package org.fabric3.binding.ws.metro.runtime.security;

import com.sun.org.apache.xml.internal.security.keys.content.x509.XMLX509Certificate;
import com.sun.org.apache.xml.internal.security.utils.RFC2253Parser;
import com.sun.xml.ws.security.impl.kerberos.KerberosContext;
import com.sun.xml.wss.SecurityEnvironment;
import com.sun.xml.wss.XWSSConstants;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.core.Timestamp;
import com.sun.xml.wss.core.reference.X509SubjectKeyIdentifier;
import com.sun.xml.wss.impl.WssSoapFaultException;
import com.sun.xml.wss.impl.XWSSecurityRuntimeException;
import com.sun.xml.wss.impl.configuration.DynamicApplicationContext;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.saml.Assertion;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import java.util.Map;
import javax.crypto.SecretKey;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamReader;
import org.fabric3.api.SecuritySubject;
import org.fabric3.api.annotation.monitor.Monitor;
import org.fabric3.binding.ws.metro.runtime.MetroConstants;
import org.fabric3.spi.container.invocation.WorkContext;
import org.fabric3.spi.security.AuthenticationException;
import org.fabric3.spi.security.AuthenticationService;
import org.fabric3.spi.security.AuthenticationToken;
import org.fabric3.spi.security.BasicSecuritySubject;
import org.fabric3.spi.security.KeyStoreManager;
import org.fabric3.spi.security.UsernamePasswordToken;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSName;
import org.oasisopen.sca.annotation.Init;
import org.oasisopen.sca.annotation.Reference;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/fabric3/binding/ws/metro/runtime/security/F3SecurityEnvironment.class */
public class F3SecurityEnvironment implements SecurityEnvironment {
    private static final String WSU_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
    private AuthenticationService authenticationService;
    private KeyStoreManager keyStoreManager;
    private CertificateValidator certificateValidator;
    private KeyStore keyStore;
    private KeyStore trustStore;
    private char[] keyStorePassword;
    private final SimpleDateFormat calendarFormatter1 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
    private final SimpleDateFormat calendarFormatter2 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'.'SSS'Z'");

    public F3SecurityEnvironment(@Reference(required = false) AuthenticationService authenticationService, @Reference CertificateValidator certificateValidator, @Reference KeyStoreManager keyStoreManager, @Monitor SecurityMonitor securityMonitor) {
        if (authenticationService == null) {
            securityMonitor.securityExtensionNotInstalled();
            this.authenticationService = new AuthenticationService() { // from class: org.fabric3.binding.ws.metro.runtime.security.F3SecurityEnvironment.1
                public SecuritySubject authenticate(AuthenticationToken<?, ?> authenticationToken) throws AuthenticationException {
                    return new BasicSecuritySubject("disabled", "disabled", Collections.emptySet());
                }
            };
        } else {
            this.authenticationService = authenticationService;
        }
        this.certificateValidator = certificateValidator;
        this.keyStoreManager = keyStoreManager;
    }

