package com.ibm.ws.wssecurity.handler;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.security.trust10.types.IRSTTemplate;
import com.ibm.websphere.wspolicy.PolicyException;
import com.ibm.websphere.wssecurity.admin.PolicyAttributesConstants;
import com.ibm.ws.policyset.admin.PolicyConstants;
import com.ibm.ws.wspolicy.TraceAndMessageConstants;
import com.ibm.ws.wspolicy.domain.PolicyInputStreamHolder;
import com.ibm.ws.wssecurity.admin.BindingPropertyConstants;
import com.ibm.ws.wssecurity.admin.NamespacePrefixMapperImpl;
import com.ibm.ws.wssecurity.keyinfo.KeyInfoConsumer;
import com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext.WssCustomToken;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.EncryptionInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.KeyEncryptionKeyInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.KeyInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.Properties;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SecurityBinding;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SecurityBindings;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SecurityInboundBindingConfig;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SecurityOutboundBindingConfig;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SigningInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.SigningKeyInfo;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.TokenConsumer;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.TokenGenerator;
import com.ibm.xmlns.prod.websphere._200608.ws_securitybinding.ValueType;
import com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.Caller;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Random;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
import javax.xml.namespace.QName;
import org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.HeaderType;
import org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.SecureConversationTokenType;
import org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.TokenAssertionType;
import org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.EmptyType;
import org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.NestedPolicyType;
import org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.QNameAssertionType;
import org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SePartsType;
import org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SerElementsType;
import org.w3.ns.ws_policy.OperatorContentType;
import org.w3c.dom.Element;
import org.xmlsoap.schemas.ws._2004._09.policy.Policy;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/handler/WSSecurityAssertionTransform.class */
public class WSSecurityAssertionTransform {
    private static final String comp = "security.wssecurity";
    protected static final String PACKAGE_SEC_POL12 = "org.oasis_open.docs.ws_sx.ws_securitypolicy._200702";
    protected static final String PACKAGE_SEC_POL12_DRAFT = "org.oasis_open.docs.ws_sx.ws_securitypolicy._200512";
    protected static final String PACKAGE_POL12 = "org.xmlsoap.schemas.ws._2004._09.policy";
    protected static final String PACKAGE_POL15 = "org.w3.ns.ws_policy";
    protected static final String PACKAGE_SEC_EXT10 = "com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext";
    protected static final String PACKAGE_SEC_EXT11 = "com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext";
    protected static final String PACKAGE_SEC_BINDING10 = "com.ibm.xmlns.prod.websphere._200608.ws_securitybinding";
    protected static final String PACKAGE_SEC_BINDING11 = "com.ibm.xmlns.prod.websphere._200710.ws_securitybinding";
    private static final String NAMESPACE_WSU = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
    private static final String POLICY15_NAMESPACE = "http://www.w3.org/ns/ws-policy";
    private static final String PROPERTY_requireDerivedKey = "com.ibm.websphere.wssecurity.requireDerivedKey";
    private static final String PROPERTY_keyIdentifier = "com.ibm.websphere.wssecurity.keyIdentifier";
    private static final String PROPERTY_generateImpliedDerivedKey = "com.ibm.ws.wssecurity.token.generateImpliedDerivedKey";
    private static final String PROPERTY_NOPASSWORD = "com.ibm.wsspi.wssecurity.token.IDAssertion.isUsed";
    private static final String URI_WssGssKerberosV5ApReqToken11 = "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ";
    private static final String URI_WssKerberosV5ApReqToken11 = "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5_AP_REQ";
    private static final TraceComponent tc = Tr.register(WSSecurityWSPolicyAssertionProcessor.class, TraceAndMessageConstants.COMPONENT, "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = WSSecurityAssertionTransform.class.getName();
    private static final QName exactlyOne15QName = new QName("http://www.w3.org/ns/ws-policy", "ExactlyOne");
    private static final QName all15QName = new QName("http://www.w3.org/ns/ws-policy", "All");
    private static final QName WSU_ID_QNAME = new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "id");
    protected static int PROVIDER = 1;
    protected static int CLIENT = 2;

    public static InputStream transformForClientConfiguration(PolicyInputStreamHolder policyInputStreamHolder, List<String> list) throws PolicyException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "transformForClientConfiguration");
        }
        if (policyInputStreamHolder == null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No policy to transform:");
            }
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "transformForClientIntersection");
            return null;
        }
        WSSecurityPolicyHolder wSSecurityPolicyHolder = new WSSecurityPolicyHolder(policyInputStreamHolder);
        reverseIncludeTokenAttribute(wSSecurityPolicyHolder);
        addDirectionalAttributesToEncryptSignature(wSSecurityPolicyHolder.getMain());
        Policy convertPolicyFrom15To12 = convertPolicyFrom15To12(wSSecurityPolicyHolder.getMain());
        if (convertPolicyFrom15To12 == null) {
            convertPolicyFrom15To12 = new Policy();
        }
        Policy restoreDirectionalAttributes = restoreDirectionalAttributes(convertPolicyFrom15To12, convertPolicyFrom15To12(wSSecurityPolicyHolder.getInput()), convertPolicyFrom15To12(wSSecurityPolicyHolder.getOutput()));
        nestProtectionTokensInSecureConversationAssertion(restoreDirectionalAttributes);
        try {
            InputStream policyJAXBObjToStream = policyJAXBObjToStream(restoreDirectionalAttributes, "org.xmlsoap.schemas.ws._2004._09.policy:org.oasis_open.docs.ws_sx.ws_securitypolicy._200702:com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext:com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext");
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "transformForClientConfiguration");
            }
            return policyJAXBObjToStream;
        } catch (Exception e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Unable to serialize result Policy" + e.toString());
            }
            throw new PolicyException(e);
        }
    }

    public static PolicyInputStreamHolder transformForPublish(InputStream inputStream, InputStream inputStream2, List<Object> list) throws PolicyException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "transformForPublish");
        }
        if (inputStream == null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No policy to transform:");
            }
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "transformForClientIntersection");
            return null;
        }
        if (inputStream2 == null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No binding. Transformation can not proceed:");
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "transformForClientIntersection");
            }
            throw new PolicyException("binding.xml == null");
        }
        Object inputStreamToJAXB = inputStreamToJAXB(inputStream, "org.xmlsoap.schemas.ws._2004._09.policy:org.oasis_open.docs.ws_sx.ws_securitypolicy._200512:com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext");
        Policy policy = null;
        if (inputStreamToJAXB instanceof Policy) {
            policy = (Policy) inputStreamToJAXB;
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Policy unmarshalled");
        }
        WSSecurityPolicyHolder convertSecuritySchemaTo12 = convertSecuritySchemaTo12(policy);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Policy Schema chanfed to 1.2");
        }
        convertSecuritySchemaTo12.setBindings(inputStreamToJAXB(inputStream2, "com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext:com.ibm.xmlns.prod.websphere._200608.ws_securitybinding:com.ibm.xmlns.prod.websphere._200710.ws_securitybinding"));
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Bindings unmarshalled");
        }
        if (isEncryptSignature(convertSecuritySchemaTo12)) {
            removeSignatureXPath(convertSecuritySchemaTo12);
            addBindingAssertion(PolicyConfigUtil.wssEncryptSignatureQName, convertSecuritySchemaTo12.getMain());
        }
        processKerberosTokens_Provider(convertSecuritySchemaTo12);
        if (encryptBeforeSigning(convertSecuritySchemaTo12.getBindings())) {
            addBindingAssertion(PolicyConfigUtil.wssEncryptBeforeSigningQName, convertSecuritySchemaTo12.getMain());
        }
        processKeyTypeAssertions_Provider(convertSecuritySchemaTo12);
        addMustSupportRefXxx(convertSecuritySchemaTo12.getMain(), convertSecuritySchemaTo12.getBindings(), false, PROVIDER);
        if (!isSignatureConfirmation(convertSecuritySchemaTo12.getBindings())) {
            removeSignatureConfirmation(convertSecuritySchemaTo12);
        }
        caller(convertSecuritySchemaTo12, PROVIDER);
        SC13SecurityContextToken_Provider(convertSecuritySchemaTo12);
        usernameTokens(convertSecuritySchemaTo12, PROVIDER);
        removeEmptyAssertions(convertSecuritySchemaTo12);
        reverseIncludeTokenAttribute(convertSecuritySchemaTo12);
        PolicyInputStreamHolder policyInputStreamHolder = new PolicyInputStreamHolder();
        try {
            policyInputStreamHolder.setMain(policyJAXBObjToStream(convertSecuritySchemaTo12.getMain(), "org.oasis_open.docs.ws_sx.ws_securitypolicy._200702:org.w3.ns.ws_policy:com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext:com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext"));
            policyInputStreamHolder.setInput(policyJAXBObjToStream(convertSecuritySchemaTo12.getInput(), "org.oasis_open.docs.ws_sx.ws_securitypolicy._200702:org.w3.ns.ws_policy:com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext:com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext"));
            policyInputStreamHolder.setOutput(policyJAXBObjToStream(convertSecuritySchemaTo12.getOutput(), "org.oasis_open.docs.ws_sx.ws_securitypolicy._200702:org.w3.ns.ws_policy:com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext:com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext"));
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "transformForPublish");
            }
            return policyInputStreamHolder;
        } catch (Exception e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Unable to serialize transformed Policy" + e.toString());
            }
            throw new PolicyException(e);
        }
    }

    public static PolicyInputStreamHolder transformForClientIntersection(InputStream inputStream, InputStream inputStream2, List<Object> list) throws PolicyException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "transformForClientIntersection");
        }
        if (inputStream == null || inputStream2 == null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No policy or binding to transform:");
            }
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "transformForClientIntersection");
            return null;
        }
        Object inputStreamToJAXB = inputStreamToJAXB(inputStream, "org.xmlsoap.schemas.ws._2004._09.policy:org.oasis_open.docs.ws_sx.ws_securitypolicy._200702:com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext");
        Policy policy = null;
        if (inputStreamToJAXB instanceof Policy) {
            policy = (Policy) inputStreamToJAXB;
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Policy unmarshalled");
        }
        WSSecurityPolicyHolder convertSecuritySchemaTo12 = convertSecuritySchemaTo12(policy);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Policy Schema chanfed to 1.2");
        }
        convertSecuritySchemaTo12.setBindings(inputStreamToJAXB(inputStream2, "com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext:com.ibm.xmlns.prod.websphere._200608.ws_securitybinding:com.ibm.xmlns.prod.websphere._200710.ws_securitybinding"));
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Bindings unmarshalled");
        }
        if (isEncryptSignature(convertSecuritySchemaTo12)) {
            removeSignatureXPath(convertSecuritySchemaTo12);
            addBindingAssertion(PolicyConfigUtil.wssEncryptSignatureQName, convertSecuritySchemaTo12.getMain());
        }
        processKerberosTokens_Client(convertSecuritySchemaTo12);
        if (encryptBeforeSigning(convertSecuritySchemaTo12.getBindings())) {
            addBindingAssertion(PolicyConfigUtil.wssEncryptBeforeSigningQName, convertSecuritySchemaTo12.getMain());
        }
        processKeyTypeAssertions_Client(convertSecuritySchemaTo12);
        addMustSupportRefXxx(convertSecuritySchemaTo12.getMain(), convertSecuritySchemaTo12.getBindings(), false, CLIENT);
        if (!isSignatureConfirmation(convertSecuritySchemaTo12.getBindings())) {
            removeSignatureConfirmation(convertSecuritySchemaTo12);
        }
        caller(convertSecuritySchemaTo12, CLIENT);
        SC13SecurityContextToken_Client(convertSecuritySchemaTo12);
        usernameTokens(convertSecuritySchemaTo12, CLIENT);
        removeEmptyAssertions(convertSecuritySchemaTo12);
        reverseIncludeTokenAttribute(convertSecuritySchemaTo12);
        PolicyInputStreamHolder policyInputStreamHolder = new PolicyInputStreamHolder();
        try {
            policyInputStreamHolder.setMain(policyJAXBObjToStream(convertSecuritySchemaTo12.getMain(), "org.oasis_open.docs.ws_sx.ws_securitypolicy._200702:org.w3.ns.ws_policy:com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext:com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext"));
            policyInputStreamHolder.setInput(policyJAXBObjToStream(convertSecuritySchemaTo12.getInput(), "org.oasis_open.docs.ws_sx.ws_securitypolicy._200702:org.w3.ns.ws_policy:com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext:com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext"));
            policyInputStreamHolder.setOutput(policyJAXBObjToStream(convertSecuritySchemaTo12.getOutput(), "org.oasis_open.docs.ws_sx.ws_securitypolicy._200702:org.w3.ns.ws_policy:com.ibm.xmlns.prod.websphere._200605.ws_securitypolicy_ext:com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext"));
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "transformForClientIntersection");
            }
            return policyInputStreamHolder;
        } catch (Exception e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Unable to serialize transformed Policy" + e.toString());
            }
            throw new PolicyException(e);
        }
    }

    private static WSSecurityPolicyHolder convertSecuritySchemaTo12(Policy policy) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "convertSecuritySchemaTo12");
        }
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        if (policyOrAllOrExactlyOne == null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Nothing to convert");
            }
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "convertSecuritySchemaTo12");
            return null;
        }
        WSSecurityPolicyHolder wSSecurityPolicyHolder = new WSSecurityPolicyHolder();
        org.w3.ns.ws_policy.Policy policy2 = new org.w3.ns.ws_policy.Policy();
        List<Object> policyOrAllOrExactlyOne2 = policy2.getPolicyOrAllOrExactlyOne();
        wSSecurityPolicyHolder.setMain(policy2);
        org.w3.ns.ws_policy.Policy policy3 = new org.w3.ns.ws_policy.Policy();
        List<Object> policyOrAllOrExactlyOne3 = policy3.getPolicyOrAllOrExactlyOne();
        wSSecurityPolicyHolder.setInput(policy3);
        org.w3.ns.ws_policy.Policy policy4 = new org.w3.ns.ws_policy.Policy();
        List<Object> policyOrAllOrExactlyOne4 = policy4.getPolicyOrAllOrExactlyOne();
        wSSecurityPolicyHolder.setOutput(policy4);
        for (Object obj : policyOrAllOrExactlyOne) {
            if (obj instanceof Policy) {
                Policy policy5 = (Policy) obj;
                if (isDirectionID(policy5.getId())) {
                    handleScopedAssertions(obj, policyOrAllOrExactlyOne3, policyOrAllOrExactlyOne4);
                } else {
                    WSSecurityPolicyHolder convertSecuritySchemaTo12 = convertSecuritySchemaTo12(policy5);
                    policyOrAllOrExactlyOne2.addAll(convertSecuritySchemaTo12.getMain().getPolicyOrAllOrExactlyOne());
                    policyOrAllOrExactlyOne3.add(convertSecuritySchemaTo12.getInput().getPolicyOrAllOrExactlyOne());
                    policyOrAllOrExactlyOne4.add(convertSecuritySchemaTo12.getOutput().getPolicyOrAllOrExactlyOne());
                }
            } else if (obj instanceof JAXBElement) {
                policyOrAllOrExactlyOne2.add(handleAssertion(obj, policyOrAllOrExactlyOne3, policyOrAllOrExactlyOne4));
            } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj});
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "convertSecuritySchemaTo12");
        }
        return wSSecurityPolicyHolder;
    }

    private static JAXBElement handleAssertion(Object obj, List<Object> list, List<Object> list2) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "handleAssertion");
        }
        JAXBElement jAXBElement = (JAXBElement) obj;
        QName name = jAXBElement.getName();
        JAXBElement jAXBElement2 = null;
        if (PolicyConfigUtil.asymmetricBindingQName.equals(name)) {
            jAXBElement2 = binding(jAXBElement);
        } else if (PolicyConfigUtil.symmetricBindingQName.equals(name)) {
            jAXBElement2 = binding(jAXBElement);
        } else if (PolicyConfigUtil.supportingTokenQName.equals(name)) {
            supportingToken(jAXBElement, list, list2);
        } else if (PolicyConfigUtil.wss10QName.equals(name)) {
            jAXBElement2 = wss10(jAXBElement);
        } else if (PolicyConfigUtil.wss11QName.equals(name)) {
            jAXBElement2 = wss11(jAXBElement);
        } else if (PolicyConfigUtil.trust10QName.equals(name)) {
            jAXBElement2 = trust(jAXBElement);
        } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "JAXBElement not handled yet: " + name);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "handleAssertion");
        }
        return jAXBElement2;
    }

