package org.apache.wss4j.stax;

import java.net.URISyntaxException;
import java.util.HashSet;
import org.apache.wss4j.common.crypto.WSProviderConfig;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.stax.ext.InboundWSSec;
import org.apache.wss4j.stax.ext.OutboundWSSec;
import org.apache.wss4j.stax.ext.WSSConfigurationException;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.config.Init;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;

/* loaded from: input_file:org/apache/wss4j/stax/WSSec.class */
public class WSSec {
    public static OutboundWSSec getOutboundWSSec(WSSSecurityProperties wSSSecurityProperties) throws WSSecurityException {
        if (wSSSecurityProperties == null) {
            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "missingSecurityProperties");
        }
        return new OutboundWSSec(validateAndApplyDefaultsToOutboundSecurityProperties(wSSSecurityProperties));
    }

    public static InboundWSSec getInboundWSSec(WSSSecurityProperties wSSSecurityProperties) throws WSSecurityException {
        if (wSSSecurityProperties == null) {
            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "missingSecurityProperties");
        }
        return new InboundWSSec(validateAndApplyDefaultsToInboundSecurityProperties(wSSSecurityProperties));
    }

    public static WSSSecurityProperties validateAndApplyDefaultsToOutboundSecurityProperties(WSSSecurityProperties wSSSecurityProperties) throws WSSConfigurationException {
        if (wSSSecurityProperties.getActions() == null || wSSSecurityProperties.getActions().isEmpty()) {
            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noOutputAction");
        }
        if (new HashSet(wSSSecurityProperties.getActions()).size() != wSSSecurityProperties.getActions().size()) {
            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "stax.duplicateActions");
        }
        for (XMLSecurityConstants.Action action : wSSSecurityProperties.getActions()) {
            if (WSSConstants.TIMESTAMP.equals(action)) {
                if (wSSSecurityProperties.getTimestampTTL() == null) {
                    wSSSecurityProperties.setTimestampTTL(300);
                }
            } else if (WSSConstants.SIGNATURE.equals(action)) {
                if (!"http://www.w3.org/2000/09/xmldsig#hmac-sha1".equals(wSSSecurityProperties.getSignatureAlgorithm())) {
                    if (wSSSecurityProperties.getSignatureKeyStore() == null && wSSSecurityProperties.getSignatureCryptoProperties() == null && wSSSecurityProperties.getSignatureCrypto() == null) {
                        throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "signatureKeyStoreNotSet");
                    }
                    if (wSSSecurityProperties.getSignatureUser() == null) {
                        throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noSignatureUser");
                    }
                    if (wSSSecurityProperties.getCallbackHandler() == null) {
                        throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
                    }
                }
                if (wSSSecurityProperties.getSignatureAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
                }
                if (wSSSecurityProperties.getSignatureDigestAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureDigestAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
                }
                if (wSSSecurityProperties.getSignatureCanonicalizationAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
                }
                if (wSSSecurityProperties.getSignatureKeyIdentifier() == null) {
                    wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_IssuerSerial);
                }
            } else if (WSSConstants.ENCRYPT.equals(action)) {
                if (wSSSecurityProperties.getEncryptionUseThisCertificate() == null && wSSSecurityProperties.getEncryptionKeyStore() == null && wSSSecurityProperties.getEncryptionCryptoProperties() == null && !wSSSecurityProperties.isUseReqSigCertForEncryption() && wSSSecurityProperties.isEncryptSymmetricEncryptionKey() && wSSSecurityProperties.getEncryptionCrypto() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "encryptionKeyStoreNotSet");
                }
                if (wSSSecurityProperties.getEncryptionUser() == null && wSSSecurityProperties.getEncryptionUseThisCertificate() == null && !wSSSecurityProperties.isUseReqSigCertForEncryption() && wSSSecurityProperties.isEncryptSymmetricEncryptionKey()) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noEncryptionUser");
                }
                if (wSSSecurityProperties.getEncryptionSymAlgorithm() == null) {
                    wSSSecurityProperties.setEncryptionSymAlgorithm("http://www.w3.org/2001/04/xmlenc#aes256-cbc");
                }
                if (wSSSecurityProperties.getEncryptionKeyTransportAlgorithm() == null) {
                    wSSSecurityProperties.setEncryptionKeyTransportAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
                }
                if (wSSSecurityProperties.getEncryptionKeyIdentifier() == null) {
