level;

/* loaded from: input_file:BOOT-INF/lib/webservices-rt-2.4.7.jar:com/sun/xml/ws/security/impl/policyconv/XWSSPolicyGenerator.class */
public class XWSSPolicyGenerator {
    String _protectionOrder;
    SignaturePolicy _primarySP;
    EncryptionPolicy _primaryEP;
    EncryptionPolicy _sEncPolicy;
    SignaturePolicy _csSP;
    XWSSPolicyContainer _policyContainer;
    Binding _binding;
    Policy effectivePolicy;
    boolean isServer;
    boolean isIncoming;
    private PolicyAssertion wssAssertion;
    private WSSAssertion wss11;
    private Trust10 trust10;
    private Trust13 trust13;
    private boolean encryptBody;
    private Vector<SignedParts> signedParts;
    private Vector<EncryptedParts> encryptedParts;
    private Vector<SignedElements> signedElements;
    private Vector<EncryptedElements> encryptedElements;
    private boolean ignoreST;
    private boolean transportBinding;
    private IntegrityAssertionProcessor iAP;
    private EncryptionAssertionProcessor eAP;
    private Binding policyBinding;
    private List<RequiredElements> reqElements;
    private SecurityPolicyVersion spVersion;
    private boolean isIssuedTokenAsEncryptedSupportingToken;

    public XWSSPolicyGenerator(Policy policy, boolean z, boolean z2, SecurityPolicyVersion securityPolicyVersion) {
        this._protectionOrder = "";
        this._primarySP = null;
        this._primaryEP = null;
        this._sEncPolicy = null;
        this._csSP = null;
        this._policyContainer = null;
        this.effectivePolicy = null;
        this.isServer = false;
        this.isIncoming = false;
        this.wssAssertion = null;
        this.wss11 = null;
        this.trust10 = null;
        this.trust13 = null;
        this.encryptBody = false;
        this.signedParts = new Vector<>();
        this.encryptedParts = new Vector<>();
        this.signedElements = new Vector<>();
        this.encryptedElements = new Vector<>();
        this.ignoreST = false;
        this.transportBinding = false;
        this.iAP = null;
        this.eAP = null;
        this.policyBinding = null;
        this.reqElements = new ArrayList();
        this.isIssuedTokenAsEncryptedSupportingToken = false;
        this.effectivePolicy = policy;
        this._policyContainer = new XWSSPolicyContainer(z, z2);
        this.isServer = z;
        this.isIncoming = z2;
        this.spVersion = securityPolicyVersion;
    }

    public XWSSPolicyGenerator(Policy policy, boolean z, boolean z2) {
        this._protectionOrder = "";
        this._primarySP = null;
        this._primaryEP = null;
        this._sEncPolicy = null;
        this._csSP = null;
        this._policyContainer = null;
        this.effectivePolicy = null;
        this.isServer = false;
        this.isIncoming = false;
        this.wssAssertion = null;
        this.wss11 = null;
        this.trust10 = null;
        this.trust13 = null;
        this.encryptBody = false;
        this.signedParts = new Vector<>();
        this.encryptedParts = new Vector<>();
        this.signedElements = new Vector<>();
        this.encryptedElements = new Vector<>();
        this.ignoreST = false;
        this.transportBinding = false;
        this.iAP = null;
        this.eAP = null;
        this.policyBinding = null;
        this.reqElements = new ArrayList();
        this.isIssuedTokenAsEncryptedSupportingToken = false;
        this.effectivePolicy = policy;
        this._policyContainer = new XWSSPolicyContainer(z, z2);
        this.isServer = z;
        this.isIncoming = z2;
        this.spVersion = SecurityPolicyVersion.SECURITYPOLICY200507;
    }

    public AlgorithmSuite getBindingLevelAlgSuite() {
        return this._binding != null ? this._binding.getAlgorithmSuite() : new com.sun.xml.ws.security.impl.policy.AlgorithmSuite();
    }

