package com.ibm.ws.wssecurity.saml.security.impl;

import com.ibm.ws.wssecurity.common.Constants;
import com.ibm.ws.wssecurity.platform.util.SAMLIssuerConfigData;
import com.ibm.ws.wssecurity.saml.common.util.MessageHelper;
import com.ibm.ws.wssecurity.trust.ext.client.base.TrustProperties;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.DOMUtils;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.wssapi.token.impl.KeyStoreManager;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.util.Base64;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNode;

/* loaded from: input_file:com/ibm/ws/wssecurity/saml/security/impl/KeyInfoUtil.class */
public class KeyInfoUtil {
    private static final String comp = "security.wssecurity";
    private static final TraceComponent tc = Tr.register(KeyInfoUtil.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final OMFactory omFactory = OMAbstractFactory.getOMFactory();
    public static final String Thumbprint = "Thumbprint";
    public static final String X509SKI = "X509SKI";
    public static final String X509SubjectName = "X509SubjectName";
    public static final String X509IssuerSerial = "X509IssuerSerial";
    public static final String X509Certificate = "X509Certificate";
    public static final String KeyValue = "KeyValue";

    public static OMElement createKeyInfo(String str, KeyStoreManager.KeyInformation keyInformation, OMElement oMElement) throws SoapSecurityException {
        OMElement createOMElement;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createKeyInfo");
        }
        OMFactory oMFactory = omFactory;
        if (oMElement != null) {
            oMFactory = oMElement.getOMFactory();
        }
        if (oMElement == null) {
            createOMElement = oMFactory.createOMElement("KeyInfo", "http://www.w3.org/2000/09/xmldsig#", "ds");
            createOMElement.declareNamespace("http://www.w3.org/2000/09/xmldsig#", "ds");
        } else {
            createOMElement = oMFactory.createOMElement("KeyInfo", "http://www.w3.org/2000/09/xmldsig#", "ds");
        }
        createOMElement.addChild(createKeyInfoContent(str, null, keyInformation, oMElement));
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createKeyInfo");
        }
        return createOMElement;
    }

