package com.sun.xml.wss.impl;

import com.sun.enterprise.security.jauth.callback.CertStoreCallback;
import com.sun.enterprise.security.jauth.callback.PasswordValidationCallback;
import com.sun.enterprise.security.jauth.callback.PrivateKeyCallback;
import com.sun.enterprise.security.jauth.callback.SecretKeyCallback;
import com.sun.enterprise.security.jauth.callback.TrustStoreCallback;
import com.sun.org.apache.xml.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import com.sun.org.apache.xml.security.utils.Base64;
import com.sun.org.apache.xml.security.utils.RFC2253Parser;
import com.sun.xml.wss.SecurityEnvironment;
import com.sun.xml.wss.SecurityHeaderException;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.reference.X509SubjectKeyIdentifier;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.StringTokenizer;
import javax.crypto.SecretKey;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.x500.X500Principal;
import javax.security.auth.x500.X500PrivateCredential;

/* loaded from: input_file:119166-02/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/xml/wss/impl/WssProviderSecurityEnvironment.class */
public class WssProviderSecurityEnvironment implements SecurityEnvironment {
    private Map _securityOptions;
    private CallbackHandler _handler;
    private Subject subject;
    private static final SimpleDateFormat calendarFormatter1 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
    private static final SimpleDateFormat calendarFormatter2 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'");
    static Class class$java$security$PrivateKey;
    static Class class$javax$security$auth$x500$X500PrivateCredential;
    static Class class$java$security$cert$X509Certificate;
    private SecretKeyCallback skCallback = null;
    private PrivateKeyCallback pkCallback = null;
    private CertStoreCallback csCallback = null;
    private TrustStoreCallback tsCallback = null;
    private PasswordValidationCallback pvCallback = null;
    Map aliases_keypwds = null;
    protected long MAX_CLOCK_SKEW = 60000;
    protected long TIMESTAMP_FRESHNESS_LIMIT = 300000;

    public WssProviderSecurityEnvironment(CallbackHandler callbackHandler, Map map) throws XWSSecurityException {
        this._handler = callbackHandler;
        this._securityOptions = map;
        if (this._securityOptions != null) {
            String str = (String) this._securityOptions.get("ALIASES");
            String str2 = (String) this._securityOptions.get("PASSWORDS");
            if (str == null || str2 == null) {
                return;
            }
            StringTokenizer stringTokenizer = new StringTokenizer(str, " ");
            StringTokenizer stringTokenizer2 = new StringTokenizer(str2, " ");
            if (stringTokenizer.countTokens() != stringTokenizer2.countTokens()) {
            }
            while (stringTokenizer.hasMoreElements()) {
                this.aliases_keypwds.put(stringTokenizer.nextToken(), stringTokenizer2.nextToken());
            }
        }
    }