    private static void handleScopedAssertions(Object obj, List<Object> list, List<Object> list2) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "handleScopedAssertions");
        }
        Policy policy = (Policy) obj;
        String id = policy.getId();
        if (isDirectionID(id)) {
            for (Object obj2 : policy.getPolicyOrAllOrExactlyOne()) {
                if (obj2 instanceof JAXBElement) {
                    JAXBElement jAXBElement = (JAXBElement) obj2;
                    QName name = jAXBElement.getName();
                    JAXBElement jAXBElement2 = null;
                    if (PolicyConfigUtil.signedPartsQName.equals(name)) {
                        jAXBElement2 = new JAXBElement(PolicyConfigUtil.signedPartsQName12, SePartsType.class, signedParts(jAXBElement));
                    } else if (PolicyConfigUtil.encryptedPartsQName.equals(name)) {
                        jAXBElement2 = new JAXBElement(PolicyConfigUtil.encryptedPartsQName12, SePartsType.class, encryptedParts(jAXBElement));
                    } else if (PolicyConfigUtil.signedElementsQName.equals(name)) {
                        jAXBElement2 = new JAXBElement(PolicyConfigUtil.signedElementsQName12, SerElementsType.class, signedElements(jAXBElement));
                    } else if (PolicyConfigUtil.encryptedElementsQName.equals(name)) {
                        jAXBElement2 = new JAXBElement(PolicyConfigUtil.encryptedElementsQName12, SerElementsType.class, encryptedElements(jAXBElement));
                    } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{name});
                    }
                    if (id.startsWith("request:")) {
                        list.add(jAXBElement2);
                    } else if (id.startsWith("response:")) {
                        list2.add(jAXBElement2);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "handleScopedAssertions");
        }
    }

    private static SerElementsType encryptedElements(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "encryptedElements");
        }
        SerElementsType serElementsType = new SerElementsType();
        List<String> xPath = ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.SerElementsType) jAXBElement.getValue()).getXPath();
        if (xPath != null) {
            serElementsType.getXPath().addAll(xPath);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "encryptedElements");
        }
        return serElementsType;
    }

    private static SerElementsType signedElements(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "signedElements");
        }
        SerElementsType serElementsType = new SerElementsType();
        List<String> xPath = ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.SerElementsType) jAXBElement.getValue()).getXPath();
        if (xPath != null) {
            serElementsType.getXPath().addAll(xPath);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "signedElements");
        }
        return serElementsType;
    }

    private static SePartsType encryptedParts(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "encryptedParts");
        }
        SePartsType sePartsType = new SePartsType();
        org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.SePartsType sePartsType2 = (org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.SePartsType) jAXBElement.getValue();
        if (sePartsType2.getBody() != null) {
            sePartsType.setBody(new EmptyType());
        }
        List<HeaderType> header = sePartsType2.getHeader();
        if (header != null) {
            Iterator<HeaderType> it = header.iterator();
            while (it.hasNext()) {
                String namespace = it.next().getNamespace();
                org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.HeaderType headerType = new org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.HeaderType();
                headerType.setNamespace(namespace);
                sePartsType.getHeader().add(headerType);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "encryptedParts");
        }
        return sePartsType;
    }

    private static SePartsType signedParts(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "signedParts");
        }
        SePartsType sePartsType = new SePartsType();
        org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.SePartsType sePartsType2 = (org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.SePartsType) jAXBElement.getValue();
        if (sePartsType2.getBody() != null) {
            sePartsType.setBody(new EmptyType());
        }
        List<HeaderType> header = sePartsType2.getHeader();
        if (header != null) {
            Iterator<HeaderType> it = header.iterator();
            while (it.hasNext()) {
                String namespace = it.next().getNamespace();
                org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.HeaderType headerType = new org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.HeaderType();
                headerType.setNamespace(namespace);
                sePartsType.getHeader().add(headerType);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "signedParts");
        }
        return sePartsType;
    }

    private static JAXBElement trust(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "trust");
        }
        NestedPolicyType nestedPolicyType = new NestedPolicyType();
        JAXBElement jAXBElement2 = new JAXBElement(PolicyConfigUtil.trust10QName12, NestedPolicyType.class, nestedPolicyType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        nestedPolicyType.getAny().add(policy);
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        for (Object obj : ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) jAXBElement.getValue()).getPolicy().getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof Element) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "JAXBElement not handled yet: ", new Object[]{obj});
                }
            } else if (obj instanceof JAXBElement) {
                policyOrAllOrExactlyOne.add(new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, ((JAXBElement) obj).getName().getLocalPart()), EmptyType.class, new EmptyType()));
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "trust10");
        }
        return jAXBElement2;
    }

    private static JAXBElement wss11(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "wss11");
        }
        NestedPolicyType nestedPolicyType = new NestedPolicyType();
        JAXBElement jAXBElement2 = new JAXBElement(PolicyConfigUtil.wss11QName12, NestedPolicyType.class, nestedPolicyType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        nestedPolicyType.getAny().add(policy);
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        for (Object obj : ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) jAXBElement.getValue()).getPolicy().getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof Element) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj});
                }
            } else if (obj instanceof JAXBElement) {
                policyOrAllOrExactlyOne.add(new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, ((JAXBElement) obj).getName().getLocalPart()), QNameAssertionType.class, new QNameAssertionType()));
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "wss11");
        }
        return jAXBElement2;
    }

    private static JAXBElement wss10(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "wss10");
        }
        NestedPolicyType nestedPolicyType = new NestedPolicyType();
        JAXBElement jAXBElement2 = new JAXBElement(PolicyConfigUtil.wss10QName12, NestedPolicyType.class, nestedPolicyType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        nestedPolicyType.getAny().add(policy);
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        for (Object obj : ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) jAXBElement.getValue()).getPolicy().getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof Element) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj});
                }
            } else if (obj instanceof JAXBElement) {
                policyOrAllOrExactlyOne.add(new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, ((JAXBElement) obj).getName().getLocalPart()), EmptyType.class, new EmptyType()));
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "wss10");
        }
        return jAXBElement2;
    }

    private static void supportingToken(JAXBElement jAXBElement, List<Object> list, List<Object> list2) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "supportingToken");
        }
        JAXBElement protectionToken = getProtectionToken(jAXBElement);
        String id = ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) jAXBElement.getValue()).getPolicy().getId();
        if (id.startsWith("request:")) {
            list.add(protectionToken);
        } else if (id.startsWith("response:")) {
            list2.add(protectionToken);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "supportingToken");
        }
    }

    private static JAXBElement binding(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, PolicyConstants.BINDING);
        }
        QName name = jAXBElement.getName();
        NestedPolicyType nestedPolicyType = new NestedPolicyType();
        JAXBElement jAXBElement2 = new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, name.getLocalPart(), "sp"), NestedPolicyType.class, nestedPolicyType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        nestedPolicyType.getAny().add(policy);
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        for (Object obj : ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) jAXBElement.getValue()).getPolicy().getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof Element) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj});
                }
            } else if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement3 = (JAXBElement) obj;
                String localPart = jAXBElement3.getName().getLocalPart();
                if (isProtectionToken(localPart)) {
                    policyOrAllOrExactlyOne.add(getProtectionToken(jAXBElement3));
                } else if (PolicyConfigUtil.algorithmSuiteQName.getLocalPart().equals(localPart)) {
                    policyOrAllOrExactlyOne.add(algorithmSuite(jAXBElement3));
                } else if (PolicyConfigUtil.layoutQName.getLocalPart().equals(localPart)) {
                    policyOrAllOrExactlyOne.add(layout(jAXBElement3));
                } else if (PolicyConfigUtil.wssIncludeTimestampQName.getLocalPart().equals(localPart)) {
                    policyOrAllOrExactlyOne.add(new JAXBElement(PolicyConfigUtil.wssIncludeTimestampQName12, EmptyType.class, new QNameAssertionType()));
                } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{localPart});
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, PolicyConstants.BINDING);
        }
        return jAXBElement2;
    }

    private static JAXBElement layout(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "layout");
        }
        NestedPolicyType nestedPolicyType = new NestedPolicyType();
        JAXBElement jAXBElement2 = new JAXBElement(PolicyConfigUtil.layoutQName12, NestedPolicyType.class, nestedPolicyType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        nestedPolicyType.getAny().add(policy);
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        for (Object obj : ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) jAXBElement.getValue()).getPolicy().getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof Element) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj});
                }
            } else if (obj instanceof JAXBElement) {
                policyOrAllOrExactlyOne.add(new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, ((JAXBElement) obj).getName().getLocalPart()), EmptyType.class, new QNameAssertionType()));
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "layout");
        }
        return jAXBElement2;
    }

    private static JAXBElement algorithmSuite(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "algorithmSuite");
        }
        NestedPolicyType nestedPolicyType = new NestedPolicyType();
        JAXBElement jAXBElement2 = new JAXBElement(PolicyConfigUtil.algorithmSuiteQName12, NestedPolicyType.class, nestedPolicyType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        nestedPolicyType.getAny().add(policy);
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        for (Object obj : ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) jAXBElement.getValue()).getPolicy().getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof Element) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj});
                }
            } else if (obj instanceof JAXBElement) {
                policyOrAllOrExactlyOne.add(new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, ((JAXBElement) obj).getName().getLocalPart()), EmptyType.class, new QNameAssertionType()));
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "algorithmSuite");
        }
        return jAXBElement2;
    }

    private static JAXBElement getProtectionToken(JAXBElement jAXBElement) {
        JAXBElement token;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getProtectionToken");
        }
        QName qName = new QName(PolicyConfigUtil.secPolicy12NS, jAXBElement.getName().getLocalPart());
        NestedPolicyType nestedPolicyType = new NestedPolicyType();
        JAXBElement jAXBElement2 = new JAXBElement(qName, NestedPolicyType.class, nestedPolicyType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        nestedPolicyType.getAny().add(policy);
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        if (jAXBElement.getValue() instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) {
            org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType nestedPolicyType2 = (org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) jAXBElement.getValue();
            if (nestedPolicyType2.getPolicy() != null) {
                for (Object obj : nestedPolicyType2.getPolicy().getPolicyOrAllOrExactlyOne()) {
                    if (obj instanceof Element) {
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj});
                        }
                    } else if ((obj instanceof JAXBElement) && (token = getToken((JAXBElement) obj)) != null) {
                        policyOrAllOrExactlyOne.add(token);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getProtectionToken");
        }
        return jAXBElement2;
    }

    private static JAXBElement getToken(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getToken");
        }
        QName name = jAXBElement.getName();
        String includeToken = name.equals(PolicyConfigUtil.SecureConversationTokenQName) ? ((SecureConversationTokenType) jAXBElement.getValue()).getIncludeToken() : ((TokenAssertionType) jAXBElement.getValue()).getIncludeToken();
        JAXBElement jAXBElement2 = null;
        String localPart = name.getLocalPart();
        if (localPart.equals(PolicyAttributesConstants.X509TOKEN) || localPart.equals("UsernameToken") || localPart.equals(PolicyConfigUtil.KerberosTokenQName)) {
            jAXBElement2 = x509Token(jAXBElement);
        } else if (localPart.equals(PolicyAttributesConstants.SC_TOKEN)) {
            jAXBElement2 = secureConversation(jAXBElement);
        } else if (localPart.equals(PolicyAttributesConstants.LTPA_TOKEN)) {
            jAXBElement2 = ltpaToken(jAXBElement);
        } else if (localPart.equals(PolicyAttributesConstants.LTPA_PROPGATION_TOKEN)) {
            jAXBElement2 = ltpaToken(jAXBElement);
        } else if (localPart.equals(PolicyAttributesConstants.CUSTOM_TOKEN)) {
            jAXBElement2 = customToken(jAXBElement);
        } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{localPart});
        }
        if (includeToken != "" && includeToken != null) {
            String changeNamespace = changeNamespace(includeToken);
            if (name.equals(PolicyConfigUtil.SecureConversationTokenQName)) {
                ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType) jAXBElement2.getValue()).setIncludeToken(changeNamespace);
            } else {
                ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) jAXBElement2.getValue()).setIncludeToken(changeNamespace);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getToken");
        }
        return jAXBElement2;
    }

    private static String changeNamespace(String str) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "changeNamespace");
        }
        String str2 = null;
        if (str != null && str.lastIndexOf(47) != -1) {
            str2 = str.replaceAll("http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512", PolicyConfigUtil.secPolicy12NS);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "changeNamespace", new Object[]{str2});
        }
        return str2;
    }

    private static JAXBElement ltpaToken(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "ltpaToken");
        }
        JAXBElement jAXBElement2 = new JAXBElement(jAXBElement.getName(), org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType.class, new org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType());
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "ltpaToken");
        }
        return jAXBElement2;
    }

    private static JAXBElement customToken(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "customToken");
        }
        org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType tokenAssertionType = new org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType();
        JAXBElement jAXBElement2 = new JAXBElement(new QName("http://www.ibm.com/xmlns/prod/websphere/200710/ws-securitypolicy-ext", jAXBElement.getName().getLocalPart()), org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType.class, tokenAssertionType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        tokenAssertionType.getAny().add(policy);
        List<Object> any = ((TokenAssertionType) jAXBElement.getValue()).getAny();
        if (any != null && any.size() > 0) {
            Object obj = any.get(0);
            if (obj instanceof Policy) {
                for (Object obj2 : ((Policy) obj).getPolicyOrAllOrExactlyOne()) {
                    if (obj2 instanceof WssCustomToken) {
                        WssCustomToken wssCustomToken = (WssCustomToken) obj2;
                        com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext.WssCustomToken wssCustomToken2 = new com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext.WssCustomToken();
                        wssCustomToken2.setUri(wssCustomToken.getUri());
                        wssCustomToken2.setLocalname(wssCustomToken.getLocalname());
                        policy.getPolicyOrAllOrExactlyOne().add(wssCustomToken2);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "customToken");
        }
        return jAXBElement2;
    }

    private static JAXBElement x509Token(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "x509Token");
        }
        QName name = jAXBElement.getName();
        Object obj = ((TokenAssertionType) jAXBElement.getValue()).getAny().get(0);
        List<Object> policyOrAllOrExactlyOne = obj instanceof Policy ? ((Policy) obj).getPolicyOrAllOrExactlyOne() : null;
        org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType tokenAssertionType = new org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType();
        JAXBElement jAXBElement2 = new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, name.getLocalPart()), org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType.class, tokenAssertionType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        tokenAssertionType.getAny().add(policy);
        List<Object> policyOrAllOrExactlyOne2 = policy.getPolicyOrAllOrExactlyOne();
        for (Object obj2 : policyOrAllOrExactlyOne) {
            if (obj2 instanceof Element) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj2});
                }
            } else if (obj2 instanceof JAXBElement) {
                policyOrAllOrExactlyOne2.add(new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, ((JAXBElement) obj2).getName().getLocalPart()), EmptyType.class, new QNameAssertionType()));
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "x509Token");
        }
        return jAXBElement2;
    }

