package com.sun.xml.wss.impl.policy.verifier;

import com.sun.xml.ws.security.opt.impl.util.SOAPUtil;
import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.PolicyTypeUtil;
import com.sun.xml.wss.impl.PolicyViolationException;
import com.sun.xml.wss.impl.WSSAssertion;
import com.sun.xml.wss.impl.WssSoapFaultException;
import com.sun.xml.wss.impl.policy.MLSPolicy;
import com.sun.xml.wss.impl.policy.SecurityPolicy;
import com.sun.xml.wss.impl.policy.mls.AuthenticationTokenPolicy;
import com.sun.xml.wss.impl.policy.mls.DerivedTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
import com.sun.xml.wss.impl.policy.mls.EncryptionTarget;
import com.sun.xml.wss.impl.policy.mls.IssuedTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
import com.sun.xml.wss.impl.policy.mls.SecureConversationTokenKeyBinding;
import com.sun.xml.wss.impl.policy.mls.SignaturePolicy;
import com.sun.xml.wss.impl.policy.mls.SignatureTarget;
import com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding;
import com.sun.xml.wss.impl.policy.mls.TimestampPolicy;
import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
import com.sun.xml.wss.impl.policy.spi.PolicyVerifier;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.io.IOUtils;

/* loaded from: input_file:spg-ui-war-2.1.2.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/wss/impl/policy/verifier/MessagePolicyVerifier.class */
public class MessagePolicyVerifier implements PolicyVerifier {
    private ProcessingContext ctx;
    private TargetResolver targetResolver;
    private static Logger log = Logger.getLogger("javax.enterprise.resource.xml.webservices.security", "com.sun.xml.wss.logging.LogStrings");

    public MessagePolicyVerifier(ProcessingContext processingContext, TargetResolver targetResolver) {
        this.ctx = null;
        this.ctx = processingContext;
        this.targetResolver = targetResolver;
    }

    @Override // com.sun.xml.wss.impl.policy.spi.PolicyVerifier
    public void verifyPolicy(SecurityPolicy securityPolicy, SecurityPolicy securityPolicy2) throws PolicyViolationException {
        MessagePolicy messagePolicy = (MessagePolicy) securityPolicy2;
        MessagePolicy messagePolicy2 = (MessagePolicy) securityPolicy;
        if (messagePolicy == null || messagePolicy.size() <= 0) {
            if (messagePolicy2 == null || messagePolicy2.size() <= 0 || checkAllowExtraTimestamp(messagePolicy2)) {
                return;
            }
            log.log(Level.SEVERE, "WSS0805.policy.null");
            throw new PolicyViolationException("ERROR: Policy for the service could not be obtained");
        }
        if (messagePolicy2 == null || messagePolicy2.size() <= 0) {
            throw new PolicyViolationException("ERROR: No security header found in the message");
        }
        for (int i = 0; i < messagePolicy.size(); i++) {
            try {
                WSSPolicy wSSPolicy = (WSSPolicy) messagePolicy.get(i);
                if (PolicyTypeUtil.isSecondaryPolicy(wSSPolicy)) {
                    processSecondaryPolicy(wSSPolicy, messagePolicy2);
                } else if (PolicyTypeUtil.isPrimaryPolicy(wSSPolicy)) {
                    processPrimaryPolicy(wSSPolicy, messagePolicy2);
                }
            } catch (Exception e) {
                throw new PolicyViolationException(e);
            }
        }
    }

