package jeus.webservices.jaxrpc.security;

import com.sun.xml.rpc.soap.message.SOAPMessageContext;
import com.tmax.axis.AxisFault;
import com.tmax.axis.Constants;
import com.tmax.org.apache.xml.security.utils.XMLUtils;
import com.tmax.ws.axis.security.WSJeusConstants;
import com.tmax.ws.axis.security.WSSAxisFault;
import com.tmax.ws.axis.security.util.AxisUtil;
import com.tmax.ws.security.SOAPConstants;
import com.tmax.ws.security.WSConstants;
import com.tmax.ws.security.WSEncryptionPart;
import com.tmax.ws.security.WSPasswordCallback;
import com.tmax.ws.security.WSSConfig;
import com.tmax.ws.security.WSSecurityEngine;
import com.tmax.ws.security.WSSecurityEngineResult;
import com.tmax.ws.security.WSSecurityException;
import com.tmax.ws.security.components.crypto.Crypto;
import com.tmax.ws.security.components.crypto.CryptoFactory;
import com.tmax.ws.security.components.crypto.WSSPasswordVerifier;
import com.tmax.ws.security.components.crypto.WSSSecretKeyInfo;
import com.tmax.ws.security.handler.WSHandlerConstants;
import com.tmax.ws.security.handler.WSHandlerResult;
import com.tmax.ws.security.message.WSAddTimestamp;
import com.tmax.ws.security.message.WSEncryptBody;
import com.tmax.ws.security.message.WSSAddBinarySecurityToken;
import com.tmax.ws.security.message.WSSAddUsernameToken;
import com.tmax.ws.security.message.WSSignEnvelope;
import com.tmax.ws.security.message.token.BinarySecurity;
import com.tmax.ws.security.util.StringUtil;
import com.tmax.ws.security.util.WSSecurityUtil;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Vector;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.rpc.JAXRPCException;
import javax.xml.rpc.handler.Handler;
import javax.xml.rpc.handler.HandlerInfo;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPHeaderElement;
import javax.xml.soap.SOAPMessage;
import javax.xml.transform.Source;
import javax.xml.transform.stream.StreamSource;
import jeus.security.base.DecryptionException;
import jeus.security.util.EncryptionUtil;
import jeus.security.util.LoggerUtil;
import jeus.util.logging.JeusLogger;
import jeus.util.message.JeusMessage_Security;
import jeus.util.message.JeusMessage_Webservices_SEC;
import jeus.webservices.wssecurity.WSSProperties;
import jeus.webservices.wssecurity.WSSUserInfo;
import org.w3c.dom.Document;
import org.w3c.dom.Node;

/* loaded from: input_file:jeus/webservices/jaxrpc/security/WSS4JHandler.class */
public class WSS4JHandler implements Handler {
    private HandlerInfo handlerInfo;
    public static final String DEPLOYMENT = "deployment";
    public static final String CLIENT_DEPLOYMENT = "client";
    public static final String SERVER_DEPLOYMENT = "server";
    static final String FLOW = "flow";
    static final String REQUEST_ONLY = "request-only";
    static final String RESPONSE_ONLY = "response-only";
    static final String ALLOW_FORM_OPTIMIZATION = "axis.form.optimization";
    static final WSSecurityEngine secEngine = WSSecurityEngine.getInstance();
    protected final JeusLogger logger = JeusLogger.getLogger("jeus.webservices.wss");
    private Hashtable recCryptos = new Hashtable();
    private Crypto recSigCrypto = null;
    private Crypto recDecCrypto = null;
    private Crypto recCrypto = null;
    WSSConfig wssConfig = WSSConfig.getNewInstance();
    private Hashtable senCryptos = new Hashtable();
    Crypto senCrypto = null;
    Crypto senSigCrypto = null;
    Crypto senEncCrypto = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jeus/webservices/jaxrpc/security/WSS4JHandler$ReceiverRequestData.class */
    public class ReceiverRequestData {
        MessageContext msgContext;

        private ReceiverRequestData() {
            this.msgContext = null;
        }

        void clear() {
            this.msgContext = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jeus/webservices/jaxrpc/security/WSS4JHandler$SenderRequestData.class */
    public class SenderRequestData {
        MessageContext msgContext;
        boolean noSerialization;
        SOAPConstants soapConstants;
        String actor;
        String username;
        String password;
        String pwType;
        String[] utElements;
        int sigKeyId;
        String sigAlgorithm;
        Vector signatureParts;
        int encKeyId;
        String encSymmAlgo;
        String encKeyTransport;
        String encUser;
        Vector encryptParts;
        X509Certificate encCert;
        int timeToLive;

        private SenderRequestData() {
            this.msgContext = null;
            this.noSerialization = false;
            this.soapConstants = null;
            this.actor = null;
            this.username = null;
            this.password = null;
            this.pwType = null;
            this.utElements = null;
            this.sigKeyId = 0;
            this.sigAlgorithm = null;
            this.signatureParts = new Vector();
            this.encKeyId = 0;
            this.encSymmAlgo = null;
            this.encKeyTransport = null;
            this.encUser = null;
            this.encryptParts = new Vector();
            this.encCert = null;
            this.timeToLive = 0;
        }

        void clear() {
            this.soapConstants = null;
            this.encUser = null;
            this.encKeyTransport = null;
            this.encSymmAlgo = null;
            this.sigAlgorithm = null;
            this.pwType = null;
            this.username = null;
            this.actor = null;
            this.signatureParts.clear();
            this.encryptParts.clear();
            this.encryptParts = null;
            this.signatureParts = null;
            this.encCert = null;
            this.utElements = null;
        }
    }

    public void init(HandlerInfo handlerInfo) {
        this.handlerInfo = handlerInfo;
        init_receiver();
        init_sender();
    }

