package com.tmax.ws.axis.security;

import com.tmax.axis.AxisFault;
import com.tmax.axis.MessageContext;
import com.tmax.axis.handlers.BasicHandler;
import com.tmax.org.apache.xml.security.utils.XMLUtils;
import com.tmax.ws.axis.security.util.AxisUtil;
import com.tmax.ws.security.SOAPConstants;
import com.tmax.ws.security.WSConstants;
import com.tmax.ws.security.WSEncryptionPart;
import com.tmax.ws.security.WSPasswordCallback;
import com.tmax.ws.security.WSSecurityEngine;
import com.tmax.ws.security.WSSecurityEngineResult;
import com.tmax.ws.security.WSSecurityException;
import com.tmax.ws.security.components.crypto.Crypto;
import com.tmax.ws.security.components.crypto.CryptoFactory;
import com.tmax.ws.security.components.crypto.WSSPasswordVerifier;
import com.tmax.ws.security.components.crypto.WSSSecretKeyInfo;
import com.tmax.ws.security.handler.WSHandlerConstants;
import com.tmax.ws.security.handler.WSHandlerResult;
import com.tmax.ws.security.message.WSAddTimestamp;
import com.tmax.ws.security.message.WSEncryptBody;
import com.tmax.ws.security.message.WSSAddBinarySecurityToken;
import com.tmax.ws.security.message.WSSAddUsernameToken;
import com.tmax.ws.security.message.WSSignEnvelope;
import com.tmax.ws.security.message.token.BinarySecurity;
import com.tmax.ws.security.util.StringUtil;
import com.tmax.ws.security.util.WSSecurityUtil;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
import java.util.Vector;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.soap.SOAPException;
import javax.xml.transform.stream.StreamSource;
import jeus.security.base.DecryptionException;
import jeus.security.util.EncryptionUtil;
import jeus.security.util.LoggerUtil;
import jeus.util.logging.JeusLogger;
import jeus.util.message.JeusMessage_Security;
import jeus.util.message.JeusMessage_Webservices_SEC;
import jeus.webservices.wssecurity.WSSProperties;
import jeus.webservices.wssecurity.WSSUserInfo;
import org.w3c.dom.Document;

/* loaded from: input_file:com/tmax/ws/axis/security/WSDoAllSender.class */
public class WSDoAllSender extends BasicHandler {
    static final WSSecurityEngine secEngine = WSSecurityEngine.getInstance();
    protected final JeusLogger logger = JeusLogger.getLogger("jeus.webservices.wss");
    private Hashtable cryptos = new Hashtable();
    Crypto crypto = null;
    Crypto sigCrypto = null;
    Crypto encCrypto = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/tmax/ws/axis/security/WSDoAllSender$RequestData.class */
    public class RequestData {
        MessageContext msgContext;
        boolean noSerialization;
        SOAPConstants soapConstants;
        String actor;
        String username;
        String password;
        String pwType;
        String[] utElements;
        int sigKeyId;
        String sigAlgorithm;
        Vector signatureParts;
        int encKeyId;
        String encSymmAlgo;
        String encKeyTransport;
        String encUser;
        Vector encryptParts;
        X509Certificate encCert;
        int timeToLive;

        private RequestData() {
            this.msgContext = null;
            this.noSerialization = false;
            this.soapConstants = null;
            this.actor = null;
            this.username = null;
            this.password = null;
            this.pwType = null;
            this.utElements = null;
            this.sigKeyId = 0;
            this.sigAlgorithm = null;
            this.signatureParts = new Vector();
            this.encKeyId = 0;
            this.encSymmAlgo = null;
            this.encKeyTransport = null;
            this.encUser = null;
            this.encryptParts = new Vector();
            this.encCert = null;
            this.timeToLive = 0;
        }

        void clear() {
            this.soapConstants = null;
            this.encUser = null;
            this.encKeyTransport = null;
            this.encSymmAlgo = null;
            this.sigAlgorithm = null;
            this.pwType = null;
            this.username = null;
            this.actor = null;
            this.signatureParts.clear();
            this.encryptParts.clear();
            this.encryptParts = null;
            this.signatureParts = null;
            this.encCert = null;
            this.utElements = null;
        }
    }

    @Override // com.tmax.axis.handlers.BasicHandler, com.tmax.axis.Handler
    public void init() {
        try {
            this.crypto = loadCrypto();
        } catch (AxisFault e) {
            e.printStackTrace();
        }
    }