    public PrivateKey getPrivateKey() throws XWSSecurityException {
        Class cls;
        try {
            if (this.subject != null) {
                Subject subject = this.subject;
                if (class$java$security$PrivateKey == null) {
                    cls = class$("java.security.PrivateKey");
                    class$java$security$PrivateKey = cls;
                } else {
                    cls = class$java$security$PrivateKey;
                }
                Set privateCredentials = subject.getPrivateCredentials(cls);
                if (privateCredentials != null && privateCredentials.size() == 1) {
                    return (PrivateKey) privateCredentials.toArray()[0];
                }
            }
            this.pkCallback = new PrivateKeyCallback(null);
            this._handler.handle(new Callback[]{this.pkCallback});
            return this.pkCallback.getKey();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(String str) throws XWSSecurityException {
        try {
            this.pkCallback = new PrivateKeyCallback(new PrivateKeyCallback.AliasRequest(str));
            this._handler.handle(new Callback[]{this.pkCallback});
            PrivateKey key = this.pkCallback.getKey();
            if (key == null) {
                throw new XWSSecurityException(new StringBuffer().append("Unable to locate private key for the alias ").append(str).toString());
            }
            return key;
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(byte[] bArr) throws XWSSecurityException {
        Class cls;
        try {
            if (this.subject != null) {
                Subject subject = this.subject;
                if (class$javax$security$auth$x500$X500PrivateCredential == null) {
                    cls = class$("javax.security.auth.x500.X500PrivateCredential");
                    class$javax$security$auth$x500$X500PrivateCredential = cls;
                } else {
                    cls = class$javax$security$auth$x500$X500PrivateCredential;
                }
                Set<X500PrivateCredential> privateCredentials = subject.getPrivateCredentials(cls);
                if (privateCredentials != null) {
                    for (X500PrivateCredential x500PrivateCredential : privateCredentials) {
                        if (matchesKeyIdentifier(Base64.decode(bArr), x500PrivateCredential.getCertificate())) {
                            return x500PrivateCredential.getPrivateKey();
                        }
                    }
                }
            }
            this.pkCallback = new PrivateKeyCallback(new PrivateKeyCallback.SubjectKeyIDRequest(bArr));
            this._handler.handle(new Callback[]{this.pkCallback});
            return this.pkCallback.getKey();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(X509Certificate x509Certificate) throws XWSSecurityException {
        Class cls;
        try {
            if (this.subject != null) {
                Subject subject = this.subject;
                if (class$javax$security$auth$x500$X500PrivateCredential == null) {
                    cls = class$("javax.security.auth.x500.X500PrivateCredential");
                    class$javax$security$auth$x500$X500PrivateCredential = cls;
                } else {
                    cls = class$javax$security$auth$x500$X500PrivateCredential;
                }
                Set<X500PrivateCredential> privateCredentials = subject.getPrivateCredentials(cls);
                if (privateCredentials != null) {
                    String normalize = RFC2253Parser.normalize(x509Certificate.getIssuerDN().getName());
                    for (X500PrivateCredential x500PrivateCredential : privateCredentials) {
                        X509Certificate certificate = x500PrivateCredential.getCertificate();
                        BigInteger serialNumber = certificate.getSerialNumber();
                        String normalize2 = RFC2253Parser.normalize(certificate.getIssuerDN().getName());
                        if (serialNumber.equals(x509Certificate.getSerialNumber()) && normalize2.equals(normalize)) {
                            return x500PrivateCredential.getPrivateKey();
                        }
                    }
                }
            }
            this.pkCallback = new PrivateKeyCallback(new PrivateKeyCallback.IssuerSerialNumRequest(x509Certificate.getIssuerX500Principal(), x509Certificate.getSerialNumber()));
            this._handler.handle(new Callback[]{this.pkCallback});
            return this.pkCallback.getKey();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(BigInteger bigInteger, String str) throws XWSSecurityException {
        Class cls;
        try {
            if (this.subject != null) {
                Subject subject = this.subject;
                if (class$javax$security$auth$x500$X500PrivateCredential == null) {
                    cls = class$("javax.security.auth.x500.X500PrivateCredential");
                    class$javax$security$auth$x500$X500PrivateCredential = cls;
                } else {