    private void processSecondaryPolicy(WSSPolicy wSSPolicy, MessagePolicy messagePolicy) throws XWSSecurityException {
        try {
            if (PolicyTypeUtil.timestampPolicy(wSSPolicy)) {
                boolean z = false;
                int i = 0;
                while (true) {
                    if (i >= messagePolicy.size()) {
                        break;
                    }
                    WSSPolicy wSSPolicy2 = (WSSPolicy) messagePolicy.get(i);
                    if (PolicyTypeUtil.timestampPolicy(wSSPolicy2)) {
                        messagePolicy.remove(wSSPolicy2);
                        z = true;
                        break;
                    }
                    i++;
                }
                if (!z) {
                }
            } else if (PolicyTypeUtil.usernameTokenPolicy(wSSPolicy.getFeatureBinding())) {
                boolean z2 = false;
                int i2 = 0;
                while (true) {
                    if (i2 >= messagePolicy.size()) {
                        break;
                    }
                    WSSPolicy wSSPolicy3 = (WSSPolicy) messagePolicy.get(i2);
                    if (PolicyTypeUtil.usernameTokenPolicy(wSSPolicy3)) {
                        AuthenticationTokenPolicy.UsernameTokenBinding usernameTokenBinding = (AuthenticationTokenPolicy.UsernameTokenBinding) wSSPolicy.getFeatureBinding();
                        if (((AuthenticationTokenPolicy.UsernameTokenBinding) wSSPolicy3).hasNoPassword() && !usernameTokenBinding.hasNoPassword()) {
                            throw SOAPUtil.newSOAPFaultException(MessageConstants.WSSE_FAILED_AUTHENTICATION, "Empty Password specified, Authentication of Username Password Token Failed", null);
                        }
                        messagePolicy.remove(wSSPolicy3);
                        z2 = true;
                    } else {
                        i2++;
                    }
                }
                if (!z2) {
                    throw new XWSSecurityException("Policy Verification error:UsernameToken not found in message but occurs in configured policy");
                }
            }
        } catch (WssSoapFaultException e) {
            throw e;
        } catch (Exception e2) {
            throw new XWSSecurityException(e2);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:22:0x00a4, code lost:
    
        r0 = verifySignTargetBinding((com.sun.xml.wss.impl.policy.mls.SignaturePolicy.FeatureBinding) r0.getFeatureBinding(), (com.sun.xml.wss.impl.policy.mls.SignaturePolicy.FeatureBinding) r13.getFeatureBinding());
        r7.remove(r12);
     */
    /* JADX WARN: Code restructure failed: missing block: B:23:0x00c1, code lost:
    
        if (r14 != false) goto L24;
     */
    /* JADX WARN: Code restructure failed: missing block: B:24:0x00c4, code lost:
    
        com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.log.log(java.util.logging.Level.SEVERE, "WSS0206.policy.violation.exception");
     */
    /* JADX WARN: Code restructure failed: missing block: B:25:0x00d8, code lost:
    
        throw new com.sun.xml.wss.XWSSecurityException("Policy verification error: Incorrect Key types or references were used in Signature");
     */
    /* JADX WARN: Code restructure failed: missing block: B:27:0x00db, code lost:
    
        if (r0 != false) goto L28;
     */
    /* JADX WARN: Code restructure failed: missing block: B:28:0x00de, code lost:
    
        com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.log.log(java.util.logging.Level.SEVERE, "WSS0206.policy.violation.exception");
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x00f2, code lost:
    
        throw new com.sun.xml.wss.XWSSecurityException("Policy verification error: One or more Signed Parts could not be validated");
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x00f3, code lost:
    
        checkTargets(r6, r12);
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:?, code lost:
    
        return;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void processPrimaryPolicy(com.sun.xml.wss.impl.policy.mls.WSSPolicy r6, com.sun.xml.wss.impl.policy.mls.MessagePolicy r7) throws com.sun.xml.wss.XWSSecurityException {
        /*
            Method dump skipped, instructions count: 745
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.processPrimaryPolicy(com.sun.xml.wss.impl.policy.mls.WSSPolicy, com.sun.xml.wss.impl.policy.mls.MessagePolicy):void");
    }