                    wSSSecurityProperties.setEncryptionKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_IssuerSerial);
                }
            } else if (WSSConstants.USERNAMETOKEN.equals(action)) {
                if (wSSSecurityProperties.getTokenUser() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noTokenUser");
                }
                if (wSSSecurityProperties.getCallbackHandler() == null && WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE != wSSSecurityProperties.getUsernameTokenPasswordType()) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
                }
                if (wSSSecurityProperties.getUsernameTokenPasswordType() == null) {
                    wSSSecurityProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
                }
            } else if (WSSConstants.USERNAMETOKEN_SIGNED.equals(action)) {
                if (wSSSecurityProperties.getTokenUser() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noTokenUser");
                }
                if (wSSSecurityProperties.getCallbackHandler() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
                }
                if (wSSSecurityProperties.getSignatureAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
                }
                if (wSSSecurityProperties.getSignatureDigestAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureDigestAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
                }
                if (wSSSecurityProperties.getSignatureCanonicalizationAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
                }
                wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_UsernameTokenReference);
                if (wSSSecurityProperties.getUsernameTokenPasswordType() == null) {
                    wSSSecurityProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
                }
            } else if (WSSConstants.SIGNATURE_WITH_DERIVED_KEY.equals(action)) {
                if (wSSSecurityProperties.getCallbackHandler() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
                }
                if (wSSSecurityProperties.getSignatureAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
                }
                if (wSSSecurityProperties.getSignatureDigestAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureDigestAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
                }
                if (wSSSecurityProperties.getSignatureCanonicalizationAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
                }
                if (wSSSecurityProperties.getSignatureKeyIdentifier() == null) {
                    wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
                }
                if (wSSSecurityProperties.getEncryptionSymAlgorithm() == null) {
                    wSSSecurityProperties.setEncryptionSymAlgorithm("http://www.w3.org/2001/04/xmlenc#aes256-cbc");
                }
                if (wSSSecurityProperties.getEncryptionKeyTransportAlgorithm() == null) {
                    wSSSecurityProperties.setEncryptionKeyTransportAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
                }
                if (wSSSecurityProperties.getEncryptionKeyIdentifier() == null) {
                    wSSSecurityProperties.setEncryptionKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier);
                }
                if (wSSSecurityProperties.getDerivedKeyKeyIdentifier() == null) {
                    wSSSecurityProperties.setDerivedKeyKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier);
                }
                if (wSSSecurityProperties.getDerivedKeyTokenReference() == null) {
                    wSSSecurityProperties.setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference.DirectReference);
                }
                if (wSSSecurityProperties.getDerivedKeyTokenReference() != WSSConstants.DerivedKeyTokenReference.DirectReference) {
                    wSSSecurityProperties.setDerivedKeyKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
                }
            } else if (WSSConstants.ENCRYPT_WITH_DERIVED_KEY.equals(action)) {
                if (wSSSecurityProperties.getCallbackHandler() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
                }
                if (wSSSecurityProperties.getEncryptionUseThisCertificate() == null && wSSSecurityProperties.getEncryptionKeyStore() == null && wSSSecurityProperties.getEncryptionCryptoProperties() == null && !wSSSecurityProperties.isUseReqSigCertForEncryption() && wSSSecurityProperties.isEncryptSymmetricEncryptionKey() && wSSSecurityProperties.getEncryptionCrypto() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "encryptionKeyStoreNotSet");
                }
                if (wSSSecurityProperties.getEncryptionUser() == null && wSSSecurityProperties.getEncryptionUseThisCertificate() == null && !wSSSecurityProperties.isUseReqSigCertForEncryption() && wSSSecurityProperties.isEncryptSymmetricEncryptionKey()) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noEncryptionUser");
                }
                if (wSSSecurityProperties.getEncryptionSymAlgorithm() == null) {
