package com.sun.xml.wss.impl.filter;

import com.sun.xml.ws.security.impl.PasswordDerivedKey;
import com.sun.xml.ws.security.opt.impl.tokens.UsernameToken;
import com.sun.xml.ws.security.secext10.AttributedString;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.FilterProcessingContext;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.misc.Base64;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
import com.sun.xml.wss.logging.LogDomainConstants;
import com.sun.xml.wss.logging.impl.filter.LogStringsMessages;
import java.io.UnsupportedEncodingException;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.xml.security.exceptions.Base64DecodingException;

/* loaded from: input_file:com/sun/xml/wss/impl/filter/UsernameTokenDataResolver.class */
public class UsernameTokenDataResolver {
    private static final Logger log = Logger.getLogger(LogDomainConstants.IMPL_FILTER_DOMAIN, LogDomainConstants.IMPL_FILTER_DOMAIN_BUNDLE);

    public static AuthenticationTokenPolicy.UsernameTokenBinding setSaltandIterationsforUsernameToken(FilterProcessingContext filterProcessingContext, UsernameToken usernameToken, SignaturePolicy signaturePolicy, AuthenticationTokenPolicy.UsernameTokenBinding usernameTokenBinding, int i) throws XWSSecurityException, UnsupportedEncodingException {
        byte[] decode;
        int i2 = filterProcessingContext.getiterationsForPDK() != 0 ? filterProcessingContext.getiterationsForPDK() : 1000;
        if (i2 < 1000) {
            i2 = 1000;
        }
        PasswordDerivedKey passwordDerivedKey = new PasswordDerivedKey();
        String usernameValue = usernameToken.getUsernameValue();
        if (usernameValue == null || MessageConstants.EMPTY_STRING.equals(usernameValue)) {
            usernameValue = filterProcessingContext.getSecurityEnvironment().getUsername(filterProcessingContext.getExtraneousProperties());
        }
        if (usernameValue == null || MessageConstants.EMPTY_STRING.equals(usernameValue)) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_1409_INVALID_USERNAME_TOKEN());
            throw new XWSSecurityException("Username has not been set");
        }
        usernameToken.setUsernameValue(usernameValue);
        String password = usernameTokenBinding.getPassword();
        if (!usernameTokenBinding.hasNoPassword() && (password == null || MessageConstants.EMPTY_STRING.equals(password))) {
            password = filterProcessingContext.getSecurityEnvironment().getPassword(filterProcessingContext.getExtraneousProperties());
        }
        if (!usernameTokenBinding.hasNoPassword() && password == null) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_1424_INVALID_USERNAME_TOKEN());
            throw new XWSSecurityException("Password for the username has not been set");
        }
        AttributedString attributedString = new AttributedString();
        attributedString.setValue(Integer.toString(i2));
        usernameToken.setIteration(attributedString);
        if (usernameToken.getSalt() == null) {
            decode = passwordDerivedKey.get16ByteSalt();
            AttributedString attributedString2 = new AttributedString();
            attributedString2.setValue(Base64.encode(decode));
            usernameToken.setSalt(attributedString2);
        } else {
            String value = usernameToken.getSalt().getValue();
            i2 = Integer.parseInt(usernameToken.getIteration().getValue());
            try {
                decode = Base64.decode(value);
            } catch (Base64DecodingException e) {
                log.log(Level.SEVERE, LogStringsMessages.WSS_1426_BASE_64_DECODING_ERROR(), e);
                throw new UnsupportedEncodingException("error while decoding the salt in username token");
            }
        }
        decode[0] = (byte) i;
        usernameTokenBinding.setSecretKey(passwordDerivedKey.generate160BitKey(password, i2, decode));
        return usernameTokenBinding;
    }