    public static OMElement createKeyInfoContent(String str, Key key, KeyStoreManager.KeyInformation keyInformation, OMElement oMElement) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createKeyInfoContent");
        }
        OMFactory oMFactory = omFactory;
        if (oMElement != null) {
            oMFactory = oMElement.getOMFactory();
        }
        OMElement oMElement2 = null;
        Key key2 = key;
        if (key2 == null) {
            key2 = keyInformation.getPublicOrSecretKey();
        }
        if (Thumbprint.equalsIgnoreCase(str)) {
            String str2 = Constants.NAMESPACES[0][0];
            oMElement2 = omFactory.createOMElement("SecurityTokenReference", str2, "wsse");
            oMElement2.declareNamespace(str2, "wsse");
            OMElement createOMElement = omFactory.createOMElement("KeyIdentifier", str2, "wsse");
            DOMUtils.setQNameAttr(createOMElement, null, "EncodingType", Constants.BASE64_BINARY, 0);
            DOMUtils.setQNameAttr(createOMElement, null, "ValueType", Constants.THUMBPRINTSHA1, 0);
            oMElement2.addChild(createOMElement);
            createOMElement.addChild(omFactory.createOMText(keyInformation.getB64Thumbprint()));
        } else if ("KeyValue".equalsIgnoreCase(str)) {
            OMElement createOMElement2 = omFactory.createOMElement("KeyValue", "http://www.w3.org/2000/09/xmldsig#", "ds");
            if (!instanceOf(key2, "java.security.interfaces.RSAPublicKey")) {
                Tr.error(tc, "Not a RSAPublicKey. Invalid Key type.");
                throw new RuntimeException("KeyValue Type Not Implemented.");
            }
            RSAPublicKey rSAPublicKey = (RSAPublicKey) key2;
            OMElement createOMElement3 = omFactory.createOMElement("RSAKeyValue", "http://www.w3.org/2000/09/xmldsig#", "ds");
            createOMElement3.addChild(DOMUtil.createTextElementNS(omFactory, createOMElement3, "Modulus", encodeBigInteger(rSAPublicKey.getModulus())));
            createOMElement3.addChild(DOMUtil.createTextElementNS(omFactory, createOMElement3, "Exponent", encodeBigInteger(rSAPublicKey.getPublicExponent())));
            createOMElement2.addChild(createOMElement3);
            oMElement2 = createOMElement2;
        } else if ("X509IssuerSerial".equalsIgnoreCase(str)) {
            String str3 = Constants.NS_DSIG;
            OMElement createOMElement4 = oMFactory.createOMElement("X509Data", str3, "ds");
            OMElement createOMElement5 = oMFactory.createOMElement("X509IssuerSerial", str3, "ds");
            createOMElement4.addChild(createOMElement5);
            OMElement createOMElement6 = oMFactory.createOMElement(TrustProperties.LocalNames.ds.X509IssuerName, str3, "ds");
            createOMElement5.addChild(createOMElement6);
            createOMElement6.addChild(oMFactory.createOMText(keyInformation.getIssuerDN()));
            OMElement createOMElement7 = oMFactory.createOMElement(TrustProperties.LocalNames.ds.X509SerialNumber, str3, "ds");
            createOMElement5.addChild(createOMElement7);
            createOMElement7.addChild(oMFactory.createOMText(keyInformation.getIssuerSerial()));
            oMElement2 = createOMElement4;
        } else if (X509SKI.equalsIgnoreCase(str)) {
            String str4 = Constants.NS_DSIG;
            OMElement createOMElement8 = oMFactory.createOMElement("X509Data", str4, "ds");
            OMElement createOMElement9 = oMFactory.createOMElement(X509SKI, str4, "ds");
            createOMElement8.addChild(createOMElement9);
            createOMElement9.addChild(oMFactory.createOMText(keyInformation.getB64KeyId()));
            oMElement2 = createOMElement8;
        } else if (X509SubjectName.equalsIgnoreCase(str)) {
            String str5 = Constants.NS_DSIG;
            OMElement createOMElement10 = oMFactory.createOMElement("X509Data", str5, "ds");
            OMElement createOMElement11 = oMFactory.createOMElement(X509SubjectName, str5, "ds");
            createOMElement10.addChild(createOMElement11);
            createOMElement11.addChild(oMFactory.createOMText(keyInformation.getSubjectDN()));
            oMElement2 = createOMElement10;
        } else if ("X509Certificate".equalsIgnoreCase(str)) {
            String str6 = Constants.NS_DSIG;
            OMElement createOMElement12 = oMFactory.createOMElement("X509Data", str6, "ds");
            OMElement createOMElement13 = oMFactory.createOMElement("X509Certificate", str6, "ds");
            createOMElement12.addChild(createOMElement13);
            try {
                createOMElement13.addChild(oMFactory.createOMText(Base64.encode(keyInformation.getCertificate().getEncoded())));
                oMElement2 = createOMElement12;
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception: [" + e + "]");
                }
                throw new SoapSecurityException(e);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createKeyInfoContent returns [" + ConfigUtil.getObjState(oMElement2) + "]");
        }
        return oMElement2;
    }