    private void checkTargets(WSSPolicy wSSPolicy, WSSPolicy wSSPolicy2) throws XWSSecurityException {
        ArrayList arrayList = null;
        ArrayList arrayList2 = null;
        if (PolicyTypeUtil.signaturePolicy(wSSPolicy)) {
            SignaturePolicy.FeatureBinding featureBinding = (SignaturePolicy.FeatureBinding) wSSPolicy2.getFeatureBinding();
            SignaturePolicy.FeatureBinding featureBinding2 = (SignaturePolicy.FeatureBinding) wSSPolicy.getFeatureBinding();
            arrayList = featureBinding.getTargetBindings();
            arrayList2 = featureBinding2.getTargetBindings();
        } else if (PolicyTypeUtil.encryptionPolicy(wSSPolicy)) {
            EncryptionPolicy.FeatureBinding featureBinding3 = (EncryptionPolicy.FeatureBinding) wSSPolicy2.getFeatureBinding();
            EncryptionPolicy.FeatureBinding featureBinding4 = (EncryptionPolicy.FeatureBinding) wSSPolicy.getFeatureBinding();
            arrayList = featureBinding3.getTargetBindings();
            arrayList2 = featureBinding4.getTargetBindings();
        }
        this.targetResolver.resolveAndVerifyTargets(arrayList2, arrayList, wSSPolicy);
    }

    private boolean verifyKeyBinding(MLSPolicy mLSPolicy, MLSPolicy mLSPolicy2, boolean z) throws XWSSecurityException {
        boolean z2 = false;
        if (mLSPolicy != null && mLSPolicy2 != null) {
            if (PolicyTypeUtil.x509CertificateBinding(mLSPolicy) && PolicyTypeUtil.x509CertificateBinding(mLSPolicy2)) {
                z2 = true;
            } else if (PolicyTypeUtil.kerberosTokenBinding(mLSPolicy) && PolicyTypeUtil.kerberosTokenBinding(mLSPolicy2)) {
                z2 = true;
            } else if (PolicyTypeUtil.symmetricKeyBinding(mLSPolicy) && PolicyTypeUtil.symmetricKeyBinding(mLSPolicy2)) {
                z2 = verifyKeyBinding(mLSPolicy.getKeyBinding(), mLSPolicy2.getKeyBinding(), z);
            } else if (PolicyTypeUtil.issuedTokenKeyBinding(mLSPolicy) && PolicyTypeUtil.issuedTokenKeyBinding(mLSPolicy2)) {
                z2 = true;
            } else if (PolicyTypeUtil.secureConversationTokenKeyBinding(mLSPolicy) && PolicyTypeUtil.secureConversationTokenKeyBinding(mLSPolicy2)) {
                z2 = true;
            } else if (PolicyTypeUtil.derivedTokenKeyBinding(mLSPolicy) && PolicyTypeUtil.derivedTokenKeyBinding(mLSPolicy2)) {
                z2 = verifyKeyBinding(((DerivedTokenKeyBinding) mLSPolicy).getOriginalKeyBinding(), ((DerivedTokenKeyBinding) mLSPolicy2).getOriginalKeyBinding(), z);
            } else if (PolicyTypeUtil.x509CertificateBinding(mLSPolicy) && PolicyTypeUtil.symmetricKeyBinding(mLSPolicy2)) {
                MLSPolicy keyBinding = mLSPolicy2.getKeyBinding();
                if (z && PolicyTypeUtil.x509CertificateBinding(keyBinding)) {
                    z2 = true;
                }
            } else if (PolicyTypeUtil.kerberosTokenBinding(mLSPolicy) && PolicyTypeUtil.symmetricKeyBinding(mLSPolicy2)) {
                MLSPolicy keyBinding2 = mLSPolicy2.getKeyBinding();
                if (z && PolicyTypeUtil.kerberosTokenBinding(keyBinding2)) {
                    z2 = true;
                }
            } else if (PolicyTypeUtil.samlTokenPolicy(mLSPolicy) && PolicyTypeUtil.symmetricKeyBinding(mLSPolicy2)) {
                MLSPolicy keyBinding3 = mLSPolicy2.getKeyBinding();
                if (z && PolicyTypeUtil.samlTokenPolicy(keyBinding3)) {
                    z2 = true;
                }
            } else if (PolicyTypeUtil.samlTokenPolicy(mLSPolicy) && PolicyTypeUtil.samlTokenPolicy(mLSPolicy2)) {
                z2 = true;
            } else if (PolicyTypeUtil.symmetricKeyBinding(mLSPolicy) && PolicyTypeUtil.x509CertificateBinding(mLSPolicy2)) {
                MLSPolicy keyBinding4 = mLSPolicy.getKeyBinding();
                if (z && PolicyTypeUtil.x509CertificateBinding(keyBinding4)) {
                    z2 = true;
                }
            } else if (PolicyTypeUtil.derivedTokenKeyBinding(mLSPolicy) && PolicyTypeUtil.issuedTokenKeyBinding(mLSPolicy2) && PolicyTypeUtil.issuedTokenKeyBinding(((DerivedTokenKeyBinding) mLSPolicy).getOriginalKeyBinding())) {
                z2 = true;
            }
        }
        return z2;
    }