                    wSSSecurityProperties.setEncryptionSymAlgorithm("http://www.w3.org/2001/04/xmlenc#aes256-cbc");
                }
                if (wSSSecurityProperties.getEncryptionKeyTransportAlgorithm() == null) {
                    wSSSecurityProperties.setEncryptionKeyTransportAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
                }
                if (wSSSecurityProperties.getEncryptionKeyIdentifier() == null) {
                    wSSSecurityProperties.setEncryptionKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier);
                }
                if (wSSSecurityProperties.getDerivedKeyKeyIdentifier() == null) {
                    wSSSecurityProperties.setDerivedKeyKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier);
                }
                if (wSSSecurityProperties.getDerivedKeyTokenReference() == null) {
                    wSSSecurityProperties.setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference.EncryptedKey);
                }
                if (wSSSecurityProperties.getDerivedKeyTokenReference() != WSSConstants.DerivedKeyTokenReference.DirectReference) {
                    wSSSecurityProperties.setDerivedKeyKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
                }
            } else if (WSSConstants.SAML_TOKEN_SIGNED.equals(action)) {
                if (wSSSecurityProperties.getCallbackHandler() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
                }
                if (wSSSecurityProperties.getSamlCallbackHandler() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noSAMLCallbackHandler");
                }
                if (wSSSecurityProperties.getSignatureAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
                }
                if (wSSSecurityProperties.getSignatureDigestAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureDigestAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
                }
                if (wSSSecurityProperties.getSignatureCanonicalizationAlgorithm() == null) {
                    wSSSecurityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
                }
                if (wSSSecurityProperties.getSignatureKeyIdentifier() == null) {
                    wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
                }
            } else {
                if (WSSConstants.SAML_TOKEN_UNSIGNED.equals(action) && wSSSecurityProperties.getSamlCallbackHandler() == null) {
                    throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noSAMLCallbackHandler");
                }
                if (WSSConstants.SIGNATURE_WITH_KERBEROS_TOKEN.equals(action)) {
                    if (wSSSecurityProperties.getCallbackHandler() == null) {
                        throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
                    }
                    if (wSSSecurityProperties.getSignatureAlgorithm() == null) {
                        wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
                    }
                    if (wSSSecurityProperties.getSignatureDigestAlgorithm() == null) {
                        wSSSecurityProperties.setSignatureDigestAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
                    }
                    if (wSSSecurityProperties.getSignatureCanonicalizationAlgorithm() == null) {
                        wSSSecurityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
                    }
                    if (wSSSecurityProperties.getSignatureKeyIdentifier() == null) {
                        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
                    }
                } else if (!WSSConstants.ENCRYPT_WITH_KERBEROS_TOKEN.equals(action)) {
                    continue;
                } else {
                    if (wSSSecurityProperties.getCallbackHandler() == null) {
                        throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
                    }
                    if (wSSSecurityProperties.getEncryptionSymAlgorithm() == null) {
                        wSSSecurityProperties.setEncryptionSymAlgorithm("http://www.w3.org/2001/04/xmlenc#aes256-cbc");
                    }
                    if (wSSSecurityProperties.getSignatureKeyIdentifier() == null) {
                        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
                    }
                }
            }
        }
        return new WSSSecurityProperties(wSSSecurityProperties);
    }

    public static WSSSecurityProperties validateAndApplyDefaultsToInboundSecurityProperties(WSSSecurityProperties wSSSecurityProperties) throws WSSConfigurationException {
        return new WSSSecurityProperties(wSSSecurityProperties);
    }

    static {
        WSProviderConfig.init();
        try {
            Init.init(WSSec.class.getClassLoader().getResource("wss/wss-config.xml").toURI());
        } catch (XMLSecurityException e) {
            throw new RuntimeException(e.getMessage(), e);
        } catch (URISyntaxException e2) {
            throw new RuntimeException(e2.getMessage(), e2);
        }
    }
}
