package com.ibm.pvcws.wss.proxy;

import com.ibm.pvcws.jaxrpc.encoding.PrimitiveSerializer;
import com.ibm.pvcws.jaxrpc.msg.Message;
import com.ibm.pvcws.wss.KeyStoreSupport;
import com.ibm.pvcws.wss.WSSBasicHandler;
import com.ibm.pvcws.wss.WSSConfig;
import com.ibm.pvcws.wss.WSSException;
import com.ibm.pvcws.wss.dsig.DigestHandler;
import com.ibm.pvcws.wss.dsig.SignatureHandler;
import com.ibm.pvcws.wss.enc.EncryptionHandler;
import com.ibm.pvcws.wss.param.STParameter;
import com.ibm.pvcws.wss.param.SecurityParameter;
import com.ibm.pvcws.wss.util.Copyright;
import com.ibm.pvcws.wss.util.EncKeyParamImpl;
import com.ibm.pvcws.wss.util.SecurityParamImpl;
import com.ibm.pvcws.wss.util.SignatureParamImpl;
import com.ibm.pvcws.wss.util.TimestampParamImpl;
import com.ibm.pvcws.wss.util.UNTParamImpl;
import com.ibm.pvcws.wss.util.WSSFactory;
import com.ibm.pvcws.wss.util.X509BSTParamImpl;
import java.io.ByteArrayInputStream;
import java.util.Hashtable;

/* loaded from: input_file:WS-Security.jar:com/ibm/pvcws/wss/proxy/WSSConfigProxyImpl.class */
public class WSSConfigProxyImpl implements WSSConfig {
    Hashtable p;
    WSSConfigProperties prop;
    private static final String SERVER_TYPE = "WAS";
    public static SecurityParameter _config;
    boolean isResponder = false;
    WSSConfigProperties clprop = new WSSConfigProperties(this);
    WSSConfigProperties svprop = new WSSConfigProperties(this);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WS-Security.jar:com/ibm/pvcws/wss/proxy/WSSConfigProxyImpl$WSSConfigProperties.class */
    public class WSSConfigProperties {
        public String KEYSTORE_PATH = null;
        public String KEYSTORE_PASSWORD = null;
        public String KEYSTORE_CONTENTS = "";
        public String SIGNATURE_ALIAS = null;
        public String SIGNATURE_KEYPASS = null;
        public String SIGNATURE_ALGORITHM = null;
        public String DIGEST_ALGORITHM = null;
        public String ENCRYPTION_ALIAS = null;
        public String ENCRYPTION_KEYPASS = null;
        public String ENCRYPTION_NAME = null;
        public String ENCRYPTION_DATA_ENCRYPTION_ALGORITHM = null;
        public String ENCRYPTION_KEY_ENCRYPTION_ALGORITHM = null;
        public String[] DECRYPTION_ALIASES = null;
        public String[] DECRYPTION_KEYPASSES = null;
        public String[] DECRYPTION_NAMES = null;
        public String LOGIN_USERNAME = null;
        public String LOGIN_PASSWORD = null;
        public boolean isKeystore = false;
        public boolean isSignature = false;
        public boolean isEncryption = false;
        public boolean isLogin = false;
        public int numDecryptionKeys = 0;
        public byte[] keystoreValue = null;
        private final WSSConfigProxyImpl this$0;

        WSSConfigProperties(WSSConfigProxyImpl wSSConfigProxyImpl) {
            this.this$0 = wSSConfigProxyImpl;
        }
    }

    static String copyright() {
        return Copyright.IBM_COPYRIGHT_SHORT;
    }

    @Override // com.ibm.pvcws.wss.WSSConfig
    public String getServerType() {
        return SERVER_TYPE;
    }