    /* JADX WARN: Type inference failed for: r6v0, types: [java.lang.Throwable, com.tmax.axis.AxisFault] */
    private void init_receiver() {
        try {
            this.recCrypto = loadCrypto_receiver();
            String str = (String) getOption("receive.observeActionOrderAtReceiving");
            if (str != null && str.equals("false")) {
                this.wssConfig.setObserveActionOrderAtReceiving(false);
            }
            String str2 = (String) getOption("receive.signTimestamp");
            if (str2 == null || !str2.equals("true")) {
                this.wssConfig.setEnableSignatureConfirmation(false);
            } else {
                this.wssConfig.setEnableSignatureConfirmation(true);
            }
            String str3 = (String) getOption("receive.aberration");
            int i = 0;
            if (str3 != null) {
                try {
                    i = Integer.parseInt(str3);
                } catch (NumberFormatException e) {
                }
            }
            this.wssConfig.setAberration(i);
            String str4 = (String) getOption("receive.precision");
            int i2 = 0;
            if (str4 != null) {
                try {
                    i2 = Integer.parseInt(str4);
                } catch (NumberFormatException e2) {
                }
            }
            this.wssConfig.setPrecision(i2);
            String str5 = (String) getOption("receive.precisionInMilliseconds");
            if (str5 == null || !str5.equals("true")) {
                this.wssConfig.setPrecisionInMilliSeconds(false);
            } else {
                this.wssConfig.setPrecisionInMilliSeconds(true);
            }
        } catch (AxisFault e3) {
            this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", (Throwable) e3);
            e3.printStackTrace();
        }
    }

    protected Crypto loadCrypto_receiver() throws AxisFault {
        Crypto crypto;
        WSSProperties wSSProperties = (WSSProperties) getOption(WSJeusConstants.WSSPROPERTIES);
        if (wSSProperties != null) {
            Crypto crypto2 = (Crypto) this.recCryptos.get(wSSProperties.uniqueID());
            if (crypto2 != null) {
                return crypto2;
            }
            crypto = CryptoFactory.getInstance(wSSProperties);
            if (crypto == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllReceiver: Could not load keystore.");
                throw new AxisFault("WSDoAllReceiver: Could not load keystore.");
            }
            this.recCryptos.put(wSSProperties.uniqueID(), crypto);
        } else {
            crypto = (Crypto) this.recCryptos.get("com.tmax.ws.security.components.crypto.SecurityFWItf");
            if (crypto == null) {
                Hashtable hashtable = new Hashtable();
                hashtable.put(WSSProperties.CRYPTO_PROVIDER, "com.tmax.ws.security.components.crypto.SecurityFWItf");
                crypto = CryptoFactory.getInstance(hashtable);
                if (crypto == null) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllReceiver: Could not load keystore.");
                    throw new AxisFault("WSDoAllReceiver: Could not load keystore.");
                }
                this.recCryptos.put("com.tmax.ws.security.components.crypto.SecurityFWItf", crypto);
            }
        }
        return crypto;
    }

    private void init_sender() {
        try {
            this.senCrypto = loadCrypto_sender();
        } catch (AxisFault e) {
            e.printStackTrace();
        }
    }

    protected Crypto loadCrypto_sender() throws AxisFault {
        Crypto crypto;
        WSSProperties wSSProperties = (WSSProperties) getOption(WSJeusConstants.WSSPROPERTIES);
        if (wSSProperties != null) {
            Crypto crypto2 = (Crypto) this.senCryptos.get(wSSProperties.uniqueID());
            if (crypto2 != null) {
                return crypto2;
            }
            crypto = CryptoFactory.getInstance(wSSProperties);
            if (crypto == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Could not load Keystore used for signing.");
                throw new AxisFault("WSDoAllSender: Could not load Keystore used for signing.");
            }
            this.senCryptos.put(wSSProperties.uniqueID(), crypto);
        } else {
            crypto = (Crypto) this.senCryptos.get("com.tmax.ws.security.components.crypto.SecurityFWItf");
            if (crypto == null) {
                Hashtable hashtable = new Hashtable();
                hashtable.put(WSSProperties.CRYPTO_PROVIDER, "com.tmax.ws.security.components.crypto.SecurityFWItf");
                crypto = CryptoFactory.getInstance(hashtable);
                if (crypto == null) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Could not load Keystore used for signing.");
                    throw new AxisFault("WSDoAllSender: Could not load Keystore used.");
                }
                this.senCryptos.put("com.tmax.ws.security.components.crypto.SecurityFWItf", crypto);
            }
        }
        return crypto;
    }

    public void destroy() {
    }

    public QName[] getHeaders() {
        return this.handlerInfo.getHeaders();
    }

    public boolean handleRequest(MessageContext messageContext) {
        messageContext.setProperty(ALLOW_FORM_OPTIMIZATION, Boolean.TRUE);
        try {
            return processMessage(messageContext, true);
        } catch (WSSecurityException e) {
            throw new JAXRPCException(e);
        }
    }

    public boolean handleResponse(MessageContext messageContext) {
        messageContext.setProperty(ALLOW_FORM_OPTIMIZATION, Boolean.TRUE);
        try {
            return processMessage(messageContext, false);
        } catch (WSSecurityException e) {
            throw new JAXRPCException(e);
        }
    }

    public boolean handleFault(MessageContext messageContext) {
        return true;
    }

    public boolean processMessage(MessageContext messageContext, boolean z) throws WSSecurityException {
        String str = (String) getOption("deployment");
        String str2 = str;
        if (str == null) {
            str2 = (String) messageContext.getProperty("deployment");
        }
        if (str2 == null) {
            throw new JAXRPCException("WSS4JHandler.processMessage: No deployment defined");
        }
        String str3 = (String) getOption(FLOW);
        String str4 = str3;
        if (str3 == null) {
            str4 = (String) messageContext.getProperty(FLOW);
        }
        if (str4 == null) {
            str4 = "";
        }
        boolean z2 = (z && !str4.equals(RESPONSE_ONLY)) || !(z || str4.equals(REQUEST_ONLY));
        if (str2.equals(CLIENT_DEPLOYMENT) ^ z) {
            if (z2) {
                return doReceiver(messageContext, z);
            }
            return true;
        }
        if (z2) {
            return doSender(messageContext, z);
        }
        return true;
    }