                    cls = class$javax$security$auth$x500$X500PrivateCredential;
                }
                Set<X500PrivateCredential> privateCredentials = subject.getPrivateCredentials(cls);
                if (privateCredentials != null) {
                    for (X500PrivateCredential x500PrivateCredential : privateCredentials) {
                        X509Certificate certificate = x500PrivateCredential.getCertificate();
                        BigInteger serialNumber = certificate.getSerialNumber();
                        String normalize = RFC2253Parser.normalize(certificate.getIssuerDN().getName());
                        if (serialNumber.equals(bigInteger) && normalize.equals(str)) {
                            return x500PrivateCredential.getPrivateKey();
                        }
                    }
                }
            }
            this.pkCallback = new PrivateKeyCallback(new PrivateKeyCallback.IssuerSerialNumRequest(new X500Principal(str), bigInteger));
            this._handler.handle(new Callback[]{this.pkCallback});
            return this.pkCallback.getKey();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getDefaultCertificate() throws XWSSecurityException {
        Class cls;
        if (this.subject != null) {
            Subject subject = this.subject;
            if (class$java$security$cert$X509Certificate == null) {
                cls = class$("java.security.cert.X509Certificate");
                class$java$security$cert$X509Certificate = cls;
            } else {
                cls = class$java$security$cert$X509Certificate;
            }
            Set publicCredentials = subject.getPublicCredentials(cls);
            if (publicCredentials != null && publicCredentials.size() == 1) {
                return (X509Certificate) publicCredentials.toArray()[0];
            }
        }
        this.pkCallback = new PrivateKeyCallback(null);
        try {
            this._handler.handle(new Callback[]{this.pkCallback});
            Certificate[] chain = this.pkCallback.getChain();
            if (chain == null) {
                throw new XWSSecurityException("Empty certificate chain returned by PrivateKeyCallback");
            }
            return (X509Certificate) chain[0];
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean authenticateUser(String str, String str2) throws XWSSecurityException {
        char[] charArray = str2 == null ? null : str2.toCharArray();
        this.pvCallback = new PasswordValidationCallback(str, charArray);
        try {
            this._handler.handle(new Callback[]{this.pvCallback});
            if (charArray != null) {
                this.pvCallback.clearPassword();
            }
            return this.pvCallback.getResult();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean authenticateUser(String str, String str2, String str3, String str4) throws XWSSecurityException {
        return false;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateCertificate(X509Certificate x509Certificate) throws XWSSecurityException {
        try {
            x509Certificate.checkValidity();
            X509CertSelector x509CertSelector = new X509CertSelector();
            x509CertSelector.setCertificate(x509Certificate);
            try {
                Callback[] callbackArr = null;
                if (this.tsCallback == null && this.csCallback == null) {
                    this.csCallback = new CertStoreCallback();
                    this.tsCallback = new TrustStoreCallback();
                    callbackArr = new Callback[]{this.csCallback, this.tsCallback};
                } else if (this.csCallback == null) {
                    this.csCallback = new CertStoreCallback();
                    callbackArr = new Callback[]{this.csCallback};
                } else if (this.tsCallback == null) {
                    this.tsCallback = new TrustStoreCallback();
                    callbackArr = new Callback[]{this.tsCallback};
                }
                if (callbackArr != null) {
                    try {
                        this._handler.handle(callbackArr);
                    } catch (Exception e) {
                        throw new XWSSecurityException(e);
                    }
                }
                PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(this.tsCallback.getTrustStore(), x509CertSelector);
                pKIXBuilderParameters.setRevocationEnabled(false);
                pKIXBuilderParameters.addCertStore(this.csCallback.getCertStore());
                try {
                    return true;
                } catch (Exception e2) {
                    return false;
                }
            } catch (Exception e3) {
                throw new XWSSecurityException(e3);
            }
        } catch (CertificateExpiredException e4) {
            throw new XWSSecurityException("X509Certificate Expired", e4);
        } catch (CertificateNotYetValidException e5) {
            throw new XWSSecurityException("X509Certificate not yet valid", e5);
        }
    }

