package com.ibm.ws.wssecurity.util;

import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.wssecurity.common.Constants0;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import java.security.Security;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Set;
import org.apache.axiom.om.OMDocument;
import org.apache.axiom.om.OMElement;

/* loaded from: input_file:com/ibm/ws/wssecurity/util/ConfigValidation.class */
public final class ConfigValidation {
    protected final Set allowedEncAlgos = new HashSet();
    protected final Set allowedKeyEncAlgos = new HashSet();
    protected final Set allowedC14nAlgos = new HashSet();
    protected final Set allowedSignAlgos = new HashSet();
    protected final Set allowedDigestAlgos = new HashSet();
    private static final String comp = "security.wssecurity";
    private static String isFipsEnabled = null;
    private static String fipsLevel = null;
    private static boolean rsaoaepInitialized = false;
    private static boolean rsaoaepSupported = false;
    private static byte[] lock = new byte[0];
    private static final String clsName = ConfigValidation.class.getName();
    private static final TraceComponent tc = Tr.register(ConfigValidation.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");

    public ConfigValidation() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "ConfigValidation()");
        }
        init();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "ConfigValidation()");
        }
    }

    private void init() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "init()");
        }
        processAllowedAlgorithms(DOMUtil.getConfigValidation());
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "init()");
        }
    }

    private void addToSet(OMDocument oMDocument, String str, Set set) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addToSet(" + oMDocument + ", " + str + ", " + set + ")");
        }
        ArrayList elementsByTagNameNS = DOMUtil.getElementsByTagNameNS(oMDocument.getOMDocumentElement(), Constants0.NS_PRIVATECONFIG, str);
        int size = elementsByTagNameNS.size();
        if (size != 0) {
            for (int i = 0; i < size; i++) {
                try {
                    set.add(DOMUtil.getAttribute((OMElement) elementsByTagNameNS.get(i), "algorithm"));
                } catch (SoapSecurityException e) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "\"algorithm\" attribute not found in \"" + str + "\" element.");
                    }
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Allowed " + str + " set: ", new Object[]{set});
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "No allowed " + str + " elements found.");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addToSet()");
        }
    }

    protected void processAllowedAlgorithms(OMDocument oMDocument) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processAllowedAlgorithms(" + oMDocument + ")");
        }
        if (oMDocument == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Allowed Algorithms Document is null, exiting.");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "processAllowedAlgorithms()");
                return;
            }
            return;
        }
        if (isFipsEnabled()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "isFipsEnabled() is true; getting FIPS algorithms");
            }
            addToSet(oMDocument, "fipsEncryptionMethod", this.allowedEncAlgos);
            addToSet(oMDocument, "fipsKeyEncryptionMethod", this.allowedKeyEncAlgos);
            addToSet(oMDocument, "fipsSignatureMethod", this.allowedSignAlgos);
            addToSet(oMDocument, "fipsDigestMethod", this.allowedDigestAlgos);
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "isFipsEnabled() is false; getting non-FIPS algorithms");
            }
            addToSet(oMDocument, "encryptionMethod", this.allowedEncAlgos);
            addToSet(oMDocument, "keyEncryptionMethod", this.allowedKeyEncAlgos);
            addToSet(oMDocument, "signatureMethod", this.allowedSignAlgos);
            addToSet(oMDocument, "digestMethod", this.allowedDigestAlgos);
        }
        addToSet(oMDocument, "canonicalizationMethod", this.allowedC14nAlgos);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processAllowedAlgorithms()");
        }
    }

    protected boolean encryptionMethodValid(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "encryptionMethodValid(" + str + ")");
        }
        boolean contains = this.allowedEncAlgos.contains(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "encryptionMethodValid() returns " + contains);
        }
        return contains;
    }

    protected boolean keyEncryptionMethodValid(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "keyEncryptionMethodValid(" + str + ")");
        }
        boolean contains = this.allowedKeyEncAlgos.contains(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "keyEncryptionMethodValid() returns " + contains);
        }
        return contains;
    }

    protected boolean canonicalizationMethodValid(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "canonicalizationMethodValid(" + str + ")");
        }
        boolean contains = this.allowedC14nAlgos.contains(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "canonicalizationMethodValid() returns " + contains);
        }
        return contains;
    }

    protected boolean signatureMethodValid(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "signatureMethodValid(" + str + ")");
        }
        boolean contains = this.allowedSignAlgos.contains(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "signatureMethodValid() returns " + contains);
        }
        return contains;
    }

    protected boolean digestMethodValid(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "digestMethodValid(" + str + ")");
        }
        boolean contains = this.allowedDigestAlgos.contains(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "digestMethodValid() returns " + contains);
        }
        return contains;
    }

    public static boolean isFipsEnabled() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isFipsEnabled");
        }
        if (isFipsEnabled == null) {
            isFipsEnabled = Security.getProperty(Constants.FIPS_ENABLED);
            if (isFipsEnabled == null || !isFipsEnabled.equalsIgnoreCase("true")) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Read java.security.Security property; FIPS mode is not enabled");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Read java.security.Security property; FIPS mode is enabled");
            }
        }
        if (isFipsEnabled != null && isFipsEnabled.equalsIgnoreCase("true")) {
            if (!tc.isEntryEnabled()) {
                return true;
            }
            Tr.exit(tc, "isFipsEnabled -> true");
            return true;
        }
        isFipsEnabled = "false";
        if (!tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "isFipsEnabled -> false");
        return false;
    }

    public static String getFipsLevel() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getFipsLevel");
        }
        if (fipsLevel == null) {
            fipsLevel = Security.getProperty(Constants.COM_IBM_WEBSPHERE_SECURITY_FIPS_LEVEL);
            if (fipsLevel == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Read java.security.Security property; FIPS Level is not set");
                }
                fipsLevel = "false";
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Read java.security.Security property; FIPS Level = " + fipsLevel);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Read java.security.Security property; FIPS Level = " + fipsLevel);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getFipsLevel returns :" + fipsLevel);
        }
        return fipsLevel;
    }

    public static boolean isAlgoSupportedByRuntime(String str) {
        boolean z = true;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isAlgoSupportedByRuntime(String algo[" + str + "])");
        }
        if ("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p".equals(str)) {
            z = isRsaoaepSupported(str);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isAlgoSupportedByRuntime returns " + z);
        }
        return z;
    }

    /* JADX WARN: Removed duplicated region for block: B:34:0x0199 A[Catch: all -> 0x01ab, TryCatch #1 {, blocks: (B:15:0x0049, B:17:0x005b, B:20:0x006e, B:22:0x0075, B:24:0x007c, B:26:0x0082, B:28:0x00ac, B:46:0x00d4, B:48:0x00df, B:32:0x0193, B:34:0x0199, B:35:0x01a2, B:36:0x01a7, B:54:0x0112, B:56:0x013a, B:60:0x015d, B:62:0x0168), top: B:14:0x0049, inners: #0, #2 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static boolean isRsaoaepSupported(java.lang.String r5) {
        /*
            Method dump skipped, instructions count: 476
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.wssecurity.util.ConfigValidation.isRsaoaepSupported(java.lang.String):boolean");
    }
}