    public boolean doSender(MessageContext messageContext, boolean z) throws WSSecurityException {
        messageContext.setProperty("jeus.webservices.ws.security.send.enable", Boolean.TRUE);
        SenderRequestData senderRequestData = new SenderRequestData();
        senderRequestData.noSerialization = false;
        senderRequestData.msgContext = messageContext;
        try {
            try {
                Vector vector = new Vector();
                String str = (String) getOption("send.action");
                String str2 = str;
                if (str == null) {
                    str2 = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.ACTION);
                }
                if (str2 == null) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: No action defined");
                    throw new WSSAxisFault("WSDoAllSender: No action defined");
                }
                int decodeAction = AxisUtil.decodeAction(str2, vector);
                if (decodeAction == 0) {
                    return true;
                }
                boolean decodeMustUnderstand_sender = decodeMustUnderstand_sender(senderRequestData);
                String str3 = (String) getOption("actor");
                senderRequestData.actor = str3;
                if (str3 == null) {
                    senderRequestData.actor = (String) senderRequestData.msgContext.getProperty("actor");
                }
                senderRequestData.username = (String) getOption("send.user");
                if (senderRequestData.username == null || senderRequestData.username.equals("")) {
                    senderRequestData.username = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.USER);
                    if (senderRequestData.username == null || senderRequestData.username.equals("")) {
                    }
                }
                if (senderRequestData.encUser == null) {
                    senderRequestData.encUser = (String) senderRequestData.msgContext.getProperty("send.encryptionUser");
                }
                Document sOAPPart = senderRequestData.msgContext.getMessage().getSOAPPart();
                Document document = (Document) senderRequestData.msgContext.getProperty(WSHandlerConstants.SND_SECURITY);
                Document document2 = document;
                if (document == null) {
                    document2 = sOAPPart;
                }
                senderRequestData.soapConstants = WSSecurityUtil.getSOAPConstants(document2.getDocumentElement());
                if ((decodeAction & 1) == 1) {
                    decodeUTParameter_sender(senderRequestData);
                }
                if ((decodeAction & 64) == 64) {
                    decodeUTParameter_sender(senderRequestData);
                    decodeSignatureParameter_sender(senderRequestData);
                }
                if ((decodeAction & 2) == 2) {
                    decodeSignatureParameter_sender(senderRequestData);
                }
                if ((decodeAction & 4) == 4) {
                    decodeEncryptionParameter_sender(senderRequestData);
                }
                for (int i = 0; i < vector.size(); i++) {
                    int intValue = ((Integer) vector.get(i)).intValue();
                    switch (intValue) {
                        case 1:
                            performUTAction_sender(intValue, decodeMustUnderstand_sender, document2, senderRequestData);
                            break;
                        case 2:
                            performSIGNAction_sender(intValue, decodeMustUnderstand_sender, document2, senderRequestData);
                            break;
                        case 4:
                            performENCRAction_sender(intValue, decodeMustUnderstand_sender, document2, senderRequestData);
                            break;
                        case 32:
                            performTSAction_sender(decodeMustUnderstand_sender, document2, senderRequestData);
                            break;
                        case 64:
                            performUT_SIGNAction_sender(intValue, decodeMustUnderstand_sender, document2, senderRequestData);
                            break;
                        case WSConstants.NO_SERIALIZE /* 256 */:
                            senderRequestData.noSerialization = true;
                            break;
                    }
                }
                if (senderRequestData.noSerialization) {
                    senderRequestData.msgContext.setProperty(WSHandlerConstants.SND_SECURITY, document2);
                } else {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    XMLUtils.outputDOM(document2, byteArrayOutputStream, true);
                    try {
                        sOAPPart.setContent(new StreamSource(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())));
                        senderRequestData.msgContext.setProperty(WSHandlerConstants.SND_SECURITY, (Object) null);
                    } catch (SOAPException e) {
                        throw AxisFault.makeFault(e);
                    }
                }
                senderRequestData.clear();
                return true;
            } catch (AxisFault e2) {
                throw new JAXRPCException(e2.getMessage());
            } catch (Exception e3) {
                this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", e3);
                throw new JAXRPCException(AxisFault.makeFault(e3).getMessage());
            }
        } finally {
            senderRequestData.clear();
        }
    }

    private boolean decodeMustUnderstand_sender(SenderRequestData senderRequestData) throws AxisFault {
        boolean z = true;
        String str = (String) getOption("send.mustUnderstand");
        String str2 = str;
        if (str == null) {
            str2 = (String) senderRequestData.msgContext.getProperty("mustUnderstand");
        }
        if (str2 != null) {
            if (str2.equals("0") || str2.equals("false")) {
                z = false;
            } else {
                if (!str2.equals("1") && !str2.equals("true")) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: illegal mustUnderstand parameter");
                    throw new WSSAxisFault("WSDoAllSender: illegal mustUnderstand parameter");
                }
                z = true;
            }
        }
        return z;
    }

    private void decodeUTParameter_sender(SenderRequestData senderRequestData) throws AxisFault {
        String str = (String) getOption("send.passwordType");
        senderRequestData.pwType = str;
        if (str == null) {
            senderRequestData.pwType = (String) senderRequestData.msgContext.getProperty("passwordType");
        }
        if (senderRequestData.pwType != null) {
            senderRequestData.pwType = senderRequestData.pwType.equals(WSConstants.PW_TEXT) ? WSConstants.PASSWORD_TEXT : WSConstants.PASSWORD_DIGEST;
        }
        String str2 = (String) getOption("send.addUTElements");
        String str3 = str2;
        if (str2 == null) {
            str3 = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.ADD_UT_ELEMENTS);
        }
        if (str3 != null) {
            senderRequestData.utElements = StringUtil.split(str3, ' ');
        }
    }

    private void decodeSignatureParameter_sender(SenderRequestData senderRequestData) throws AxisFault {
        if (this.senSigCrypto == null) {
            this.senSigCrypto = loadSignatureCrypto_sender();
            if (this.senSigCrypto == null) {
                this.senSigCrypto = this.senCrypto;
            }
            if (this.senSigCrypto == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Signature : no crypto ready for signature");
                throw new WSSAxisFault("WSDoAllSender: Signature : no crypto ready for signature");
            }
        }
        String str = (String) getOption("send.signatureKeyIdentifier");
        String str2 = str;
        if (str == null) {
            str2 = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.SIG_KEY_ID);
        }
        if (str2 != null) {
            Integer num = (Integer) WSJeusConstants.keyIdentifier.get(str2);
            if (num == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Signature: unknown key identification");
                throw new WSSAxisFault("WSDoAllSender: Signature: unknown key identification", 1);
            }
            senderRequestData.sigKeyId = num.intValue();
            if (senderRequestData.sigKeyId != 2 && senderRequestData.sigKeyId != 1 && senderRequestData.sigKeyId != 3 && senderRequestData.sigKeyId != 4) {
                this.logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6001, "WSDoAllSender: Signature: illegal key identification");
                throw new WSSAxisFault("WSDoAllSender: Signature: illegal key identification", 1);
            }
        }
        String str3 = (String) getOption("send.signatureAlgorithm");
        senderRequestData.sigAlgorithm = str3;
        if (str3 == null) {
        }
        String str4 = (String) getOption("send.signatureParts");
        String str5 = str4;
        if (str4 == null) {
            str5 = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.SIGNATURE_PARTS);
        }
        if (str5 != null) {
            splitEncParts_sender(str5, senderRequestData.signatureParts, senderRequestData);
        }
    }

    private Crypto loadSignatureCrypto_sender() throws AxisFault {
        String str;
        Crypto crypto = null;
        String str2 = (String) getOption("send.sigKeyType");
        try {
            str = EncryptionUtil.decryptPassword((String) getOption("send.sigKeystorePassword"));
        } catch (DecryptionException e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._73_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._73_LEVEL, JeusMessage_Security._73, e);
            }
            str = null;
        }
        String str3 = (String) getOption("send.sigKeystoreFilename");
        if (str2 != null && str != null && str3 != null) {
            WSSProperties wSSProperties = new WSSProperties("com.tmax.ws.security.components.crypto.DefaultWSSecurityItf");
            wSSProperties.setKeyStore(str3, str2, str);
            wSSProperties.setTrustStore(str3, str2, str);
            Crypto crypto2 = (Crypto) this.senCryptos.get(wSSProperties.uniqueID());
            if (crypto2 != null) {
                return crypto2;
            }
            crypto = CryptoFactory.getInstance(wSSProperties);
            if (crypto != null) {
                this.senCryptos.put(wSSProperties.uniqueID(), crypto);
            }
        }
        return crypto;
    }