    public X509Certificate getMatchingCertificate(byte[] bArr) throws XWSSecurityException {
        X509Certificate matchingCertificate;
        Class cls;
        if (this.subject != null) {
            Subject subject = this.subject;
            if (class$javax$security$auth$x500$X500PrivateCredential == null) {
                cls = class$("javax.security.auth.x500.X500PrivateCredential");
                class$javax$security$auth$x500$X500PrivateCredential = cls;
            } else {
                cls = class$javax$security$auth$x500$X500PrivateCredential;
            }
            Set privateCredentials = subject.getPrivateCredentials(cls);
            if (privateCredentials != null) {
                Iterator it = privateCredentials.iterator();
                while (it.hasNext()) {
                    X509Certificate certificate = ((X500PrivateCredential) it.next()).getCertificate();
                    if (matchesKeyIdentifier(bArr, certificate)) {
                        return certificate;
                    }
                }
            }
        }
        this.pkCallback = new PrivateKeyCallback(new PrivateKeyCallback.SubjectKeyIDRequest(bArr));
        if (this.tsCallback == null) {
            this.tsCallback = new TrustStoreCallback();
        }
        try {
            this._handler.handle(new Callback[]{this.pkCallback, this.tsCallback});
            Certificate[] chain = this.pkCallback.getChain();
            if (chain != null) {
                for (Certificate certificate2 : chain) {
                    X509Certificate x509Certificate = (X509Certificate) certificate2;
                    if (matchesKeyIdentifier(bArr, x509Certificate)) {
                        return x509Certificate;
                    }
                }
            }
            KeyStore trustStore = this.tsCallback.getTrustStore();
            if (trustStore == null || (matchingCertificate = getMatchingCertificate(bArr, trustStore)) == null) {
                throw new XWSSecurityException(new StringBuffer().append("No Matching Certificate for :").append(bArr).append(" found in KeyStore or TrustStore").toString());
            }
            return matchingCertificate;
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    public X509Certificate getMatchingCertificate(BigInteger bigInteger, String str) throws XWSSecurityException {
        X509Certificate matchingCertificate;
        Class cls;
        if (this.subject != null) {
            Subject subject = this.subject;
            if (class$javax$security$auth$x500$X500PrivateCredential == null) {
                cls = class$("javax.security.auth.x500.X500PrivateCredential");
                class$javax$security$auth$x500$X500PrivateCredential = cls;
            } else {
                cls = class$javax$security$auth$x500$X500PrivateCredential;
            }
            Set privateCredentials = subject.getPrivateCredentials(cls);
            if (privateCredentials != null) {
                Iterator it = privateCredentials.iterator();
                while (it.hasNext()) {
                    X509Certificate certificate = ((X500PrivateCredential) it.next()).getCertificate();
                    BigInteger serialNumber = certificate.getSerialNumber();
                    String normalize = RFC2253Parser.normalize(certificate.getIssuerDN().getName());
                    if (serialNumber.equals(bigInteger) && normalize.equals(str)) {
                        return certificate;
                    }
                }
            }
        }
        this.pkCallback = new PrivateKeyCallback(new PrivateKeyCallback.IssuerSerialNumRequest(new X500Principal(str), bigInteger));
        if (this.tsCallback == null) {
            this.tsCallback = new TrustStoreCallback();
        }
        try {
            this._handler.handle(new Callback[]{this.pkCallback, this.tsCallback});
            Certificate[] chain = this.pkCallback.getChain();
            if (chain != null) {
                for (Certificate certificate2 : chain) {
                    X509Certificate x509Certificate = (X509Certificate) certificate2;
                    if (matchesIssuerSerialAndName(bigInteger, str, x509Certificate)) {
                        return x509Certificate;
                    }
                }
            }
            KeyStore trustStore = this.tsCallback.getTrustStore();
            if (trustStore == null || (matchingCertificate = getMatchingCertificate(bigInteger, str, trustStore)) == null) {
                throw new XWSSecurityException("No Matching Certificate for : found in KeyStore or TrustStore");
            }
            return matchingCertificate;
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public SecretKey getSecretKey(String str, boolean z) throws XWSSecurityException {
        this.skCallback = new SecretKeyCallback(new SecretKeyCallback.AliasRequest(str));
        try {
            this._handler.handle(new Callback[]{this.skCallback});
            return this.skCallback.getKey();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(String str, boolean z) throws XWSSecurityException {
        Class cls;
        try {
            if (z) {
                try {
                    if (this.subject != null) {
                        Subject subject = this.subject;
                        if (class$javax$security$auth$x500$X500PrivateCredential == null) {
                            cls = class$("javax.security.auth.x500.X500PrivateCredential");
                            class$javax$security$auth$x500$X500PrivateCredential = cls;
                        } else {
                            cls = class$javax$security$auth$x500$X500PrivateCredential;
                        }
                        Set<X500PrivateCredential> privateCredentials = subject.getPrivateCredentials(cls);
                        if (privateCredentials != null) {
                            for (X500PrivateCredential x500PrivateCredential : privateCredentials) {
                                if (x500PrivateCredential.getAlias().equals(str)) {
                                    return x500PrivateCredential.getCertificate();
                                }
                            }
                        }
                    }
                    this.pkCallback = new PrivateKeyCallback(new PrivateKeyCallback.AliasRequest(str));
                    this._handler.handle(new Callback[]{this.pkCallback});
                    Certificate[] chain = this.pkCallback.getChain();
                    r8 = chain != null ? (X509Certificate) chain[0] : null;
                } catch (Exception e) {
                    throw new XWSSecurityException(e);
                }
            } else {
                if (this.tsCallback == null) {
                    this.tsCallback = new TrustStoreCallback();
                    this._handler.handle(new Callback[]{this.tsCallback});
                }
                if (this.tsCallback.getTrustStore() != null) {
                    r8 = (X509Certificate) this.tsCallback.getTrustStore().getCertificate(str);
                }
            }
            if (r8 == null) {
                throw new XWSSecurityException(new StringBuffer().append("Unable to locate certificate for the alias ").append(str).toString());
            }
            return r8;
        } catch (Exception e2) {
            throw new XWSSecurityException(e2);
        }
    }