    public void setResponder(boolean z) {
        this.isResponder = z;
    }

    public void setProperty(Hashtable hashtable) {
        this.p = hashtable;
        this.clprop.KEYSTORE_CONTENTS = (String) this.p.get(WSSAttributeType.REQUESTER_KEYSTORE_FILE);
        this.clprop.KEYSTORE_PASSWORD = (String) this.p.get(WSSAttributeType.REQUESTER_KEYSTORE_PASS);
        if (this.clprop.KEYSTORE_CONTENTS != null && this.clprop.KEYSTORE_CONTENTS.length() > 0 && this.clprop.KEYSTORE_PASSWORD != null && this.clprop.KEYSTORE_PASSWORD.length() > 0) {
            this.clprop.isKeystore = true;
            try {
                this.clprop.keystoreValue = PrimitiveSerializer.decode_base64(this.clprop.KEYSTORE_CONTENTS.getBytes());
            } catch (Exception e) {
            }
        }
        this.clprop.LOGIN_USERNAME = (String) this.p.get(WSSAttributeType.REQUESTER_LOGIN_UNAME);
        this.clprop.LOGIN_PASSWORD = (String) this.p.get(WSSAttributeType.REQUESTER_LOGIN_PASS);
        if (this.clprop.LOGIN_USERNAME != null && this.clprop.LOGIN_USERNAME.length() > 0 && this.clprop.LOGIN_PASSWORD != null && this.clprop.LOGIN_PASSWORD.length() > 0) {
            this.clprop.isLogin = true;
        }
        this.clprop.SIGNATURE_ALGORITHM = (String) this.p.get(WSSAttributeType.REQUESTER_SIG_ALG);
        this.clprop.DIGEST_ALGORITHM = (String) this.p.get(WSSAttributeType.REQUESTER_DIGEST_ALG);
        this.clprop.SIGNATURE_ALIAS = (String) this.p.get(WSSAttributeType.REQUESTER_SIG_ALIAS);
        this.clprop.SIGNATURE_KEYPASS = (String) this.p.get(WSSAttributeType.REQUESTER_SIG_PASS);
        if (this.clprop.SIGNATURE_ALGORITHM != null && this.clprop.SIGNATURE_ALGORITHM.length() > 0 && this.clprop.SIGNATURE_ALIAS != null && this.clprop.SIGNATURE_ALIAS.length() > 0 && this.clprop.SIGNATURE_KEYPASS != null && this.clprop.SIGNATURE_KEYPASS.length() > 0) {
            this.clprop.isSignature = true;
        }
        this.clprop.ENCRYPTION_ALIAS = (String) this.p.get(WSSAttributeType.REQUESTER_ENC_ALIAS);
        this.clprop.ENCRYPTION_KEYPASS = (String) this.p.get(WSSAttributeType.REQUESTER_ENC_PASS);
        this.clprop.ENCRYPTION_NAME = (String) this.p.get(WSSAttributeType.REQUESTER_ENC_DNAME);
        this.clprop.ENCRYPTION_DATA_ENCRYPTION_ALGORITHM = (String) this.p.get(WSSAttributeType.REQUESTER_ENC_DATA_ALG);
        this.clprop.ENCRYPTION_KEY_ENCRYPTION_ALGORITHM = (String) this.p.get(WSSAttributeType.REQUESTER_ENC_KEY_ALG);
        if (this.clprop.ENCRYPTION_ALIAS != null && this.clprop.ENCRYPTION_ALIAS.length() > 0) {
            this.clprop.isEncryption = true;
        }
        String str = (String) this.p.get(WSSAttributeType.REQUESTER_DEC_KEY_NUM);
        if (str != null) {
            this.clprop.numDecryptionKeys = Integer.parseInt(str);
            if (this.clprop.numDecryptionKeys > 0) {
                this.clprop.DECRYPTION_ALIASES = new String[this.clprop.numDecryptionKeys];
                this.clprop.DECRYPTION_KEYPASSES = new String[this.clprop.numDecryptionKeys];
                this.clprop.DECRYPTION_NAMES = new String[this.clprop.numDecryptionKeys];
                for (int i = 0; i < this.clprop.numDecryptionKeys; i++) {
                    this.clprop.DECRYPTION_ALIASES[i] = (String) this.p.get(new StringBuffer().append(WSSAttributeType.REQUESTER_DEC_ALIAS).append(i + 1).toString());
                    this.clprop.DECRYPTION_KEYPASSES[i] = (String) this.p.get(new StringBuffer().append(WSSAttributeType.REQUESTER_DEC_PASS).append(i + 1).toString());
                    this.clprop.DECRYPTION_NAMES[i] = (String) this.p.get(new StringBuffer().append(WSSAttributeType.REQUESTER_DEC_DNAME).append(i + 1).toString());