    private void splitEncParts_sender(String str, Vector vector, SenderRequestData senderRequestData) throws AxisFault {
        WSEncryptionPart wSEncryptionPart;
        for (String str2 : StringUtil.split(str, ';')) {
            String[] split = StringUtil.split(str2, '}');
            if (split.length == 1) {
                wSEncryptionPart = new WSEncryptionPart(split[0].trim(), senderRequestData.soapConstants.getEnvelopeURI(), "Content");
            } else {
                if (split.length != 3) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, "WSS: Invalid Configuration", "WSDoAllSender: wrong part definition: " + str);
                    throw new WSSAxisFault("WSDoAllSender: wrong part definition: " + str);
                }
                String trim = split[0].trim();
                String substring = trim.length() <= 1 ? "Content" : trim.substring(1);
                String trim2 = split[1].trim();
                String trim3 = split[2].trim();
                wSEncryptionPart = new WSEncryptionPart(trim3, (trim2.length() > 1 || !trim3.equals("Body")) ? trim2.substring(1) : senderRequestData.soapConstants.getEnvelopeURI(), substring);
            }
            vector.add(wSEncryptionPart);
        }
    }

    private void decodeEncryptionParameter_sender(SenderRequestData senderRequestData) throws AxisFault {
        if (this.senEncCrypto == null) {
            this.senEncCrypto = loadEncryptionCrypto_sender();
            if (this.senEncCrypto == null) {
                this.senEncCrypto = this.senCrypto;
            }
            if (this.senEncCrypto == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Encryption: no crypto ready for encryption");
                throw new WSSAxisFault("WSDoAllSender: Encryption: no crypto ready for encryption");
            }
        }
        String str = (String) getOption("send.encryptionUser");
        if (str == null) {
            String str2 = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.ENCRYPTION_USER);
            if (str2 != null) {
                senderRequestData.encUser = str2;
            }
        } else {
            senderRequestData.encUser = str;
        }
        if (senderRequestData.encUser == null) {
            handleSpecialUser_sender(senderRequestData);
            if (senderRequestData.encCert == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "WSDoAllSender: Encryption: no user");
                throw new WSSAxisFault("WSDoAllSender: Encryption: no user", 7);
            }
        }
        String str3 = (String) getOption("send.encryptionKeyIdentifier");
        String str4 = str3;
        if (str3 == null) {
            str4 = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.ENC_KEY_ID);
        }
        if (str4 != null) {
            Integer num = (Integer) WSJeusConstants.keyIdentifier.get(str4);
            if (num == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6001, "WSDoAllSender: Signature: unknown key identification");
                throw new WSSAxisFault("WSDoAllSender: Encryption: unknown key identification", 1);
            }
            senderRequestData.encKeyId = num.intValue();
            if (senderRequestData.encKeyId != 2 && senderRequestData.encKeyId != 3 && senderRequestData.encKeyId != 4 && senderRequestData.encKeyId != 1 && senderRequestData.encKeyId != 5) {
                this.logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6001, "WSDoAllSender: Signature: illegal key identification");
                throw new WSSAxisFault("WSDoAllSender: Encryption: illegal key identification", 1);
            }
        }
        String str5 = (String) getOption("send.encryptionSymAlgorithm");
        senderRequestData.encSymmAlgo = str5;
        if (str5 == null) {
            senderRequestData.encSymmAlgo = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.ENC_SYM_ALGO);
        }
        String str6 = (String) getOption("send.encryptionKeyTransportAlgorithm");
        senderRequestData.encKeyTransport = str6;
        if (str6 == null) {
            senderRequestData.encKeyTransport = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.ENC_KEY_TRANSPORT);
        }
        String str7 = (String) getOption("send.encryptionParts");
        String str8 = str7;
        if (str7 == null) {
            str8 = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.ENCRYPTION_PARTS);
        }
        if (str8 != null) {
            splitEncParts_sender(str8, senderRequestData.encryptParts, senderRequestData);
        }
    }

    private Crypto loadEncryptionCrypto_sender() throws AxisFault {
        Crypto crypto = null;
        String str = (String) getOption("send.encKeyType");
        try {
            String decryptPassword = EncryptionUtil.decryptPassword((String) getOption("send.encKeystorePassword"));
            String str2 = (String) getOption("send.encKeystoreFilename");
            if (str != null && decryptPassword != null && str2 != null) {
                WSSProperties wSSProperties = new WSSProperties("com.tmax.ws.security.components.crypto.DefaultWSSecurityItf");
                wSSProperties.setKeyStore(str2, str, decryptPassword);
                wSSProperties.setTrustStore(str2, str, decryptPassword);
                Crypto crypto2 = (Crypto) this.senCryptos.get(wSSProperties.uniqueID());
                if (crypto2 != null) {
                    return crypto2;
                }
                crypto = CryptoFactory.getInstance(wSSProperties);
                if (crypto != null) {
                    this.senCryptos.put(wSSProperties.uniqueID(), crypto);
                }
            }
            return crypto;
        } catch (DecryptionException e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._73_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._73_LEVEL, JeusMessage_Security._73, e);
            }
            throw new AxisFault("[ERROR] Unable to decrypt the configured password.");
        }
    }

    private void handleSpecialUser_sender(SenderRequestData senderRequestData) {
        Vector vector = (Vector) senderRequestData.msgContext.getProperty(WSHandlerConstants.RECV_RESULTS);
        if (vector == null) {
            return;
        }
        for (int i = 0; i < vector.size(); i++) {
            WSHandlerResult wSHandlerResult = (WSHandlerResult) vector.get(i);
            if (WSSecurityUtil.isActorEqual(senderRequestData.actor, wSHandlerResult.getActor())) {
                Vector results = wSHandlerResult.getResults();
                for (int i2 = 0; i2 < results.size(); i2++) {
                    WSSecurityEngineResult wSSecurityEngineResult = (WSSecurityEngineResult) results.get(i2);
                    if (wSSecurityEngineResult.getAction() == 2) {
                        senderRequestData.encCert = wSSecurityEngineResult.getCertificate();
                        return;
                    }
                }
            }
        }
    }

