package org.wso2.carbon.registry.ws.api.utils;

import java.util.Properties;
import org.apache.axiom.om.util.AXIOMUtil;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
import org.apache.rampart.policy.model.CryptoConfig;
import org.apache.rampart.policy.model.RampartConfig;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.registry.core.exceptions.RegistryException;

/* loaded from: input_file:org/wso2/carbon/registry/ws/api/utils/SecurityUtil.class */
public class SecurityUtil {
    private static final Log log = LogFactory.getLog(SecurityUtil.class);
    static String policyString = "<wsp:Policy wsu:Id=\"SigOnly\"                    xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"                    xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">            <wsp:ExactlyOne>                <wsp:All>                    <sp:AsymmetricBinding xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">                        <wsp:Policy>                            <sp:InitiatorToken>                                <wsp:Policy>                                    <sp:X509Token                                            sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient\">                                        <wsp:Policy>                                            <sp:RequireThumbprintReference/>                                            <sp:WssX509V3Token10/>                                        </wsp:Policy>                                    </sp:X509Token>                                </wsp:Policy>                            </sp:InitiatorToken>                            <sp:RecipientToken>                                <wsp:Policy>                                    <sp:X509Token                                            sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never\">                                        <wsp:Policy>                                            <sp:RequireThumbprintReference/>                                            <sp:WssX509V3Token10/>                                        </wsp:Policy>                                    </sp:X509Token>                                </wsp:Policy>                            </sp:RecipientToken>                            <sp:AlgorithmSuite>                                <wsp:Policy>                                    <sp:Basic256/>                                </wsp:Policy>                            </sp:AlgorithmSuite>                            <sp:Layout>                                <wsp:Policy>                                    <sp:Strict/>                                </wsp:Policy>                            </sp:Layout>                            <sp:IncludeTimestamp/>                            <sp:OnlySignEntireHeadersAndBody/>                        </wsp:Policy>                    </sp:AsymmetricBinding>                    <sp:Wss10 xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">                        <wsp:Policy>                            <sp:MustSupportRefKeyIdentifier/>                            <sp:MustSupportRefIssuerSerial/>                        </wsp:Policy>                    </sp:Wss10>                    <sp:SignedParts xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">                        <sp:Body/>                    </sp:SignedParts>                </wsp:All>            </wsp:ExactlyOne>        </wsp:Policy>";

    @Deprecated
    public static Policy getDefaultRampartConfig() {
        ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
        String firstProperty = serverConfiguration.getFirstProperty("Security.KeyStore.Location");
        String firstProperty2 = serverConfiguration.getFirstProperty("Security.KeyStore.Type");
        String firstProperty3 = serverConfiguration.getFirstProperty("Security.KeyStore.Password");
        String firstProperty4 = serverConfiguration.getFirstProperty("Security.KeyStore.KeyAlias");
        String firstProperty5 = serverConfiguration.getFirstProperty("Security.KeyStore.KeyPassword");
        RampartConfig rampartConfig = new RampartConfig();
        rampartConfig.setUser(firstProperty4);
        rampartConfig.setPwCbClass("org.wso2.carbon.registry.ws.api.utils.InMemoryPasswordCallbackHandler");
        InMemoryPasswordCallbackHandler.addUser(firstProperty4, firstProperty5);
        CryptoConfig cryptoConfig = new CryptoConfig();
        Properties properties = new Properties();
        cryptoConfig.setProvider("org.apache.ws.security.components.crypto.Merlin");
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", firstProperty2);
        properties.setProperty("org.apache.ws.security.crypto.merlin.file", firstProperty);
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", firstProperty3);
        cryptoConfig.setProp(properties);
        rampartConfig.setSigCryptoConfig(cryptoConfig);
        Policy policy = new Policy();
        policy.addAssertion(rampartConfig);
        return policy;
    }

    public static void addUser() {
        ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
        InMemoryPasswordCallbackHandler.addUser(serverConfiguration.getFirstProperty("Security.KeyStore.KeyAlias"), serverConfiguration.getFirstProperty("Security.KeyStore.KeyPassword"));
    }

    public static Policy getSignOnlyPolicy() throws RegistryException {
        try {
            return PolicyEngine.getPolicy(AXIOMUtil.stringToOM(policyString));
        } catch (Exception e) {
            String str = "error building policy from " + policyString;
            log.error(str);
            throw new RegistryException(str, e);
        }
    }
}
