package com.ebmwebsourcing.geasysecu.service.policy.servertoClient;

import com.ebmwebsourcing.geasysecu.business.domain.policy.to.highlevel.IPolicyAspect;
import com.ebmwebsourcing.geasysecu.business.domain.policy.to.highlevel.PolicyFileTO;
import com.ebmwebsourcing.geasysecu.business.domain.securitypolicy.AbstractBindingTO;
import com.ebmwebsourcing.geasysecu.business.domain.securitypolicy.AsymmetricBindingTO;
import com.ebmwebsourcing.geasysecu.business.domain.securitypolicy.KerberosTokenTO;
import com.ebmwebsourcing.geasysecu.business.domain.securitypolicy.SecurityPolicyContentTO;
import com.ebmwebsourcing.geasysecu.business.domain.securitypolicy.SecurityTokenTO;
import com.ebmwebsourcing.geasysecu.business.domain.securitypolicy.SymmetricBindingTO;
import com.ebmwebsourcing.geasysecu.business.domain.securitypolicy.WSSecurityConstants;
import com.ebmwebsourcing.geasysecu.business.domain.securitypolicy.X509TokenTO;
import com.ebmwebsourcing.geasysecu.service.policy.addon.KerberosToken;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.cxf.ws.security.policy.model.AbstractSecurityAssertion;
import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
import org.apache.cxf.ws.security.policy.model.AsymmetricBinding;
import org.apache.cxf.ws.security.policy.model.SignedEncryptedParts;
import org.apache.cxf.ws.security.policy.model.SymmetricAsymmetricBindingBase;
import org.apache.cxf.ws.security.policy.model.SymmetricBinding;
import org.apache.cxf.ws.security.policy.model.Token;
import org.apache.cxf.ws.security.policy.model.X509Token;
import org.apache.neethi.PolicyComponent;

/* loaded from: input_file:com/ebmwebsourcing/geasysecu/service/policy/servertoClient/ServertToClientSecurityPolicyTranslator.class */
public class ServertToClientSecurityPolicyTranslator implements IServerToClientSecurityPolicyTranslator {
    private Map<ComparisonSet, String> translationMap = Maps.newHashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/ebmwebsourcing/geasysecu/service/policy/servertoClient/ServertToClientSecurityPolicyTranslator$ComparisonSet.class */
    public class ComparisonSet {
        private String digest;
        private String encryption;
        private String symmetricKeyWrap;
        private String asymmetricKeyWrap;

        public ComparisonSet(String str, String str2, String str3, String str4) {
            this.digest = str;
            this.encryption = str2;
            this.symmetricKeyWrap = str3;
            this.asymmetricKeyWrap = str4;
        }

        public int hashCode() {
            return (31 * ((31 * ((31 * ((31 * ((31 * 1) + getOuterType().hashCode())) + (this.asymmetricKeyWrap == null ? 0 : this.asymmetricKeyWrap.hashCode()))) + (this.digest == null ? 0 : this.digest.hashCode()))) + (this.encryption == null ? 0 : this.encryption.hashCode()))) + (this.symmetricKeyWrap == null ? 0 : this.symmetricKeyWrap.hashCode());
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || !(obj instanceof ComparisonSet)) {
                return false;
            }
            ComparisonSet comparisonSet = (ComparisonSet) obj;
            if (!getOuterType().equals(comparisonSet.getOuterType())) {
                return false;
            }
            if (this.asymmetricKeyWrap == null) {
                if (comparisonSet.asymmetricKeyWrap != null) {
                    return false;
                }
            } else if (!this.asymmetricKeyWrap.equals(comparisonSet.asymmetricKeyWrap)) {
                return false;
            }
            if (this.digest == null) {
                if (comparisonSet.digest != null) {
                    return false;
                }
            } else if (!this.digest.equals(comparisonSet.digest)) {
                return false;
            }
            if (this.encryption == null) {
                if (comparisonSet.encryption != null) {
                    return false;
                }
            } else if (!this.encryption.equals(comparisonSet.encryption)) {
                return false;
            }
            return this.symmetricKeyWrap == null ? comparisonSet.symmetricKeyWrap == null : this.symmetricKeyWrap.equals(comparisonSet.symmetricKeyWrap);
        }

        private ServertToClientSecurityPolicyTranslator getOuterType() {
            return ServertToClientSecurityPolicyTranslator.this;
        }
    }