    private static JAXBElement secureConversation(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "secureConversation");
        }
        List<Object> any = ((SecureConversationTokenType) jAXBElement.getValue()).getAny();
        org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType secureConversationTokenType = new org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType();
        JAXBElement jAXBElement2 = new JAXBElement(PolicyConfigUtil.SecureConversationTokenQName12, org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType.class, secureConversationTokenType);
        org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
        secureConversationTokenType.getAny().add(policy);
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        Object obj = any.get(0);
        if (obj instanceof Policy) {
            any = ((Policy) obj).getPolicyOrAllOrExactlyOne();
        } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj});
        }
        for (Object obj2 : any) {
            if (obj2 instanceof Element) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj2});
                }
            } else if (obj2 instanceof JAXBElement) {
                JAXBElement jAXBElement3 = (JAXBElement) obj2;
                QName name = jAXBElement3.getName();
                if (name.equals(PolicyConfigUtil.bootstrapPolicyQName)) {
                    policyOrAllOrExactlyOne.add(bootstrap(((org.oasis_open.docs.ws_sx.ws_securitypolicy._200512.NestedPolicyType) jAXBElement3.getValue()).getPolicy()));
                } else if (name.equals(PolicyConfigUtil.SC200502SecurityContextTokenQName)) {
                    policyOrAllOrExactlyOne.add(new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, name.getLocalPart()), QNameAssertionType.class, new QNameAssertionType()));
                } else {
                    policyOrAllOrExactlyOne.add(new JAXBElement(new QName(PolicyConfigUtil.secPolicy12NS, name.getLocalPart()), QNameAssertionType.class, new QNameAssertionType()));
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "secureConversation");
        }
        return jAXBElement2;
    }

    private static JAXBElement bootstrap(Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, BindingPropertyConstants.BOOTSTRAP);
        }
        Policy policy = null;
        if (obj instanceof Policy) {
            policy = (Policy) obj;
        } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Unrecognized element found in PolicySet", new Object[]{obj});
        }
        NestedPolicyType nestedPolicyType = new NestedPolicyType();
        JAXBElement jAXBElement = new JAXBElement(PolicyConfigUtil.bootstrapPolicyQName12, NestedPolicyType.class, nestedPolicyType);
        org.w3.ns.ws_policy.Policy policy2 = new org.w3.ns.ws_policy.Policy();
        nestedPolicyType.getAny().add(policy2);
        List<Object> policyOrAllOrExactlyOne = policy2.getPolicyOrAllOrExactlyOne();
        WSSecurityPolicyHolder convertSecuritySchemaTo12 = convertSecuritySchemaTo12(policy);
        if (isEncryptSignature(convertSecuritySchemaTo12)) {
            removeSignatureXPath(convertSecuritySchemaTo12);
            addBindingAssertion(PolicyConfigUtil.wssEncryptSignatureQName, convertSecuritySchemaTo12.getMain());
        }
        removeSignatureConfirmation(convertSecuritySchemaTo12);
        addMustSupportRefXxx(convertSecuritySchemaTo12.getMain(), convertSecuritySchemaTo12.getBindings(), true, CLIENT);
        removeEmptyAssertions(convertSecuritySchemaTo12);
        policyOrAllOrExactlyOne.addAll(convertSecuritySchemaTo12.getMain().getPolicyOrAllOrExactlyOne());
        if (isProtectionTokensIdentical(convertSecuritySchemaTo12.getInput(), convertSecuritySchemaTo12.getOutput())) {
            policyOrAllOrExactlyOne.addAll(convertSecuritySchemaTo12.getInput().getPolicyOrAllOrExactlyOne());
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, BindingPropertyConstants.BOOTSTRAP);
        }
        return jAXBElement;
    }

    private static boolean isProtectionTokensIdentical(org.w3.ns.ws_policy.Policy policy, org.w3.ns.ws_policy.Policy policy2) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isProtectionTokensIdentical");
        }
        boolean z = true;
        if (policy == null && policy2 == null) {
            return true;
        }
        if (policy == null || policy2 == null) {
            return false;
        }
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        List<Object> policyOrAllOrExactlyOne2 = policy2.getPolicyOrAllOrExactlyOne();
        if (policyOrAllOrExactlyOne == null && policyOrAllOrExactlyOne2 == null) {
            return true;
        }
        if (policyOrAllOrExactlyOne == null || policyOrAllOrExactlyOne2 == null) {
            return false;
        }
        if (policyOrAllOrExactlyOne.size() == 0 && policyOrAllOrExactlyOne2.size() == 0) {
            return true;
        }
        if (policyOrAllOrExactlyOne.size() == 0 || policyOrAllOrExactlyOne2.size() == 0 || policyOrAllOrExactlyOne.size() != policyOrAllOrExactlyOne2.size()) {
            return false;
        }
        Iterator<Object> it = policyOrAllOrExactlyOne.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if (next instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) next;
                String localPart = jAXBElement.getName().getLocalPart();
                Object value = jAXBElement.getValue();
                if (value instanceof SerElementsType) {
                    if (!isMatchingElement(localPart, ((SerElementsType) value).getXPath(), policyOrAllOrExactlyOne2)) {
                        z = false;
                        break;
                    }
                } else if (value instanceof SePartsType) {
                    SePartsType sePartsType = (SePartsType) value;
                    if (!isMatchingPart(localPart, sePartsType.getHeader(), sePartsType.getBody() != null, policyOrAllOrExactlyOne2)) {
                        z = false;
                        break;
                    }
                } else {
                    continue;
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isProtectionTokensIdentical", Boolean.valueOf(z));
        }
        return z;
    }

    private static boolean isMatchingElement(String str, List<String> list, List<Object> list2) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isMatchingElement", new Object[]{str});
        }
        boolean z = true;
        Iterator<Object> it = list2.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if (next instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) next;
                if (str.equals(jAXBElement.getName().getLocalPart())) {
                    Object value = jAXBElement.getValue();
                    if (value instanceof SerElementsType) {
                        List<String> xPath = ((SerElementsType) value).getXPath();
                        ArrayList arrayList = new ArrayList(xPath);
                        arrayList.removeAll(new ArrayList(list));
                        if (arrayList.size() > 0) {
                            z = false;
                        } else {
                            ArrayList arrayList2 = new ArrayList(list);
                            arrayList2.removeAll(new ArrayList(xPath));
                            if (arrayList2.size() > 0) {
                                z = false;
                            }
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isMatchingElement", Boolean.valueOf(z));
        }
        return z;
    }

    private static boolean isMatchingPart(String str, List<org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.HeaderType> list, boolean z, List<Object> list2) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isMatchingPart", new Object[]{str});
        }
        boolean z2 = true;
        List<String> headerTypeToString = headerTypeToString(list);
        Iterator<Object> it = list2.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if (next instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) next;
                if (str.equals(jAXBElement.getName().getLocalPart())) {
                    Object value = jAXBElement.getValue();
                    if (value instanceof SePartsType) {
                        SePartsType sePartsType = (SePartsType) value;
                        if (sePartsType.getBody() != null && !z) {
                            z2 = false;
                        } else if (sePartsType.getBody() == null && z) {
                            z2 = false;
                        } else {
                            List<String> headerTypeToString2 = headerTypeToString(sePartsType.getHeader());
                            ArrayList arrayList = new ArrayList(headerTypeToString2);
                            arrayList.removeAll(new ArrayList(headerTypeToString));
                            if (arrayList.size() > 0) {
                                z2 = false;
                            } else {
                                ArrayList arrayList2 = new ArrayList(headerTypeToString);
                                arrayList2.removeAll(new ArrayList(headerTypeToString2));
                                if (arrayList2.size() > 0) {
                                    z2 = false;
                                }
                            }
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isMatchingPart", Boolean.valueOf(z2));
        }
        return z2;
    }

    private static List<String> headerTypeToString(List<org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.HeaderType> list) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < list.size(); i++) {
            arrayList.add(list.get(i).getNamespace());
        }
        return arrayList;
    }

    private static boolean isDirectionID(String str) {
        boolean z;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "retrieveAssertions");
        }
        if (str == null) {
            z = false;
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No wsu:Id for Policy element found; ignoring.");
            }
        } else if (str.startsWith("request:") || str.startsWith("response:")) {
            z = true;
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Matching request or response wsu:Id found: " + str);
            }
        } else {
            z = false;
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "wsu:Id found not applicable for request or response messages: " + str);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "retrieveAssertions");
        }
        return z;
    }

    private static boolean isProtectionToken(String str) {
        return "InitiatorToken".equals(str) || "RecipientToken".equals(str) || "InitiatorSignatureToken".equals(str) || "RecipientSignatureToken".equals(str) || "InitiatorEncryptionToken".equals(str) || "RecipientEncryptionToken".equals(str) || PolicyAttributesConstants.ENCRYPTION_TOKEN.equals(str) || PolicyAttributesConstants.SIGNATURE_TOKEN.equals(str) || PolicyAttributesConstants.PROTECTION_TOKEN.equals(str);
    }

    private static void removenewXPathFromExncryptedElements(org.w3.ns.ws_policy.Policy policy, String str) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "removenewXPathFromExncryptedElements");
        }
        for (Object obj : policy.getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) obj;
                if (PolicyConfigUtil.encryptedElementsQName12.equals(jAXBElement.getName())) {
                    List<String> xPath = ((SerElementsType) jAXBElement.getValue()).getXPath();
                    ArrayList arrayList = new ArrayList();
                    if (xPath != null) {
                        for (int i = 0; i < xPath.size(); i++) {
                            String str2 = xPath.get(i);
                            if (!str2.equals(str)) {
                                arrayList.add(str2);
                            }
                        }
                        xPath.clear();
                        xPath.addAll(arrayList);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "removenewXPathFromExncryptedElements");
        }
    }

    private static boolean isEncryptSignature(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isEncryptSignature");
        }
        boolean z = false;
        org.w3.ns.ws_policy.Policy input = wSSecurityPolicyHolder.getInput();
        org.w3.ns.ws_policy.Policy input2 = wSSecurityPolicyHolder.getInput();
        if (checkForEncSigXPath(input) && checkForEncSigXPath(input2)) {
            z = true;
        }
        if (z) {
            z = checkForAnyEncryption(input) && checkForAnyEncryption(input2);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isEncryptSignature");
        }
        return z;
    }

    /* JADX WARN: Removed duplicated region for block: B:28:0x00bd A[EDGE_INSN: B:28:0x00bd->B:29:0x00bd BREAK  A[LOOP:0: B:7:0x0026->B:38:0x0026], SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:37:0x0026 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static boolean checkForEncSigXPath(org.w3.ns.ws_policy.Policy r3) {
        /*
            boolean r0 = com.ibm.ejs.ras.TraceComponent.isAnyTracingEnabled()
            if (r0 == 0) goto L18
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.wssecurity.handler.WSSecurityAssertionTransform.tc
            boolean r0 = r0.isEntryEnabled()
            if (r0 == 0) goto L18
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.wssecurity.handler.WSSecurityAssertionTransform.tc
            java.lang.String r1 = "checkForEncSigXPath"
            com.ibm.ejs.ras.Tr.entry(r0, r1)
        L18:
            r0 = 0
            r4 = r0
            r0 = r3
            java.util.List r0 = r0.getPolicyOrAllOrExactlyOne()
            r5 = r0
            r0 = r5
            java.util.Iterator r0 = r0.iterator()
            r6 = r0
        L26:
            r0 = r6
            boolean r0 = r0.hasNext()
            if (r0 == 0) goto Lbd
            r0 = r6
            java.lang.Object r0 = r0.next()
            r7 = r0
            r0 = r7
            boolean r0 = r0 instanceof javax.xml.bind.JAXBElement
            if (r0 == 0) goto Lba
            r0 = r7
            javax.xml.bind.JAXBElement r0 = (javax.xml.bind.JAXBElement) r0
            r8 = r0
            r0 = r8
            javax.xml.namespace.QName r0 = r0.getName()
            r9 = r0
            javax.xml.namespace.QName r0 = com.ibm.ws.wssecurity.handler.PolicyConfigUtil.encryptedElementsQName12
            r1 = r9
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto Lba
            r0 = r8
            java.lang.Object r0 = r0.getValue()
            org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SerElementsType r0 = (org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SerElementsType) r0
            r10 = r0
            r0 = r10
            java.util.List r0 = r0.getXPath()
            r11 = r0
            r0 = r11
            java.util.Iterator r0 = r0.iterator()
            r12 = r0
        L72:
            r0 = r12
            boolean r0 = r0.hasNext()
            if (r0 == 0) goto Lb1
            r0 = r12
            java.lang.Object r0 = r0.next()
            java.lang.String r0 = (java.lang.String) r0
            r13 = r0
            r0 = r13
            java.lang.String r1 = "/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://www.w3.org/2000/09/xmldsig#' and local-name()='Signature']"
            boolean r0 = r0.equals(r1)
            if (r0 != 0) goto L9e
            r0 = r13
            java.lang.String r1 = "/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://www.w3.org/2000/09/xmldsig#' and local-name()='Signature']"
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto Lae
        L9e:
            r0 = r11
            int r0 = r0.size()
            r1 = 1
            if (r0 <= r1) goto Lb1
            r0 = 1
            r4 = r0
            goto Lb1
        Lae:
            goto L72
        Lb1:
            r0 = 1
            r1 = r0
            r4 = r1
            if (r0 == 0) goto Lba
            goto Lbd
        Lba:
            goto L26
        Lbd:
            boolean r0 = com.ibm.ejs.ras.TraceComponent.isAnyTracingEnabled()
            if (r0 == 0) goto Ld5
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.wssecurity.handler.WSSecurityAssertionTransform.tc
            boolean r0 = r0.isEntryEnabled()
            if (r0 == 0) goto Ld5
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.wssecurity.handler.WSSecurityAssertionTransform.tc
            java.lang.String r1 = "checkForEncSigXPath"
            com.ibm.ejs.ras.Tr.exit(r0, r1)
        Ld5:
            r0 = r4
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.wssecurity.handler.WSSecurityAssertionTransform.checkForEncSigXPath(org.w3.ns.ws_policy.Policy):boolean");
    }

    private static boolean checkForAnyEncryption(org.w3.ns.ws_policy.Policy policy) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "checkForEncSigParts");
        }
        boolean z = false;
        Iterator<Object> it = policy.getPolicyOrAllOrExactlyOne().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if (next instanceof JAXBElement) {
                if (PolicyConfigUtil.encryptedPartsQName12.equals(((JAXBElement) next).getName())) {
                    z = true;
                    break;
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "checkForEncSigParts" + z);
        }
        return z;
    }

    private static void addBindingAssertion(QName qName, org.w3.ns.ws_policy.Policy policy) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "addBindingAssertion");
        }
        for (Object obj : policy.getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) obj;
                QName name = jAXBElement.getName();
                if (PolicyConfigUtil.asymmetricBindingQName12.equals(name) || PolicyConfigUtil.symmetricBindingQName12.equals(name)) {
                    getSubAssertions(jAXBElement).add(new JAXBElement(qName, QNameAssertionType.class, new QNameAssertionType()));
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "addBindingAssertion");
        }
    }

    private static boolean encryptBeforeSigning(Object obj) throws PolicyException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "encryptBeforeSigning");
        }
        boolean z = false;
        if (obj instanceof SecurityBindings) {
            z = encryptBeforeSigning10((SecurityBindings) obj);
        } else if (obj instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            z = encryptBeforeSigning11((com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) obj);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "encryptBeforeSigning");
        }
        return z;
    }

    private static boolean encryptBeforeSigning10(SecurityBindings securityBindings) throws PolicyException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "encryptBeforeSigning10");
        }
        boolean z = false;
        for (SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                SecurityOutboundBindingConfig securityOutboundBindingConfig = securityBinding.getSecurityOutboundBindingConfig();
                List<EncryptionInfo> encryptionInfo = securityOutboundBindingConfig.getEncryptionInfo();
                List<SigningInfo> signingInfo = securityOutboundBindingConfig.getSigningInfo();
                if (encryptionInfo.size() > 0 && signingInfo.size() > 0) {
                    EncryptionInfo encryptionInfo2 = encryptionInfo.get(0);
                    SigningInfo signingInfo2 = signingInfo.get(0);
                    int intValue = new Integer(encryptionInfo2.getOrder()).intValue();
                    int intValue2 = new Integer(signingInfo2.getOrder()).intValue();
                    if (intValue < intValue2) {
                        z = true;
                        for (int i = 0; i < encryptionInfo.size(); i++) {
                            if (new Integer(encryptionInfo.get(i).getOrder()).intValue() > intValue2) {
                                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Ordering of Signing and Encryption is confusing");
                                }
                                throw new PolicyException("WSSecurity. bindings.xml. EncryptionInfo. SigningInfo. order");
                            }
                        }
                    } else {
                        z = false;
                        for (int i2 = 0; i2 < signingInfo.size(); i2++) {
                            if (intValue < new Integer(signingInfo.get(i2).getOrder()).intValue()) {
                                throw new PolicyException("WSSecurity. bindings.xml. EncryptionInfo. SigningInfo. order");
                            }
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "encryptBeforeSigning10");
        }
        return z;
    }