    private void performUTAction_sender(int i, boolean z, Document document, SenderRequestData senderRequestData) throws AxisFault {
        if (senderRequestData.password == null) {
            WSPasswordCallback password_sender = getPassword_sender(senderRequestData, i, WSHandlerConstants.PW_CALLBACK_CLASS, WSHandlerConstants.PW_CALLBACK_REF);
            if (password_sender != null) {
                senderRequestData.password = password_sender.getPassword();
            } else {
                WSSProperties wSSProperties = (WSSProperties) getOption(WSJeusConstants.WSSPROPERTIES);
                if (wSSProperties != null) {
                    WSSUserInfo user = wSSProperties.getUser(senderRequestData.username);
                    if (user == null) {
                        this.logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "WSDoAllSender: WSSUserInfo not found for '" + senderRequestData.username + "'");
                        throw new WSSAxisFault("WSDoAllSender: WSSUserInfo not found for '" + senderRequestData.username + "'", 7);
                    }
                    senderRequestData.password = user.userPass;
                } else {
                    WSSPasswordVerifier.Extractor extractor = new WSSPasswordVerifier.Extractor(senderRequestData.username);
                    try {
                        if (!this.senCrypto.authenticate(extractor)) {
                            this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: WSSProperties not found");
                            throw new WSSAxisFault("WSDoAllSender: WSSProperties not found");
                        }
                        senderRequestData.password = extractor.getPassword();
                    } catch (WSSecurityException e) {
                        throw new WSSAxisFault("WSDoAllSender: Error during building UsernameToken", e);
                    }
                }
            }
        }
        WSSAddUsernameToken wSSAddUsernameToken = new WSSAddUsernameToken(senderRequestData.actor, z);
        wSSAddUsernameToken.setPasswordType(senderRequestData.pwType);
        wSSAddUsernameToken.build(document, senderRequestData.username, senderRequestData.password);
        if (senderRequestData.utElements == null || senderRequestData.utElements.length <= 0) {
            return;
        }
        for (int i2 = 0; i2 < senderRequestData.utElements.length; i2++) {
            senderRequestData.utElements[i2].trim();
            if (senderRequestData.utElements[i2].equals(WSConstants.NONCE_LN)) {
                wSSAddUsernameToken.addNonce(document);
            }
            if (senderRequestData.utElements[i2].equals(WSConstants.CREATED_LN)) {
                wSSAddUsernameToken.addCreated(document);
            }
            senderRequestData.utElements[i2] = null;
        }
    }

    private WSPasswordCallback getPassword_sender(SenderRequestData senderRequestData, int i, String str, String str2) throws AxisFault {
        WSPasswordCallback wSPasswordCallback;
        String str3 = (String) getOption("send." + str);
        String str4 = str3;
        if (str3 == null) {
            str4 = (String) senderRequestData.msgContext.getProperty(str);
        }
        if (str4 != null) {
            wSPasswordCallback = readPwViaCallbackClass_sender(str4, senderRequestData.username, i);
            if (wSPasswordCallback.getPassword() == null && wSPasswordCallback.getKey() == null) {
                return null;
            }
        } else {
            CallbackHandler callbackHandler = (CallbackHandler) senderRequestData.msgContext.getProperty(str2);
            if (callbackHandler != null) {
                wSPasswordCallback = performCallback_sender(callbackHandler, senderRequestData.username, i);
                if (wSPasswordCallback.getPassword() == null && wSPasswordCallback.getKey() == null) {
                    return null;
                }
            } else {
                wSPasswordCallback = new WSPasswordCallback("", 0);
                wSPasswordCallback.setPassword(null);
            }
        }
        return wSPasswordCallback;
    }

    private WSPasswordCallback readPwViaCallbackClass_sender(String str, String str2, int i) throws AxisFault {
        try {
            try {
                return performCallback_sender((CallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(str).newInstance(), str2, i);
            } catch (Exception e) {
                this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", e);
                throw new WSSAxisFault("WSDoAllSender: cannot create instance of password callback: " + str);
            }
        } catch (ClassNotFoundException e2) {
            this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: cannot load password callback class: " + str);
            throw new WSSAxisFault("WSDoAllSender: cannot load password callback class: " + str);
        }
    }

    private WSPasswordCallback performCallback_sender(CallbackHandler callbackHandler, String str, int i) throws AxisFault {
        int i2 = 0;
        switch (i) {
            case 1:
            case 64:
                i2 = 2;
                break;
            case 2:
                i2 = 3;
                break;
            case 4:
                i2 = 4;
                break;
        }
        WSPasswordCallback wSPasswordCallback = new WSPasswordCallback(str, i2);
        try {
            callbackHandler.handle(new Callback[]{wSPasswordCallback});
            return wSPasswordCallback;
        } catch (Exception e) {
            this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", e);
            throw new WSSAxisFault("WSDoAllSender: password callback failed");
        }
    }

    /* JADX WARN: Type inference failed for: r14v0, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    private void performENCRAction_sender(int i, boolean z, Document document, SenderRequestData senderRequestData) throws AxisFault {
        WSEncryptBody wSEncryptBody = new WSEncryptBody(senderRequestData.actor, z);
        if (senderRequestData.encKeyId != 0) {
            wSEncryptBody.setKeyIdentifierType(senderRequestData.encKeyId);
        }
        if (senderRequestData.encKeyId == 5) {
            WSPasswordCallback password_sender = getPassword_sender(senderRequestData, i, WSHandlerConstants.ENC_CALLBACK_CLASS, WSHandlerConstants.ENC_CALLBACK_REF);
            if (password_sender == null || password_sender.getKey() == null) {
                try {
                    WSSSecretKeyInfo secretKeyWithUser = this.senCrypto.getSecretKeyWithUser(senderRequestData.username);
                    if (secretKeyWithUser == null) {
                        this.logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "WSDoAllSender: WSSSecretKeyInfo not found for '" + senderRequestData.username + "'");
                        throw new WSSAxisFault("WSDoAllSender: WSSSecretKeyInfo not found for '" + senderRequestData.username + "'", 7);
                    }
                    wSEncryptBody.setEmbeddedKeyName(secretKeyWithUser.getKeyName());
                    wSEncryptBody.setSymmetricKey(secretKeyWithUser.getKey());
                    wSEncryptBody.setSymmetricEncAlgorithm(secretKeyWithUser.getKeyAlgorithmURI());
                } catch (WSSecurityException e) {
                    this.logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, "WSS: InvalidSecurity", (Throwable) e);
                    throw new WSSAxisFault((WSSecurityException) e);
                }
            } else {
                String str = (String) getOption("send.EmbeddedKeyName");
                String str2 = str;
                if (str == null) {
                    str2 = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.ENC_KEY_NAME);
                }
                wSEncryptBody.setEmbeddedKeyName(str2);
                wSEncryptBody.setKey(password_sender.getKey());
            }
        }
        if (senderRequestData.encSymmAlgo != null) {
            wSEncryptBody.setSymmetricEncAlgorithm(senderRequestData.encSymmAlgo);
        }
        if (senderRequestData.encKeyTransport != null) {
            wSEncryptBody.setKeyEnc(senderRequestData.encKeyTransport);
        }
        wSEncryptBody.setUserInfo(senderRequestData.encUser);
        wSEncryptBody.setUseThisCert(senderRequestData.encCert);
        if (senderRequestData.encryptParts.size() > 0) {
            wSEncryptBody.setParts(senderRequestData.encryptParts);
        }
        try {
            wSEncryptBody.build(document, this.senEncCrypto);
        } catch (WSSecurityException e2) {
            throw new AxisFault("WSDoAllSender: Encryption: error during message processing", e2);
        }
    }