    private boolean verifySignTargetBinding(SignaturePolicy.FeatureBinding featureBinding, SignaturePolicy.FeatureBinding featureBinding2) throws XWSSecurityException {
        String canonicalizationAlgorithm = featureBinding.getCanonicalizationAlgorithm();
        String canonicalizationAlgorithm2 = featureBinding2.getCanonicalizationAlgorithm();
        if (canonicalizationAlgorithm == null || canonicalizationAlgorithm2 == null) {
            throw new XWSSecurityException("ActualCanonicalizationAlgorithm or InferredCanonicalizationAlgorithm  is null while verifying SignatureTargetBinding");
        }
        if (canonicalizationAlgorithm.length() <= 0 || canonicalizationAlgorithm2.length() <= 0 || canonicalizationAlgorithm2.equals(canonicalizationAlgorithm)) {
            return true;
        }
        log.warning("Receiver side requirement verification failed, canonicalization algorithm received in the message is " + canonicalizationAlgorithm2 + " policy requires " + canonicalizationAlgorithm);
        return false;
    }

    private boolean verifyEncTargetBinding(EncryptionPolicy.FeatureBinding featureBinding, EncryptionPolicy.FeatureBinding featureBinding2) {
        String dataEncryptionAlgorithm = featureBinding2.getDataEncryptionAlgorithm();
        String dataEncryptionAlgorithm2 = featureBinding.getDataEncryptionAlgorithm();
        if (dataEncryptionAlgorithm2 == null || dataEncryptionAlgorithm2.length() <= 0 || dataEncryptionAlgorithm2.equals(dataEncryptionAlgorithm)) {
            return true;
        }
        log.warning("Receiver side requirement verification failed, DataEncryptionAlgorithm specified in the receiver requirements did match with DataEncryptionAlgorithm used to encrypt the message.Configured DataEncryptionAlgorithm is " + dataEncryptionAlgorithm2 + "  DataEncryptionAlgorithm used in themessage is " + dataEncryptionAlgorithm);
        return false;
    }

    private EncryptionPolicy getNthEncryptionPolicy(MessagePolicy messagePolicy, int i) throws XWSSecurityException {
        int i2 = i;
        for (int i3 = 0; i3 < messagePolicy.size(); i3++) {
            try {
                WSSPolicy wSSPolicy = (WSSPolicy) messagePolicy.get(i3);
                if (PolicyTypeUtil.isPrimaryPolicy(wSSPolicy) && PolicyTypeUtil.encryptionPolicy(wSSPolicy) && !((EncryptionPolicy.FeatureBinding) wSSPolicy.getFeatureBinding()).encryptsIssuedToken()) {
                    if (i2 <= 0) {
                        return (EncryptionPolicy) wSSPolicy;
                    }
                    i2--;
                }
            } catch (Exception e) {
                throw new XWSSecurityException(e);
            }
        }
        return null;
    }