    @Init
    public void init() {
        this.keyStore = this.keyStoreManager.getKeyStore();
        String keyStorePassword = this.keyStoreManager.getKeyStorePassword();
        if (keyStorePassword != null) {
            this.keyStorePassword = keyStorePassword.toCharArray();
        }
        this.trustStore = this.keyStoreManager.getTrustStore();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getDefaultCertificate(Map map) throws XWSSecurityRuntimeException {
        checkEnabled();
        return getDefaultCertificateInternal(this.trustStore, map);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(Map map, String str, boolean z) throws XWSSecurityRuntimeException {
        checkEnabled();
        try {
            return z ? (str == null || ("".equals(str) && z)) ? getDefaultCertificate(map) : (X509Certificate) this.keyStore.getCertificate(str) : ("".equals(str) || str == null) ? getDefaultCertificateInternal(this.trustStore, map) : (X509Certificate) this.trustStore.getCertificate(str);
        } catch (KeyStoreException e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public SecretKey getSecretKey(Map map, String str, boolean z) throws XWSSecurityException {
        checkEnabled();
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(Map map, String str) throws XWSSecurityRuntimeException {
        checkEnabled();
        try {
            return (PrivateKey) this.keyStore.getKey(str, this.keyStorePassword);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PublicKey getPublicKey(Map map, byte[] bArr) throws XWSSecurityRuntimeException, XWSSecurityException {
        checkEnabled();
        return getCertificate(map, bArr).getPublicKey();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PublicKey getPublicKey(Map map, byte[] bArr, String str) throws XWSSecurityRuntimeException, XWSSecurityException {
        checkEnabled();
        if ("Identifier".equals(str)) {
            return getCertificate(map, bArr).getPublicKey();
        }
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(Map map, byte[] bArr) throws XWSSecurityRuntimeException, XWSSecurityException {
        X509Certificate x509Certificate;
        byte[] subjectKeyIdentifier;
        checkEnabled();
        try {
            if (this.trustStore != null) {
                Enumeration<String> aliases = this.trustStore.aliases();
                while (aliases.hasMoreElements()) {
                    Certificate certificate = this.trustStore.getCertificate(aliases.nextElement());
                    if (certificate != null && XMLX509Certificate.JCA_CERT_ID.equals(certificate.getType()) && (subjectKeyIdentifier = X509SubjectKeyIdentifier.getSubjectKeyIdentifier((x509Certificate = (X509Certificate) certificate))) != null && Arrays.equals(bArr, subjectKeyIdentifier)) {
                        return x509Certificate;
                    }
                }
            }
            throw new XWSSecurityRuntimeException("Certificate not found");
        } catch (KeyStoreException e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(Map map, byte[] bArr, String str) throws XWSSecurityException {
        checkEnabled();
        if ("Identifier".equals(str)) {
            return getCertificate(map, bArr);
        }
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(Map map, X509Certificate x509Certificate) throws XWSSecurityRuntimeException {
        checkEnabled();
        try {
            Enumeration<String> aliases = this.keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (this.keyStore.isKeyEntry(nextElement)) {
                    Certificate certificate = this.keyStore.getCertificate(nextElement);
                    if (certificate != null && certificate.equals(x509Certificate)) {
                        return (PrivateKey) this.keyStore.getKey(nextElement, this.keyStorePassword);
                    }
                }
            }
            throw new XWSSecurityRuntimeException("Private key not found");
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(Map map, BigInteger bigInteger, String str) throws XWSSecurityRuntimeException {
        Certificate certificate;
        checkEnabled();
        try {
            Enumeration<String> aliases = this.keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (this.keyStore.isKeyEntry(nextElement) && (certificate = this.keyStore.getCertificate(nextElement)) != null && XMLX509Certificate.JCA_CERT_ID.equals(certificate.getType())) {
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    String normalize = RFC2253Parser.normalize(x509Certificate.getIssuerDN().getName());
                    BigInteger serialNumber = x509Certificate.getSerialNumber();
                    if (normalize.equals(str) && serialNumber.equals(bigInteger)) {
                        return (PrivateKey) this.keyStore.getKey(nextElement, this.keyStorePassword);
                    }
                }
            }
            throw new XWSSecurityRuntimeException("Private key not found for serial number: " + bigInteger);
        } catch (Exception e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(Map map, PublicKey publicKey, boolean z) throws XWSSecurityRuntimeException {
        checkEnabled();
        try {
            Enumeration<String> aliases = this.trustStore.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = this.trustStore.getCertificate(aliases.nextElement());
                if (certificate != null && XMLX509Certificate.JCA_CERT_ID.equals(certificate.getType())) {
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    if (x509Certificate.getPublicKey().equals(publicKey)) {
                        return x509Certificate;
                    }
                }
            }
            throw new XWSSecurityRuntimeException("Certificate not found");
        } catch (Exception e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(Map map, byte[] bArr) throws XWSSecurityRuntimeException, XWSSecurityException {
        Certificate certificate;
        byte[] subjectKeyIdentifier;
        checkEnabled();
        try {
            Enumeration<String> aliases = this.keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (this.keyStore.isKeyEntry(nextElement) && (certificate = this.keyStore.getCertificate(nextElement)) != null && XMLX509Certificate.JCA_CERT_ID.equals(certificate.getType()) && (subjectKeyIdentifier = X509SubjectKeyIdentifier.getSubjectKeyIdentifier((X509Certificate) certificate)) != null && Arrays.equals(bArr, subjectKeyIdentifier)) {
                    return (PrivateKey) this.keyStore.getKey(nextElement, this.keyStorePassword);
                }
            }
            throw new XWSSecurityRuntimeException("Private key not found");
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(Map map, byte[] bArr, String str) throws XWSSecurityException {
        checkEnabled();
        if ("Identifier".equals(str)) {
            return getPrivateKey(map, bArr);
        }
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(Map map, PublicKey publicKey, boolean z) throws XWSSecurityRuntimeException {
        checkEnabled();
        if (z) {
            throw new UnsupportedOperationException();
        }
        try {