    private static boolean encryptBeforeSigning11(com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings securityBindings) throws PolicyException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "encryptBeforeSigning11");
        }
        boolean z = false;
        for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityOutboundBindingConfig securityOutboundBindingConfig = securityBinding.getSecurityOutboundBindingConfig();
                List<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.EncryptionInfo> encryptionInfo = securityOutboundBindingConfig.getEncryptionInfo();
                List<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SigningInfo> signingInfo = securityOutboundBindingConfig.getSigningInfo();
                if (encryptionInfo.size() > 0 && signingInfo.size() > 0) {
                    com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.EncryptionInfo encryptionInfo2 = encryptionInfo.get(0);
                    com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SigningInfo signingInfo2 = signingInfo.get(0);
                    int intValue = new Integer(encryptionInfo2.getOrder()).intValue();
                    int intValue2 = new Integer(signingInfo2.getOrder()).intValue();
                    if (intValue < intValue2) {
                        z = true;
                        for (int i = 0; i < encryptionInfo.size(); i++) {
                            if (new Integer(encryptionInfo.get(i).getOrder()).intValue() > intValue2) {
                                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Ordering of Signing and Encryption is confusing");
                                }
                                throw new PolicyException("WSSecurity. bindings.xml. EncryptionInfo. SigningInfo. order");
                            }
                        }
                    } else {
                        z = false;
                        for (int i2 = 0; i2 < signingInfo.size(); i2++) {
                            if (intValue < new Integer(signingInfo.get(i2).getOrder()).intValue()) {
                                throw new PolicyException("WSSecurity. bindings.xml. EncryptionInfo. SigningInfo. order");
                            }
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "encryptBeforeSigning11");
        }
        return z;
    }

    private static void usernameTokens(WSSecurityPolicyHolder wSSecurityPolicyHolder, int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "usernameTokens");
        }
        if (i == PROVIDER) {
            ArrayList arrayList = new ArrayList();
            findSubAssertionsInAssertion(wSSecurityPolicyHolder.getInput().getPolicyOrAllOrExactlyOne(), PolicyConfigUtil.usernameTokenQName12, arrayList);
            if (arrayList != null && arrayList.size() > 0 && isNoPassword_Provider(wSSecurityPolicyHolder.getBindings())) {
                Object obj = arrayList.get(0);
                if (obj instanceof JAXBElement) {
                    addQNameAssertionToNestedType((JAXBElement) obj, new QName(PolicyConfigUtil.secPolicy12NS, "NoPassword"));
                }
            }
        } else {
            ArrayList arrayList2 = new ArrayList();
            findSubAssertionsInAssertion(wSSecurityPolicyHolder.getInput().getPolicyOrAllOrExactlyOne(), PolicyConfigUtil.usernameTokenQName12, arrayList2);
            if (arrayList2 != null && arrayList2.size() > 0 && isNoPassword_Client(wSSecurityPolicyHolder.getBindings())) {
                Object obj2 = arrayList2.get(0);
                if (obj2 instanceof JAXBElement) {
                    addQNameAssertionToNestedType((JAXBElement) obj2, new QName(PolicyConfigUtil.secPolicy12NS, "NoPassword"));
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "usernameTokens");
        }
    }

    private static boolean isNoPassword_Provider(Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isNoPassword_Provider");
        }
        boolean z = false;
        boolean z2 = false;
        if (obj instanceof SecurityBindings) {
            for (SecurityBinding securityBinding : ((SecurityBindings) obj).getSecurityBinding()) {
                if (securityBinding.getName().equals("application")) {
                    Iterator<TokenConsumer> it = securityBinding.getSecurityInboundBindingConfig().getTokenConsumer().iterator();
                    while (it.hasNext()) {
                        Iterator<Properties> it2 = it.next().getProperties().iterator();
                        while (true) {
                            if (!it2.hasNext()) {
                                break;
                            }
                            if (it2.next().getName().equals(PROPERTY_NOPASSWORD)) {
                                z = true;
                                z2 = true;
                                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "NoPassword property found in Bindings 10");
                                }
                            }
                        }
                        if (z2) {
                            break;
                        }
                    }
                }
                if (z2) {
                    break;
                }
            }
        } else if (obj instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBinding securityBinding2 : ((com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) obj).getSecurityBinding()) {
                if (securityBinding2.getName().equals("application")) {
                    Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.TokenConsumer> it3 = securityBinding2.getSecurityInboundBindingConfig().getTokenConsumer().iterator();
                    while (it3.hasNext()) {
                        Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.Properties> it4 = it3.next().getProperties().iterator();
                        while (true) {
                            if (!it4.hasNext()) {
                                break;
                            }
                            if (it4.next().getName().equals(PROPERTY_NOPASSWORD)) {
                                z = true;
                                z2 = true;
                                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "NoPassword property found in Bindings 11");
                                }
                            }
                        }
                        if (z2) {
                            break;
                        }
                    }
                }
                if (z2) {
                    break;
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isNoPassword_Provider");
        }
        return z;
    }

    private static boolean isNoPassword_Client(Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isNoPassword_Client");
        }
        boolean z = false;
        boolean z2 = false;
        if (obj instanceof SecurityBindings) {
            for (SecurityBinding securityBinding : ((SecurityBindings) obj).getSecurityBinding()) {
                if (securityBinding.getName().equals("application")) {
                    Iterator<TokenGenerator> it = securityBinding.getSecurityOutboundBindingConfig().getTokenGenerator().iterator();
                    while (it.hasNext()) {
                        Iterator<Properties> it2 = it.next().getProperties().iterator();
                        while (true) {
                            if (!it2.hasNext()) {
                                break;
                            }
                            if (it2.next().getName().equals(PROPERTY_NOPASSWORD)) {
                                z = true;
                                z2 = true;
                                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "NoPassword property found in Bindings 10");
                                }
                            }
                        }
                        if (z2) {
                            break;
                        }
                    }
                }
                if (z2) {
                    break;
                }
            }
        } else if (obj instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBinding securityBinding2 : ((com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) obj).getSecurityBinding()) {
                if (securityBinding2.getName().equals("application")) {
                    Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.TokenGenerator> it3 = securityBinding2.getSecurityOutboundBindingConfig().getTokenGenerator().iterator();
                    while (it3.hasNext()) {
                        Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.Properties> it4 = it3.next().getProperties().iterator();
                        while (true) {
                            if (!it4.hasNext()) {
                                break;
                            }
                            if (it4.next().getName().equals(PROPERTY_NOPASSWORD)) {
                                z = true;
                                z2 = true;
                                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "NoPassword property found in Bindings 11");
                                }
                            }
                        }
                        if (z2) {
                            break;
                        }
                    }
                }
                if (z2) {
                    break;
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isNoPassword_Client");
        }
        return z;
    }

    private static void findSubAssertionsInAssertion(List<Object> list, QName qName, List<Object> list2) {
        for (Object obj : list) {
            if (obj instanceof org.w3.ns.ws_policy.Policy) {
                findSubAssertionsInAssertion(((org.w3.ns.ws_policy.Policy) obj).getPolicyOrAllOrExactlyOne(), qName, list2);
            } else if (obj instanceof Policy) {
                findSubAssertionsInAssertion(((Policy) obj).getPolicyOrAllOrExactlyOne(), qName, list2);
            } else if (obj instanceof JAXBElement) {
                if (((JAXBElement) obj).getName().equals(qName)) {
                    list2.add(obj);
                } else {
                    Object value = ((JAXBElement) obj).getValue();
                    if (value instanceof OperatorContentType) {
                        findSubAssertionsInAssertion(((OperatorContentType) value).getPolicyOrAllOrExactlyOne(), qName, list2);
                    } else if (value instanceof org.xmlsoap.schemas.ws._2004._09.policy.OperatorContentType) {
                        findSubAssertionsInAssertion(((org.xmlsoap.schemas.ws._2004._09.policy.OperatorContentType) value).getPolicyOrAllOrExactlyOne(), qName, list2);
                    } else if (value instanceof NestedPolicyType) {
                        findSubAssertionsInAssertion(((NestedPolicyType) value).getAny(), qName, list2);
                    } else if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) {
                        findSubAssertionsInAssertion(((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) value).getAny(), qName, list2);
                    } else if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType) {
                        findSubAssertionsInAssertion(((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType) value).getAny(), qName, list2);
                    } else if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) {
                        findSubAssertionsInAssertion(((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) value).getAny(), qName, list2);
                    }
                }
            }
        }
    }

    private static void setKeyTypeAssertions(org.w3.ns.ws_policy.Policy policy, HashMap hashMap, HashMap hashMap2) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "setKeyTypeAssertions");
        }
        for (Object obj : policy.getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) obj;
                QName name = jAXBElement.getName();
                if (PolicyConfigUtil.asymmetricBindingQName12.equals(name) || PolicyConfigUtil.symmetricBindingQName12.equals(name)) {
                    for (Object obj2 : getSubAssertions(jAXBElement)) {
                        if (obj2 instanceof JAXBElement) {
                            JAXBElement jAXBElement2 = (JAXBElement) obj2;
                            QName name2 = jAXBElement2.getName();
                            if (isProtectionToken(name2.getLocalPart())) {
                                updateProtectionTokenKeyTypes(hashMap, hashMap2, jAXBElement2, name2, false);
                            }
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "setKeyTypeAssertions");
        }
    }

    private static void updateProtectionTokenKeyTypes(HashMap hashMap, HashMap hashMap2, JAXBElement jAXBElement, QName qName, boolean z) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "updateProtectionTokenKeyTypes");
        }
        for (Object obj : getSubAssertions(jAXBElement)) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement2 = (JAXBElement) obj;
                if (jAXBElement2.getName().equals(PolicyConfigUtil.SecureConversationTokenQName12)) {
                    setKeyTypeForSecureConversation(jAXBElement2, hashMap2, hashMap);
                } else {
                    Object value = jAXBElement2.getValue();
                    if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) {
                        Object obj2 = ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) value).getAny().get(0);
                        if (obj2 instanceof org.w3.ns.ws_policy.Policy) {
                            List<Object> policyOrAllOrExactlyOne = ((org.w3.ns.ws_policy.Policy) obj2).getPolicyOrAllOrExactlyOne();
                            QName qName2 = z ? (QName) hashMap2.get(qName) : (QName) hashMap.get(qName);
                            if (qName2 != null) {
                                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Adding assertion " + qName2 + " to token " + qName);
                                }
                                policyOrAllOrExactlyOne.add(new JAXBElement(qName2, QNameAssertionType.class, new QNameAssertionType()));
                            }
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "updateProtectionTokenKeyTypes");
        }
    }

    private static void setKeyTypeForSecureConversation(JAXBElement jAXBElement, HashMap hashMap, HashMap hashMap2) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "setKeyTypeForSecureConversation");
        }
        for (Object obj : ((org.w3.ns.ws_policy.Policy) ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType) jAXBElement.getValue()).getAny().get(0)).getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement2 = (JAXBElement) obj;
                if (jAXBElement2.getName().equals(PolicyConfigUtil.bootstrapPolicyQName12)) {
                    for (Object obj2 : getSubAssertions(jAXBElement2)) {
                        if (obj2 instanceof JAXBElement) {
                            JAXBElement jAXBElement3 = (JAXBElement) obj2;
                            QName name = jAXBElement3.getName();
                            if (name.equals(PolicyConfigUtil.asymmetricBindingQName12) || name.equals(PolicyConfigUtil.symmetricBindingQName12)) {
                                for (Object obj3 : getSubAssertions(jAXBElement3)) {
                                    if (obj3 instanceof JAXBElement) {
                                        JAXBElement jAXBElement4 = (JAXBElement) obj3;
                                        QName name2 = jAXBElement4.getName();
                                        if (isProtectionToken(name2.getLocalPart())) {
                                            updateProtectionTokenKeyTypes(hashMap2, hashMap, jAXBElement4, name2, true);
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "setKeyTypeForSecureConversation");
        }
    }

    private static QName getQnameForKeyType(String str) {
        if (str == null) {
            return null;
        }
        QName qName = null;
        if (str.equals(KeyInfoConsumer.KEYID)) {
            qName = PolicyConfigUtil.requireKeyIdentifierReferenceQName12;
        } else if (str.equals(KeyInfoConsumer.X509ISSUER)) {
            qName = PolicyConfigUtil.requireIssuerSerialReferenceQName12;
        } else if (str.equals(KeyInfoConsumer.EMB)) {
            qName = PolicyConfigUtil.requireEmbeddedTokenReferenceQName12;
        } else if (str.equals(KeyInfoConsumer.THUMBPRINT)) {
            qName = PolicyConfigUtil.requireThumbprintReferenceQName12;
        } else if (str.equals(KeyInfoConsumer.STRREF)) {
            qName = null;
        }
        return qName;
    }

    private static String getKeyTypeForQName(QName qName) {
        if (qName == null) {
            return null;
        }
        String str = null;
        if (qName.equals(PolicyConfigUtil.requireKeyIdentifierReferenceQName12)) {
            str = KeyInfoConsumer.KEYID;
        } else if (qName.equals(PolicyConfigUtil.requireIssuerSerialReferenceQName12)) {
            str = KeyInfoConsumer.X509ISSUER;
        } else if (qName.equals(PolicyConfigUtil.requireEmbeddedTokenReferenceQName12)) {
            str = KeyInfoConsumer.EMB;
        } else if (qName.equals(PolicyConfigUtil.requireThumbprintReferenceQName12)) {
            str = KeyInfoConsumer.THUMBPRINT;
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isRequireXxxReference(QName qName, Object obj, int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isRequireXxxReference");
        }
        boolean z = false;
        String keyTypeForQName = getKeyTypeForQName(qName);
        if (keyTypeForQName == null) {
            return false;
        }
        if (obj instanceof SecurityBindings) {
            z = isRequireXxxReference10(keyTypeForQName, (SecurityBindings) obj, i);
        } else if (obj instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            z = isRequireXxxReference11(keyTypeForQName, (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) obj, i);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isRequireXxxReference");
        }
        return z;
    }

    private static boolean isRequireXxxReference10(String str, SecurityBindings securityBindings, int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isRequireXxxReference10");
        }
        boolean z = false;
        for (SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                if (i != PROVIDER) {
                    Iterator<KeyInfo> it = securityBinding.getSecurityOutboundBindingConfig().getKeyInfo().iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (str.equals(it.next().getType())) {
                            z = true;
                            break;
                        }
                    }
                } else {
                    Iterator<KeyInfo> it2 = securityBinding.getSecurityInboundBindingConfig().getKeyInfo().iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        if (str.equals(it2.next().getType())) {
                            z = true;
                            break;
                        }
                    }
                }
            }
            if (z) {
                break;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isRequireXxxReference10");
        }
        return z;
    }

    private static boolean isRequireXxxReference11(String str, com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings securityBindings, int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isRequireXxxReference11");
        }
        boolean z = false;
        for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                if (i != PROVIDER) {
                    Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.KeyInfo> it = securityBinding.getSecurityOutboundBindingConfig().getKeyInfo().iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (str.equals(it.next().getType())) {
                            z = true;
                            break;
                        }
                    }
                } else {
                    Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.KeyInfo> it2 = securityBinding.getSecurityInboundBindingConfig().getKeyInfo().iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        if (str.equals(it2.next().getType())) {
                            z = true;
                            break;
                        }
                    }
                }
            }
            if (z) {
                break;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isRequireXxxReference11");
        }
        return z;
    }