    private WSSPolicy getFirstPrimaryPolicy(MessagePolicy messagePolicy, boolean z, int i) throws XWSSecurityException {
        int i2 = i;
        try {
            if (z) {
                for (int i3 = i2; i3 < messagePolicy.size(); i3++) {
                    WSSPolicy wSSPolicy = (WSSPolicy) messagePolicy.get(i3);
                    if (PolicyTypeUtil.isPrimaryPolicy(wSSPolicy) && PolicyTypeUtil.signaturePolicy(wSSPolicy)) {
                        SignaturePolicy.FeatureBinding featureBinding = (SignaturePolicy.FeatureBinding) ((SignaturePolicy) wSSPolicy).getFeatureBinding();
                        for (int i4 = 0; i4 < featureBinding.getTargetBindings().size(); i4++) {
                            if ("{http://www.w3.org/2000/09/xmldsig#}Signature".equals(((SignatureTarget) featureBinding.getTargetBindings().get(i4)).getValue())) {
                                return wSSPolicy;
                            }
                        }
                    }
                }
            } else {
                for (int i5 = 0; i5 < messagePolicy.size(); i5++) {
                    WSSPolicy wSSPolicy2 = (WSSPolicy) messagePolicy.get(i5);
                    if (PolicyTypeUtil.isPrimaryPolicy(wSSPolicy2) && (!PolicyTypeUtil.encryptionPolicy(wSSPolicy2) || !((EncryptionPolicy.FeatureBinding) wSSPolicy2.getFeatureBinding()).encryptsIssuedToken())) {
                        if (i2 <= 0) {
                            if (i == 0 || PolicyTypeUtil.signaturePolicy(wSSPolicy2)) {
                                return wSSPolicy2;
                            }
                        } else if (PolicyTypeUtil.signaturePolicy(wSSPolicy2)) {
                            i2--;
                        }
                    }
                }
            }
            return null;
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }

    private void correctIncludeTokenPolicy(AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding, WSSAssertion wSSAssertion) {
        if (!AuthenticationTokenPolicy.X509CertificateBinding.INCLUDE_NEVER.equals(x509CertificateBinding.getIncludeToken())) {
            if (AuthenticationTokenPolicy.X509CertificateBinding.INCLUDE_ALWAYS_TO_RECIPIENT.equals(x509CertificateBinding.getIncludeToken()) || AuthenticationTokenPolicy.X509CertificateBinding.INCLUDE_ALWAYS.equals(x509CertificateBinding.getIncludeToken())) {
                x509CertificateBinding.setReferenceType("Direct");
                return;
            }
            return;
        }
        if ("Direct".equals(x509CertificateBinding.getReferenceType())) {
            if (wSSAssertion == null) {
                x509CertificateBinding.setReferenceType("Identifier");
            } else if (wSSAssertion.getRequiredProperties().contains(WSSAssertion.MUST_SUPPORT_REF_KEYIDENTIFIER)) {
                x509CertificateBinding.setReferenceType("Identifier");
            } else if (wSSAssertion.getRequiredProperties().contains(WSSAssertion.MUSTSUPPORT_REF_THUMBPRINT)) {
                x509CertificateBinding.setReferenceType(MessageConstants.THUMB_PRINT_TYPE);
            }
        }
    }