    @Override // com.tmax.axis.Handler
    public void invoke(MessageContext messageContext) throws AxisFault {
        messageContext.setProperty("jeus.webservices.ws.security.send.enable", Boolean.TRUE);
        RequestData requestData = new RequestData();
        requestData.noSerialization = false;
        requestData.msgContext = messageContext;
        try {
            try {
                Vector vector = new Vector();
                String str = (String) getOption(WSHandlerConstants.ACTION);
                String str2 = str;
                if (str == null) {
                    str2 = (String) requestData.msgContext.getProperty(WSHandlerConstants.ACTION);
                }
                if (str2 == null) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: No action defined");
                    throw new WSSAxisFault("WSDoAllSender: No action defined");
                }
                int decodeAction = AxisUtil.decodeAction(str2, vector);
                if (decodeAction == 0) {
                    return;
                }
                boolean decodeMustUnderstand = decodeMustUnderstand(requestData);
                String str3 = (String) getOption("actor");
                requestData.actor = str3;
                if (str3 == null) {
                    requestData.actor = (String) requestData.msgContext.getProperty("actor");
                }
                requestData.username = (String) getOption(WSHandlerConstants.USER);
                if (requestData.username == null || requestData.username.equals("")) {
                    requestData.username = (String) requestData.msgContext.getProperty(WSHandlerConstants.USER);
                    if (requestData.username == null || requestData.username.equals("")) {
                        requestData.username = WSSUserInfo.getResponser(requestData.msgContext.getTargetService().toString());
                        if (requestData.username == null || requestData.username.equals("")) {
                            requestData.username = (String) requestData.msgContext.getProperty(WSConstants.USERNAME_PROPERTY);
                        }
                    }
                }
                if (requestData.encUser == null) {
                    requestData.encUser = (String) requestData.msgContext.getProperty(WSConstants.ENCUSER_PROPERTY);
                }
                Document sOAPPart = requestData.msgContext.getMessage().getSOAPPart();
                Document document = (Document) requestData.msgContext.getProperty(WSHandlerConstants.SND_SECURITY);
                Document document2 = document;
                if (document == null) {
                    document2 = sOAPPart;
                }
                requestData.soapConstants = WSSecurityUtil.getSOAPConstants(document2.getDocumentElement());
                if ((decodeAction & 1) == 1) {
                    decodeUTParameter(requestData);
                }
                if ((decodeAction & 64) == 64) {
                    decodeUTParameter(requestData);
                    decodeSignatureParameter(requestData);
                }
                if ((decodeAction & 2) == 2) {
                    decodeSignatureParameter(requestData);
                }
                if ((decodeAction & 4) == 4) {
                    decodeEncryptionParameter(requestData);
                }
                for (int i = 0; i < vector.size(); i++) {
                    int intValue = ((Integer) vector.get(i)).intValue();
                    switch (intValue) {
                        case 1:
                            performUTAction(intValue, decodeMustUnderstand, document2, requestData);
                            break;
                        case 2:
                            performSIGNAction(intValue, decodeMustUnderstand, document2, requestData);
                            break;
                        case 4:
                            performENCRAction(intValue, decodeMustUnderstand, document2, requestData);
                            break;
                        case 32:
                            performTSAction(decodeMustUnderstand, document2, requestData);
                            break;
                        case 64:
                            performUT_SIGNAction(intValue, decodeMustUnderstand, document2, requestData);
                            break;
                        case WSConstants.NO_SERIALIZE /* 256 */:
                            requestData.noSerialization = true;
                            break;
                    }
                }
                if (requestData.noSerialization) {
                    requestData.msgContext.setProperty(WSHandlerConstants.SND_SECURITY, document2);
                } else {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    XMLUtils.outputDOM(document2, byteArrayOutputStream, true);
                    try {
                        sOAPPart.setContent(new StreamSource(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())));
                        requestData.msgContext.setProperty(WSHandlerConstants.SND_SECURITY, null);
                    } catch (SOAPException e) {
                        throw AxisFault.makeFault(e);
                    }
                }
                requestData.clear();
            } catch (AxisFault e2) {
                throw e2;
            } catch (Exception e3) {
                this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", e3);
                throw AxisFault.makeFault(e3);
            }
        } finally {
            requestData.clear();
        }
    }