    private static void addMustSupportRefXxx(org.w3.ns.ws_policy.Policy policy, Object obj, boolean z, int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "addMustSupportRefXxx");
        }
        if (isRequireXxxReference(PolicyConfigUtil.requireKeyIdentifierReferenceQName12, obj, i)) {
            addAssertion(findWSSXXNestedAssertion(policy, PolicyConfigUtil.wss10QName12), PolicyConfigUtil.MustSupportRefKeyIdentifierQName12);
        }
        if (isRequireXxxReference(PolicyConfigUtil.requireIssuerSerialReferenceQName12, obj, i)) {
            addAssertion(findWSSXXNestedAssertion(policy, PolicyConfigUtil.wss10QName12), PolicyConfigUtil.MustSupportRefIssuerSerialQName12);
        }
        if (isRequireXxxReference(PolicyConfigUtil.requireEmbeddedTokenReferenceQName12, obj, i)) {
            addAssertion(findWSSXXNestedAssertion(policy, PolicyConfigUtil.wss10QName12), PolicyConfigUtil.MustSupportRefEmbeddedToken12);
        }
        if (z) {
            addAssertion(findWSSXXNestedAssertion(policy, PolicyConfigUtil.wss10QName12), PolicyConfigUtil.MustSupportRefExternalURI12);
        }
        if (isRequireXxxReference(PolicyConfigUtil.requireThumbprintReferenceQName12, obj, i)) {
            addAssertion(findWSSXXNestedAssertion(policy, PolicyConfigUtil.wss11QName12), PolicyConfigUtil.MustSupportRefThumbprintQName12);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "addMustSupportRefXxx");
        }
    }

    private static void addAssertion(List<Object> list, QName qName) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "addAssertion");
        }
        boolean z = false;
        Iterator<Object> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if ((next instanceof JAXBElement) && ((JAXBElement) next).getName().equals(qName)) {
                z = true;
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Assertion already in Policy", new Object[]{qName});
                }
            }
        }
        if (!z) {
            list.add(new JAXBElement(qName, QNameAssertionType.class, new QNameAssertionType()));
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "addAssertion");
        }
    }

    private static List<Object> findWSSXXNestedAssertion(org.w3.ns.ws_policy.Policy policy, QName qName) {
        List<Object> any;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "findWSSXXNestedAssertion");
        }
        List<Object> list = null;
        Iterator<Object> it = policy.getPolicyOrAllOrExactlyOne().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if ((next instanceof JAXBElement) && ((JAXBElement) next).getName().equals(qName)) {
                Object value = ((JAXBElement) next).getValue();
                if ((value instanceof NestedPolicyType) && (any = ((NestedPolicyType) value).getAny()) != null && any.size() > 0) {
                    Object obj = any.get(0);
                    if (obj instanceof org.w3.ns.ws_policy.Policy) {
                        list = ((org.w3.ns.ws_policy.Policy) obj).getPolicyOrAllOrExactlyOne();
                        break;
                    }
                }
            }
        }
        if (list == null) {
            NestedPolicyType nestedPolicyType = new NestedPolicyType();
            JAXBElement jAXBElement = new JAXBElement(qName, NestedPolicyType.class, nestedPolicyType);
            org.w3.ns.ws_policy.Policy policy2 = new org.w3.ns.ws_policy.Policy();
            nestedPolicyType.getAny().add(policy2);
            list = policy2.getPolicyOrAllOrExactlyOne();
            policy.getPolicyOrAllOrExactlyOne().add(jAXBElement);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "findWSSXXNestedAssertion");
        }
        return list;
    }

    private static void removeSignatureConfirmation(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "removeSignatureConfirmation");
        }
        removenewXPathFromExncryptedElements(wSSecurityPolicyHolder.getInput(), "/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd' and local-name()='SignatureConfirmation']");
        removenewXPathFromExncryptedElements(wSSecurityPolicyHolder.getInput(), "/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd' and local-name()='SignatureConfirmation']");
        removenewXPathFromExncryptedElements(wSSecurityPolicyHolder.getOutput(), "/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd' and local-name()='SignatureConfirmation']");
        removenewXPathFromExncryptedElements(wSSecurityPolicyHolder.getOutput(), "/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd' and local-name()='SignatureConfirmation']");
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "removeSignatureConfirmation");
        }
    }

    private static void removeSignatureXPath(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "removeSignatureXPath");
        }
        removenewXPathFromExncryptedElements(wSSecurityPolicyHolder.getInput(), "/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://www.w3.org/2000/09/xmldsig#' and local-name()='Signature']");
        removenewXPathFromExncryptedElements(wSSecurityPolicyHolder.getInput(), "/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://www.w3.org/2000/09/xmldsig#' and local-name()='Signature']");
        removenewXPathFromExncryptedElements(wSSecurityPolicyHolder.getOutput(), "/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://www.w3.org/2000/09/xmldsig#' and local-name()='Signature']");
        removenewXPathFromExncryptedElements(wSSecurityPolicyHolder.getOutput(), "/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://www.w3.org/2000/09/xmldsig#' and local-name()='Signature']");
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "removeSignatureXPath");
        }
    }

    private static boolean isSignatureConfirmation(Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isSignatureConfirmation");
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isSignatureConfirmation");
        }
        return false;
    }

    private static void removeEmptyAssertions(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "removeEmptyAssertions");
        }
        removeEmptyAssertionsForSinglePolicy(wSSecurityPolicyHolder.getInput().getPolicyOrAllOrExactlyOne());
        removeEmptyAssertionsForSinglePolicy(wSSecurityPolicyHolder.getOutput().getPolicyOrAllOrExactlyOne());
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "removeEmptyAssertions");
        }
    }

    private static void reverseIncludeTokenAttribute(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "reverseIncludeTokenAttribute");
        }
        org.w3.ns.ws_policy.Policy main = wSSecurityPolicyHolder.getMain();
        if (main == null) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(PolicyConfigUtil.InitiatorEncryptionTokenQName12);
        arrayList.add(PolicyConfigUtil.InitiatorSignatureTokenQName12);
        arrayList.add(PolicyConfigUtil.InitiatorTokenQName12);
        arrayList.add(PolicyConfigUtil.RecipientEncryptionTokenQName12);
        arrayList.add(PolicyConfigUtil.RecipientSignatureTokenQName12);
        arrayList.add(PolicyConfigUtil.RecipientTokenQName12);
        ArrayList arrayList2 = new ArrayList();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            findSubAssertionsInAssertion(main.getPolicyOrAllOrExactlyOne(), (QName) it.next(), arrayList2);
        }
        for (Object obj : arrayList2) {
            if (obj instanceof JAXBElement) {
                for (Object obj2 : getSubAssertions((JAXBElement) obj)) {
                    if (obj2 instanceof JAXBElement) {
                        Object value = ((JAXBElement) obj2).getValue();
                        if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) {
                            swapIncludeTokenAttribute((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) value);
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "reverseIncludeTokenAttribute");
        }
    }

    private static void swapIncludeTokenAttribute(org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType tokenAssertionType) {
        String includeToken = tokenAssertionType.getIncludeToken();
        if (includeToken != null) {
            if (includeToken.equals("http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient")) {
                tokenAssertionType.setIncludeToken("http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToInitiator");
            } else if (includeToken.equals("http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToInitiator")) {
                tokenAssertionType.setIncludeToken("http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient");
            }
        }
    }

    private static void removeEmptyAssertionsForSinglePolicy(List<Object> list) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "removeEmptyAssertionsForSinglePolicy");
        }
        ArrayList arrayList = new ArrayList();
        for (Object obj : list) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) obj;
                QName name = jAXBElement.getName();
                if (PolicyConfigUtil.encryptedElementsQName12.equals(name) || PolicyConfigUtil.signedElementsQName12.equals(name)) {
                    List<String> xPath = ((SerElementsType) jAXBElement.getValue()).getXPath();
                    if (xPath == null || xPath.size() == 0) {
                        arrayList.add(obj);
                    }
                }
            }
        }
        list.removeAll(arrayList);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "removeEmptyAssertionsForSinglePolicy");
        }
    }

    private static void refactorContentEncryptedElements(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "refactorContentEncryptedElements");
        }
        refactorContentEncryptedElements(wSSecurityPolicyHolder.getInput());
        refactorContentEncryptedElements(wSSecurityPolicyHolder.getOutput());
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "refactorContentEncryptedElements");
        }
    }

    private static void refactorContentEncryptedElements(org.w3.ns.ws_policy.Policy policy) {
        List<String> xPath;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "refactorContentEncryptedElements");
        }
        boolean z = false;
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        List<String> list = null;
        List<String> list2 = null;
        JAXBElement jAXBElement = null;
        for (Object obj : policyOrAllOrExactlyOne) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement2 = (JAXBElement) obj;
                if (PolicyConfigUtil.encryptedElementsQName12.equals(jAXBElement2.getName()) && (xPath = ((SerElementsType) jAXBElement2.getValue()).getXPath()) != null) {
                    ArrayList arrayList = new ArrayList();
                    for (String str : xPath) {
                        if (isContentEncryptedElements(str)) {
                            arrayList.add(str);
                            if (!z) {
                                z = true;
                                SerElementsType serElementsType = new SerElementsType();
                                list = serElementsType.getXPath();
                                JAXBElement jAXBElement3 = new JAXBElement(PolicyConfigUtil.encryptedElementsQName12, SerElementsType.class, serElementsType);
                                SerElementsType serElementsType2 = new SerElementsType();
                                list2 = serElementsType2.getXPath();
                                JAXBElement jAXBElement4 = new JAXBElement(PolicyConfigUtil.contentEncryptedElementsQName12, SerElementsType.class, serElementsType2);
                                OperatorContentType operatorContentType = new OperatorContentType();
                                List<Object> policyOrAllOrExactlyOne2 = operatorContentType.getPolicyOrAllOrExactlyOne();
                                policyOrAllOrExactlyOne2.add(jAXBElement3);
                                policyOrAllOrExactlyOne2.add(jAXBElement4);
                                jAXBElement = new JAXBElement(exactlyOne15QName, OperatorContentType.class, operatorContentType);
                            }
                            list.add(str);
                            list2.add(str);
                        }
                    }
                    if (z) {
                        xPath.removeAll(arrayList);
                    }
                }
            }
        }
        if (z) {
            policyOrAllOrExactlyOne.add(jAXBElement);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "refactorContentEncryptedElements");
        }
    }

    private static boolean isContentEncryptedElements(String str) {
        return (str == null || str.equals("/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' and local-name()='Timestamp']") || str.equals("/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://www.w3.org/2000/09/xmldsig#' and local-name()='Signature']") || str.equals("/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='UsernameToken']") || str.equals("/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd' and local-name()='SignatureConfirmation']") || str.equals("/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' and local-name()='Timestamp']") || str.equals("/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://www.w3.org/2000/09/xmldsig#' and local-name()='Signature']") || str.equals("/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='UsernameToken']") || str.equals("/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd' and local-name()='SignatureConfirmation']")) ? false : true;
    }

    private static void getKerberosTokens(List<Object> list, HashMap hashMap) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getKerberosTokens");
        }
        if (list == null || list.size() == 0) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "getKerberosTokens");
                return;
            }
            return;
        }
        for (Object obj : list) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) obj;
                QName name = jAXBElement.getName();
                Object value = jAXBElement.getValue();
                if (isProtectionToken(name.getLocalPart()) || PolicyConfigUtil.supportingTokenQName12.equals(name)) {
                    transformKerberosToken(jAXBElement, hashMap);
                } else if (value instanceof OperatorContentType) {
                    getKerberosTokens(((OperatorContentType) value).getPolicyOrAllOrExactlyOne(), hashMap);
                } else if (value instanceof NestedPolicyType) {
                    getKerberosTokens(((NestedPolicyType) value).getAny(), hashMap);
                }
            } else if (obj instanceof org.w3.ns.ws_policy.Policy) {
                getKerberosTokens(((org.w3.ns.ws_policy.Policy) obj).getPolicyOrAllOrExactlyOne(), hashMap);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getKerberosTokens");
        }
    }

    private static void transformKerberosToken(JAXBElement jAXBElement, HashMap hashMap) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "transformKerberosToken");
        }
        boolean z = false;
        Object value = jAXBElement.getValue();
        String localPart = jAXBElement.getName().getLocalPart();
        if (value instanceof NestedPolicyType) {
            for (Object obj : ((NestedPolicyType) value).getAny()) {
                if (obj instanceof org.w3.ns.ws_policy.Policy) {
                    List<Object> policyOrAllOrExactlyOne = ((org.w3.ns.ws_policy.Policy) obj).getPolicyOrAllOrExactlyOne();
                    ArrayList arrayList = new ArrayList();
                    for (Object obj2 : policyOrAllOrExactlyOne) {
                        if (obj2 instanceof JAXBElement) {
                            JAXBElement jAXBElement2 = (JAXBElement) obj2;
                            if (jAXBElement2.getName().getLocalPart().equals(PolicyAttributesConstants.CUSTOM_TOKEN)) {
                                Object value2 = jAXBElement2.getValue();
                                if (value2 instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) {
                                    org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType tokenAssertionType = (org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) value2;
                                    for (Object obj3 : tokenAssertionType.getAny()) {
                                        if (obj3 instanceof org.w3.ns.ws_policy.Policy) {
                                            Iterator<Object> it = ((org.w3.ns.ws_policy.Policy) obj3).getPolicyOrAllOrExactlyOne().iterator();
                                            while (true) {
                                                if (it.hasNext()) {
                                                    Object next = it.next();
                                                    if (next instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext.WssCustomToken) {
                                                        com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext.WssCustomToken wssCustomToken = (com.ibm.xmlns.prod.websphere._200710.ws_securitypolicy_ext.WssCustomToken) next;
                                                        String localname = wssCustomToken.getLocalname();
                                                        if (localname == null) {
                                                            localname = wssCustomToken.getUri();
                                                        }
                                                        if (localname != null && localname.startsWith("http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1")) {
                                                            z = true;
                                                            org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType tokenAssertionType2 = new org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType();
                                                            JAXBElement jAXBElement3 = new JAXBElement(PolicyConfigUtil.KerberosTokenQName12, org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType.class, tokenAssertionType2);
                                                            org.w3.ns.ws_policy.Policy policy = new org.w3.ns.ws_policy.Policy();
                                                            tokenAssertionType2.getAny().add(policy);
                                                            tokenAssertionType2.setIncludeToken(changeNamespace(tokenAssertionType.getIncludeToken()));
                                                            arrayList.add(jAXBElement3);
                                                            if (localname.equals("http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ")) {
                                                                policy.getPolicyOrAllOrExactlyOne().add(new JAXBElement(PolicyConfigUtil.WssGssKerberosV5ApReqToken11QName12, QNameAssertionType.class, new QNameAssertionType()));
                                                            } else if (localname.equals("http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1")) {
                                                                policy.getPolicyOrAllOrExactlyOne().add(new JAXBElement(PolicyConfigUtil.WssKerberosV5ApReqToken11QName12, QNameAssertionType.class, new QNameAssertionType()));
                                                            }
                                                            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                                                Tr.debug(tc, "Kerberos token found:");
                                                            }
                                                            hashMap.put(localPart, jAXBElement3);
                                                        }
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                    if (z) {
                        policyOrAllOrExactlyOne.clear();
                        policyOrAllOrExactlyOne.addAll(arrayList);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "transformKerberosToken");
        }
    }

    private static void processKerberosTokens_Provider(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "processKerberosTokens_Provider");
        }
        processKerberosTokens(wSSecurityPolicyHolder, true);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "processKerberosTokens_Provider");
        }
    }

    private static void processKerberosTokens_Client(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "processKerberosTokens_Client");
        }
        processKerberosTokens(wSSecurityPolicyHolder, false);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "processKerberosTokens_Client");
        }
    }

    private static void processKerberosTokens(WSSecurityPolicyHolder wSSecurityPolicyHolder, boolean z) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "processKerberosTokens");
        }
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        if (wSSecurityPolicyHolder.getMain() != null) {
            getKerberosTokens(wSSecurityPolicyHolder.getMain().getPolicyOrAllOrExactlyOne(), hashMap);
        }
        if (wSSecurityPolicyHolder.getInput() != null) {
            getKerberosTokens(wSSecurityPolicyHolder.getInput().getPolicyOrAllOrExactlyOne(), hashMap2);
        }
        if (wSSecurityPolicyHolder.getOutput() != null) {
            getKerberosTokens(wSSecurityPolicyHolder.getOutput().getPolicyOrAllOrExactlyOne(), hashMap3);
        }
        if (hashMap.size() == 0 && hashMap2.size() == 0 && hashMap3.size() == 0) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "processKerberosTokens");
                return;
            }
            return;
        }
        Object bindings = wSSecurityPolicyHolder.getBindings();
        if (bindings instanceof SecurityBindings) {
            kerberosBindingCheck10((SecurityBindings) bindings, hashMap, hashMap2, hashMap3, z);
        } else if (bindings instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            kerberosBindingCheck11((com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) bindings, hashMap, hashMap2, hashMap3, z);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "processKerberosTokens");
        }
    }