    private boolean matchesKeyIdentifier(byte[] bArr, X509Certificate x509Certificate) {
        byte[] subjectKeyIdentifier = X509SubjectKeyIdentifier.getSubjectKeyIdentifier(x509Certificate);
        return subjectKeyIdentifier != null && Arrays.equals(bArr, subjectKeyIdentifier);
    }

    private X509Certificate getMatchingCertificate(byte[] bArr, KeyStore keyStore) throws XWSSecurityException {
        X509Certificate x509Certificate;
        byte[] subjectKeyIdentifier;
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = keyStore.getCertificate(aliases.nextElement());
                if (certificate != null && XMLX509Certificate.JCA_CERT_ID.equals(certificate.getType()) && (subjectKeyIdentifier = X509SubjectKeyIdentifier.getSubjectKeyIdentifier((x509Certificate = (X509Certificate) certificate))) != null && Arrays.equals(bArr, subjectKeyIdentifier)) {
                    return x509Certificate;
                }
            }
            return null;
        } catch (KeyStoreException e) {
            throw new XWSSecurityException(e);
        }
    }

    private boolean matchesIssuerSerialAndName(BigInteger bigInteger, String str, X509Certificate x509Certificate) {
        return x509Certificate.getSerialNumber().equals(bigInteger) && RFC2253Parser.normalize(x509Certificate.getIssuerDN().getName()).equals(str);
    }