                }
            }
        }
        this.svprop.KEYSTORE_CONTENTS = (String) this.p.get(WSSAttributeType.RESPONDER_KEYSTORE_FILE);
        this.svprop.KEYSTORE_PASSWORD = (String) this.p.get(WSSAttributeType.RESPONDER_KEYSTORE_PASS);
        if (this.svprop.KEYSTORE_CONTENTS != null && this.svprop.KEYSTORE_CONTENTS.length() > 0 && this.svprop.KEYSTORE_PASSWORD != null && this.svprop.KEYSTORE_PASSWORD.length() > 0) {
            this.svprop.isKeystore = true;
            try {
                this.svprop.keystoreValue = PrimitiveSerializer.decode_base64(this.svprop.KEYSTORE_CONTENTS.getBytes());
            } catch (Exception e2) {
            }
        }
        this.svprop.LOGIN_USERNAME = (String) this.p.get(WSSAttributeType.RESPONDER_LOGIN_UNAME);
        this.svprop.LOGIN_PASSWORD = (String) this.p.get(WSSAttributeType.RESPONDER_LOGIN_PASS);
        if (this.svprop.LOGIN_USERNAME != null && this.svprop.LOGIN_USERNAME.length() > 0 && this.svprop.LOGIN_PASSWORD != null && this.svprop.LOGIN_PASSWORD.length() > 0) {
            this.svprop.isLogin = true;
        }
        this.svprop.SIGNATURE_ALGORITHM = (String) this.p.get(WSSAttributeType.RESPONDER_SIG_ALG);
        this.svprop.DIGEST_ALGORITHM = (String) this.p.get(WSSAttributeType.RESPONDER_DIGEST_ALG);
        this.svprop.SIGNATURE_ALIAS = (String) this.p.get(WSSAttributeType.RESPONDER_SIG_ALIAS);
        this.svprop.SIGNATURE_KEYPASS = (String) this.p.get(WSSAttributeType.RESPONDER_SIG_PASS);
        if (this.svprop.SIGNATURE_ALGORITHM != null && this.svprop.SIGNATURE_ALGORITHM.length() > 0 && this.svprop.SIGNATURE_ALIAS != null && this.svprop.SIGNATURE_ALIAS.length() > 0 && this.svprop.SIGNATURE_KEYPASS != null && this.svprop.SIGNATURE_KEYPASS.length() > 0) {
            this.svprop.isSignature = true;
        }
        this.svprop.ENCRYPTION_ALIAS = (String) this.p.get(WSSAttributeType.RESPONDER_ENC_ALIAS);
        this.svprop.ENCRYPTION_KEYPASS = (String) this.p.get(WSSAttributeType.RESPONDER_ENC_PASS);
        this.svprop.ENCRYPTION_NAME = (String) this.p.get(WSSAttributeType.RESPONDER_ENC_DNAME);
        this.svprop.ENCRYPTION_DATA_ENCRYPTION_ALGORITHM = (String) this.p.get(WSSAttributeType.RESPONDER_ENC_DATA_ALG);
        this.svprop.ENCRYPTION_KEY_ENCRYPTION_ALGORITHM = (String) this.p.get(WSSAttributeType.RESPONDER_ENC_KEY_ALG);
        if (this.svprop.ENCRYPTION_ALIAS != null && this.svprop.ENCRYPTION_ALIAS.length() > 0) {
            this.svprop.isEncryption = true;
        }
        String str2 = (String) this.p.get(WSSAttributeType.RESPONDER_DEC_KEY_NUM);
        if (str2 != null) {
            this.svprop.numDecryptionKeys = Integer.parseInt(str2);
            if (this.svprop.numDecryptionKeys > 0) {
                this.svprop.DECRYPTION_ALIASES = new String[this.svprop.numDecryptionKeys];
                this.svprop.DECRYPTION_KEYPASSES = new String[this.svprop.numDecryptionKeys];
                this.svprop.DECRYPTION_NAMES = new String[this.svprop.numDecryptionKeys];
                for (int i2 = 0; i2 < this.svprop.numDecryptionKeys; i2++) {
                    this.svprop.DECRYPTION_ALIASES[i2] = (String) this.p.get(new StringBuffer().append(WSSAttributeType.RESPONDER_DEC_ALIAS).append(i2 + 1).toString());
                    this.svprop.DECRYPTION_KEYPASSES[i2] = (String) this.p.get(new StringBuffer().append(WSSAttributeType.RESPONDER_DEC_PASS).append(i2 + 1).toString());
                    this.svprop.DECRYPTION_NAMES[i2] = (String) this.p.get(new StringBuffer().append(WSSAttributeType.RESPONDER_DEC_DNAME).append(i2 + 1).toString());
                }
            }
        }
    }