    private void performSIGNAction_sender(int i, boolean z, Document document, SenderRequestData senderRequestData) throws AxisFault {
        WSSignEnvelope wSSignEnvelope = new WSSignEnvelope(senderRequestData.actor, z);
        if (senderRequestData.signatureParts.size() == 0) {
            senderRequestData.signatureParts.add(new WSEncryptionPart(senderRequestData.soapConstants.getBodyQName().getLocalPart(), senderRequestData.soapConstants.getEnvelopeURI(), "Content"));
        }
        if (senderRequestData.sigKeyId != 0) {
            wSSignEnvelope.setKeyIdentifierType(senderRequestData.sigKeyId);
            if (senderRequestData.sigKeyId == 1) {
                try {
                    if (senderRequestData.username == null) {
                        throw new WSSAxisFault("WSDoAllSender: Signature: Signer not specified");
                    }
                    X509Certificate certificateWithUser = this.senSigCrypto.getCertificateWithUser(senderRequestData.username);
                    if (certificateWithUser == null) {
                        throw new WSSAxisFault("WSDoAllSender: Signature: Signer's certificate not specified");
                    }
                    WSSAddBinarySecurityToken wSSAddBinarySecurityToken = new WSSAddBinarySecurityToken(senderRequestData.actor, z);
                    wSSAddBinarySecurityToken.setId("CertId-" + certificateWithUser.hashCode());
                    wSSAddBinarySecurityToken.build(document, certificateWithUser);
                    wSSignEnvelope.setBinarySecurityToken(wSSAddBinarySecurityToken);
                    senderRequestData.signatureParts.add(new WSEncryptionPart(BinarySecurity.TOKEN_BST.getLocalPart(), BinarySecurity.TOKEN_BST.getNamespaceURI(), "Content"));
                } catch (WSSecurityException e) {
                    throw new WSSAxisFault("WSDoAllSender: Signature: error during message procesing", e);
                }
            }
        }
        if (senderRequestData.sigAlgorithm != null) {
            wSSignEnvelope.setSignatureAlgorithm(senderRequestData.sigAlgorithm);
        }
        wSSignEnvelope.setUserInfo(senderRequestData.username, senderRequestData.password);
        if (senderRequestData.signatureParts.size() > 0) {
            wSSignEnvelope.setParts(senderRequestData.signatureParts);
        }
        WSPasswordCallback password_sender = getPassword_sender(senderRequestData, i, WSHandlerConstants.PW_CALLBACK_CLASS, WSHandlerConstants.PW_CALLBACK_REF);
        String str = null;
        if (password_sender != null) {
            str = password_sender.getPassword();
        }
        try {
            wSSignEnvelope.build(document, this.senSigCrypto, str);
        } catch (WSSecurityException e2) {
            throw new WSSAxisFault("WSDoAllSender: Signature: error during message procesing", e2);
        }
    }

    private void performTSAction_sender(boolean z, Document document, SenderRequestData senderRequestData) throws AxisFault {
        String str = (String) getOption(WSHandlerConstants.TTL_TIMESTAMP);
        String str2 = str;
        if (str == null) {
            str2 = (String) senderRequestData.msgContext.getProperty(WSHandlerConstants.TTL_TIMESTAMP);
        }
        int i = 0;
        if (str2 != null) {
            try {
                i = Integer.parseInt(str2);
            } catch (NumberFormatException e) {
                i = senderRequestData.timeToLive;
            }
        }
        if (i <= 0) {
            i = senderRequestData.timeToLive;
        }
        String str3 = (String) getOption(WSHandlerConstants.TIMESTAMP_ABERRATION);
        int i2 = 0;
        if (str3 != null) {
            try {
                i2 = Integer.parseInt(str3);
            } catch (NumberFormatException e2) {
            }
        }
        new WSAddTimestamp(senderRequestData.actor, z).build(document, i, i2);
    }

    private void performUT_SIGNAction_sender(int i, boolean z, Document document, SenderRequestData senderRequestData) throws AxisFault {
        WSPasswordCallback password_sender = getPassword_sender(senderRequestData, i, WSHandlerConstants.PW_CALLBACK_CLASS, WSHandlerConstants.PW_CALLBACK_REF);
        if (password_sender != null) {
            senderRequestData.password = password_sender.getPassword();
        } else {
            WSSProperties wSSProperties = (WSSProperties) getOption(WSJeusConstants.WSSPROPERTIES);
            if (wSSProperties == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: WSSProperties not found");
                throw new WSSAxisFault("WSDoAllSender: WSSProperties not found");
            }
            WSSUserInfo user = wSSProperties.getUser(senderRequestData.username);
            if (user == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "WSDoAllSender: WSSUserInfo not found for '" + senderRequestData.username + "'");
                throw new WSSAxisFault("WSDoAllSender: WSSUserInfo not found for '" + senderRequestData.username + "'", 7);
            }
            senderRequestData.password = user.userPass;
        }
        WSSAddUsernameToken wSSAddUsernameToken = new WSSAddUsernameToken(senderRequestData.actor, z);
        wSSAddUsernameToken.setPasswordType(WSConstants.PASSWORD_TEXT);
        wSSAddUsernameToken.preSetUsernameToken(document, senderRequestData.username, senderRequestData.password);
        wSSAddUsernameToken.addCreated(document);
        wSSAddUsernameToken.addNonce(document);
        WSSignEnvelope wSSignEnvelope = new WSSignEnvelope(senderRequestData.actor, z);
        if (senderRequestData.signatureParts.size() > 0) {
            wSSignEnvelope.setParts(senderRequestData.signatureParts);
        }
        wSSignEnvelope.setUsernameToken(wSSAddUsernameToken);
        wSSignEnvelope.setKeyIdentifierType(7);
        wSSignEnvelope.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        try {
            wSSignEnvelope.build(document, null, null);
            wSSAddUsernameToken.build(document, null, null);
        } catch (WSSecurityException e) {
            throw new WSSAxisFault("WSDoAllSender: Error during Signature with UsernameToken secret", e);
        }
    }

