package weblogic.wtc.jatmi;

import com.bea.core.jatmi.common.Utilities;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import weblogic.wtc.WTCLogger;

/* loaded from: input_file:weblogic/wtc/jatmi/atntd.class */
public final class atntd implements atn {
    atncredtd mycred;
    private static final int AP1Q_VERSION = 1;
    private static final int AP1P_VERSION = 1;
    private static final int AP2Q_VERSION = 1;
    private static final int AP2P_VERSION = 1;
    private static final int SALT_SIZE = 8;
    private static final int ITERATIONS = 5;
    static final String DEFAULT_PASSWORD = "DeFaUlT";
    static final int RESULT_OK = 0;
    static final int RESULT_FAIL = -1;

    public atntd() {
    }

    public atntd(TPINIT tpinit, int i) {
        this.mycred = new atncredtd(tpinit, i);
    }

    @Override // weblogic.wtc.jatmi.atn
    public atncred gssAcquireCred(String str) throws EngineSecError {
        return this.mycred;
    }

    @Override // weblogic.wtc.jatmi.atn
    public atncred gssAcquireCred(String str, String str2) throws EngineSecError {
        if (str.equals(this.mycred.cred_usrname)) {
            return this.mycred;
        }
        throw new EngineSecError(EngineSecError.EE_SEC_SYSTEM, "desired name (" + str + ") does not match cred (" + this.mycred.cred_usrname + ")");
    }

    @Override // weblogic.wtc.jatmi.atn
    public atncred gssAcquireCred(String str, byte[] bArr) throws EngineSecError {
        if (str.equals(this.mycred.cred_usrname)) {
            return this.mycred;
        }
        throw new EngineSecError(EngineSecError.EE_SEC_SYSTEM, "desired name (" + str + ") does not match cred (" + this.mycred.cred_usrname + ")");
    }

    private byte random_transform(byte b) {
        int i = b << 1;
        if ((i & 256) != 0) {
            i = (i & 255) + 1;
        }
        return (byte) i;
    }