    private static void kerberosBindingCheck10(SecurityBindings securityBindings, HashMap hashMap, HashMap hashMap2, HashMap hashMap3, boolean z) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "kerberosBindingCheck10");
        }
        for (SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                SecurityOutboundBindingConfig securityOutboundBindingConfig = securityBinding.getSecurityOutboundBindingConfig();
                for (TokenGenerator tokenGenerator : securityOutboundBindingConfig.getTokenGenerator()) {
                    ValueType valueType = tokenGenerator.getValueType();
                    if (valueType != null && "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1".equals(valueType.getUri())) {
                        List<Properties> properties = tokenGenerator.getCallbackHandler().getProperties();
                        handleBindingKerberosTokens(hashMap, hashMap2, hashMap3, z, false, valueType, properties, tokenGenerator.getName(), securityOutboundBindingConfig.getKeyInfo(), securityOutboundBindingConfig.getSigningInfo(), securityOutboundBindingConfig.getEncryptionInfo());
                        locateAndModifyKerberosToken(hashMap, hashMap2, hashMap3, z, false, properties, valueType, PolicyConfigUtil.supportingTokenQName12.getLocalPart());
                    }
                }
            }
            SecurityInboundBindingConfig securityInboundBindingConfig = securityBinding.getSecurityInboundBindingConfig();
            for (TokenConsumer tokenConsumer : securityInboundBindingConfig.getTokenConsumer()) {
                ValueType valueType2 = tokenConsumer.getValueType();
                if (valueType2 != null && "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1".equals(valueType2.getUri())) {
                    List<Properties> properties2 = tokenConsumer.getCallbackHandler().getProperties();
                    handleBindingKerberosTokens(hashMap, hashMap2, hashMap3, z, true, valueType2, properties2, tokenConsumer.getName(), securityInboundBindingConfig.getKeyInfo(), securityInboundBindingConfig.getSigningInfo(), securityInboundBindingConfig.getEncryptionInfo());
                    locateAndModifyKerberosToken(hashMap, hashMap2, hashMap3, z, true, properties2, valueType2, PolicyConfigUtil.supportingTokenQName12.getLocalPart());
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "kerberosBindingCheck10");
        }
    }

    private static void handleBindingKerberosTokens(HashMap hashMap, HashMap hashMap2, HashMap hashMap3, boolean z, boolean z2, ValueType valueType, List<Properties> list, String str, List<KeyInfo> list2, List<SigningInfo> list3, List<EncryptionInfo> list4) {
        String localPart;
        String localPart2;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "handleBindingKerberosTokens");
        }
        boolean z3 = false;
        for (KeyInfo keyInfo : list2) {
            if (str.equals(keyInfo.getTokenReference().getReference())) {
                String name = keyInfo.getName();
                Iterator<SigningInfo> it = list3.iterator();
                while (it.hasNext()) {
                    Iterator<SigningKeyInfo> it2 = it.next().getSigningKeyInfo().iterator();
                    while (true) {
                        if (it2.hasNext()) {
                            if (it2.next().getReference().equals(name)) {
                                z3 = true;
                                break;
                            }
                        } else {
                            break;
                        }
                    }
                }
                if (z3) {
                    if (z) {
                        localPart2 = PolicyConfigUtil.RecipientTokenQName12.getLocalPart();
                        if (!hashMap.containsKey(localPart2)) {
                            localPart2 = PolicyConfigUtil.RecipientSignatureTokenQName12.getLocalPart();
                        }
                    } else {
                        localPart2 = PolicyConfigUtil.InitiatorSignatureTokenQName12.getLocalPart();
                        if (!hashMap.containsKey(localPart2)) {
                            localPart2 = PolicyConfigUtil.InitiatorTokenQName12.getLocalPart();
                        }
                    }
                    if (!hashMap.containsKey(localPart2)) {
                        localPart2 = PolicyConfigUtil.ProtectionTokenQName12.getLocalPart();
                    }
                    if (hashMap.containsKey(localPart2)) {
                        locateAndModifyKerberosToken(hashMap, hashMap2, hashMap3, z, z2, list, valueType, localPart2);
                    }
                }
                z3 = false;
                Iterator<EncryptionInfo> it3 = list4.iterator();
                while (it3.hasNext()) {
                    Iterator<KeyEncryptionKeyInfo> it4 = it3.next().getKeyEncryptionKeyInfo().iterator();
                    while (true) {
                        if (it4.hasNext()) {
                            if (it4.next().getReference().equals(name)) {
                                z3 = true;
                                break;
                            }
                        } else {
                            break;
                        }
                    }
                }
                if (z3) {
                    if (z) {
                        localPart = PolicyConfigUtil.RecipientTokenQName12.getLocalPart();
                        if (!hashMap.containsKey(localPart)) {
                            localPart = PolicyConfigUtil.RecipientEncryptionTokenQName12.getLocalPart();
                        }
                    } else {
                        localPart = PolicyConfigUtil.InitiatorEncryptionTokenQName12.getLocalPart();
                        if (!hashMap.containsKey(localPart)) {
                            localPart = PolicyConfigUtil.InitiatorTokenQName12.getLocalPart();
                        }
                    }
                    if (!hashMap.containsKey(localPart)) {
                        localPart = PolicyConfigUtil.ProtectionTokenQName12.getLocalPart();
                    }
                    if (hashMap.containsKey(localPart)) {
                        locateAndModifyKerberosToken(hashMap, hashMap2, hashMap3, z, z2, list, valueType, localPart);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "handleBindingKerberosTokens");
        }
    }

    private static void locateAndModifyKerberosToken(HashMap hashMap, HashMap hashMap2, HashMap hashMap3, boolean z, boolean z2, List<Properties> list, ValueType valueType, String str) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "locateAndModifyKerberosToken");
        }
        JAXBElement jAXBElement = z ? z2 ? (JAXBElement) hashMap2.get(str) : (JAXBElement) hashMap3.get(str) : z2 ? (JAXBElement) hashMap3.get(str) : (JAXBElement) hashMap2.get(str);
        if (jAXBElement == null) {
            jAXBElement = (JAXBElement) hashMap.get(str);
        }
        if (jAXBElement != null) {
            String localName = valueType.getLocalName();
            if (localName.equals("http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ")) {
                addAssertiontoKerberosToken(jAXBElement, PolicyConfigUtil.WssGssKerberosV5ApReqToken11QName12);
            } else if (localName.equals("http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5_AP_REQ")) {
                addAssertiontoKerberosToken(jAXBElement, PolicyConfigUtil.WssKerberosV5ApReqToken11QName12);
            }
            Iterator<Properties> it = list.iterator();
            while (it.hasNext()) {
                String name = it.next().getName();
                if (name.equals(PROPERTY_keyIdentifier)) {
                    addAssertiontoKerberosToken(jAXBElement, PolicyConfigUtil.requireKeyIdentifierReferenceQName12);
                } else if (name.equals(PROPERTY_requireDerivedKey)) {
                    addAssertiontoKerberosToken(jAXBElement, PolicyConfigUtil.requireDerivedKeysQName12);
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "locateAndModifyKerberosToken");
        }
    }

    private static void kerberosBindingCheck11(com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings securityBindings, HashMap hashMap, HashMap hashMap2, HashMap hashMap3, boolean z) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "kerberosBindingCheck11");
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "kerberosBindingCheck11");
        }
    }

    private static void addAssertiontoKerberosToken(JAXBElement jAXBElement, QName qName) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "addAssertiontoKerberosToken");
        }
        Object value = jAXBElement.getValue();
        if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) {
            org.w3.ns.ws_policy.Policy policy = (org.w3.ns.ws_policy.Policy) ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) value).getAny().get(0);
            policy.getPolicyOrAllOrExactlyOne().add(new JAXBElement(qName, QNameAssertionType.class, new QNameAssertionType()));
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "addAssertiontoKerberosToken");
        }
    }

    private static void caller(WSSecurityPolicyHolder wSSecurityPolicyHolder, int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "caller");
        }
        Object bindings = wSSecurityPolicyHolder.getBindings();
        boolean z = false;
        if (bindings instanceof SecurityBindings) {
            z = isCallerOrder10((SecurityBindings) bindings, i);
        } else if (bindings instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            z = isCallerOrder11((com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) bindings, i);
        }
        callerPolicy(wSSecurityPolicyHolder, z);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "caller");
        }
    }

    private static boolean isCallerOrder10(SecurityBindings securityBindings, int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isCallerOrder10");
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isCallerOrder10");
        }
        return false;
    }

    private static boolean isCallerOrder11(com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings securityBindings, int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isCallerOrder_Client11");
        }
        boolean z = false;
        if (i == PROVIDER) {
            for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
                if (securityBinding.getName().equals("application")) {
                    Iterator<Caller> it = securityBinding.getSecurityInboundBindingConfig().getCaller().iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (it.next().getOrder() != null) {
                            z = true;
                            break;
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isCallerOrder_Client11");
        }
        return z;
    }

    private static void callerPolicy(WSSecurityPolicyHolder wSSecurityPolicyHolder, boolean z) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "callerPolicy", new Object[]{Boolean.valueOf(z)});
        }
        ArrayList arrayList = new ArrayList();
        List<Object> policyOrAllOrExactlyOne = wSSecurityPolicyHolder.getInput().getPolicyOrAllOrExactlyOne();
        for (Object obj : policyOrAllOrExactlyOne) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) obj;
                if (jAXBElement.getName().equals(PolicyConfigUtil.supportingTokenQName12)) {
                    arrayList.add(jAXBElement);
                }
            }
        }
        if (arrayList.size() > 0) {
            policyOrAllOrExactlyOne.removeAll(arrayList);
            OperatorContentType operatorContentType = new OperatorContentType();
            policyOrAllOrExactlyOne.add(new JAXBElement(exactlyOne15QName, OperatorContentType.class, operatorContentType));
            List<Object> policyOrAllOrExactlyOne2 = operatorContentType.getPolicyOrAllOrExactlyOne();
            operatorContentType.getPolicyOrAllOrExactlyOne();
            if (z) {
                OperatorContentType operatorContentType2 = new OperatorContentType();
                policyOrAllOrExactlyOne2.add(new JAXBElement(all15QName, OperatorContentType.class, operatorContentType2));
                operatorContentType2.getPolicyOrAllOrExactlyOne().addAll(arrayList);
            } else {
                for (Object obj2 : arrayList) {
                    OperatorContentType operatorContentType3 = new OperatorContentType();
                    policyOrAllOrExactlyOne2.add(new JAXBElement(all15QName, OperatorContentType.class, operatorContentType3));
                    operatorContentType3.getPolicyOrAllOrExactlyOne().add(obj2);
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "callerPolicy");
        }
    }

    private static void SC13SecurityContextToken_Client(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "SC13SecurityContextToken_Client");
        }
        transformSC13SecurityContextToken(wSSecurityPolicyHolder, isImpliedDerivedKeys_Client(wSSecurityPolicyHolder.getBindings()));
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "SC13SecurityContextToken_Client");
        }
    }

    private static void SC13SecurityContextToken_Provider(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "SC13SecurityContextToken_Provider");
        }
        transformSC13SecurityContextToken(wSSecurityPolicyHolder, isImpliedDerivedKeys_Provider(wSSecurityPolicyHolder.getBindings()));
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "SC13SecurityContextToken_Provider");
        }
    }

    private static void transformSC13SecurityContextToken(WSSecurityPolicyHolder wSSecurityPolicyHolder, boolean z) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "transformSC13SecurityContextToken");
        }
        JAXBElement secureConversationToken = getSecureConversationToken(wSSecurityPolicyHolder.getMain());
        if (secureConversationToken == null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No SecureConversationToken so no context token to transform");
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                Tr.exit(tc, "transformSC13SecurityContextToken");
                return;
            }
            return;
        }
        Object value = secureConversationToken.getValue();
        if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType) {
            List<Object> policyOrAllOrExactlyOne = ((org.w3.ns.ws_policy.Policy) ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType) value).getAny().get(0)).getPolicyOrAllOrExactlyOne();
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            QName qName = new QName(PolicyConfigUtil.secPolicy12NS, "SC200502SecurityContextToken");
            for (Object obj : policyOrAllOrExactlyOne) {
                if (obj instanceof JAXBElement) {
                    QName name = ((JAXBElement) obj).getName();
                    if (qName.equals(name)) {
                        arrayList2.add(new JAXBElement(PolicyConfigUtil.SC13SecurityContextTokenQName, QNameAssertionType.class, new QNameAssertionType()));
                        arrayList.add(obj);
                        if (z) {
                            arrayList2.add(new JAXBElement(PolicyConfigUtil.requireImplicitDerivedKeysQName12, QNameAssertionType.class, new QNameAssertionType()));
                        }
                    } else if (PolicyConfigUtil.requireDerivedKeysQName12.equals(name) && z) {
                        arrayList.add(obj);
                    }
                }
            }
            if (arrayList2.size() > 0) {
                policyOrAllOrExactlyOne.addAll(arrayList2);
            }
            if (arrayList.size() > 0) {
                policyOrAllOrExactlyOne.removeAll(arrayList);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "transformSC13SecurityContextToken");
        }
    }

    private static JAXBElement getSecureConversationToken(org.w3.ns.ws_policy.Policy policy) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecureConversationToken");
        }
        JAXBElement jAXBElement = null;
        boolean z = false;
        for (Object obj : policy.getPolicyOrAllOrExactlyOne()) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement2 = (JAXBElement) obj;
                QName name = jAXBElement2.getName();
                if (PolicyConfigUtil.asymmetricBindingQName12.equals(name) || PolicyConfigUtil.symmetricBindingQName12.equals(name)) {
                    Iterator<Object> it = getSubAssertions(jAXBElement2).iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        Object next = it.next();
                        if (next instanceof JAXBElement) {
                            if (PolicyConfigUtil.ProtectionTokenQName12.equals(((JAXBElement) next).getName())) {
                                jAXBElement = (JAXBElement) getSubAssertions((JAXBElement) next).get(0);
                                z = true;
                                break;
                            }
                        }
                    }
                    if (z) {
                        break;
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecureConversationToken");
        }
        return jAXBElement;
    }

    private static boolean isImpliedDerivedKeys_Client(Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isImpliedDerivedKeys_Client");
        }
        boolean z = false;
        if (obj instanceof SecurityBindings) {
            z = isImpliedDerivedKeys_Client10((SecurityBindings) obj);
        } else if (obj instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            z = isImpliedDerivedKeys_Client11((com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) obj);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isImpliedDerivedKeys_Client");
        }
        return z;
    }

    private static boolean isImpliedDerivedKeys_Provider(Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isImpliedDerivedKeys_Provider");
        }
        boolean z = false;
        if (obj instanceof SecurityBindings) {
            z = isImpliedDerivedKeys_Provider10((SecurityBindings) obj);
        } else if (obj instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            z = isImpliedDerivedKeys_Provider11((com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) obj);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isImpliedDerivedKeys_Provider");
        }
        return z;
    }

    private static boolean isImpliedDerivedKeys_Client10(SecurityBindings securityBindings) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isImpliedDerivedKeys_Client10");
        }
        boolean z = false;
        boolean z2 = false;
        for (SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                for (TokenGenerator tokenGenerator : securityBinding.getSecurityOutboundBindingConfig().getTokenGenerator()) {
                    String localName = tokenGenerator.getValueType().getLocalName();
                    if (localName != null && localName.equals(com.ibm.ws.wssecurity.common.Constants.NS_WSC_SCT_13)) {
                        Iterator<Properties> it = tokenGenerator.getProperties().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            Properties next = it.next();
                            if (next.getName().equals(PROPERTY_generateImpliedDerivedKey)) {
                                if (next.getValue().equals("true")) {
                                    z = true;
                                    z2 = true;
                                }
                            }
                        }
                    }
                    if (z2) {
                        break;
                    }
                }
            }
            if (z2) {
                break;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isImpliedDerivedKeys_Client10");
        }
        return z;
    }