    @Override // com.ibm.pvcws.wss.WSSConfig
    public SecurityParameter getConfiguration(WSSFactory wSSFactory) throws WSSException {
        if (this.isResponder) {
            this.prop = this.svprop;
        } else {
            this.prop = this.clprop;
        }
        if (this.prop.isKeystore) {
            setKeyStoreConfiguration(wSSFactory);
        }
        setCallbackConfiguration(wSSFactory);
        _config = setWSSConfiguration(wSSFactory);
        return _config;
    }

    private SecurityParameter setWSSConfiguration(WSSFactory wSSFactory) throws WSSException {
        SecurityParamImpl securityParamImpl = SecurityParamImpl.getInstance(wSSFactory.getConstants());
        setTimestampConfiguration(securityParamImpl);
        if (this.prop.isKeystore) {
            setOperationConfiguration(wSSFactory, securityParamImpl, null);
        }
        if (this.prop.isLogin) {
            setLoginConfiguration(wSSFactory, securityParamImpl);
        }
        return securityParamImpl;
    }

    private void setKeyStoreConfiguration(WSSFactory wSSFactory) throws WSSException {
        KeyStoreSupport keyStore = wSSFactory.getKeyStore();
        keyStore.load(new ByteArrayInputStream(this.prop.keystoreValue), this.prop.KEYSTORE_PASSWORD);
        if (this.prop.isEncryption) {
            keyStore.addMapping(this.prop.ENCRYPTION_ALIAS, this.prop.ENCRYPTION_KEYPASS, this.prop.ENCRYPTION_NAME);
        }
        if (this.prop.DECRYPTION_ALIASES == null) {
            return;
        }
        for (int i = 0; i < this.prop.DECRYPTION_ALIASES.length; i++) {
            keyStore.addMapping(this.prop.DECRYPTION_ALIASES[i], this.prop.DECRYPTION_KEYPASSES[i], this.prop.DECRYPTION_NAMES[i]);
        }
    }

    private void setCallbackConfiguration(WSSFactory wSSFactory) throws WSSException {
    }

    private void setTimestampConfiguration(SecurityParamImpl securityParamImpl) throws WSSException {
        TimestampParamImpl timestampParamImpl = (TimestampParamImpl) securityParamImpl.getTimestamp();
        timestampParamImpl.setExsitence(true);
        try {
            timestampParamImpl.setExpires("0-1-0T0:0:0Z");
        } catch (NumberFormatException e) {
            throw new WSSException("FaultCode:200, number formatting failed.", e);
        }
    }

    private void setOperationConfiguration(WSSFactory wSSFactory, SecurityParamImpl securityParamImpl, STParameter sTParameter) throws WSSException {
        if (this.prop.isSignature) {
            setSignature(wSSFactory, securityParamImpl);
        }
        if (this.prop.isEncryption) {
            setEncryption(wSSFactory, securityParamImpl, sTParameter);
        }
    }