    public static Key getKey(KeyStoreManager.KeyInformation keyInformation, OMElement oMElement, boolean z) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getKey keyInfoElm keyInformation[" + ConfigUtil.getObjState(keyInformation) + "] keyInfoElm[" + com.ibm.ws.wssecurity.util.DOMUtil.getDisplayName((OMNode) oMElement) + "] verify[" + z + "]");
        }
        try {
            String b64Thumbprint = keyInformation.getB64Thumbprint();
            String b64KeyId = keyInformation.getB64KeyId();
            String subjectDN = keyInformation.getSubjectDN();
            String str = keyInformation.getIssuerDN() + keyInformation.getIssuerSerial();
            Certificate certificate = keyInformation.getCertificate();
            String encode = Base64.encode(certificate.getEncoded());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "From KeyInformation: thumbprint[" + b64Thumbprint + "] subjectKeyId[" + b64KeyId + "] subjectname[" + subjectDN + "] issuer[" + str + "] cert[" + ConfigUtil.getObjState(certificate) + "] x509Cert[" + encode + "] ");
            }
            boolean z2 = false;
            boolean z3 = false;
            if (oMElement == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "keyInfoElm is null.  Setting match=true");
                }
                z2 = true;
                z3 = true;
            } else {
                OMNode firstChild2 = DOMUtil.getFirstChild2(oMElement);
                while (true) {
                    if (firstChild2 == null) {
                        break;
                    }
                    if (firstChild2.getType() == 1) {
                        OMElement oMElement2 = (OMElement) firstChild2;
                        if (!isDsigElement(oMElement2)) {
                            OMNode firstOMChild = oMElement2.getFirstOMChild();
                            while (true) {
                                if (firstOMChild == null) {
                                    break;
                                }
                                if (firstOMChild.getType() == 1 && isDsigElement((OMElement) firstOMChild)) {
                                    oMElement2 = (OMElement) firstOMChild;
                                    break;
                                }
                                firstOMChild = DOMUtil.getNextSibling2(firstOMChild);
                            }
                            if (oMElement2 == null) {
                                continue;
                            } else if (!isDsigElement(oMElement2)) {
                            }
                        }
                        if (isDsigElement(oMElement2, "KeyValue")) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Processing KeyValue");
                            }
                            z3 = true;
                            if (Base64.encode(ProcessKey.createKey(oMElement2).getEncoded()).equals(Base64.encode(keyInformation.getPublicOrSecretKey().getEncoded()))) {
                                z2 = true;
                                break;
                            }
                        } else if (isDsigElement(oMElement2, "X509Data")) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Processing X509Data");
                            }
                            OMNode firstChild22 = DOMUtil.getFirstChild2(oMElement2);
                            while (true) {
                                if (firstChild22 == null) {
                                    break;
                                }
                                if (firstChild22.getType() == 1) {
                                    OMElement oMElement3 = (OMElement) firstChild22;
                                    if (isDsigElement(oMElement3)) {
                                        if (isDsigElement(oMElement3, "X509Certificate")) {
                                            z3 = true;
                                            String stringValue = DOMUtils.getStringValue(oMElement3);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "X509Certificate=" + stringValue);
                                            }
                                            if (encode.equals(stringValue)) {
                                                if (tc.isDebugEnabled()) {
                                                    Tr.debug(tc, "x509Cert matches exactly");
                                                }
                                                z2 = true;
                                            } else {
                                                if (tc.isDebugEnabled()) {
                                                    Tr.debug(tc, "x509Cert does not match, attempting decode/encode");
                                                }
                                                if (encode.equals(Base64.encode(Base64.decode(stringValue)))) {
                                                    if (tc.isDebugEnabled()) {
                                                        Tr.debug(tc, "x509Cert matches re-encoded cert");
                                                    }
                                                    z2 = true;
                                                }
                                            }
                                        } else if (isDsigElement(oMElement3, "X509IssuerSerial")) {
                                            z3 = true;
                                            String stringValue2 = DOMUtils.getStringValue(oMElement3);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "X509IssuerSerial=" + stringValue2);
                                            }
                                            if (str.replace(" ", "").equals(stringValue2.replace(" ", ""))) {
                                                z2 = true;
                                                break;
                                            }
                                        } else if (isDsigElement(oMElement3, X509SKI)) {
                                            z3 = true;
                                            String stringValue3 = DOMUtils.getStringValue(oMElement3);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "X509SKI=" + stringValue3);
                                            }
                                            if (b64KeyId.equals(stringValue3)) {
                                                z2 = true;
                                                break;
                                            }
                                        } else if (isDsigElement(oMElement3, X509SubjectName)) {
                                            z3 = true;
                                            String stringValue4 = DOMUtils.getStringValue(oMElement3);
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "X509SubjectName=" + stringValue4);
                                            }
                                            if (subjectDN.replace(" ", "").equals(stringValue4.replace(" ", ""))) {
                                                z2 = true;
                                                break;
                                            }
                                        } else {
                                            continue;
                                        }
                                    }
                                }
                                firstChild22 = DOMUtil.getNextSibling2(firstChild22);
                            }
                        } else if (isDsigElement(oMElement2, SAMLIssuerConfigData.KEY_NAME)) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Processing KeyName");
                            }
                            z3 = true;
                            String stringValue5 = DOMUtils.getStringValue(oMElement2);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "KeyName=" + stringValue5);
                            }
                            if (subjectDN.replace(" ", "").equals(stringValue5.replace(" ", ""))) {
                                z2 = true;
                                break;
                            }
                        } else {
                            continue;
                        }
                    }
                    firstChild2 = DOMUtil.getNextSibling2(firstChild2);
                }
            }
            if (!z3) {
                processErrors(oMElement);
            }
            if (z2) {
                Key publicOrSecretKey = z ? keyInformation.getPublicOrSecretKey() : keyInformation.getPrivateOrSecretKey();
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getKey returns [" + ConfigUtil.getObjState(publicOrSecretKey) + "]");
                }
                return publicOrSecretKey;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "KeyInfo does not match Key defined in Bindings for " + keyInformation.getSubjectDN());
            }
            String message = MessageHelper.getMessage("security.wssecurity.CWSML7028E", new String[]{keyInformation.getSubjectDN()});
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, message);
            }
            throw SoapSecurityException.format(message);
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Fail to resolve KeyInfo: " + e.getMessage());
            }
            throw SoapSecurityException.format("security.wssecurity.WSEC7074E", e);
        }
    }