    public void printInferredSecurityPolicy(MessagePolicy messagePolicy) throws Exception {
        StringBuffer stringBuffer = new StringBuffer();
        if (messagePolicy == null) {
            stringBuffer.append("Security Policy not set\n");
            return;
        }
        stringBuffer.append("Size of Policy:: " + messagePolicy.size() + IOUtils.LINE_SEPARATOR_UNIX);
        for (int i = 0; i < messagePolicy.size(); i++) {
            WSSPolicy wSSPolicy = (WSSPolicy) messagePolicy.get(i);
            if (PolicyTypeUtil.timestampPolicy(wSSPolicy)) {
                stringBuffer.append("Timestamp Policy\n");
            } else if (PolicyTypeUtil.usernameTokenPolicy(wSSPolicy)) {
                stringBuffer.append("UsernameToken Policy\n");
            } else if (PolicyTypeUtil.signaturePolicy(wSSPolicy)) {
                stringBuffer.append("Signature Policy\n");
                SignaturePolicy signaturePolicy = (SignaturePolicy) wSSPolicy;
                SignaturePolicy.FeatureBinding featureBinding = (SignaturePolicy.FeatureBinding) signaturePolicy.getFeatureBinding();
                ArrayList targetBindings = featureBinding.getTargetBindings();
                stringBuffer.append("\tCanonicalizationAlgorithm" + featureBinding.getCanonicalizationAlgorithm() + IOUtils.LINE_SEPARATOR_UNIX);
                stringBuffer.append("\t Targets\n");
                for (int i2 = 0; i2 < targetBindings.size(); i2++) {
                    SignatureTarget signatureTarget = (SignatureTarget) targetBindings.get(i2);
                    stringBuffer.append("\t " + i2 + ":Type:" + signatureTarget.getType() + IOUtils.LINE_SEPARATOR_UNIX);
                    stringBuffer.append("\t  Value:" + signatureTarget.getValue() + IOUtils.LINE_SEPARATOR_UNIX);
                    stringBuffer.append("\t  DigestAlgorithm:" + signatureTarget.getDigestAlgorithm() + IOUtils.LINE_SEPARATOR_UNIX);
                    ArrayList transforms = signatureTarget.getTransforms();
                    if (transforms != null) {
                        stringBuffer.append("\t  Transforms::\n");
                        for (int i3 = 0; i3 < transforms.size(); i3++) {
                            stringBuffer.append("\t    " + ((SignatureTarget.Transform) transforms.get(i3)).getTransform() + IOUtils.LINE_SEPARATOR_UNIX);
                        }
                    }
                }
                MLSPolicy keyBinding = signaturePolicy.getKeyBinding();
                if (keyBinding != null) {
                    stringBuffer.append("\tKeyBinding\n");
                    printKeyBinding(keyBinding, stringBuffer);
                }
            } else if (PolicyTypeUtil.encryptionPolicy(wSSPolicy)) {
                stringBuffer.append("Encryption Policy\n");
                EncryptionPolicy encryptionPolicy = (EncryptionPolicy) wSSPolicy;
                ArrayList targetBindings2 = ((EncryptionPolicy.FeatureBinding) encryptionPolicy.getFeatureBinding()).getTargetBindings();
                stringBuffer.append("\t Targets\n");
                for (int i4 = 0; i4 < targetBindings2.size(); i4++) {
                    EncryptionTarget encryptionTarget = (EncryptionTarget) targetBindings2.get(i4);
                    stringBuffer.append("\t " + i4 + ":Type:" + encryptionTarget.getType() + IOUtils.LINE_SEPARATOR_UNIX);
                    stringBuffer.append("\t  Value:" + encryptionTarget.getValue() + IOUtils.LINE_SEPARATOR_UNIX);
                    stringBuffer.append("\t  ContentOnly:" + encryptionTarget.getContentOnly() + IOUtils.LINE_SEPARATOR_UNIX);
                    stringBuffer.append("\t  DataEncryptionAlgorithm:" + encryptionTarget.getDataEncryptionAlgorithm() + IOUtils.LINE_SEPARATOR_UNIX);
                }
                MLSPolicy keyBinding2 = encryptionPolicy.getKeyBinding();
                if (keyBinding2 != null) {
                    stringBuffer.append("\tKeyBinding\n");
                    printKeyBinding(keyBinding2, stringBuffer);
                }
            } else if (PolicyTypeUtil.signatureConfirmationPolicy(wSSPolicy)) {
                stringBuffer.append("SignatureConfirmation Policy\n");
            } else {
                stringBuffer.append(wSSPolicy + IOUtils.LINE_SEPARATOR_UNIX);
            }
        }
    }