    private void setSignature(WSSFactory wSSFactory, SecurityParamImpl securityParamImpl) throws WSSException {
        KeyStoreSupport keyStore = wSSFactory.getKeyStore();
        SignatureParamImpl signatureParamImpl = (SignatureParamImpl) securityParamImpl.addSignature(null);
        byte[] encoded = keyStore.getCertificateByAlias(this.prop.SIGNATURE_ALIAS).getEncoded();
        X509BSTParamImpl x509BSTParamImpl = new X509BSTParamImpl(wSSFactory.getConstants());
        x509BSTParamImpl.setContent(encoded);
        x509BSTParamImpl.setEncoidngType(wSSFactory.getConstants().VALUE_BASE64BINARY);
        x509BSTParamImpl.setId(null);
        x509BSTParamImpl.setUsed(true);
        securityParamImpl.addSecurityToken(x509BSTParamImpl);
        signatureParamImpl.setSecToken(x509BSTParamImpl);
        if (this.prop.SIGNATURE_ALGORITHM.equals("http://www.w3.org/2000/09/xmldsig#rsa-sha1")) {
            signatureParamImpl.setSigningKey(keyStore.getKey(3, this.prop.SIGNATURE_ALIAS, this.prop.SIGNATURE_KEYPASS));
        } else {
            signatureParamImpl.setSigningKey(keyStore.getKey(1, this.prop.SIGNATURE_ALIAS, this.prop.SIGNATURE_KEYPASS));
        }
        WSSBasicHandler basicHandler = wSSFactory.getBasicHandler(this.prop.SIGNATURE_ALGORITHM);
        if (!(basicHandler instanceof SignatureHandler)) {
            throw new WSSException(new StringBuffer().append("FaultCode:200, not instanciation of signature basic handler [").append(this.prop.SIGNATURE_ALGORITHM).append("].").toString());
        }
        signatureParamImpl.setHandler((SignatureHandler) basicHandler);
        WSSBasicHandler basicHandler2 = wSSFactory.getBasicHandler(this.prop.DIGEST_ALGORITHM);
        if (!(basicHandler2 instanceof DigestHandler)) {
            throw new WSSException(new StringBuffer().append("FaultCode:200, not instanciation of digest basic handler [").append(this.prop.DIGEST_ALGORITHM).append("].").toString());
        }
        signatureParamImpl.addQName((DigestHandler) basicHandler2, Message.bodyName, 1);
        signatureParamImpl.addTimestamp((DigestHandler) basicHandler2);
    }

    private void setEncryption(WSSFactory wSSFactory, SecurityParamImpl securityParamImpl, STParameter sTParameter) throws WSSException {
        KeyStoreSupport keyStore = wSSFactory.getKeyStore();
        EncKeyParamImpl encKeyParamImpl = (EncKeyParamImpl) securityParamImpl.addEncreptedKey(null);
        WSSBasicHandler basicHandler = wSSFactory.getBasicHandler(this.prop.ENCRYPTION_KEY_ENCRYPTION_ALGORITHM);
        if (!(basicHandler instanceof EncryptionHandler)) {
            throw new WSSException(new StringBuffer().append("FaultCode:200, not instanciation of encryption basic handler [").append(this.prop.ENCRYPTION_KEY_ENCRYPTION_ALGORITHM).append("].").toString());
        }
        encKeyParamImpl.setHandler((EncryptionHandler) basicHandler);
        encKeyParamImpl.setKeyEncKey(keyStore.getKey(4, this.prop.ENCRYPTION_ALIAS, null));
        WSSBasicHandler basicHandler2 = wSSFactory.getBasicHandler(this.prop.ENCRYPTION_DATA_ENCRYPTION_ALGORITHM);
        if (!(basicHandler2 instanceof EncryptionHandler)) {
            throw new WSSException(new StringBuffer().append("FaultCode:200, not instanciation of encryption basic handler [").append(this.prop.ENCRYPTION_DATA_ENCRYPTION_ALGORITHM).append("].").toString());
        }
        encKeyParamImpl.setDataEncKey(((EncryptionHandler) basicHandler2).getGeneratedKey());
        encKeyParamImpl.addBodyContent((EncryptionHandler) basicHandler2);
        if (sTParameter != null) {
            encKeyParamImpl.addSecToken((EncryptionHandler) basicHandler2, sTParameter);
        }
    }

    private STParameter setLoginConfiguration(WSSFactory wSSFactory, SecurityParamImpl securityParamImpl) throws WSSException {
        UNTParamImpl uNTParamImpl = new UNTParamImpl(wSSFactory.getConstants());
        uNTParamImpl.setUsername(this.prop.LOGIN_USERNAME);
        uNTParamImpl.setPassword(this.prop.LOGIN_PASSWORD);
        uNTParamImpl.setId(null);
        uNTParamImpl.setUsed(false);
        securityParamImpl.addSecurityToken(uNTParamImpl);
        return uNTParamImpl;
    }
}