    public ServertToClientSecurityPolicyTranslator() {
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#aes256-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes256", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"), "Basic256");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#aes192-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes192", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"), "Basic192");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#aes128-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes128", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"), "Basic128");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#tripledes-cbc", "http://www.w3.org/2001/04/xmlenc#kw-tripledes", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"), "TripleDes");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#aes256-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes256", "http://www.w3.org/2001/04/xmlenc#rsa-1_5"), "Basic256Rsa15");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#aes192-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes192", "http://www.w3.org/2001/04/xmlenc#rsa-1_5"), "Basic192Rsa15");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#aes128-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes128", "http://www.w3.org/2001/04/xmlenc#rsa-1_5"), "Basic128Rsa15");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2001/04/xmlenc#tripledes-cbc", "http://www.w3.org/2001/04/xmlenc#kw-tripledes", "http://www.w3.org/2001/04/xmlenc#rsa-1_5"), "TripleDesRsa15");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmlenc#aes256-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes256", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"), "Basic256Sha256");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmlenc#aes192-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes192", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"), "Basic192Sha256");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmlenc#aes128-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes128", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"), "Basic128Sha256");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmlenc#tripledes-cbc", "http://www.w3.org/2001/04/xmlenc#kw-tripledes", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"), "TripleDesSha256");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmlenc#aes256-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes256", "http://www.w3.org/2001/04/xmlenc#rsa-1_5"), "Basic256Sha256Rsa15");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmlenc#aes192-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes192", "http://www.w3.org/2001/04/xmlenc#rsa-1_5"), "Basic192Sha256Rsa15");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmlenc#aes128-cbc", "http://www.w3.org/2001/04/xmlenc#kw-aes128", "http://www.w3.org/2001/04/xmlenc#rsa-1_5"), "Basic128Sha256");
        this.translationMap.put(new ComparisonSet("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmlenc#tripledes-cbc", "http://www.w3.org/2001/04/xmlenc#kw-tripledes", "http://www.w3.org/2001/04/xmlenc#rsa-1_5"), "TripleDesSha256Rsa15");
    }

    @Override // com.ebmwebsourcing.geasysecu.service.policy.servertoClient.IPolicyAssertionTranslator
    public boolean handle(Class<? extends PolicyComponent> cls) {
        return AbstractSecurityAssertion.class.isAssignableFrom(cls);
    }

    @Override // com.ebmwebsourcing.geasysecu.service.policy.servertoClient.IPolicyAssertionTranslator
    public List<Class<? extends PolicyComponent>> getHandledTypes() {
        ArrayList newArrayList = Lists.newArrayList();
        newArrayList.add(SymmetricBinding.class);
        newArrayList.add(AsymmetricBinding.class);
        newArrayList.add(SignedEncryptedParts.class);
        return newArrayList;
    }

    @Override // com.ebmwebsourcing.geasysecu.service.policy.servertoClient.IPolicyAssertionTranslator
    public void translate(PolicyComponent policyComponent, PolicyFileTO policyFileTO) {
        if (policyComponent instanceof SymmetricAsymmetricBindingBase) {
            SecurityPolicyContentTO findOrCreateSecurityAspect = findOrCreateSecurityAspect(policyFileTO);
            if (policyComponent instanceof SymmetricBinding) {
                findOrCreateSecurityAspect.setBinding(translateSymmetricBinding((SymmetricBinding) policyComponent));
                return;
            } else {
                if (!(policyComponent instanceof AsymmetricBinding)) {
                    throw new UnsupportedOperationException("Unsupported Binding");
                }
                findOrCreateSecurityAspect.setBinding(translateAsymmetricBinding((AsymmetricBinding) policyComponent));
                return;
            }
        }
        if (!(policyComponent instanceof SignedEncryptedParts)) {
            throw new UnsupportedOperationException("Unsupported PolicyCompomnent");
        }
        SecurityPolicyContentTO findOrCreateSecurityAspect2 = findOrCreateSecurityAspect(policyFileTO);
        SignedEncryptedParts signedEncryptedParts = (SignedEncryptedParts) policyComponent;
        if (signedEncryptedParts.isSignedParts()) {
            if (signedEncryptedParts.isBody()) {
                findOrCreateSecurityAspect2.setSignedParts(WSSecurityConstants.SignatureOrEncryptionParts.BODY);
            }
        } else if (signedEncryptedParts.isBody()) {
            findOrCreateSecurityAspect2.setEncryptedParts(WSSecurityConstants.SignatureOrEncryptionParts.BODY);
        }
    }

    private SecurityPolicyContentTO findOrCreateSecurityAspect(PolicyFileTO policyFileTO) {
        IPolicyAspect iPolicyAspect;
        IPolicyAspect iPolicyAspect2 = null;
        for (IPolicyAspect iPolicyAspect3 : policyFileTO.getAspects()) {
            iPolicyAspect2 = iPolicyAspect3;
            if (iPolicyAspect3 instanceof SecurityPolicyContentTO) {
                break;
            }
        }
        if (iPolicyAspect2 == null) {
            iPolicyAspect = new SecurityPolicyContentTO();
            policyFileTO.addAspect(iPolicyAspect);
        } else {
            iPolicyAspect = (SecurityPolicyContentTO) iPolicyAspect2;
        }
        return iPolicyAspect;
    }