    public boolean doReceiver(MessageContext messageContext, boolean z) throws WSSecurityException {
        X509Certificate certificate;
        ReceiverRequestData receiverRequestData = new ReceiverRequestData();
        try {
            try {
                receiverRequestData.msgContext = messageContext;
                Vector vector = new Vector();
                String str = (String) getOption("receive.action");
                String str2 = str;
                if (str == null) {
                    str2 = (String) messageContext.getProperty(WSHandlerConstants.ACTION);
                }
                if (str2 == null) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllReceiver: No action defined");
                    throw new WSSAxisFault("WSDoAllReceiver: No action defined");
                }
                int decodeAction = AxisUtil.decodeAction(str2, vector);
                if (decodeAction == 0) {
                    return true;
                }
                String str3 = (String) getOption("actor");
                SOAPMessage message = ((SOAPMessageContext) messageContext).getMessage();
                try {
                    Document sOAPPart = message.getSOAPPart();
                    if (WSSecurityUtil.findElement(sOAPPart.getDocumentElement(), Constants.ELEM_FAULT, WSSecurityUtil.getSOAPConstants(sOAPPart.getDocumentElement()).getEnvelopeURI()) != null) {
                        receiverRequestData.clear();
                        return false;
                    }
                    if ((decodeAction & 2) == 2) {
                        decodeSignatureParameter_receiver();
                    }
                    if ((decodeAction & 4) == 4) {
                        decodeDecryptionParameter_receiver();
                    }
                    CallbackHandler callbackHandler = null;
                    if ((decodeAction & 5) != 0) {
                        callbackHandler = getPasswordCB_receiver(receiverRequestData);
                        if (callbackHandler == null) {
                            Crypto crypto = this.recCrypto;
                            this.recSigCrypto = crypto;
                            this.recDecCrypto = crypto;
                            if (this.recDecCrypto == null && this.recSigCrypto == null) {
                                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllReceiver: Crypto initialization failure for both signature and decryption");
                                throw new WSSAxisFault("WSDoAllReceiver: Crypto initialization failure for both signature and decryption");
                            }
                        }
                    }
                    WSSecurityEngine wSSecurityEngine = secEngine;
                    WSSecurityEngine.setWssConfig(this.wssConfig);
                    try {
                        Vector processSecurityHeader = secEngine.processSecurityHeader(sOAPPart, str3, callbackHandler, this.recSigCrypto, this.recDecCrypto);
                        if (processSecurityHeader == null) {
                            this.logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, "WSDoAllReceiver: Request does not contain required Security header");
                            throw new WSSAxisFault("WSDoAllReceiver: Request does not contain required Security header");
                        }
                        boolean hasSignedElementQname = WSSecurityUtil.hasSignedElementQname(processSecurityHeader, new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"));
                        if (this.wssConfig.isEnableSignatureConfirmation() && !hasSignedElementQname) {
                            this.logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, "WSDoAllReceiver: Request does not have Timestamp signed");
                            throw new WSSAxisFault("WSDoAllReceiver: Request does not have Timestamp signed");
                        }
                        ArrayList arrayList = new ArrayList();
                        try {
                            Iterator examineAllHeaderElements = message.getSOAPHeader().examineAllHeaderElements();
                            while (examineAllHeaderElements.hasNext()) {
                                Object next = examineAllHeaderElements.next();
                                if (next instanceof SOAPHeaderElement) {
                                    SOAPHeaderElement sOAPHeaderElement = (SOAPHeaderElement) next;
                                    arrayList.add(new QName(sOAPHeaderElement.getElementName().getURI(), sOAPHeaderElement.getElementName().getLocalName(), sOAPHeaderElement.getElementName().getPrefix()));
                                }
                            }
                            Iterator it = arrayList.iterator();
                            while (it.hasNext()) {
                            }
                            detachSecurityElement_receiver(message);
                            WSSecurityEngineResult fetchActionResult = WSSecurityUtil.fetchActionResult(processSecurityHeader, 2);
                            if (fetchActionResult != null && (certificate = fetchActionResult.getCertificate()) != null && !verifyTrust_receiver(certificate)) {
                                this.logger.log(JeusMessage_Webservices_SEC._6004_LEVEL, JeusMessage_Webservices_SEC._6004, "WSDoAllReceiver: The certificate used for the signature is not trusted:" + certificate.getSubjectDN().getName());
                                throw new WSSAxisFault("WSDoAllReceiver: The certificate used for the signature is not trusted:" + certificate.getSubjectDN().getName(), 4);
                            }
                            WSSecurityUtil.fetchActionResult(processSecurityHeader, 32);
                            int size = processSecurityHeader.size();
                            int size2 = vector.size();
                            if (size2 != size) {
                                this.logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, "WSDoAllReceiver: security processing failed (actions number mismatch)");
                                throw new WSSAxisFault("WSDoAllReceiver: security processing failed (actions number mismatch)");
                            }
                            if (this.wssConfig.getObserveActionOrderAtReceiving()) {
                                for (int i = 0; i < size2; i++) {
                                    if (((Integer) vector.get(i)).intValue() != ((WSSecurityEngineResult) processSecurityHeader.get(i)).getAction()) {
                                        this.logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, "WSDoAllReceiver: security processing failed (actions order mismatch)");
                                        throw new WSSAxisFault("WSDoAllReceiver: security processing failed (actions order mismatch)");
                                    }
                                }
                            } else {
                                Vector vector2 = (Vector) vector.clone();
                                for (int i2 = 0; i2 < size2; i2++) {
                                    if (!vector2.remove(new Integer(((WSSecurityEngineResult) processSecurityHeader.get(i2)).getAction()))) {
                                        this.logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, "WSDoAllReceiver: security processing failed (action(s) not exist)");
                                        throw new WSSAxisFault("WSDoAllReceiver: security processing failed (action(s) not exist)");
                                    }
                                }
                                if (!vector2.isEmpty()) {
                                    this.logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, "WSDoAllReceiver: security processing failed (action(s) remained)");
                                    throw new WSSAxisFault("WSDoAllReceiver: security processing failed (action(s) remained)");
                                }
                            }
                            Vector vector3 = (Vector) messageContext.getProperty(WSHandlerConstants.RECV_RESULTS);
                            Vector vector4 = vector3;
                            if (vector3 == null) {
                                vector4 = new Vector();
                                messageContext.setProperty(WSHandlerConstants.RECV_RESULTS, vector4);
                            }
                            vector4.add(0, new WSHandlerResult(str3, processSecurityHeader));
                            receiverRequestData.clear();
                            return true;
                        } catch (SOAPException e) {
                            throw AxisFault.makeFault(e);
                        }
                    } catch (WSSecurityException e2) {
                        throw new WSSAxisFault(e2);
                    }
                } catch (Exception e3) {
                    this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", e3);
                    throw new AxisFault("WSDoAllReceiver: cannot convert into document", e3);
                }
            } finally {
                receiverRequestData.clear();
            }
        } catch (AxisFault e4) {
            throw new JAXRPCException(e4.getMessage());
        } catch (Exception e5) {
            this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", e5);
            throw new JAXRPCException(AxisFault.makeFault(e5).getMessage());
        }
    }