            Enumeration<String> aliases = this.keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (this.keyStore.isKeyEntry(nextElement) && publicKey.equals(this.keyStore.getCertificate(nextElement).getPublicKey())) {
                    return (PrivateKey) this.keyStore.getKey(nextElement, this.keyStorePassword);
                }
            }
            throw new XWSSecurityRuntimeException("Private key not found");
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PublicKey getPublicKey(Map map, BigInteger bigInteger, String str) throws XWSSecurityRuntimeException {
        checkEnabled();
        return getCertificate(map, bigInteger, str).getPublicKey();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(Map map, BigInteger bigInteger, String str) throws XWSSecurityRuntimeException {
        checkEnabled();
        try {
            if (this.trustStore != null) {
                Enumeration<String> aliases = this.trustStore.aliases();
                while (aliases.hasMoreElements()) {
                    Certificate certificate = this.trustStore.getCertificate(aliases.nextElement());
                    if (certificate != null && XMLX509Certificate.JCA_CERT_ID.equals(certificate.getType())) {
                        X509Certificate x509Certificate = (X509Certificate) certificate;
                        String normalize = RFC2253Parser.normalize(x509Certificate.getIssuerDN().getName());
                        BigInteger serialNumber = x509Certificate.getSerialNumber();
                        if (normalize.equals(str) && serialNumber.equals(bigInteger)) {
                            return x509Certificate;
                        }
                    }
                }
            }
            throw new XWSSecurityRuntimeException("Certificate key not found");
        } catch (KeyStoreException e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean authenticateUser(Map map, String str, String str2) throws XWSSecurityRuntimeException {
        WorkContext workContext = (WorkContext) map.get(MetroConstants.WORK_CONTEXT);
        if (workContext == null) {
            throw new AssertionError("Work context not set");
        }
        try {
            workContext.setSubject(this.authenticationService.authenticate(new UsernamePasswordToken(str, str2)));
            return true;
        } catch (AuthenticationException e) {
            throw new XWSSecurityRuntimeException((Throwable) e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean authenticateUser(Map map, String str, String str2, String str3, String str4) throws XWSSecurityException {
        throw new UnsupportedOperationException("Digest authentication not supported");
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public String getUsername(Map map) {
        return (String) map.get(MetroConstants.USERNAME);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public String getPassword(Map map) {
        return (String) map.get(MetroConstants.PASSWORD);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public String authenticateUser(Map map, String str) {
        throw new UnsupportedOperationException("Username + context authentication not supported");
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public Subject getSubject() {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void validateTimestamp(Map map, Timestamp timestamp, long j, long j2) {
        checkEnabled();
        validateTimestamp(map, timestamp.getCreated(), timestamp.getExpires(), j, j2);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void validateTimestamp(Map map, String str, String str2, long j, long j2) {
        checkEnabled();
        if (!expiresBeforeCreated(str, str2)) {
            validateCreationTime(map, str, j, j2);
            return;
        }
        XWSSecurityRuntimeException xWSSecurityRuntimeException = new XWSSecurityRuntimeException("Message expired!");
        WssSoapFaultException wssSoapFaultException = new WssSoapFaultException(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "MessageExpired", "wsu"), "Message expired", null, null);
        wssSoapFaultException.initCause(xWSSecurityRuntimeException);
        throw wssSoapFaultException;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void validateCreationTime(Map map, String str, long j, long j2) throws XWSSecurityRuntimeException {
        Date parse;
        checkEnabled();
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
        SimpleDateFormat simpleDateFormat2 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'.'SSS'Z'");
        try {
            parse = simpleDateFormat.parse(str);
        } catch (ParseException e) {
            try {
                parse = simpleDateFormat2.parse(str);
            } catch (ParseException e2) {
                throw new XWSSecurityRuntimeException(e2);
            }
        }
        if (parse.before(getFreshnessAndSkewAdjustedDate(j, j2))) {
            throw new XWSSecurityRuntimeException("The creation time is older than the current time");
        }
        if (getGMTDateWithSkewAdjusted(new GregorianCalendar(), j, true).before(parse)) {
            throw new XWSSecurityRuntimeException("The creation time is ahead of the current time.");
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateCertificate(X509Certificate x509Certificate, Map map) throws XWSSecurityRuntimeException {
        checkEnabled();
        return this.certificateValidator.validate(x509Certificate, this.keyStore);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public CallbackHandler getCallbackHandler() {
        return null;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, String str, String str2) {
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, X509Certificate x509Certificate) {
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, Assertion assertion) {
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, XMLStreamReader xMLStreamReader) {
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, Subject subject2) {
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void validateSAMLAssertion(Map map, Element element) {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void validateSAMLAssertion(Map map, XMLStreamReader xMLStreamReader) {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public Element locateSAMLAssertion(Map map, Element element, String str, Document document) {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public AuthenticationTokenPolicy.SAMLAssertionBinding populateSAMLPolicy(Map map, AuthenticationTokenPolicy.SAMLAssertionBinding sAMLAssertionBinding, DynamicApplicationContext dynamicApplicationContext) {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateAndCacheNonce(Map map, String str, String str2, long j) throws XWSSecurityException {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean isSelfCertificate(X509Certificate x509Certificate) {
        return false;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public KerberosContext doKerberosLogin() throws XWSSecurityException {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public KerberosContext doKerberosLogin(byte[] bArr) throws XWSSecurityException {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, GSSName gSSName, GSSCredential gSSCredential) {
        throw new UnsupportedOperationException();
    }