    public void process(boolean z) throws PolicyException {
        this.ignoreST = z;
        process();
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void process() throws PolicyException {
        collectPolicies();
        PolicyAssertion policyAssertion = (PolicyAssertion) getBinding();
        this.policyBinding = (Binding) policyAssertion;
        if (policyAssertion == 0) {
            NilBindingProcessor nilBindingProcessor = new NilBindingProcessor(this.isServer, this.isIncoming, this._policyContainer);
            nilBindingProcessor.process();
            processNonBindingAssertions(nilBindingProcessor);
            return;
        }
        if (PolicyUtil.isTransportBinding(policyAssertion, this.spVersion)) {
            if (Constants.logger.isLoggable(Level.FINE)) {
                Constants.logger.log(Level.FINE, "TransportBinding was configured in the policy");
            }
            TransportBindingProcessor transportBindingProcessor = new TransportBindingProcessor((TransportBinding) policyAssertion, this.isServer, this.isIncoming, this._policyContainer);
            transportBindingProcessor.process();
            processNonBindingAssertions(transportBindingProcessor);
            this.transportBinding = true;
            return;
        }
        this.iAP = new IntegrityAssertionProcessor(this._binding.getAlgorithmSuite(), this._binding.isSignContent());
        this.eAP = new EncryptionAssertionProcessor(this._binding.getAlgorithmSuite(), false);
        this._policyContainer.setPolicyContainerMode(this._binding.getLayout());
        if (PolicyUtil.isSymmetricBinding(policyAssertion.getName(), this.spVersion)) {
            if (Constants.logger.isLoggable(Level.FINE)) {
                Constants.logger.log(Level.FINE, "SymmetricBinding was configured in the policy");
            }
            SymmetricBindingProcessor symmetricBindingProcessor = new SymmetricBindingProcessor((SymmetricBinding) this._binding, this._policyContainer, this.isServer, this.isIncoming, this.signedParts, this.encryptedParts, this.signedElements, this.encryptedElements);
            if (this.wssAssertion != null && PolicyUtil.isWSS11(this.wssAssertion, this.spVersion)) {
                symmetricBindingProcessor.setWSS11((WSSAssertion) this.wssAssertion);
            }
            symmetricBindingProcessor.process();
            processNonBindingAssertions(symmetricBindingProcessor);
            symmetricBindingProcessor.close();
            return;
        }
        if (PolicyUtil.isAsymmetricBinding(policyAssertion.getName(), this.spVersion)) {
            if (Constants.logger.isLoggable(Level.FINE)) {
                Constants.logger.log(Level.FINE, "AsymmetricBinding was configured in the policy");
            }
            AsymmetricBindingProcessor asymmetricBindingProcessor = new AsymmetricBindingProcessor((AsymmetricBinding) this._binding, this._policyContainer, this.isServer, this.isIncoming, this.signedParts, this.encryptedParts, this.signedElements, this.encryptedElements);
            if (this.wssAssertion != null && PolicyUtil.isWSS11(this.wssAssertion, this.spVersion)) {
                asymmetricBindingProcessor.setWSS11((WSSAssertion) this.wssAssertion);
            }
            asymmetricBindingProcessor.process();
            processNonBindingAssertions(asymmetricBindingProcessor);
            asymmetricBindingProcessor.close();
        }
    }