    private int roundup4(int i) {
        return (i + 3) & (-4);
    }

    @Override // weblogic.wtc.jatmi.atn
    public atncontext gssGetContext(atncred atncredVar, String str) throws EngineSecError {
        return new atnctxtd((atncredtd) atncredVar);
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:89:0x0376. Please report as an issue. */
    @Override // weblogic.wtc.jatmi.atn
    public int gssInitSecContext(atncontext atncontextVar, byte[] bArr, int i, byte[] bArr2) throws EngineSecError {
        atnctxtd atnctxtdVar = (atnctxtd) atncontextVar;
        String str = null;
        switch (atnctxtdVar.context_state) {
            case 1:
                if (bArr2.length < 40) {
                    throw new EngineSecError(EngineSecError.EE_SEC_NOSPACE, 40);
                }
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
                    dataOutputStream.writeInt(1);
                    dataOutputStream.writeInt(atnctxtdVar.context_credential.cred_timestamp);
                    SecureRandom secureRandom = new SecureRandom();
                    for (int i2 = 0; i2 < 8; i2++) {
                        int nextInt = secureRandom.nextInt(256);
                        atnctxtdVar.context_challenge[i2] = random_transform((byte) nextInt);
                        dataOutputStream.writeInt(nextInt);
                    }
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    byte[] bArr3 = new byte[8];
                    for (int i3 = 0; i3 < 8; i3++) {
                        bArr3[i3] = 0;
                    }
                    PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr3, 5);
                    SecretKey generateSecret = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(new PBEKeySpec((atnctxtdVar.context_credential.cred_passwd == null ? DEFAULT_PASSWORD : atnctxtdVar.context_credential.cred_passwd).toCharArray()));
                    Cipher cipher = Cipher.getInstance("PBEWithMD5AndDES");
                    cipher.init(1, generateSecret, pBEParameterSpec);
                    byte[] doFinal = cipher.doFinal(byteArray);
                    if (doFinal.length > bArr2.length) {
                        throw new EngineSecError(EngineSecError.EE_SEC_NOSPACE, doFinal.length);
                    }
                    for (int i4 = 0; i4 < doFinal.length; i4++) {
                        bArr2[i4] = doFinal[i4];
                    }
                    atnctxtdVar.context_state = 3;
                    return doFinal.length;
                } catch (IOException e) {
                    throw new EngineSecError(EngineSecError.EE_SEC_SYSTEM, "IO error: " + e);
                } catch (Exception e2) {
                    WTCLogger.logUEgssCryptoError1(e2.getMessage());
                    throw new EngineSecError(EngineSecError.EE_SEC_SYSTEM, "Crypto error: " + e2);
                }
            case 3:
                if (bArr == null || i <= 0) {
                    throw new EngineSecError(EngineSecError.EE_SEC_INVAL, "Bad input token for init_sec_context");
                }
                int length = 152 + (4 * (atnctxtdVar.context_credential.cred_proof == null ? 0 : atnctxtdVar.context_credential.cred_proof.length)) + 4 + 4 + 4 + 4 + 4;
                if (bArr2.length < length) {
                    throw new EngineSecError(EngineSecError.EE_SEC_NOSPACE, length);
                }
                try {
                    byte[] bArr4 = new byte[8];
                    for (int i5 = 0; i5 < 8; i5++) {
                        bArr4[i5] = 0;
                    }
                    PBEParameterSpec pBEParameterSpec2 = new PBEParameterSpec(bArr4, 5);
                    SecretKey generateSecret2 = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(new PBEKeySpec((atnctxtdVar.context_credential.cred_passwd == null ? DEFAULT_PASSWORD : atnctxtdVar.context_credential.cred_passwd).toCharArray()));
                    Cipher cipher2 = Cipher.getInstance("PBEWithMD5AndDES");
                    cipher2.init(2, generateSecret2, pBEParameterSpec2);
                    DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(cipher2.doFinal(bArr, 0, i)));
                    dataInputStream.readInt();
                    for (int i6 = 0; i6 < 8; i6++) {
                        if (dataInputStream.readInt() != atnctxtdVar.context_challenge[i6]) {
                            WTCLogger.logErrorGssInvRetChallenge();
                            throw new EngineSecError(EngineSecError.EE_SEC_PERM, "Invalid return challenge");
                        }
                    }
                    byte[] bArr5 = new byte[8];
                    for (int i7 = 0; i7 < 8; i7++) {
                        bArr5[i7] = (byte) dataInputStream.readInt();
                        bArr5[i7] = random_transform(bArr5[i7]);
                    }
                    for (int i8 = 0; i8 < 8; i8++) {
                        bArr4[i8] = (byte) dataInputStream.readInt();
                    }
                    ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                    DataOutputStream dataOutputStream2 = new DataOutputStream(byteArrayOutputStream2);
                    dataOutputStream2.writeInt(1);
                    for (int i9 = 0; i9 < 8; i9++) {
                        dataOutputStream2.writeInt(bArr5[i9]);
                    }
                    for (int i10 = 0; i10 < 3; i10++) {
                        switch (i10) {
                            case 0:
                                str = atnctxtdVar.context_credential.cred_usrname;
                                break;
                            case 1:
                                str = atnctxtdVar.context_credential.cred_cltname;
                                break;
                            case 2:
                                str = atnctxtdVar.context_credential.cred_grpname;
                                break;
                        }
                        if (str == null) {
                            dataOutputStream2.writeInt(0);
                        } else {
                            byte[] encBytes = Utilities.getEncBytes(str);
                            dataOutputStream2.writeInt(encBytes.length);
                            dataOutputStream2.write(encBytes);
                            int roundup4 = roundup4(encBytes.length) - encBytes.length;
                            for (int i11 = 0; i11 < roundup4; i11++) {
                                dataOutputStream2.writeByte(0);
                            }
                        }
                    }
                    dataOutputStream2.writeInt(atnctxtdVar.context_credential.cred_flags);
                    if (atnctxtdVar.context_credential.cred_proof == null) {
                        dataOutputStream2.writeInt(0);
                    } else {
                        int length2 = atnctxtdVar.context_credential.cred_proof.length;
                        dataOutputStream2.writeInt(length2);
                        for (int i12 = 0; i12 < length2; i12++) {
                            dataOutputStream2.writeInt(atnctxtdVar.context_credential.cred_proof[i12]);
                        }
                    }
                    for (int i13 = 0; i13 < 5; i13++) {
                        dataOutputStream2.writeInt(0);
                    }
                    byte[] byteArray2 = byteArrayOutputStream2.toByteArray();
                    PBEParameterSpec pBEParameterSpec3 = new PBEParameterSpec(bArr4, 5);
                    SecretKey generateSecret3 = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(new PBEKeySpec((atnctxtdVar.context_credential.cred_passwd == null ? DEFAULT_PASSWORD : atnctxtdVar.context_credential.cred_passwd).toCharArray()));
                    Cipher cipher3 = Cipher.getInstance("PBEWithMD5AndDES");
                    cipher3.init(1, generateSecret3, pBEParameterSpec3);
                    byte[] doFinal2 = cipher3.doFinal(byteArray2);
                    if (doFinal2.length > bArr2.length) {
                        throw new EngineSecError(EngineSecError.EE_SEC_NOSPACE, doFinal2.length);
                    }
                    for (int i14 = 0; i14 < doFinal2.length; i14++) {
                        bArr2[i14] = doFinal2[i14];
                    }
                    atnctxtdVar.context_state = 6;
                    return doFinal2.length;
                } catch (IOException e3) {
                    WTCLogger.logIOEgssIOerror(e3.getMessage());
                    throw new EngineSecError(EngineSecError.EE_SEC_SYSTEM, "IO error: " + e3);
                } catch (Exception e4) {
                    WTCLogger.logUEgssCryptoError2(e4.getMessage());
                    throw new EngineSecError(EngineSecError.EE_SEC_SYSTEM, "Crypto error: " + e4);
                }
            case 6:
                if (bArr == null || i <= 0) {
                    throw new EngineSecError(EngineSecError.EE_SEC_INVAL, "Bad input token for init_sec_context (phase 3)");
                }
                try {
                    DataInputStream dataInputStream2 = new DataInputStream(new ByteArrayInputStream(bArr, 0, i));
                    dataInputStream2.readInt();
                    switch (dataInputStream2.readInt()) {
                        case -1:
                        default:
                            throw new EngineSecError(EngineSecError.EE_SEC_PERM, "Invalid return from server");
                        case 0:
                            return 0;
                    }
                } catch (IOException e5) {
                    throw new EngineSecError(EngineSecError.EE_SEC_SYSTEM, "IO error: " + e5);
                }
                throw new EngineSecError(EngineSecError.EE_SEC_SYSTEM, "IO error: " + e5);
            default:
                return -1;
        }
    }