    private boolean expiresBeforeCreated(String str, String str2) throws XWSSecurityRuntimeException {
        Date parse;
        Date date = null;
        try {
            synchronized (this.calendarFormatter1) {
                parse = this.calendarFormatter1.parse(str);
                if (str2 != null) {
                    date = this.calendarFormatter1.parse(str2);
                }
            }
        } catch (ParseException e) {
            synchronized (this.calendarFormatter2) {
                try {
                    parse = this.calendarFormatter2.parse(str);
                    if (str2 != null) {
                        date = this.calendarFormatter2.parse(str2);
                    }
                } catch (ParseException e2) {
                    throw new XWSSecurityRuntimeException(e2.getMessage());
                }
            }
        }
        return (date != null && date.equals(parse)) || (date != null && date.before(parse));
    }

    private Date getGMTDateWithSkewAdjusted(Calendar calendar, long j, boolean z) {
        long j2 = calendar.get(15);
        if (calendar.getTimeZone().inDaylightTime(calendar.getTime())) {
            j2 += calendar.getTimeZone().getDSTSavings();
        }
        long timeInMillis = calendar.getTimeInMillis() - j2;
        calendar.setTimeInMillis(z ? timeInMillis + j : timeInMillis - j);
        return calendar.getTime();
    }

    private Date getFreshnessAndSkewAdjustedDate(long j, long j2) {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        long j3 = gregorianCalendar.get(15);
        if (gregorianCalendar.getTimeZone().inDaylightTime(gregorianCalendar.getTime())) {
            j3 += gregorianCalendar.getTimeZone().getDSTSavings();
        }
        gregorianCalendar.setTimeInMillis(((gregorianCalendar.getTimeInMillis() - j3) - j) - j2);
        return gregorianCalendar.getTime();
    }

    private X509Certificate getDefaultCertificateInternal(KeyStore keyStore, Map map) throws XWSSecurityRuntimeException {
        Certificate certificate;
        try {
            String str = (String) map.get(MetroConstants.KEYSTORE_ALIAS);
            if (str != null) {
                Certificate certificate2 = keyStore.getCertificate(str);
                if (certificate2 == null) {
                    throw new XWSSecurityRuntimeException("Certificate not found for alias in keystore: " + str);
                }
                if (certificate2 instanceof X509Certificate) {
                    return (X509Certificate) certificate2;
                }
                throw new XWSSecurityRuntimeException("Not an X.509 certificate: " + str);
            }
            Object obj = map.get(XWSSConstants.CERTIFICATE_PROPERTY);
            if (obj instanceof X509Certificate) {
                return (X509Certificate) obj;
            }
            Enumeration<String> aliases = keyStore.aliases();
            while (true) {
                if (!aliases.hasMoreElements()) {
                    break;
                }
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement) && (certificate = keyStore.getCertificate(nextElement)) != null && (certificate instanceof X509Certificate)) {
                    if (str != null) {
                        str = null;
                        break;
                    }
                    str = nextElement;
                }
            }
            if (str == null) {
                throw new XWSSecurityRuntimeException("Unable to determine alias for default certificate in keystore");
            }
            return (X509Certificate) keyStore.getCertificate(str);
        } catch (KeyStoreException e) {
            throw new XWSSecurityRuntimeException(e);
        }
    }

    private void checkEnabled() throws XWSSecurityRuntimeException {
        if (this.keyStore == null) {
            throw new XWSSecurityRuntimeException("Keystore not configured");
        }
        if (this.trustStore == null) {
            throw new XWSSecurityRuntimeException("Truststore not configured");
        }
    }
}