    private void performSIGNAction(int i, boolean z, Document document, RequestData requestData) throws AxisFault {
        WSSignEnvelope wSSignEnvelope = new WSSignEnvelope(requestData.actor, z);
        if (requestData.signatureParts.size() == 0) {
            requestData.signatureParts.add(new WSEncryptionPart(requestData.soapConstants.getBodyQName().getLocalPart(), requestData.soapConstants.getEnvelopeURI(), "Content"));
        }
        if (requestData.sigKeyId != 0) {
            wSSignEnvelope.setKeyIdentifierType(requestData.sigKeyId);
            if (requestData.sigKeyId == 1) {
                try {
                    if (requestData.username == null) {
                        throw new WSSAxisFault("WSDoAllSender: Signature: Signer not specified");
                    }
                    X509Certificate certificateWithUser = this.sigCrypto.getCertificateWithUser(requestData.username);
                    if (certificateWithUser == null) {
                        throw new WSSAxisFault("WSDoAllSender: Signature: Signer's certificate not specified");
                    }
                    WSSAddBinarySecurityToken wSSAddBinarySecurityToken = new WSSAddBinarySecurityToken(requestData.actor, z);
                    wSSAddBinarySecurityToken.setId("CertId-" + certificateWithUser.hashCode());
                    wSSAddBinarySecurityToken.build(document, certificateWithUser);
                    wSSignEnvelope.setBinarySecurityToken(wSSAddBinarySecurityToken);
                    requestData.signatureParts.add(new WSEncryptionPart(BinarySecurity.TOKEN_BST.getLocalPart(), BinarySecurity.TOKEN_BST.getNamespaceURI(), "Content"));
                } catch (WSSecurityException e) {
                    throw new WSSAxisFault("WSDoAllSender: Signature: error during message procesing", e);
                }
            }
        }
        if (requestData.sigAlgorithm != null) {
            wSSignEnvelope.setSignatureAlgorithm(requestData.sigAlgorithm);
        }
        wSSignEnvelope.setUserInfo(requestData.username, requestData.password);
        if (requestData.signatureParts.size() > 0) {
            wSSignEnvelope.setParts(requestData.signatureParts);
        }
        WSPasswordCallback password = getPassword(requestData, i, WSHandlerConstants.PW_CALLBACK_CLASS, WSHandlerConstants.PW_CALLBACK_REF);
        String str = null;
        if (password != null) {
            str = password.getPassword();
        }
        try {
            wSSignEnvelope.build(document, this.sigCrypto, str);
        } catch (WSSecurityException e2) {
            throw new WSSAxisFault("WSDoAllSender: Signature: error during message procesing", e2);
        }
    }

    /* JADX WARN: Type inference failed for: r14v0, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    private void performENCRAction(int i, boolean z, Document document, RequestData requestData) throws AxisFault {
        WSEncryptBody wSEncryptBody = new WSEncryptBody(requestData.actor, z);
        if (requestData.encKeyId != 0) {
            wSEncryptBody.setKeyIdentifierType(requestData.encKeyId);
        }
        if (requestData.encKeyId == 5) {
            WSPasswordCallback password = getPassword(requestData, i, WSHandlerConstants.ENC_CALLBACK_CLASS, WSHandlerConstants.ENC_CALLBACK_REF);
            if (password == null || password.getKey() == null) {
                try {
                    WSSSecretKeyInfo secretKeyWithUser = this.crypto.getSecretKeyWithUser(requestData.username);
                    if (secretKeyWithUser == null) {
                        this.logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "WSDoAllSender: WSSSecretKeyInfo not found for '" + requestData.username + "'");
                        throw new WSSAxisFault("WSDoAllSender: WSSSecretKeyInfo not found for '" + requestData.username + "'", 7);
                    }
                    wSEncryptBody.setEmbeddedKeyName(secretKeyWithUser.getKeyName());
                    wSEncryptBody.setSymmetricKey(secretKeyWithUser.getKey());
                    wSEncryptBody.setSymmetricEncAlgorithm(secretKeyWithUser.getKeyAlgorithmURI());
                } catch (WSSecurityException e) {
                    this.logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, "WSS: InvalidSecurity", (Throwable) e);
                    throw new WSSAxisFault((WSSecurityException) e);
                }
            } else {
                String str = (String) getOption(WSHandlerConstants.ENC_KEY_NAME);
                String str2 = str;
                if (str == null) {
                    str2 = (String) requestData.msgContext.getProperty(WSHandlerConstants.ENC_KEY_NAME);
                }
                wSEncryptBody.setEmbeddedKeyName(str2);
                wSEncryptBody.setKey(password.getKey());
            }
        }
        if (requestData.encSymmAlgo != null) {
            wSEncryptBody.setSymmetricEncAlgorithm(requestData.encSymmAlgo);
        }
        if (requestData.encKeyTransport != null) {
            wSEncryptBody.setKeyEnc(requestData.encKeyTransport);
        }
        wSEncryptBody.setUserInfo(requestData.encUser);
        wSEncryptBody.setUseThisCert(requestData.encCert);
        if (requestData.encryptParts.size() > 0) {
            wSEncryptBody.setParts(requestData.encryptParts);
        }
        try {
            wSEncryptBody.build(document, this.encCrypto);
        } catch (WSSecurityException e2) {
            throw new AxisFault("WSDoAllSender: Encryption: error during message processing", e2);
        }
    }