    @Override // com.ebmwebsourcing.geasysecu.service.policy.servertoClient.IServerToClientSecurityPolicyTranslator
    public SymmetricBindingTO translateSymmetricBinding(SymmetricBinding symmetricBinding) {
        SymmetricBindingTO symmetricBindingTO = new SymmetricBindingTO();
        translateCommonBindingPart(symmetricBinding, symmetricBindingTO);
        symmetricBindingTO.setProtectionToken(translateToken(symmetricBinding.getProtectionToken().getProtectionToken()));
        return symmetricBindingTO;
    }

    @Override // com.ebmwebsourcing.geasysecu.service.policy.servertoClient.IServerToClientSecurityPolicyTranslator
    public KerberosTokenTO translateKerberosToken(KerberosToken kerberosToken) {
        KerberosTokenTO kerberosTokenTO = new KerberosTokenTO();
        kerberosTokenTO.setRequireKeyIdentifierReference(kerberosToken.isRequireKeyIdentifierReference());
        kerberosTokenTO.setTokenType(kerberosToken.isGssV5ApReqToken11() ? "WssGssKerberosV5ApReqToken11" : "WssKerberosV5ApReqToken11");
        return kerberosTokenTO;
    }

    @Override // com.ebmwebsourcing.geasysecu.service.policy.servertoClient.IServerToClientSecurityPolicyTranslator
    public X509TokenTO translateX509Token(X509Token x509Token) {
        X509TokenTO x509TokenTO = new X509TokenTO();
        x509TokenTO.setRequireEmbeddedTokenRef(x509Token.isRequireEmbeddedTokenReference());
        x509TokenTO.setRequireIssuerSerialRef(x509Token.isRequireIssuerSerialReference());
        x509TokenTO.setRequireKeyIdentifierReference(x509Token.isRequireKeyIdentifierReference());
        x509TokenTO.setRequireThumbprintRef(x509Token.isRequireThumbprintReference());
        x509TokenTO.setTokenType(x509Token.getTokenVersionAndType());
        return x509TokenTO;
    }

    @Override // com.ebmwebsourcing.geasysecu.service.policy.servertoClient.IServerToClientSecurityPolicyTranslator
    public AsymmetricBindingTO translateAsymmetricBinding(AsymmetricBinding asymmetricBinding) {
        AsymmetricBindingTO asymmetricBindingTO = new AsymmetricBindingTO();
        asymmetricBindingTO.setInitiatorToken(translateToken(asymmetricBinding.getInitiatorToken().getInitiatorToken()));
        asymmetricBindingTO.setRecipientToken(translateToken(asymmetricBinding.getRecipientToken().getRecipientToken()));
        translateCommonBindingPart(asymmetricBinding, asymmetricBindingTO);
        return asymmetricBindingTO;
    }

    private String getAlgorithmSuite(AlgorithmSuite algorithmSuite) {
        return this.translationMap.get(new ComparisonSet(algorithmSuite.getDigest(), algorithmSuite.getEncryption(), algorithmSuite.getSymmetricKeyWrap(), algorithmSuite.getAsymmetricKeyWrap()));
    }

    private void translateCommonBindingPart(SymmetricAsymmetricBindingBase symmetricAsymmetricBindingBase, AbstractBindingTO abstractBindingTO) {
        abstractBindingTO.setAlgorithmSuite(getAlgorithmSuite(symmetricAsymmetricBindingBase.getAlgorithmSuite()));
        abstractBindingTO.setEncryptBeforeSigning(symmetricAsymmetricBindingBase.getProtectionOrder() == SPConstants.ProtectionOrder.EncryptBeforeSigning);
        abstractBindingTO.setEncryptSignature(symmetricAsymmetricBindingBase.isSignatureProtection());
        abstractBindingTO.setIncludeTimestamp(symmetricAsymmetricBindingBase.isIncludeTimestamp());
        abstractBindingTO.setOnlySignEntireHeadersAndBody(symmetricAsymmetricBindingBase.isEntireHeadersAndBodySignatures());
        abstractBindingTO.setProtectTokens(symmetricAsymmetricBindingBase.isTokenProtection());
    }

    private SecurityTokenTO translateToken(Token token) {
        KerberosTokenTO translateX509Token;
        if (token instanceof KerberosToken) {
            translateX509Token = translateKerberosToken((KerberosToken) token);
        } else {
            if (!(token instanceof X509Token)) {
                throw new UnsupportedOperationException("Not supported yet.");
            }
            translateX509Token = translateX509Token((X509Token) token);
        }
        return translateX509Token;
    }
}