    private X509Certificate getMatchingCertificate(BigInteger bigInteger, String str, KeyStore keyStore) throws XWSSecurityException {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = keyStore.getCertificate(aliases.nextElement());
                if (certificate != null && XMLX509Certificate.JCA_CERT_ID.equals(certificate.getType())) {
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    BigInteger serialNumber = x509Certificate.getSerialNumber();
                    String normalize = RFC2253Parser.normalize(x509Certificate.getIssuerDN().getName());
                    if (serialNumber.equals(bigInteger) && normalize.equals(str)) {
                        return x509Certificate;
                    }
                }
            }
            return null;
        } catch (KeyStoreException e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, String str, String str2) {
        subject.getPrincipals().add(new X500Principal(new StringBuffer().append("CN=").append(str).toString()));
        subject.getPrivateCredentials().add(str2);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void updateOtherPartySubject(Subject subject, X509Certificate x509Certificate) {
        subject.getPrincipals().add(x509Certificate.getSubjectX500Principal());
        subject.getPublicCredentials().add(x509Certificate);
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateCreationTime(String str) throws XWSSecurityException {
        Date parse;
        try {
            try {
                parse = calendarFormatter1.parse(str);
            } catch (ParseException e) {
                parse = calendarFormatter2.parse(str);
            }
            if (parse.before(getFreshnessAndSkewAdjustedDate())) {
                return false;
            }
            return !getGMTDateWithSkewAdjusted(new GregorianCalendar(), true).before(parse);
        } catch (Exception e2) {
            throw new XWSSecurityException(e2);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateExpirationTime(String str) throws XWSSecurityException {
        Date parse;
        if (str == null) {
            return true;
        }
        try {
            try {
                parse = calendarFormatter1.parse(str);
            } catch (ParseException e) {
                parse = calendarFormatter2.parse(str);
            }
            return !parse.before(getGMTDateWithSkewAdjusted(new GregorianCalendar(), false));
        } catch (Exception e2) {
            throw new XWSSecurityException(e2);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateAndCacheNonce(String str, String str2) {
        return false;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public Subject getSubject() {
        return this.subject;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PublicKey getPublicKey(BigInteger bigInteger, String str) throws XWSSecurityException {
        return getMatchingCertificate(bigInteger, str).getPublicKey();
    }

    public PublicKey getPublicKey(String str) throws XWSSecurityException {
        try {
            return getMatchingCertificate(getDecodedBase64EncodedData(str)).getPublicKey();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PublicKey getPublicKey(byte[] bArr) throws XWSSecurityException {
        try {
            return getMatchingCertificate(bArr).getPublicKey();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    private byte[] getDecodedBase64EncodedData(String str) throws XWSSecurityException {
        try {
            return Base64.decode(str);
        } catch (Base64DecodingException e) {
            throw new SecurityHeaderException("Unable to decode Base64 encoded data", e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(BigInteger bigInteger, String str) throws XWSSecurityException {
        return getMatchingCertificate(bigInteger, str);
    }

    public X509Certificate getCertificate(String str) throws XWSSecurityException {
        try {
            return getMatchingCertificate(getDecodedBase64EncodedData(str));
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public PrivateKey getPrivateKey(PublicKey publicKey) {
        return null;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(byte[] bArr) {
        return null;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public X509Certificate getCertificate(PublicKey publicKey) throws XWSSecurityException {
        return null;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateSamlIssuer(String str) {
        return true;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public boolean validateSamlUser(String str, String str2, String str3) {
        return true;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public void setSubject(Subject subject) {
        this.subject = subject;
    }

    private Date getFreshnessAndSkewAdjustedDate() throws ParseException {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        long j = gregorianCalendar.get(15);
        if (gregorianCalendar.getTimeZone().inDaylightTime(gregorianCalendar.getTime())) {
            j += gregorianCalendar.getTimeZone().getDSTSavings();
        }
        gregorianCalendar.setTimeInMillis(((gregorianCalendar.getTimeInMillis() - j) - this.MAX_CLOCK_SKEW) - this.TIMESTAMP_FRESHNESS_LIMIT);
        return gregorianCalendar.getTime();
    }

    private Date getGMTDateWithSkewAdjusted(Calendar calendar, boolean z) {
        long j = calendar.get(15);
        if (calendar.getTimeZone().inDaylightTime(calendar.getTime())) {
            j += calendar.getTimeZone().getDSTSavings();
        }
        long timeInMillis = calendar.getTimeInMillis() - j;
        calendar.setTimeInMillis(z ? timeInMillis + this.MAX_CLOCK_SKEW : timeInMillis - this.MAX_CLOCK_SKEW);
        return calendar.getTime();
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public String getUsername() throws XWSSecurityException {
        return null;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public String getPassword() throws XWSSecurityException {
        return null;
    }

    @Override // com.sun.xml.wss.SecurityEnvironment
    public Properties getPrefixNamespaceMappings() throws XWSSecurityException {
        return null;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