    private static boolean isImpliedDerivedKeys_Client11(com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings securityBindings) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isImpliedDerivedKeys_Client11");
        }
        boolean z = false;
        boolean z2 = false;
        for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.TokenGenerator tokenGenerator : securityBinding.getSecurityOutboundBindingConfig().getTokenGenerator()) {
                    String localName = tokenGenerator.getValueType().getLocalName();
                    if (localName != null && localName.equals(com.ibm.ws.wssecurity.common.Constants.NS_WSC_SCT_13)) {
                        Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.Properties> it = tokenGenerator.getProperties().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.Properties next = it.next();
                            if (next.getName().equals(PROPERTY_generateImpliedDerivedKey)) {
                                if (next.getValue().equals("true")) {
                                    z = true;
                                    z2 = true;
                                }
                            }
                        }
                    }
                    if (z2) {
                        break;
                    }
                }
            }
            if (z2) {
                break;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isImpliedDerivedKeys_Client11");
        }
        return z;
    }

    private static boolean isImpliedDerivedKeys_Provider10(SecurityBindings securityBindings) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isImpliedDerivedKeys_Provider10");
        }
        boolean z = false;
        boolean z2 = false;
        for (SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                for (TokenConsumer tokenConsumer : securityBinding.getSecurityInboundBindingConfig().getTokenConsumer()) {
                    String localName = tokenConsumer.getValueType().getLocalName();
                    if (localName != null && localName.equals(com.ibm.ws.wssecurity.common.Constants.NS_WSC_SCT_13)) {
                        Iterator<Properties> it = tokenConsumer.getProperties().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            Properties next = it.next();
                            if (next.getName().equals(PROPERTY_generateImpliedDerivedKey)) {
                                if (next.getValue().equals("true")) {
                                    z = true;
                                    z2 = true;
                                }
                            }
                        }
                    }
                    if (z2) {
                        break;
                    }
                }
            }
            if (z2) {
                break;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isImpliedDerivedKeys_Provider10");
        }
        return z;
    }

    private static boolean isImpliedDerivedKeys_Provider11(com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings securityBindings) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "isImpliedDerivedKeys_Provider11");
        }
        boolean z = false;
        boolean z2 = false;
        for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.TokenConsumer tokenConsumer : securityBinding.getSecurityInboundBindingConfig().getTokenConsumer()) {
                    String localName = tokenConsumer.getValueType().getLocalName();
                    if (localName != null && localName.equals(com.ibm.ws.wssecurity.common.Constants.NS_WSC_SCT_13)) {
                        Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.Properties> it = tokenConsumer.getProperties().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.Properties next = it.next();
                            if (next.getName().equals(PROPERTY_generateImpliedDerivedKey)) {
                                if (next.getValue().equals("true")) {
                                    z = true;
                                    z2 = true;
                                }
                            }
                        }
                    }
                    if (z2) {
                        break;
                    }
                }
            }
            if (z2) {
                break;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "isImpliedDerivedKeys_Provider11");
        }
        return z;
    }

    private static void processKeyTypeAssertions_Provider(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "processKeyTypeAssertions_Provider");
        }
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        populateKeyTablesProvider(hashMap, hashMap2, wSSecurityPolicyHolder.getBindings());
        setKeyTypeAssertions(wSSecurityPolicyHolder.getMain(), hashMap, hashMap2);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "processKeyTypeAssertions_Provider");
        }
    }

    private static void populateKeyTablesProvider(HashMap hashMap, HashMap hashMap2, Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "populateKeyTablesProvider");
        }
        if (obj instanceof SecurityBindings) {
            populateKeyTables_Provider10(hashMap, hashMap2, (SecurityBindings) obj);
        } else if (obj instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            populateKeyTables_Provider11(hashMap, hashMap2, (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) obj);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "populateKeyTablesProvider");
        }
    }

    private static void populateKeyTables_Provider10(HashMap hashMap, HashMap hashMap2, SecurityBindings securityBindings) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "populateKeyTables_Provider10");
        }
        for (SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                SecurityInboundBindingConfig securityInboundBindingConfig = securityBinding.getSecurityInboundBindingConfig();
                HashMap hashMap3 = new HashMap();
                for (TokenConsumer tokenConsumer : securityInboundBindingConfig.getTokenConsumer()) {
                    hashMap3.put(tokenConsumer.getName(), tokenConsumer.getValueType().getLocalName());
                }
                HashMap hashMap4 = new HashMap();
                HashMap hashMap5 = new HashMap();
                for (KeyInfo keyInfo : securityInboundBindingConfig.getKeyInfo()) {
                    String name = keyInfo.getName();
                    String str = (String) hashMap3.get(keyInfo.getTokenReference().getReference());
                    String type = keyInfo.getType();
                    if (str == null || !str.equals("http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/sct")) {
                        hashMap4.put(name, type);
                    } else {
                        hashMap5.put(name, type);
                    }
                }
                Iterator<EncryptionInfo> it = securityInboundBindingConfig.getEncryptionInfo().iterator();
                while (it.hasNext()) {
                    for (KeyEncryptionKeyInfo keyEncryptionKeyInfo : it.next().getKeyEncryptionKeyInfo()) {
                        if (hashMap4.containsKey(keyEncryptionKeyInfo.getReference())) {
                            QName qnameForKeyType = getQnameForKeyType((String) hashMap4.get(keyEncryptionKeyInfo.getReference()));
                            hashMap.put(PolicyConfigUtil.RecipientTokenQName12, qnameForKeyType);
                            hashMap.put(PolicyConfigUtil.encryptionTokenQName12, qnameForKeyType);
                            hashMap.put(PolicyConfigUtil.RecipientEncryptionTokenQName12, qnameForKeyType);
                            hashMap.put(PolicyConfigUtil.ProtectionTokenQName12, qnameForKeyType);
                        } else if (hashMap5.containsKey(keyEncryptionKeyInfo.getReference())) {
                            QName qnameForKeyType2 = getQnameForKeyType((String) hashMap5.get(keyEncryptionKeyInfo.getReference()));
                            hashMap2.put(PolicyConfigUtil.RecipientTokenQName12, qnameForKeyType2);
                            hashMap2.put(PolicyConfigUtil.encryptionTokenQName12, qnameForKeyType2);
                            hashMap2.put(PolicyConfigUtil.ProtectionTokenQName12, qnameForKeyType2);
                            hashMap2.put(PolicyConfigUtil.RecipientEncryptionTokenQName12, qnameForKeyType2);
                        }
                    }
                }
                Iterator<SigningInfo> it2 = securityInboundBindingConfig.getSigningInfo().iterator();
                while (it2.hasNext()) {
                    for (SigningKeyInfo signingKeyInfo : it2.next().getSigningKeyInfo()) {
                        if (hashMap4.containsKey(signingKeyInfo.getReference())) {
                            QName qnameForKeyType3 = getQnameForKeyType((String) hashMap4.get(signingKeyInfo.getReference()));
                            hashMap.put(PolicyConfigUtil.RecipientTokenQName12, qnameForKeyType3);
                            hashMap.put(PolicyConfigUtil.RecipientSignatureTokenQName12, qnameForKeyType3);
                            hashMap.put(PolicyConfigUtil.SignatureTokenQName12, qnameForKeyType3);
                            hashMap.put(PolicyConfigUtil.ProtectionTokenQName12, qnameForKeyType3);
                        } else if (hashMap5.containsKey(signingKeyInfo.getReference())) {
                            QName qnameForKeyType4 = getQnameForKeyType((String) hashMap5.get(signingKeyInfo.getReference()));
                            hashMap2.put(PolicyConfigUtil.RecipientTokenQName12, qnameForKeyType4);
                            hashMap2.put(PolicyConfigUtil.RecipientSignatureTokenQName12, qnameForKeyType4);
                            hashMap2.put(PolicyConfigUtil.SignatureTokenQName12, qnameForKeyType4);
                            hashMap2.put(PolicyConfigUtil.ProtectionTokenQName12, qnameForKeyType4);
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "populateKeyTables_Provider10");
        }
    }

    private static void populateKeyTables_Provider11(HashMap hashMap, HashMap hashMap2, com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings securityBindings) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "populateKeyTables_Provider11");
        }
        for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityInboundBindingConfig securityInboundBindingConfig = securityBinding.getSecurityInboundBindingConfig();
                HashMap hashMap3 = new HashMap();
                for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.TokenConsumer tokenConsumer : securityInboundBindingConfig.getTokenConsumer()) {
                    hashMap3.put(tokenConsumer.getName(), tokenConsumer.getValueType().getLocalName());
                }
                HashMap hashMap4 = new HashMap();
                HashMap hashMap5 = new HashMap();
                for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.KeyInfo keyInfo : securityInboundBindingConfig.getKeyInfo()) {
                    String name = keyInfo.getName();
                    String str = (String) hashMap3.get(keyInfo.getTokenReference().getReference());
                    String type = keyInfo.getType();
                    if (str == null || !str.equals("http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/sct")) {
                        hashMap4.put(name, type);
                    } else {
                        hashMap5.put(name, type);
                    }
                }
                Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.EncryptionInfo> it = securityInboundBindingConfig.getEncryptionInfo().iterator();
                while (it.hasNext()) {
                    for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.KeyEncryptionKeyInfo keyEncryptionKeyInfo : it.next().getKeyEncryptionKeyInfo()) {
                        if (hashMap4.containsKey(keyEncryptionKeyInfo.getReference())) {
                            QName qnameForKeyType = getQnameForKeyType((String) hashMap4.get(keyEncryptionKeyInfo.getReference()));
                            hashMap.put(PolicyConfigUtil.RecipientTokenQName12, qnameForKeyType);
                            hashMap.put(PolicyConfigUtil.encryptionTokenQName12, qnameForKeyType);
                            hashMap.put(PolicyConfigUtil.RecipientEncryptionTokenQName12, qnameForKeyType);
                            hashMap.put(PolicyConfigUtil.ProtectionTokenQName12, qnameForKeyType);
                        } else if (hashMap5.containsKey(keyEncryptionKeyInfo.getReference())) {
                            QName qnameForKeyType2 = getQnameForKeyType((String) hashMap5.get(keyEncryptionKeyInfo.getReference()));
                            hashMap2.put(PolicyConfigUtil.RecipientTokenQName12, qnameForKeyType2);
                            hashMap2.put(PolicyConfigUtil.encryptionTokenQName12, qnameForKeyType2);
                            hashMap2.put(PolicyConfigUtil.ProtectionTokenQName12, qnameForKeyType2);
                            hashMap2.put(PolicyConfigUtil.RecipientEncryptionTokenQName12, qnameForKeyType2);
                        }
                    }
                }
                Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SigningInfo> it2 = securityInboundBindingConfig.getSigningInfo().iterator();
                while (it2.hasNext()) {
                    for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SigningKeyInfo signingKeyInfo : it2.next().getSigningKeyInfo()) {
                        if (hashMap4.containsKey(signingKeyInfo.getReference())) {
                            QName qnameForKeyType3 = getQnameForKeyType((String) hashMap4.get(signingKeyInfo.getReference()));
                            hashMap.put(PolicyConfigUtil.RecipientTokenQName12, qnameForKeyType3);
                            hashMap.put(PolicyConfigUtil.RecipientSignatureTokenQName12, qnameForKeyType3);
                            hashMap.put(PolicyConfigUtil.SignatureTokenQName12, qnameForKeyType3);
                            hashMap.put(PolicyConfigUtil.ProtectionTokenQName12, qnameForKeyType3);
                        } else if (hashMap5.containsKey(signingKeyInfo.getReference())) {
                            QName qnameForKeyType4 = getQnameForKeyType((String) hashMap5.get(signingKeyInfo.getReference()));
                            hashMap2.put(PolicyConfigUtil.RecipientTokenQName12, qnameForKeyType4);
                            hashMap2.put(PolicyConfigUtil.RecipientSignatureTokenQName12, qnameForKeyType4);
                            hashMap2.put(PolicyConfigUtil.SignatureTokenQName12, qnameForKeyType4);
                            hashMap2.put(PolicyConfigUtil.ProtectionTokenQName12, qnameForKeyType4);
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "populateKeyTables_Provider11");
        }
    }

    private static void processKeyTypeAssertions_Client(WSSecurityPolicyHolder wSSecurityPolicyHolder) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "processKeyTypeAssertions_Client");
        }
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        populateKeyTablesProvider(hashMap, hashMap2, wSSecurityPolicyHolder.getBindings());
        setKeyTypeAssertions(wSSecurityPolicyHolder.getMain(), hashMap, hashMap2);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "processKeyTypeAssertions_Client");
        }
    }

    private static void populateKeyTables_Client(HashMap hashMap, HashMap hashMap2, Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "populateKeyTables_Client");
        }
        if (obj instanceof SecurityBindings) {
            populateKeyTables_Client10(hashMap, hashMap2, (SecurityBindings) obj);
        } else if (obj instanceof com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) {
            populateKeyTables_Client11(hashMap, hashMap2, (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings) obj);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "populateKeyTables_Client");
        }
    }

    private static void populateKeyTables_Client10(HashMap hashMap, HashMap hashMap2, SecurityBindings securityBindings) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "populateKeyTables_Client10");
        }
        for (SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                SecurityOutboundBindingConfig securityOutboundBindingConfig = securityBinding.getSecurityOutboundBindingConfig();
                HashMap hashMap3 = new HashMap();
                for (TokenGenerator tokenGenerator : securityOutboundBindingConfig.getTokenGenerator()) {
                    hashMap3.put(tokenGenerator.getName(), tokenGenerator);
                }
                HashMap hashMap4 = new HashMap();
                for (EncryptionInfo encryptionInfo : securityOutboundBindingConfig.getEncryptionInfo()) {
                    Iterator<KeyEncryptionKeyInfo> it = encryptionInfo.getKeyEncryptionKeyInfo().iterator();
                    while (it.hasNext()) {
                        hashMap4.put(it.next().getReference(), encryptionInfo);
                    }
                }
                HashMap hashMap5 = new HashMap();
                for (SigningInfo signingInfo : securityOutboundBindingConfig.getSigningInfo()) {
                    Iterator<SigningKeyInfo> it2 = signingInfo.getSigningKeyInfo().iterator();
                    while (it2.hasNext()) {
                        hashMap5.put(it2.next().getReference(), signingInfo);
                    }
                }
                new HashMap();
                for (KeyInfo keyInfo : securityOutboundBindingConfig.getKeyInfo()) {
                    String localName = ((TokenGenerator) hashMap3.get(keyInfo.getTokenReference().getReference())).getValueType().getLocalName();
                    String name = keyInfo.getName();
                    QName qnameForKeyType = getQnameForKeyType(keyInfo.getType());
                    if (hashMap5.containsKey(name)) {
                        hashMap.put(localName, qnameForKeyType);
                    } else if (hashMap4.containsKey(name)) {
                        hashMap2.put(localName, qnameForKeyType);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "populateKeyTables_Client10");
        }
    }