    private void decodeSignatureParameter_receiver() throws AxisFault {
        if (this.recSigCrypto == null) {
            this.recSigCrypto = loadSignatureCrypto_receiver();
            if (this.recSigCrypto == null) {
                this.recSigCrypto = this.recCrypto;
            }
            if (this.recSigCrypto == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllReceiver: Crypto initialization failure for signature");
                throw new WSSAxisFault("WSDoAllReceiver: Crypto initialization failure for signature");
            }
        }
    }

    private Crypto loadSignatureCrypto_receiver() throws AxisFault {
        String str;
        Crypto crypto = null;
        String str2 = (String) getOption("receive.sigKeyType");
        try {
            str = EncryptionUtil.decryptPassword((String) getOption("receive.sigKeystorePassword"));
        } catch (DecryptionException e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._73_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._73_LEVEL, JeusMessage_Security._73, e);
            }
            str = null;
        }
        String str3 = (String) getOption("receive.sigKeystoreFilename");
        if (str2 != null && str != null && str3 != null) {
            WSSProperties wSSProperties = new WSSProperties("com.tmax.ws.security.components.crypto.DefaultWSSecurityItf");
            wSSProperties.setKeyStore(str3, str2, str);
            wSSProperties.setTrustStore(str3, str2, str);
            Crypto crypto2 = (Crypto) this.recCryptos.get(wSSProperties.uniqueID());
            if (crypto2 != null) {
                return crypto2;
            }
            crypto = CryptoFactory.getInstance(wSSProperties);
            if (crypto != null) {
                this.recCryptos.put(wSSProperties.uniqueID(), crypto);
            }
        }
        return crypto;
    }

    private void decodeDecryptionParameter_receiver() throws AxisFault {
        if (this.recDecCrypto == null) {
            this.recDecCrypto = loadDecryptionCrypto_receiver();
            if (this.recDecCrypto == null) {
                this.recDecCrypto = this.recCrypto;
            }
            if (this.recDecCrypto == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllReceiver: Crypto initialization failure for decryption");
                throw new WSSAxisFault("WSDoAllReceiver: Crypto initialization failure for decryption");
            }
        }
    }

    private Crypto loadDecryptionCrypto_receiver() throws AxisFault {
        String str;
        Crypto crypto = null;
        String str2 = (String) getOption("receive.decKeyType");
        try {
            str = EncryptionUtil.decryptPassword((String) getOption("receive.decKeystorePassword"));
        } catch (DecryptionException e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._73_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._73_LEVEL, JeusMessage_Security._73, e);
            }
            str = null;
        }
        String str3 = (String) getOption("receive.decKeystoreFilename");
        if (str2 != null && str != null && str3 != null) {
            WSSProperties wSSProperties = new WSSProperties("com.tmax.ws.security.components.crypto.DefaultWSSecurityItf");
            wSSProperties.setKeyStore(str3, str2, str);
            wSSProperties.setTrustStore(str3, str2, str);
            Crypto crypto2 = (Crypto) this.recCryptos.get(wSSProperties.uniqueID());
            if (crypto2 != null) {
                return crypto2;
            }
            crypto = CryptoFactory.getInstance(wSSProperties);
            if (crypto != null) {
                this.recCryptos.put(wSSProperties.uniqueID(), crypto);
            }
        }
        return crypto;
    }

    private CallbackHandler getPasswordCB_receiver(ReceiverRequestData receiverRequestData) throws AxisFault {
        CallbackHandler callbackHandler;
        String str = (String) getOption("receive.passwordCallbackClass");
        String str2 = str;
        if (str == null) {
            str2 = (String) receiverRequestData.msgContext.getProperty(WSHandlerConstants.PW_CALLBACK_CLASS);
        }
        if (str2 != null) {
            try {
                try {
                    callbackHandler = (CallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(str2).newInstance();
                } catch (Exception e) {
                    this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", e);
                    throw new WSSAxisFault("WSDoAllReceiver: cannot create instance of password callback: " + str2);
                }
            } catch (ClassNotFoundException e2) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllReceiver: cannot load password callback class: " + str2);
                throw new WSSAxisFault("WSDoAllReceiver: cannot load password callback class: " + str2);
            }
        } else {
            callbackHandler = (CallbackHandler) receiverRequestData.msgContext.getProperty(WSHandlerConstants.PW_CALLBACK_REF);
        }
        return callbackHandler;
    }

    private void detachSecurityElement_receiver(SOAPMessage sOAPMessage) throws SOAPException {
        Iterator childElements = sOAPMessage.getSOAPHeader().getChildElements();
        while (childElements.hasNext()) {
            Node node = (Node) childElements.next();
            if (node.getNodeType() == 1 && node.getNamespaceURI().equals(WSConstants.WSSE_NS) && node.getLocalName().equals(WSConstants.WSSE_LN)) {
                node.getParentNode().removeChild(node);
            }
        }
    }

    private boolean verifyTrust_receiver(X509Certificate x509Certificate) throws AxisFault {
        if (x509Certificate == null) {
            return false;
        }
        try {
            return this.recSigCrypto.isValid(x509Certificate);
        } catch (WSSecurityException e) {
            this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, JeusMessage_Webservices_SEC._6012, e);
            return false;
        }
    }

    public static Document messageToDocument(SOAPMessage sOAPMessage) {
        try {
            Source content = sOAPMessage.getSOAPPart().getContent();
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            return newInstance.newDocumentBuilder().parse(com.tmax.ws.security.util.XMLUtils.sourceToInputSource(content));
        } catch (Exception e) {
            throw new JAXRPCException("messageToDocument: cannot convert SOAPMessage into Document", e);
        }
    }

    public Object getOption(String str) {
        return this.handlerInfo.getHandlerConfig().get(str);
    }

    public Object getProperty(Object obj, String str) {
        return ((MessageContext) obj).getProperty(str);
    }

    public void setProperty(Object obj, String str, Object obj2) {
        ((MessageContext) obj).setProperty(str, obj2);
    }

    public String getPassword(Object obj) {
        return (String) ((MessageContext) obj).getProperty(WSConstants.PASSWORD_PROPERTY);
    }

    public void setPassword(Object obj, String str) {
        ((MessageContext) obj).setProperty(WSConstants.PASSWORD_PROPERTY, str);
    }
}