    private void performUTAction(int i, boolean z, Document document, RequestData requestData) throws AxisFault {
        if (requestData.password == null) {
            WSPasswordCallback password = getPassword(requestData, i, WSHandlerConstants.PW_CALLBACK_CLASS, WSHandlerConstants.PW_CALLBACK_REF);
            if (password != null) {
                requestData.password = password.getPassword();
            } else {
                WSSProperties wSSProperties = (WSSProperties) getOption(WSJeusConstants.WSSPROPERTIES);
                if (wSSProperties != null) {
                    WSSUserInfo user = wSSProperties.getUser(requestData.username);
                    if (user == null) {
                        this.logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "WSDoAllSender: WSSUserInfo not found for '" + requestData.username + "'");
                        throw new WSSAxisFault("WSDoAllSender: WSSUserInfo not found for '" + requestData.username + "'", 7);
                    }
                    requestData.password = user.userPass;
                } else {
                    WSSPasswordVerifier.Extractor extractor = new WSSPasswordVerifier.Extractor(requestData.username);
                    try {
                        if (!this.crypto.authenticate(extractor)) {
                            this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: WSSProperties not found");
                            throw new WSSAxisFault("WSDoAllSender: WSSProperties not found");
                        }
                        requestData.password = extractor.getPassword();
                    } catch (WSSecurityException e) {
                        throw new WSSAxisFault("WSDoAllSender: Error during building UsernameToken", e);
                    }
                }
            }
        }
        WSSAddUsernameToken wSSAddUsernameToken = new WSSAddUsernameToken(requestData.actor, z);
        wSSAddUsernameToken.setPasswordType(requestData.pwType);
        wSSAddUsernameToken.build(document, requestData.username, requestData.password);
        if (requestData.utElements == null || requestData.utElements.length <= 0) {
            return;
        }
        for (int i2 = 0; i2 < requestData.utElements.length; i2++) {
            requestData.utElements[i2].trim();
            if (requestData.utElements[i2].equals(WSConstants.NONCE_LN)) {
                wSSAddUsernameToken.addNonce(document);
            }
            if (requestData.utElements[i2].equals(WSConstants.CREATED_LN)) {
                wSSAddUsernameToken.addCreated(document);
            }
            requestData.utElements[i2] = null;
        }
    }