    private void printKeyBinding(MLSPolicy mLSPolicy, StringBuffer stringBuffer) {
        if (mLSPolicy != null) {
            if (mLSPolicy instanceof AuthenticationTokenPolicy.X509CertificateBinding) {
                AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding = (AuthenticationTokenPolicy.X509CertificateBinding) mLSPolicy;
                stringBuffer.append("\t  X509CertificateBinding\n");
                stringBuffer.append("\t    ValueType:" + x509CertificateBinding.getValueType() + IOUtils.LINE_SEPARATOR_UNIX);
                stringBuffer.append("\t    ReferenceType:" + x509CertificateBinding.getReferenceType() + IOUtils.LINE_SEPARATOR_UNIX);
                return;
            }
            if (mLSPolicy instanceof AuthenticationTokenPolicy.SAMLAssertionBinding) {
                stringBuffer.append("\t  SAMLAssertionBinding\n");
                stringBuffer.append("\t    ReferenceType:" + ((AuthenticationTokenPolicy.SAMLAssertionBinding) mLSPolicy).getReferenceType() + IOUtils.LINE_SEPARATOR_UNIX);
                return;
            }
            if (mLSPolicy instanceof SymmetricKeyBinding) {
                stringBuffer.append("\t  SymmetricKeyBinding\n");
                AuthenticationTokenPolicy.X509CertificateBinding x509CertificateBinding2 = (AuthenticationTokenPolicy.X509CertificateBinding) ((SymmetricKeyBinding) mLSPolicy).getKeyBinding();
                if (x509CertificateBinding2 != null) {
                    stringBuffer.append("\t     X509CertificateBinding\n");
                    stringBuffer.append("\t       ValueType:" + x509CertificateBinding2.getValueType() + IOUtils.LINE_SEPARATOR_UNIX);
                    stringBuffer.append("\t       ReferenceType:" + x509CertificateBinding2.getReferenceType() + IOUtils.LINE_SEPARATOR_UNIX);
                    return;
                }
                return;
            }
            if (mLSPolicy instanceof IssuedTokenKeyBinding) {
                stringBuffer.append("\t  IssuedTokenKeyBinding\n");
                return;
            }
            if (mLSPolicy instanceof SecureConversationTokenKeyBinding) {
                stringBuffer.append("\t  SecureConversationTokenKeyBinding\n");
            } else if (mLSPolicy instanceof DerivedTokenKeyBinding) {
                stringBuffer.append("\t  DerivedTokenKeyBinding\n");
                stringBuffer.append("\t  OriginalKeyBinding:\n");
                printKeyBinding(((DerivedTokenKeyBinding) mLSPolicy).getOriginalKeyBinding(), stringBuffer);
            }
        }
    }

    private boolean checkTargetPresence(WSSPolicy wSSPolicy) throws XWSSecurityException {
        ArrayList arrayList = null;
        if (PolicyTypeUtil.signaturePolicy(wSSPolicy)) {
            arrayList = ((SignaturePolicy.FeatureBinding) wSSPolicy.getFeatureBinding()).getTargetBindings();
        } else if (PolicyTypeUtil.encryptionPolicy(wSSPolicy)) {
            arrayList = ((EncryptionPolicy.FeatureBinding) wSSPolicy.getFeatureBinding()).getTargetBindings();
        }
        return this.targetResolver.isTargetPresent(arrayList);
    }

    private boolean checkAllowExtraTimestamp(MessagePolicy messagePolicy) {
        if (messagePolicy.size() > 1) {
            return false;
        }
        SecurityPolicy securityPolicy = null;
        try {
            securityPolicy = messagePolicy.get(0);
        } catch (Exception e) {
        }
        return securityPolicy instanceof TimestampPolicy;
    }
}