    public MessagePolicy getXWSSPolicy() throws PolicyException {
        try {
            MessagePolicy messagePolicy = this.wssAssertion != null ? this._policyContainer.getMessagePolicy(PolicyUtil.isWSS11(this.wssAssertion, this.spVersion)) : this._policyContainer.getMessagePolicy(false);
            if (this.wssAssertion != null) {
                try {
                    messagePolicy.setWSSAssertion(getWssAssertion((WSSAssertion) this.wssAssertion));
                } catch (PolicyGenerationException e) {
                    Constants.logger.log(Level.SEVERE, LogStringsMessages.SP_0104_ERROR_SIGNATURE_CONFIRMATION_ELEMENT(e.getMessage()), (Throwable) e);
                    throw new PolicyException(LogStringsMessages.SP_0104_ERROR_SIGNATURE_CONFIRMATION_ELEMENT(e.getMessage()));
                }
            }
            if (this.policyBinding != null && this.policyBinding.getAlgorithmSuite() != null) {
                messagePolicy.setAlgorithmSuite(getAlgoSuite(this.policyBinding.getAlgorithmSuite()));
            }
            if (this.policyBinding != null && this.policyBinding.getLayout() != null) {
                messagePolicy.setLayout(getLayout(this.policyBinding.getLayout()));
            }
            if (this.isIncoming && this.reqElements.size() > 0) {
                try {
                    new RequiredElementsProcessor(this.reqElements, messagePolicy).process();
                } catch (PolicyGenerationException e2) {
                    Constants.logger.log(Level.SEVERE, LogStringsMessages.SP_0103_ERROR_REQUIRED_ELEMENTS(e2.getMessage()), (Throwable) e2);
                    throw new PolicyException(LogStringsMessages.SP_0103_ERROR_REQUIRED_ELEMENTS(e2.getMessage()));
                }
            }
            if (this.transportBinding) {
                messagePolicy.setSSL(this.transportBinding);
            }
            return messagePolicy;
        } catch (PolicyGenerationException e3) {
            Constants.logger.log(Level.SEVERE, LogStringsMessages.SP_0113_UNABLE_TO_DIGEST_POLICY(this.effectivePolicy), (Throwable) e3);
            throw new PolicyException("Unable to digest SecurityPolicy ");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void processNonBindingAssertions(BindingProcessor bindingProcessor) throws PolicyException {
        Iterator<AssertionSet> it = this.effectivePolicy.iterator();
        while (it.hasNext()) {
            Iterator<PolicyAssertion> it2 = it.next().iterator();
            while (it2.hasNext()) {
                PolicyAssertion next = it2.next();
                if (!PolicyUtil.isBinding(next, this.spVersion)) {
                    if (!this.ignoreST && shouldAddST() && PolicyUtil.isSupportingToken(next, this.spVersion)) {
                        bindingProcessor.processSupportingTokens((SupportingTokens) next);
                    } else if (!this.ignoreST && shouldAddST() && PolicyUtil.isSignedSupportingToken(next, this.spVersion)) {
                        bindingProcessor.processSupportingTokens((SignedSupportingTokens) next);
                    } else if (!this.ignoreST && shouldAddST() && PolicyUtil.isEndorsedSupportingToken(next, this.spVersion)) {
                        bindingProcessor.processSupportingTokens((EndorsingSupportingTokens) next);
                    } else if (!this.ignoreST && shouldAddST() && PolicyUtil.isSignedEndorsingSupportingToken(next, this.spVersion)) {
                        bindingProcessor.processSupportingTokens((SignedEndorsingSupportingTokens) next);
                    } else if (!this.ignoreST && shouldAddST() && PolicyUtil.isSignedEncryptedSupportingToken(next, this.spVersion)) {
                        bindingProcessor.processSupportingTokens((SignedEncryptedSupportingTokens) next);
                        isIssuedTokenAsEncryptedSupportingToken(bindingProcessor.isIssuedTokenAsEncryptedSupportingToken());
                    } else if (!this.ignoreST && shouldAddST() && PolicyUtil.isEncryptedSupportingToken(next, this.spVersion)) {
                        bindingProcessor.processSupportingTokens((EncryptedSupportingTokens) next);
                        isIssuedTokenAsEncryptedSupportingToken(bindingProcessor.isIssuedTokenAsEncryptedSupportingToken());
                    } else if (!this.ignoreST && shouldAddST() && PolicyUtil.isEndorsingEncryptedSupportingToken(next, this.spVersion)) {
                        bindingProcessor.processSupportingTokens((EndorsingEncryptedSupportingTokens) next);
                        isIssuedTokenAsEncryptedSupportingToken(bindingProcessor.isIssuedTokenAsEncryptedSupportingToken());
                    } else if (!this.ignoreST && shouldAddST() && PolicyUtil.isSignedEndorsingEncryptedSupportingToken(next, this.spVersion)) {
                        bindingProcessor.processSupportingTokens((SignedEndorsingEncryptedSupportingTokens) next);
                        isIssuedTokenAsEncryptedSupportingToken(bindingProcessor.isIssuedTokenAsEncryptedSupportingToken());
                    } else if (PolicyUtil.isWSS10(next, this.spVersion)) {
                        this.wssAssertion = next;
                    } else if (PolicyUtil.isWSS11(next, this.spVersion)) {
                        this.wssAssertion = next;
                    } else if (PolicyUtil.isTrust10(next, this.spVersion)) {
                        this.trust10 = (Trust10) next;
                    } else if (PolicyUtil.isTrust13(next, this.spVersion)) {
                        this.trust13 = (Trust13) next;
                    }
                }
            }
        }
    }