    private void performUT_SIGNAction(int i, boolean z, Document document, RequestData requestData) throws AxisFault {
        WSPasswordCallback password = getPassword(requestData, i, WSHandlerConstants.PW_CALLBACK_CLASS, WSHandlerConstants.PW_CALLBACK_REF);
        if (password != null) {
            requestData.password = password.getPassword();
        } else {
            WSSProperties wSSProperties = (WSSProperties) getOption(WSJeusConstants.WSSPROPERTIES);
            if (wSSProperties == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: WSSProperties not found");
                throw new WSSAxisFault("WSDoAllSender: WSSProperties not found");
            }
            WSSUserInfo user = wSSProperties.getUser(requestData.username);
            if (user == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "WSDoAllSender: WSSUserInfo not found for '" + requestData.username + "'");
                throw new WSSAxisFault("WSDoAllSender: WSSUserInfo not found for '" + requestData.username + "'", 7);
            }
            requestData.password = user.userPass;
        }
        WSSAddUsernameToken wSSAddUsernameToken = new WSSAddUsernameToken(requestData.actor, z);
        wSSAddUsernameToken.setPasswordType(WSConstants.PASSWORD_TEXT);
        wSSAddUsernameToken.preSetUsernameToken(document, requestData.username, requestData.password);
        wSSAddUsernameToken.addCreated(document);
        wSSAddUsernameToken.addNonce(document);
        WSSignEnvelope wSSignEnvelope = new WSSignEnvelope(requestData.actor, z);
        if (requestData.signatureParts.size() > 0) {
            wSSignEnvelope.setParts(requestData.signatureParts);
        }
        wSSignEnvelope.setUsernameToken(wSSAddUsernameToken);
        wSSignEnvelope.setKeyIdentifierType(7);
        wSSignEnvelope.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        try {
            wSSignEnvelope.build(document, null, null);
            wSSAddUsernameToken.build(document, null, null);
        } catch (WSSecurityException e) {
            throw new WSSAxisFault("WSDoAllSender: Error during Signature with UsernameToken secret", e);
        }
    }

    private void performTSAction(boolean z, Document document, RequestData requestData) throws AxisFault {
        String str = (String) getOption(WSHandlerConstants.TTL_TIMESTAMP);
        String str2 = str;
        if (str == null) {
            str2 = (String) requestData.msgContext.getProperty(WSHandlerConstants.TTL_TIMESTAMP);
        }
        int i = 0;
        if (str2 != null) {
            try {
                i = Integer.parseInt(str2);
            } catch (NumberFormatException e) {
                i = requestData.timeToLive;
            }
        }
        if (i <= 0) {
            i = requestData.timeToLive;
        }
        String str3 = (String) getOption(WSHandlerConstants.TIMESTAMP_ABERRATION);
        int i2 = 0;
        if (str3 != null) {
            try {
                i2 = Integer.parseInt(str3);
            } catch (NumberFormatException e2) {
            }
        }
        new WSAddTimestamp(requestData.actor, z).build(document, i, i2);
    }

    protected Crypto loadCrypto() throws AxisFault {
        Crypto crypto;
        WSSProperties wSSProperties = (WSSProperties) getOption(WSJeusConstants.WSSPROPERTIES);
        if (wSSProperties != null) {
            Crypto crypto2 = (Crypto) this.cryptos.get(wSSProperties.uniqueID());
            if (crypto2 != null) {
                return crypto2;
            }
            crypto = CryptoFactory.getInstance(wSSProperties);
            if (crypto == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Could not load Keystore used for signing.");
                throw new AxisFault("WSDoAllSender: Could not load Keystore used for signing.");
            }
            this.cryptos.put(wSSProperties.uniqueID(), crypto);
        } else {
            crypto = (Crypto) this.cryptos.get("com.tmax.ws.security.components.crypto.SecurityFWItf");
            if (crypto == null) {
                Hashtable hashtable = new Hashtable();
                hashtable.put(WSSProperties.CRYPTO_PROVIDER, "com.tmax.ws.security.components.crypto.SecurityFWItf");
                crypto = CryptoFactory.getInstance(hashtable);
                if (crypto == null) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Could not load Keystore used for signing.");
                    throw new AxisFault("WSDoAllSender: Could not load Keystore used.");
                }
                this.cryptos.put("com.tmax.ws.security.components.crypto.SecurityFWItf", crypto);
            }
        }
        return crypto;
    }

    private void decodeUTParameter(RequestData requestData) throws AxisFault {
        String str = (String) getOption("passwordType");
        requestData.pwType = str;
        if (str == null) {
            requestData.pwType = (String) requestData.msgContext.getProperty("passwordType");
        }
        if (requestData.pwType != null) {
            requestData.pwType = requestData.pwType.equals(WSConstants.PW_TEXT) ? WSConstants.PASSWORD_TEXT : WSConstants.PASSWORD_DIGEST;
        }
        String str2 = (String) getOption(WSHandlerConstants.ADD_UT_ELEMENTS);
        String str3 = str2;
        if (str2 == null) {
            str3 = (String) requestData.msgContext.getProperty(WSHandlerConstants.ADD_UT_ELEMENTS);
        }
        if (str3 != null) {
            requestData.utElements = StringUtil.split(str3, ' ');
        }
    }