    @Override // weblogic.wtc.jatmi.atn
    public int gssAcceptSecContext(atncontext atncontextVar, byte[] bArr, int i, byte[] bArr2) throws EngineSecError {
        return 0;
    }

    @Override // weblogic.wtc.jatmi.atn
    public int getActualPDUSendSize() {
        return 0;
    }

    @Override // weblogic.wtc.jatmi.atn
    public int getEstimatedPDUSendSize(atncontext atncontextVar) {
        return 0;
    }

    @Override // weblogic.wtc.jatmi.atn
    public int getEstimatedPDURecvSize(atncontext atncontextVar) {
        return 0;
    }

    @Override // weblogic.wtc.jatmi.atn
    public int setSecurityType(int i) {
        return 0;
    }

    @Override // weblogic.wtc.jatmi.atn
    public void setSrcName(String str) {
    }

    @Override // weblogic.wtc.jatmi.atn
    public void setDesiredName(String str) {
    }

    @Override // weblogic.wtc.jatmi.atn
    public void setTargetName(String str) {
    }

    @Override // weblogic.wtc.jatmi.atn
    public void setApplicationPasswd(String str) {
    }

    @Override // weblogic.wtc.jatmi.atn
    public void setLocalPasswd(String str) {
    }

    @Override // weblogic.wtc.jatmi.atn
    public void setRemotePasswd(String str) {
    }

    @Override // weblogic.wtc.jatmi.atn
    public int setInitiatorAddr(byte[] bArr) {
        return 0;
    }

    @Override // weblogic.wtc.jatmi.atn
    public int setAcceptorAddr(byte[] bArr) {
        return 0;
    }

    @Override // weblogic.wtc.jatmi.atn
    public int setApplicationData(byte[] bArr) {
        return 0;
    }

    @Override // weblogic.wtc.jatmi.atn
    public void setMachineType(String str) {
    }
}