    private Binding getBinding() {
        return this._binding;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void collectPolicies() {
        Iterator<AssertionSet> it = this.effectivePolicy.iterator();
        while (it.hasNext()) {
            Iterator<PolicyAssertion> it2 = it.next().iterator();
            while (it2.hasNext()) {
                PolicyAssertion next = it2.next();
                if (PolicyUtil.isSignedParts(next, this.spVersion)) {
                    this.signedParts.add((SignedParts) next);
                } else if (PolicyUtil.isEncryptParts(next, this.spVersion)) {
                    this.encryptedParts.add((EncryptedParts) next);
                } else if (PolicyUtil.isSignedElements(next, this.spVersion)) {
                    this.signedElements.add((SignedElements) next);
                } else if (PolicyUtil.isEncryptedElements(next, this.spVersion)) {
                    this.encryptedElements.add((EncryptedElements) next);
                } else if (PolicyUtil.isWSS10(next, this.spVersion)) {
                    this.wssAssertion = next;
                } else if (PolicyUtil.isWSS11(next, this.spVersion)) {
                    this.wssAssertion = next;
                } else if (PolicyUtil.isTrust10(next, this.spVersion)) {
                    this.trust10 = (Trust10) next;
                } else if (PolicyUtil.isTrust13(next, this.spVersion)) {
                    this.trust13 = (Trust13) next;
                } else if (PolicyUtil.isBinding(next, this.spVersion)) {
                    this._binding = (Binding) next;
                } else if (PolicyUtil.isRequiredElements(next, this.spVersion)) {
                    this.reqElements.add((RequiredElements) next);
                }
            }
        }
    }

    private boolean shouldAddST() {
        if (!this.isServer || this.isIncoming) {
            return this.isServer || !this.isIncoming;
        }
        return false;
    }

    protected com.sun.xml.wss.impl.AlgorithmSuite getAlgoSuite(AlgorithmSuite algorithmSuite) {
        com.sun.xml.wss.impl.AlgorithmSuite algorithmSuite2 = new com.sun.xml.wss.impl.AlgorithmSuite(algorithmSuite.getDigestAlgorithm(), algorithmSuite.getEncryptionAlgorithm(), algorithmSuite.getSymmetricKeyAlgorithm(), algorithmSuite.getAsymmetricKeyAlgorithm());
        algorithmSuite2.setSignatureAlgorithm(algorithmSuite.getSignatureAlgorithm());
        return algorithmSuite2;
    }

    protected com.sun.xml.wss.impl.WSSAssertion getWssAssertion(WSSAssertion wSSAssertion) {
        return new com.sun.xml.wss.impl.WSSAssertion(wSSAssertion.getRequiredProperties(), wSSAssertion.getType());
    }

    protected MessageLayout getLayout(com.sun.xml.ws.security.policy.MessageLayout messageLayout) {
        switch (messageLayout) {
            case Strict:
                if (Constants.logger.isLoggable(Level.FINE)) {
                    Constants.logger.log(Level.FINE, "MessageLayout has been configured to be  STRICT ");
                }
                return MessageLayout.Strict;
            case Lax:
                if (Constants.logger.isLoggable(Level.FINE)) {
                    Constants.logger.log(Level.FINE, "MessageLayout has been configured to be LAX ");
                }
                return MessageLayout.Lax;
            case LaxTsFirst:
                if (Constants.logger.isLoggable(Level.FINE)) {
                    Constants.logger.log(Level.FINE, "MessageLayout has been configured to be LaxTimestampFirst ");
                }
                return MessageLayout.LaxTsFirst;
            case LaxTsLast:
                if (Constants.logger.isLoggable(Level.FINE)) {
                    Constants.logger.log(Level.FINE, "MessageLayout has been configured tp be LaxTimestampLast ");
                }
                return MessageLayout.LaxTsLast;
            default:
                if (Constants.logger.isLoggable(Level.SEVERE)) {
                    Constants.logger.log(Level.SEVERE, LogStringsMessages.SP_0106_UNKNOWN_MESSAGE_LAYOUT(messageLayout));
                }
                throw new RuntimeException(LogStringsMessages.SP_0106_UNKNOWN_MESSAGE_LAYOUT(messageLayout));
        }
    }

    public boolean isIssuedTokenAsEncryptedSupportingToken() {
        return this.isIssuedTokenAsEncryptedSupportingToken;
    }

    private void isIssuedTokenAsEncryptedSupportingToken(boolean z) {
        this.isIssuedTokenAsEncryptedSupportingToken = z;
    }
}