    private void decodeSignatureParameter(RequestData requestData) throws AxisFault {
        if (this.sigCrypto == null) {
            this.sigCrypto = loadSignatureCrypto();
            if (this.sigCrypto == null) {
                this.sigCrypto = this.crypto;
            }
            if (this.sigCrypto == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Signature : no crypto ready for signature");
                throw new WSSAxisFault("WSDoAllSender: Signature : no crypto ready for signature");
            }
        }
        String str = (String) getOption(WSHandlerConstants.SIG_KEY_ID);
        String str2 = str;
        if (str == null) {
            str2 = (String) requestData.msgContext.getProperty(WSHandlerConstants.SIG_KEY_ID);
        }
        if (str2 != null) {
            Integer num = (Integer) WSHandlerConstants.keyIdentifier.get(str2);
            if (num == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Signature: unknown key identification");
                throw new WSSAxisFault("WSDoAllSender: Signature: unknown key identification", 1);
            }
            requestData.sigKeyId = num.intValue();
            if (requestData.sigKeyId != 2 && requestData.sigKeyId != 1 && requestData.sigKeyId != 3 && requestData.sigKeyId != 4) {
                this.logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6001, "WSDoAllSender: Signature: illegal key identification");
                throw new WSSAxisFault("WSDoAllSender: Signature: illegal key identification", 1);
            }
        }
        String str3 = (String) getOption(WSHandlerConstants.SIG_ALGO);
        requestData.sigAlgorithm = str3;
        if (str3 == null) {
        }
        String str4 = (String) getOption(WSHandlerConstants.SIGNATURE_PARTS);
        String str5 = str4;
        if (str4 == null) {
            str5 = (String) requestData.msgContext.getProperty(WSHandlerConstants.SIGNATURE_PARTS);
        }
        if (str5 != null) {
            splitEncParts(str5, requestData.signatureParts, requestData);
        }
    }

    private void decodeEncryptionParameter(RequestData requestData) throws AxisFault {
        if (this.encCrypto == null) {
            this.encCrypto = loadEncryptionCrypto();
            if (this.encCrypto == null) {
                this.encCrypto = this.crypto;
            }
            if (this.encCrypto == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: Encryption: no crypto ready for encryption");
                throw new WSSAxisFault("WSDoAllSender: Encryption: no crypto ready for encryption");
            }
        }
        String str = (String) getOption(WSHandlerConstants.ENCRYPTION_USER);
        if (str == null) {
            String str2 = (String) requestData.msgContext.getProperty(WSHandlerConstants.ENCRYPTION_USER);
            if (str2 != null) {
                requestData.encUser = str2;
            }
        } else {
            requestData.encUser = str;
        }
        if (requestData.encUser == null) {
            handleSpecialUser(requestData);
            if (requestData.encCert == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "WSDoAllSender: Encryption: no user");
                throw new WSSAxisFault("WSDoAllSender: Encryption: no user", 7);
            }
        }
        String str3 = (String) getOption(WSHandlerConstants.ENC_KEY_ID);
        String str4 = str3;
        if (str3 == null) {
            str4 = (String) requestData.msgContext.getProperty(WSHandlerConstants.ENC_KEY_ID);
        }
        if (str4 != null) {
            Integer num = (Integer) WSHandlerConstants.keyIdentifier.get(str4);
            if (num == null) {
                this.logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6001, "WSDoAllSender: Signature: unknown key identification");
                throw new WSSAxisFault("WSDoAllSender: Encryption: unknown key identification", 1);
            }
            requestData.encKeyId = num.intValue();
            if (requestData.encKeyId != 2 && requestData.encKeyId != 3 && requestData.encKeyId != 4 && requestData.encKeyId != 1 && requestData.encKeyId != 5) {
                this.logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6001, "WSDoAllSender: Signature: illegal key identification");
                throw new WSSAxisFault("WSDoAllSender: Encryption: illegal key identification", 1);
            }
        }
        String str5 = (String) getOption(WSHandlerConstants.ENC_SYM_ALGO);
        requestData.encSymmAlgo = str5;
        if (str5 == null) {
            requestData.encSymmAlgo = (String) requestData.msgContext.getProperty(WSHandlerConstants.ENC_SYM_ALGO);
        }
        String str6 = (String) getOption(WSHandlerConstants.ENC_KEY_TRANSPORT);
        requestData.encKeyTransport = str6;
        if (str6 == null) {
            requestData.encKeyTransport = (String) requestData.msgContext.getProperty(WSHandlerConstants.ENC_KEY_TRANSPORT);
        }
        String str7 = (String) getOption(WSHandlerConstants.ENCRYPTION_PARTS);
        String str8 = str7;
        if (str7 == null) {
            str8 = (String) requestData.msgContext.getProperty(WSHandlerConstants.ENCRYPTION_PARTS);
        }
        if (str8 != null) {
            splitEncParts(str8, requestData.encryptParts, requestData);
        }
    }