    public static Key extractKey(OMElement oMElement, HashMap hashMap) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "extractKey");
        }
        Key key = null;
        try {
            OMNode firstChild2 = DOMUtil.getFirstChild2(oMElement);
            while (firstChild2 != null) {
                if (firstChild2.getType() == 1) {
                    OMElement oMElement2 = (OMElement) firstChild2;
                    if (!isDsigElement(oMElement2)) {
                        while (firstChild2 != null) {
                            firstChild2 = oMElement2.getFirstOMChild();
                            if (firstChild2.getType() == 1) {
                                oMElement2 = (OMElement) firstChild2;
                                if (isDsigElement(oMElement2)) {
                                    break;
                                }
                            }
                        }
                        if (oMElement2 != null) {
                            if (!isDsigElement(oMElement2)) {
                            }
                        }
                    }
                    String localName = oMElement2.getLocalName();
                    if ("KeyValue".equals(localName)) {
                        key = ProcessKey.createKey(oMElement2);
                    } else if ("X509Data".equals(localName)) {
                        for (OMNode firstChild22 = DOMUtil.getFirstChild2(oMElement2); firstChild22 != null; firstChild22 = DOMUtil.getNextSibling2(firstChild22)) {
                            if (firstChild22.getType() == 1) {
                                OMElement oMElement3 = (OMElement) firstChild22;
                                if (isDsigElement(oMElement3) && isDsigElement(oMElement3, "X509Certificate")) {
                                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(DOMUtil.getStringValue(oMElement2))));
                                    key = KeyStoreManager.getInstance().getKeyInformation(x509Certificate).getPublicOrSecretKey();
                                    hashMap.put(SAMLSignatureVerification.X509CERTIFICATE, x509Certificate);
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "Extract key for " + x509Certificate.getSubjectDN().getName());
                                    }
                                }
                            }
                        }
                    } else {
                        firstChild2 = oMElement2.getFirstOMChild();
                    }
                }
                firstChild2 = DOMUtil.getNextSibling2(firstChild2);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "extractKey returns [" + ConfigUtil.getObjState(key) + "]");
            }
            return key;
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Fail  to resolve KeyInfo:" + e.getMessage());
            }
            throw new SoapSecurityException(e);
        }
    }

    public static final boolean isDsigElement(OMElement oMElement) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isDsigElement element[" + com.ibm.ws.wssecurity.util.DOMUtil.getDisplayName((OMNode) oMElement) + "]");
        }
        boolean z = false;
        String name = oMElement.getNamespace() == null ? null : oMElement.getNamespace().getName();
        if (name != null) {
            z = name.equals("http://www.w3.org/2000/09/xmldsig#");
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isDsigElement returns [" + z + "]");
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final boolean isDsigElement(OMElement oMElement, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isDsigElement element[" + com.ibm.ws.wssecurity.util.DOMUtil.getDisplayName((OMNode) oMElement) + "], localPart[" + str + "]");
        }
        boolean z = false;
        String name = oMElement.getNamespace() == null ? null : oMElement.getNamespace().getName();
        if (name != null) {
            z = name.equals("http://www.w3.org/2000/09/xmldsig#") && oMElement.getLocalName().equals(str);
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isDsigElement returns [" + z + "]");
        }
        return z;
    }

    private static boolean matchClass(Class cls, String str) {
        if (cls.getName().equals(str)) {
            return true;
        }
        Class superclass = cls.getSuperclass();
        if (superclass != null && matchClass(superclass, str)) {
            return true;
        }
        for (Class<?> cls2 : cls.getInterfaces()) {
            if (matchClass(cls2, str)) {
                return true;
            }
        }
        return false;
    }

    private static boolean instanceOf(Object obj, String str) {
        return matchClass(obj.getClass(), str);
    }