    public static AuthenticationTokenPolicy.UsernameTokenBinding setSaltandIterationsforUsernameToken(FilterProcessingContext filterProcessingContext, UsernameToken usernameToken, EncryptionPolicy encryptionPolicy, AuthenticationTokenPolicy.UsernameTokenBinding usernameTokenBinding) throws XWSSecurityException, UnsupportedEncodingException {
        byte[] decode;
        int i = filterProcessingContext.getiterationsForPDK() != 0 ? filterProcessingContext.getiterationsForPDK() : 1000;
        if (i < 1000) {
            i = 1000;
        }
        byte[] bArr = new byte[16];
        String usernameValue = usernameToken.getUsernameValue();
        if (usernameValue == null || MessageConstants.EMPTY_STRING.equals(usernameValue)) {
            usernameValue = filterProcessingContext.getSecurityEnvironment().getUsername(filterProcessingContext.getExtraneousProperties());
        }
        if (usernameValue == null || MessageConstants.EMPTY_STRING.equals(usernameValue)) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_1409_INVALID_USERNAME_TOKEN());
            throw new XWSSecurityException("Username has not been set");
        }
        usernameToken.setUsernameValue(usernameValue);
        String password = usernameTokenBinding.getPassword();
        if (!usernameTokenBinding.hasNoPassword() && (password == null || MessageConstants.EMPTY_STRING.equals(password))) {
            password = filterProcessingContext.getSecurityEnvironment().getPassword(filterProcessingContext.getExtraneousProperties());
        }
        if (!usernameTokenBinding.hasNoPassword() && password == null) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_1424_INVALID_USERNAME_TOKEN());
            throw new XWSSecurityException("Password for the username has not been set");
        }
        AttributedString attributedString = new AttributedString();
        attributedString.setValue(Integer.toString(i));
        usernameToken.setIteration(attributedString);
        PasswordDerivedKey passwordDerivedKey = new PasswordDerivedKey();
        if (usernameToken.getSalt() == null) {
            decode = passwordDerivedKey.get16ByteSalt();
            AttributedString attributedString2 = new AttributedString();
            attributedString2.setValue(Base64.encode(decode));
            usernameToken.setSalt(attributedString2);
        } else {
            String value = usernameToken.getSalt().getValue();
            i = Integer.parseInt(usernameToken.getIteration().getValue());
            try {
                decode = Base64.decode(value);
            } catch (Base64DecodingException e) {
                log.log(Level.SEVERE, LogStringsMessages.WSS_1426_BASE_64_DECODING_ERROR(), e);
                throw new UnsupportedEncodingException("error while decoding the salt in username token");
            }
        }
        decode[0] = 2;
        byte[] generate160BitKey = passwordDerivedKey.generate160BitKey(password, i, decode);
        for (int i2 = 0; i2 < 16; i2++) {
            bArr[i2] = generate160BitKey[i2];
        }
        usernameTokenBinding.setSecretKey(bArr);
        return usernameTokenBinding;
    }

    public static AuthenticationTokenPolicy.UsernameTokenBinding resolveUsernameToken(FilterProcessingContext filterProcessingContext, com.sun.xml.wss.core.UsernameToken usernameToken, UsernameToken usernameToken2, AuthenticationTokenPolicy authenticationTokenPolicy) throws XWSSecurityException {
        AuthenticationTokenPolicy.UsernameTokenBinding usernameTokenBinding = (AuthenticationTokenPolicy.UsernameTokenBinding) authenticationTokenPolicy.getFeatureBinding();
        String username = usernameTokenBinding.getUsername();
        String password = usernameTokenBinding.getPassword();
        if (username == null || MessageConstants.EMPTY_STRING.equals(username)) {
            username = filterProcessingContext.getSecurityEnvironment().getUsername(filterProcessingContext.getExtraneousProperties());
        }
        if (username == null || MessageConstants.EMPTY_STRING.equals(username)) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_1409_INVALID_USERNAME_TOKEN());
            throw new XWSSecurityException("Username has not been set");
        }
        if (usernameToken != null) {
            usernameToken.setUsername(username);
        } else {
            usernameToken2.setUsernameValue(username);
        }
        if (!usernameTokenBinding.hasNoPassword() && (password == null || MessageConstants.EMPTY_STRING.equals(password))) {
            password = filterProcessingContext.getSecurityEnvironment().getPassword(filterProcessingContext.getExtraneousProperties());
        }
        if (!usernameTokenBinding.hasNoPassword()) {
            if (password == null) {
                log.log(Level.SEVERE, LogStringsMessages.WSS_1424_INVALID_USERNAME_TOKEN());
                throw new XWSSecurityException("Password for the username has not been set");
            }
            if (usernameToken != null) {
                usernameToken.setPassword(password);
            } else {
                usernameToken2.setPasswordValue(password);
            }
        }
        return usernameTokenBinding;
    }
}