    private boolean decodeMustUnderstand(RequestData requestData) throws AxisFault {
        boolean z = true;
        String str = (String) getOption("mustUnderstand");
        String str2 = str;
        if (str == null) {
            str2 = (String) requestData.msgContext.getProperty("mustUnderstand");
        }
        if (str2 != null) {
            if (str2.equals("0") || str2.equals("false")) {
                z = false;
            } else {
                if (!str2.equals("1") && !str2.equals("true")) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: illegal mustUnderstand parameter");
                    throw new WSSAxisFault("WSDoAllSender: illegal mustUnderstand parameter");
                }
                z = true;
            }
        }
        return z;
    }

    private Crypto loadSignatureCrypto() throws AxisFault {
        Crypto crypto = null;
        String str = (String) getOption(WSJeusConstants.SIG_KEY_TYPE);
        try {
            String decryptPassword = EncryptionUtil.decryptPassword((String) getOption(WSJeusConstants.SIG_KEYSTORE_PASSWORD));
            String str2 = (String) getOption(WSJeusConstants.SIG_KEYSTORE_FILENAME);
            if (str != null && decryptPassword != null && str2 != null) {
                WSSProperties wSSProperties = new WSSProperties("com.tmax.ws.security.components.crypto.DefaultWSSecurityItf");
                wSSProperties.setKeyStore(str2, str, decryptPassword);
                wSSProperties.setTrustStore(str2, str, decryptPassword);
                Crypto crypto2 = (Crypto) this.cryptos.get(wSSProperties.uniqueID());
                if (crypto2 != null) {
                    return crypto2;
                }
                crypto = CryptoFactory.getInstance(wSSProperties);
                if (crypto != null) {
                    this.cryptos.put(wSSProperties.uniqueID(), crypto);
                }
            }
            return crypto;
        } catch (DecryptionException e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._73_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._73_LEVEL, JeusMessage_Security._73, e);
            }
            throw new AxisFault("[ERROR] Unable to decrypt the configured password.");
        }
    }

    private Crypto loadEncryptionCrypto() throws AxisFault {
        Crypto crypto = null;
        String str = (String) getOption(WSJeusConstants.ENC_KEY_TYPE);
        try {
            String decryptPassword = EncryptionUtil.decryptPassword((String) getOption(WSJeusConstants.ENC_KEYSTORE_PASSWORD));
            String str2 = (String) getOption(WSJeusConstants.ENC_KEYSTORE_FILENAME);
            if (str != null && decryptPassword != null && str2 != null) {
                WSSProperties wSSProperties = new WSSProperties("com.tmax.ws.security.components.crypto.DefaultWSSecurityItf");
                wSSProperties.setKeyStore(str2, str, decryptPassword);
                wSSProperties.setTrustStore(str2, str, decryptPassword);
                Crypto crypto2 = (Crypto) this.cryptos.get(wSSProperties.uniqueID());
                if (crypto2 != null) {
                    return crypto2;
                }
                crypto = CryptoFactory.getInstance(wSSProperties);
                if (crypto != null) {
                    this.cryptos.put(wSSProperties.uniqueID(), crypto);
                }
            }
            return crypto;
        } catch (DecryptionException e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._73_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._73_LEVEL, JeusMessage_Security._73, e);
            }
            throw new AxisFault("[ERROR] Unable to decrypt the configured password.");
        }
    }

    private WSPasswordCallback readPwViaCallbackClass(String str, String str2, int i) throws AxisFault {
        try {
            try {
                return performCallback((CallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(str).newInstance(), str2, i);
            } catch (Exception e) {
                this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", e);
                throw new WSSAxisFault("WSDoAllSender: cannot create instance of password callback: " + str);
            }
        } catch (ClassNotFoundException e2) {
            this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, "WSDoAllSender: cannot load password callback class: " + str);
            throw new WSSAxisFault("WSDoAllSender: cannot load password callback class: " + str);
        }
    }