    private static String encodeBigInteger(BigInteger bigInteger) {
        byte[] byteArray = bigInteger.toByteArray();
        int i = 0;
        while (byteArray[i] == 0) {
            i++;
        }
        return Base64.encode(byteArray, i, byteArray.length - i);
    }

    private static void processErrors(OMElement oMElement) throws SoapSecurityException {
        String str = null;
        if (checkForElement(oMElement, ConfigUtil.getWsseNamespace(), "KeyIdentifier") != null) {
            str = "KeyIdentifier";
        }
        if (checkForElement(oMElement, "http://www.w3.org/2000/09/xmldsig#", "RetrievalMethod") != null) {
            str = "RetrievalMethod";
        }
        if (str != null && checkForElement(oMElement, "http://www.w3.org/2000/09/xmldsig#", "PGPData") != null) {
            str = "PGPData";
        }
        if (str != null && checkForElement(oMElement, "http://www.w3.org/2000/09/xmldsig#", "SPKIData") != null) {
            str = "SPKIData";
        }
        if (str != null && checkForElement(oMElement, "http://www.w3.org/2000/09/xmldsig#", "MgmtData") != null) {
            str = "MgmtData";
        }
        if (str != null) {
            String message = MessageHelper.getMessage("security.wssecurity.CWSML7025E", new String[]{str, getSupportedKeyInfoList()});
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, str + " is not allowed");
                Tr.debug(tc, message);
            }
            throw SoapSecurityException.format(message);
        }
        OMElement checkForElement = checkForElement(oMElement, "http://www.w3.org/2000/09/xmldsig#", "X509Data");
        if (checkForElement != null) {
            OMNode firstChild2 = DOMUtil.getFirstChild2(checkForElement);
            while (true) {
                OMNode oMNode = firstChild2;
                if (oMNode == null) {
                    break;
                }
                if (oMNode.getType() == 1) {
                    String message2 = MessageHelper.getMessage("security.wssecurity.CWSML7026E", new String[]{com.ibm.ws.wssecurity.util.DOMUtil.getDisplayName(oMNode, false), getSupportedX509DataList()});
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, message2);
                    }
                    throw SoapSecurityException.format(message2);
                }
                firstChild2 = DOMUtil.getNextSibling2(oMNode);
            }
        }
        OMElement checkForElement2 = checkForElement(oMElement, ConfigUtil.getWsseNamespace(), "SecurityTokenReference");
        if (checkForElement2 != null) {
            OMNode firstChild22 = DOMUtil.getFirstChild2(checkForElement2);
            while (true) {
                OMNode oMNode2 = firstChild22;
                if (oMNode2 == null) {
                    break;
                }
                if (oMNode2.getType() == 1) {
                    String message3 = MessageHelper.getMessage("security.wssecurity.CWSML7027E", new String[]{com.ibm.ws.wssecurity.util.DOMUtil.getDisplayName(oMNode2, false), getSupportedKeyInfoList()});
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "SecurityTokenReference/" + com.ibm.ws.wssecurity.util.DOMUtil.getDisplayName(oMNode2, false) + " is not allowed");
                        Tr.debug(tc, message3);
                    }
                    throw SoapSecurityException.format(message3);
                }
                firstChild22 = DOMUtil.getNextSibling2(oMNode2);
            }
        }
        OMNode firstChild23 = DOMUtil.getFirstChild2(oMElement);
        while (true) {
            OMNode oMNode3 = firstChild23;
            if (oMNode3 == null) {
                return;
            }
            if (oMNode3.getType() == 1) {
                String message4 = MessageHelper.getMessage("security.wssecurity.CWSML7025E", new String[]{com.ibm.ws.wssecurity.util.DOMUtil.getDisplayName(oMNode3, false), getSupportedKeyInfoList()});
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, message4);
                }
                throw SoapSecurityException.format(message4);
            }
            firstChild23 = DOMUtil.getNextSibling2(oMNode3);
        }
    }

    private static OMElement checkForElement(OMElement oMElement, String str, String str2) {
        OMElement oMElement2 = null;
        try {
            oMElement2 = DOMUtils.getOneChildElement(oMElement, str, str2);
        } catch (Exception e) {
        }
        return oMElement2;
    }

    private static String getSupportedKeyInfoList() {
        return "X509Data, KeyName, KeyValue";
    }

    private static String getSupportedX509DataList() {
        return "X509Certificate, X509IssuerSerial, X509SubjectName, X509SKI";
    }
}
