package com.ibm.ws.wssecurity.saml.assertion.wssapi;

import com.ibm.ws.wssecurity.common.TraceLog;
import com.ibm.ws.wssecurity.saml.common.SAMLAssertion;
import com.ibm.ws.wssecurity.saml.config.impl.SamlConfigUtil;
import com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion;
import com.ibm.ws.wssecurity.saml.saml11.assertion.utils.SAMLVerifier;
import com.ibm.ws.wssecurity.saml.security.impl.SAMLSignatureVerification;
import com.ibm.ws.wssecurity.wssapi.token.impl.KeyStoreManager;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.saml.config.ConsumerConfig;
import java.security.KeyStore;
import java.security.cert.PKIXBuilderParameters;
import java.util.HashMap;
import org.apache.axiom.om.OMElement;

/* loaded from: input_file:com/ibm/ws/wssecurity/saml/assertion/wssapi/SAMLAssertionVerifier.class */
public class SAMLAssertionVerifier {
    private static final TraceLog log = new TraceLog(SAMLAssertionVerifier.class);

    public static boolean verifySAMLCondition(SAMLAssertion sAMLAssertion) {
        log.entry("verifySAMLCondition(SAMLAssertion)");
        boolean z = false;
        if (SAMLAssertion._saml_ns_qname.equals(sAMLAssertion.getAssertionQName())) {
            z = SAMLVerifier.verifySAMLCondition((Assertion) sAMLAssertion);
        } else if (SAMLAssertion._saml2_ns_qname.equals(sAMLAssertion.getAssertionQName())) {
            z = com.ibm.ws.wssecurity.saml.saml20.assertion.utils.SAMLVerifier.verifySAMLCondition((com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion) sAMLAssertion);
        }
        log.exit("verifySAMLCondition(SAMLAssertion): " + new Boolean(z).toString());
        return z;
    }

    public static boolean verifySAMLAssertion(SAMLAssertion sAMLAssertion) throws Exception {
        log.entry("verifySAMLAssertion(SAMLAssertion)");
        boolean z = false;
        if (SAMLAssertion._saml_ns_qname.equals(sAMLAssertion.getAssertionQName())) {
            z = SAMLVerifier.verifySAMLAssertion((Assertion) sAMLAssertion);
        } else if (SAMLAssertion._saml2_ns_qname.equals(sAMLAssertion.getAssertionQName())) {
            z = com.ibm.ws.wssecurity.saml.saml20.assertion.utils.SAMLVerifier.verifySAMLHeader((com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion) sAMLAssertion);
        }
        log.exit("verifySAMLAssertion(SAMLAssertion): " + new Boolean(z).toString());
        return z;
    }

    public static boolean verifySAMLSignature(OMElement oMElement, KeyStoreManager.KeyInformation keyInformation) throws SoapSecurityException {
        log.entry("verifySAMLSignature(OMElement, KeyInformation)");
        boolean verifySAMLSignature = verifySAMLSignature(oMElement, keyInformation, null, null);
        log.exit("verifySAMLSignature(OMElement, KeyInformation): " + verifySAMLSignature);
        return verifySAMLSignature;
    }

    public static boolean verifySAMLSignature(OMElement oMElement, KeyStoreManager.KeyInformation keyInformation, KeyStore keyStore, PKIXBuilderParameters pKIXBuilderParameters) throws SoapSecurityException {
        log.entry("verifySAMLSignature(OMElement, KeyInformation, KeyStore, PKIXBuilderParameters)");
        boolean verifySAMLSignature = verifySAMLSignature(oMElement, keyInformation, keyStore, pKIXBuilderParameters, new HashMap());
        log.exit("verifySAMLSignature(OMElement, KeyInformation, KeyStore, PKIXBuilderParameters): " + verifySAMLSignature);
        return verifySAMLSignature;
    }

    public static boolean verifySAMLSignature(OMElement oMElement, ConsumerConfig consumerConfig, HashMap hashMap) throws SoapSecurityException {
        log.entry("verifySAMLSignature(OMElement, ConsumerConfig, HashMap)");
        boolean verify = SAMLSignatureVerification.verify(oMElement, consumerConfig, hashMap);
        log.exit("verifySAMLSignature(OMElement, ConsumerConfig, HashMap): " + verify);
        return verify;
    }

    public static boolean verifySAMLSignature(OMElement oMElement, KeyStoreManager.KeyInformation keyInformation, KeyStore keyStore, PKIXBuilderParameters pKIXBuilderParameters, HashMap hashMap) throws SoapSecurityException {
        log.entry("verifySAMLSignature(OMElement, KeyInformation, KeyStore, PKIXBuilderParameters, HashMap)");
        boolean verify = SAMLSignatureVerification.verify(oMElement, keyInformation, keyStore, pKIXBuilderParameters, hashMap);
        log.exit("verifySAMLSignature(OMElement, KeyInformation, KeyStore, PKIXBuilderParameters, HashMap): " + verify);
        return verify;
    }

    public static boolean verifySAMLClaims(OMElement oMElement) {
        return true;
    }

    public static KeyStoreManager.KeyInformation getKeyInformationForVerification(ConsumerConfig consumerConfig) throws SoapSecurityException {
        log.entry("getKeyInformationForVerification(ConsumerConfig)");
        KeyStoreManager.KeyInformation trustKeyInformation = SamlConfigUtil.getTrustKeyInformation(consumerConfig);
        log.exit("getKeyInformationForVerification(ConsumerConfig)");
        return trustKeyInformation;
    }
}