    private WSPasswordCallback performCallback(CallbackHandler callbackHandler, String str, int i) throws AxisFault {
        int i2 = 0;
        switch (i) {
            case 1:
            case 64:
                i2 = 2;
                break;
            case 2:
                i2 = 3;
                break;
            case 4:
                i2 = 4;
                break;
        }
        WSPasswordCallback wSPasswordCallback = new WSPasswordCallback(str, i2);
        try {
            callbackHandler.handle(new Callback[]{wSPasswordCallback});
            return wSPasswordCallback;
        } catch (Exception e) {
            this.logger.log(JeusMessage_Webservices_SEC._6012_LEVEL, "WSS: Unexpected Error", e);
            throw new WSSAxisFault("WSDoAllSender: password callback failed");
        }
    }

    private void splitEncParts(String str, Vector vector, RequestData requestData) throws AxisFault {
        WSEncryptionPart wSEncryptionPart;
        for (String str2 : StringUtil.split(str, ';')) {
            String[] split = StringUtil.split(str2, '}');
            if (split.length == 1) {
                wSEncryptionPart = new WSEncryptionPart(split[0].trim(), requestData.soapConstants.getEnvelopeURI(), "Content");
            } else {
                if (split.length != 3) {
                    this.logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, "WSS: Invalid Configuration", "WSDoAllSender: wrong part definition: " + str);
                    throw new WSSAxisFault("WSDoAllSender: wrong part definition: " + str);
                }
                String trim = split[0].trim();
                String substring = trim.length() <= 1 ? "Content" : trim.substring(1);
                String trim2 = split[1].trim();
                String trim3 = split[2].trim();
                wSEncryptionPart = new WSEncryptionPart(trim3, (trim2.length() > 1 || !trim3.equals("Body")) ? trim2.substring(1) : requestData.soapConstants.getEnvelopeURI(), substring);
            }
            vector.add(wSEncryptionPart);
        }
    }

    private WSPasswordCallback getPassword(RequestData requestData, int i, String str, String str2) throws AxisFault {
        WSPasswordCallback wSPasswordCallback;
        String str3 = (String) getOption(str);
        String str4 = str3;
        if (str3 == null) {
            str4 = (String) requestData.msgContext.getProperty(str);
        }
        if (str4 != null) {
            wSPasswordCallback = readPwViaCallbackClass(str4, requestData.username, i);
            if (wSPasswordCallback.getPassword() == null && wSPasswordCallback.getKey() == null) {
                return null;
            }
        } else {
            CallbackHandler callbackHandler = (CallbackHandler) requestData.msgContext.getProperty(str2);
            if (callbackHandler != null) {
                wSPasswordCallback = performCallback(callbackHandler, requestData.username, i);
                if (wSPasswordCallback.getPassword() == null && wSPasswordCallback.getKey() == null) {
                    return null;
                }
            } else {
                String password = requestData.msgContext.getPassword();
                if (password == null) {
                    return null;
                }
                requestData.msgContext.setPassword(null);
                wSPasswordCallback = new WSPasswordCallback("", 0);
                wSPasswordCallback.setPassword(password);
            }
        }
        return wSPasswordCallback;
    }

    private void handleSpecialUser(RequestData requestData) {
        Vector vector = (Vector) requestData.msgContext.getProperty(WSHandlerConstants.RECV_RESULTS);
        if (vector == null) {
            return;
        }
        for (int i = 0; i < vector.size(); i++) {
            WSHandlerResult wSHandlerResult = (WSHandlerResult) vector.get(i);
            if (WSSecurityUtil.isActorEqual(requestData.actor, wSHandlerResult.getActor())) {
                Vector results = wSHandlerResult.getResults();
                for (int i2 = 0; i2 < results.size(); i2++) {
                    WSSecurityEngineResult wSSecurityEngineResult = (WSSecurityEngineResult) results.get(i2);
                    if (wSSecurityEngineResult.getAction() == 2) {
                        requestData.encCert = wSSecurityEngineResult.getCertificate();
                        return;
                    }
                }
            }
        }
    }
}