    private static void populateKeyTables_Client11(HashMap hashMap, HashMap hashMap2, com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBindings securityBindings) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "populateKeyTables_Client11");
        }
        for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityBinding securityBinding : securityBindings.getSecurityBinding()) {
            if (securityBinding.getName().equals("application")) {
                com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SecurityOutboundBindingConfig securityOutboundBindingConfig = securityBinding.getSecurityOutboundBindingConfig();
                HashMap hashMap3 = new HashMap();
                for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.TokenGenerator tokenGenerator : securityOutboundBindingConfig.getTokenGenerator()) {
                    hashMap3.put(tokenGenerator.getName(), tokenGenerator);
                }
                HashMap hashMap4 = new HashMap();
                for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.EncryptionInfo encryptionInfo : securityOutboundBindingConfig.getEncryptionInfo()) {
                    Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.KeyEncryptionKeyInfo> it = encryptionInfo.getKeyEncryptionKeyInfo().iterator();
                    while (it.hasNext()) {
                        hashMap4.put(it.next().getReference(), encryptionInfo);
                    }
                }
                HashMap hashMap5 = new HashMap();
                for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SigningInfo signingInfo : securityOutboundBindingConfig.getSigningInfo()) {
                    Iterator<com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.SigningKeyInfo> it2 = signingInfo.getSigningKeyInfo().iterator();
                    while (it2.hasNext()) {
                        hashMap5.put(it2.next().getReference(), signingInfo);
                    }
                }
                new HashMap();
                for (com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.KeyInfo keyInfo : securityOutboundBindingConfig.getKeyInfo()) {
                    String localName = ((com.ibm.xmlns.prod.websphere._200710.ws_securitybinding.TokenGenerator) hashMap3.get(keyInfo.getTokenReference().getReference())).getValueType().getLocalName();
                    String name = keyInfo.getName();
                    QName qnameForKeyType = getQnameForKeyType(keyInfo.getType());
                    if (hashMap5.containsKey(name)) {
                        hashMap.put(localName, qnameForKeyType);
                    } else if (hashMap4.containsKey(name)) {
                        hashMap2.put(localName, qnameForKeyType);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "populateKeyTables_Client11");
        }
    }

    private static Policy convertPolicyFrom15To12(org.w3.ns.ws_policy.Policy policy) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "convertPolicyFrom15To12");
        }
        Policy policy2 = new Policy();
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        List<Object> policyOrAllOrExactlyOne2 = policy2.getPolicyOrAllOrExactlyOne();
        for (Object obj : policyOrAllOrExactlyOne) {
            if (obj instanceof org.w3.ns.ws_policy.Policy) {
                policyOrAllOrExactlyOne2.add(convertPolicyFrom15To12((org.w3.ns.ws_policy.Policy) obj));
            } else if (obj instanceof JAXBElement) {
                Object value = ((JAXBElement) obj).getValue();
                if (value instanceof OperatorContentType) {
                    policyOrAllOrExactlyOne2.addAll(removeOperators(value));
                } else {
                    policyOrAllOrExactlyOne2.add(convertElementSubPoliucyTo12((JAXBElement) obj));
                }
            } else {
                policyOrAllOrExactlyOne2.add(obj);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "convertPolicyFrom15To12");
        }
        return policy2;
    }

    private static List<Object> removeOperators(Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "removeOperators");
        }
        ArrayList arrayList = new ArrayList();
        for (Object obj2 : ((OperatorContentType) obj).getPolicyOrAllOrExactlyOne()) {
            if (obj2 instanceof JAXBElement) {
                Object value = ((JAXBElement) obj2).getValue();
                if (value instanceof OperatorContentType) {
                    arrayList.addAll(removeOperators(value));
                } else {
                    arrayList.add(convertElementSubPoliucyTo12((JAXBElement) obj2));
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "removeOperators");
        }
        return arrayList;
    }

    private static JAXBElement convertElementSubPoliucyTo12(JAXBElement jAXBElement) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "convertElementSubPoliucyTo12");
        }
        Object value = jAXBElement.getValue();
        QName name = jAXBElement.getName();
        List<Object> list = null;
        JAXBElement jAXBElement2 = jAXBElement;
        if (value instanceof OperatorContentType) {
            OperatorContentType operatorContentType = (OperatorContentType) value;
            org.xmlsoap.schemas.ws._2004._09.policy.OperatorContentType operatorContentType2 = new org.xmlsoap.schemas.ws._2004._09.policy.OperatorContentType();
            if (name.equals(exactlyOne15QName)) {
                jAXBElement2 = new JAXBElement(PolicyConfigUtil.exactlyOneQName, org.xmlsoap.schemas.ws._2004._09.policy.OperatorContentType.class, operatorContentType2);
            } else if (name.equals(all15QName)) {
                jAXBElement2 = new JAXBElement(new QName(PolicyConfigUtil.policyNS, "All"), org.xmlsoap.schemas.ws._2004._09.policy.OperatorContentType.class, operatorContentType2);
            }
            operatorContentType2.getPolicyOrAllOrExactlyOne().addAll(operatorContentType.getPolicyOrAllOrExactlyOne());
            list = operatorContentType2.getPolicyOrAllOrExactlyOne();
        } else if (value instanceof NestedPolicyType) {
            list = ((NestedPolicyType) value).getAny();
        } else if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) {
            list = ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) value).getAny();
        } else if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType) {
            list = ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.SecureConversationTokenType) value).getAny();
        } else if (value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) {
            list = ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) value).getAny();
        }
        if (list != null) {
            ArrayList arrayList = new ArrayList();
            for (Object obj : list) {
                if (obj instanceof org.w3.ns.ws_policy.Policy) {
                    arrayList.add(convertPolicyFrom15To12((org.w3.ns.ws_policy.Policy) obj));
                } else if (obj instanceof JAXBElement) {
                    arrayList.add(convertElementSubPoliucyTo12((JAXBElement) obj));
                }
            }
            list.clear();
            list.addAll(arrayList);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "convertElementSubPoliucyTo12");
        }
        return jAXBElement2;
    }

    private static Policy restoreDirectionalAttributes(Policy policy, Policy policy2, Policy policy3) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "restoreDirectionalAttributes");
        }
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        Policy policy4 = new Policy();
        Policy policy5 = new Policy();
        Policy policy6 = new Policy();
        Policy policy7 = new Policy();
        policy4.setId("request:" + new Random().nextInt());
        policy5.setId("request:" + new Random().nextInt());
        policy6.setId("response:" + new Random().nextInt());
        policy7.setId("response:" + new Random().nextInt());
        if (policy2 != null) {
            restoreDirectionalAttributesInsideAssertions(policy2.getPolicyOrAllOrExactlyOne(), "request:");
            for (Object obj : policy2.getPolicyOrAllOrExactlyOne()) {
                QName name = ((JAXBElement) obj).getName();
                if (name.getLocalPart().startsWith(IRSTTemplate.USE_KEY_SIG)) {
                    policy4.getPolicyOrAllOrExactlyOne().add(obj);
                } else if (name.getLocalPart().startsWith("Enc")) {
                    policy5.getPolicyOrAllOrExactlyOne().add(obj);
                } else {
                    policyOrAllOrExactlyOne.add(obj);
                }
            }
        }
        if (policy3 != null) {
            restoreDirectionalAttributesInsideAssertions(policy3.getPolicyOrAllOrExactlyOne(), "response:");
            for (Object obj2 : policy3.getPolicyOrAllOrExactlyOne()) {
                QName name2 = ((JAXBElement) obj2).getName();
                if (name2.getLocalPart().startsWith(IRSTTemplate.USE_KEY_SIG)) {
                    policy6.getPolicyOrAllOrExactlyOne().add(obj2);
                } else if (name2.getLocalPart().startsWith("Enc")) {
                    policy7.getPolicyOrAllOrExactlyOne().add(obj2);
                } else {
                    policyOrAllOrExactlyOne.add(obj2);
                }
            }
        }
        if (policy4.getPolicyOrAllOrExactlyOne().size() > 0) {
            policyOrAllOrExactlyOne.add(policy4);
        }
        if (policy4.getPolicyOrAllOrExactlyOne().size() > 0) {
            policyOrAllOrExactlyOne.add(policy5);
        }
        if (policy4.getPolicyOrAllOrExactlyOne().size() > 0) {
            policyOrAllOrExactlyOne.add(policy6);
        }
        if (policy4.getPolicyOrAllOrExactlyOne().size() > 0) {
            policyOrAllOrExactlyOne.add(policy7);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "restoreDirectionalAttributes");
        }
        return policy;
    }

    private static void restoreDirectionalAttributesInsideAssertions(List<Object> list, String str) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "restoreDirectionalAttributesInsideAssertions");
        }
        for (Object obj : list) {
            if (obj instanceof JAXBElement) {
                if (PolicyConfigUtil.supportingTokenQName12.equals(((JAXBElement) obj).getName())) {
                    addDirectionalAttributeToSupportingToken(str, obj);
                } else if (((JAXBElement) obj).getValue() instanceof org.xmlsoap.schemas.ws._2004._09.policy.OperatorContentType) {
                    Object value = ((JAXBElement) obj).getValue();
                    if (value instanceof org.xmlsoap.schemas.ws._2004._09.policy.OperatorContentType) {
                        restoreDirectionalAttributesInsideAssertions(((org.xmlsoap.schemas.ws._2004._09.policy.OperatorContentType) value).getPolicyOrAllOrExactlyOne(), str);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "restoreDirectionalAttributesInsideAssertions");
        }
    }

    private static void addDirectionalAttributeToSupportingToken(String str, Object obj) {
        List<Object> any;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "addDirectionalAttributeToSupportingToken");
        }
        Object value = ((JAXBElement) obj).getValue();
        if ((value instanceof NestedPolicyType) && (any = ((NestedPolicyType) value).getAny()) != null && any.size() > 0) {
            Object obj2 = any.get(0);
            if (obj2 instanceof Policy) {
                String str2 = str + "token_" + new Random().nextInt();
                ((Policy) obj2).setId(str2);
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Setting wsu:id" + str2);
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "addDirectionalAttributeToSupportingToken");
        }
    }

    private static void addDirectionalAttributesToEncryptSignature(org.w3.ns.ws_policy.Policy policy) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "addDirectionalAttributesToEncryptSignature");
        }
        if (policy == null) {
            return;
        }
        List<Object> policyOrAllOrExactlyOne = policy.getPolicyOrAllOrExactlyOne();
        int i = 0;
        while (true) {
            if (i >= policyOrAllOrExactlyOne.size()) {
                break;
            }
            Object obj = policyOrAllOrExactlyOne.get(i);
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) obj;
                QName name = jAXBElement.getName();
                if (PolicyConfigUtil.asymmetricBindingQName12.equals(name) || PolicyConfigUtil.symmetricBindingQName12.equals(name)) {
                    List<Object> policyOrAllOrExactlyOne2 = ((org.w3.ns.ws_policy.Policy) ((NestedPolicyType) jAXBElement.getValue()).getAny().get(0)).getPolicyOrAllOrExactlyOne();
                    boolean z = false;
                    int i2 = 0;
                    while (true) {
                        if (i2 >= policyOrAllOrExactlyOne2.size()) {
                            break;
                        }
                        Object obj2 = policyOrAllOrExactlyOne2.get(i2);
                        if (obj2 instanceof JAXBElement) {
                            JAXBElement jAXBElement2 = (JAXBElement) obj2;
                            if (jAXBElement2.getName().equals(PolicyConfigUtil.EncryptSignatureQName)) {
                                ((QNameAssertionType) jAXBElement2.getValue()).getOtherAttributes().put(WSU_ID_QNAME, "request:");
                                z = true;
                                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Setting directional attributes on EncryptSignature");
                                }
                            }
                        }
                        i2++;
                    }
                    if (z) {
                        QNameAssertionType qNameAssertionType = new QNameAssertionType();
                        qNameAssertionType.getOtherAttributes().put(WSU_ID_QNAME, "response:");
                        policyOrAllOrExactlyOne2.add(new JAXBElement(PolicyConfigUtil.EncryptSignatureQName, QNameAssertionType.class, qNameAssertionType));
                        break;
                    }
                }
            }
            i++;
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "addDirectionalAttributesToEncryptSignature");
        }
    }

    private static void nestProtectionTokensInSecureConversationAssertion(Policy policy) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "nestProtectionTokensInSecureConversationAssertion");
        }
        ArrayList arrayList = new ArrayList();
        findSubAssertionsInAssertion(policy.getPolicyOrAllOrExactlyOne(), PolicyConfigUtil.bootstrapPolicyQName12, arrayList);
        if (arrayList.size() > 0) {
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add(PolicyConfigUtil.signedPartsQName12);
            arrayList2.add(PolicyConfigUtil.signedElementsQName12);
            arrayList2.add(PolicyConfigUtil.encryptedPartsQName12);
            arrayList2.add(PolicyConfigUtil.encryptedElementsQName12);
            ArrayList arrayList3 = new ArrayList();
            Object obj = arrayList.get(0);
            if (obj instanceof JAXBElement) {
                List<Object> subAssertions = getSubAssertions((JAXBElement) obj);
                for (Object obj2 : subAssertions) {
                    if (obj2 instanceof JAXBElement) {
                        JAXBElement jAXBElement = (JAXBElement) obj2;
                        if (arrayList2.contains(jAXBElement.getName())) {
                            NestedPolicyType nestedPolicyType = (NestedPolicyType) ((JAXBElement) obj).getValue();
                            Policy policy2 = new Policy();
                            policy2.getPolicyOrAllOrExactlyOne().add(jAXBElement);
                            policy2.setId("request:" + new Random().nextInt());
                            nestedPolicyType.getAny().add(policy2);
                            Policy policy3 = new Policy();
                            policy3.getPolicyOrAllOrExactlyOne().add(jAXBElement);
                            policy3.setId("response:" + new Random().nextInt());
                            nestedPolicyType.getAny().add(policy3);
                            arrayList3.add(jAXBElement);
                        }
                    }
                }
                subAssertions.removeAll(arrayList3);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "nestProtectionTokensInSecureConversationAssertion");
        }
    }

    private static InputStream policyJAXBObjToStream(Object obj, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "policyJAXBObjToStream");
        }
        try {
            Marshaller createMarshaller = JAXBContext.newInstance(str, WSSecurityAssertionTransform.class.getClassLoader()).createMarshaller();
            createMarshaller.setProperty("com.sun.xml.internal.bind.namespacePrefixMapper", new NamespacePrefixMapperImpl());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            createMarshaller.marshal(obj, byteArrayOutputStream);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "policyJAXBObjToStream");
            }
            return byteArrayInputStream;
        } catch (Exception e) {
            throw new PolicyException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Object inputStreamToJAXB(final InputStream inputStream, String str) throws PolicyException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "inputStreamToJAXB");
        }
        try {
            final Unmarshaller createUnmarshaller = JAXBContext.newInstance(str, WSSecurityAssertionTransform.class.getClassLoader()).createUnmarshaller();
            Object doPrivileged = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.ws.wssecurity.handler.WSSecurityAssertionTransform.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws JAXBException {
                    return createUnmarshaller.unmarshal(inputStream);
                }
            });
            inputStream.close();
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "inputStreamToJAXB");
            }
            return doPrivileged;
        } catch (Exception e) {
            throw new PolicyException(e);
        }
    }

    private static List<Object> getSubAssertions(JAXBElement jAXBElement) {
        List<Object> any;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSubAssertions");
        }
        List<Object> list = null;
        Object value = jAXBElement.getValue();
        if (value instanceof NestedPolicyType) {
            List<Object> any2 = ((NestedPolicyType) value).getAny();
            if (any2 != null && any2.size() > 0) {
                Object obj = any2.get(0);
                if (obj instanceof org.w3.ns.ws_policy.Policy) {
                    list = ((org.w3.ns.ws_policy.Policy) obj).getPolicyOrAllOrExactlyOne();
                } else if (obj instanceof Policy) {
                    list = ((Policy) obj).getPolicyOrAllOrExactlyOne();
                }
            }
        } else if ((value instanceof org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) && (any = ((org.oasis_open.docs.ws_sx.ws_securitypolicy._200702.TokenAssertionType) value).getAny()) != null && any.size() > 0) {
            Object obj2 = any.get(0);
            if (obj2 instanceof org.w3.ns.ws_policy.Policy) {
                list = ((org.w3.ns.ws_policy.Policy) obj2).getPolicyOrAllOrExactlyOne();
            } else if (obj2 instanceof Policy) {
                list = ((Policy) obj2).getPolicyOrAllOrExactlyOne();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSubAssertions");
        }
        return list;
    }

    private static void addQNameAssertionToNestedType(JAXBElement jAXBElement, QName qName) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "addQNameAssertionToNestedType");
        }
        getSubAssertions(jAXBElement).add(new JAXBElement(qName, QNameAssertionType.class, new QNameAssertionType()));
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "addQNameAssertionToNestedType");
        }
    }
}
