package sun.security.krb5;

import java.io.IOException;
import java.net.UnknownHostException;
import sun.security.krb5.internal.ASReq;
import sun.security.krb5.internal.HostAddresses;
import sun.security.krb5.internal.KDCOptions;
import sun.security.krb5.internal.KDCReqBody;
import sun.security.krb5.internal.KerberosTime;
import sun.security.krb5.internal.Krb5;
import sun.security.krb5.internal.KrbApErrException;
import sun.security.krb5.internal.PAData;
import sun.security.krb5.internal.PAEncTSEnc;
import sun.security.krb5.internal.Ticket;
import sun.security.krb5.internal.crypto.EType;
import sun.security.krb5.internal.crypto.Nonce;

/* loaded from: input_file:sun/security/krb5/KrbAsReq.class */
public class KrbAsReq extends KrbKdcReq {
    private PrincipalName princName;
    private ASReq asReqMessg;
    private boolean DEBUG;
    private static KDCOptions defaultKDCOptions = new KDCOptions();
    private boolean PA_ENC_TIMESTAMP_REQUIRED;
    private boolean pa_exists;
    private int pa_etype;
    private byte[] pa_salt;
    private byte[] pa_s2kparams;

    /* JADX INFO: Access modifiers changed from: package-private */
    public KrbAsReq(PrincipalName principalName, EncryptionKey[] encryptionKeyArr) throws KrbException, IOException {
        this(encryptionKeyArr, defaultKDCOptions, principalName, (PrincipalName) null, (KerberosTime) null, (KerberosTime) null, (KerberosTime) null, (int[]) null, (HostAddresses) null, (Ticket[]) null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KrbAsReq(PrincipalName principalName, EncryptionKey[] encryptionKeyArr, boolean z, int i, byte[] bArr, byte[] bArr2) throws KrbException, IOException {
        this(encryptionKeyArr, z, i, bArr, bArr2, defaultKDCOptions, principalName, (PrincipalName) null, (KerberosTime) null, (KerberosTime) null, (KerberosTime) null, (int[]) null, (HostAddresses) null, (Ticket[]) null);
    }

    private static int[] getETypesFromKeys(EncryptionKey[] encryptionKeyArr) {
        int[] iArr = new int[encryptionKeyArr.length];
        for (int i = 0; i < encryptionKeyArr.length; i++) {
            iArr[i] = encryptionKeyArr[i].getEType();
        }
        return iArr;
    }

    public void updatePA(int i, byte[] bArr, byte[] bArr2, PrincipalName principalName) {
        this.pa_exists = true;
        this.pa_etype = i;
        this.pa_salt = bArr;
        this.pa_s2kparams = bArr2;
        if (bArr != null && bArr.length > 0) {
            principalName.setSalt(new String(bArr));
            if (this.DEBUG) {
                System.out.println("Updated salt from pre-auth = " + principalName.getSalt());
            }
        }
        this.PA_ENC_TIMESTAMP_REQUIRED = true;
    }

    public KrbAsReq(char[] cArr, KDCOptions kDCOptions, PrincipalName principalName, PrincipalName principalName2, KerberosTime kerberosTime, KerberosTime kerberosTime2, KerberosTime kerberosTime3, int[] iArr, HostAddresses hostAddresses, Ticket[] ticketArr) throws KrbException, IOException {
        this(cArr, false, 0, (byte[]) null, (byte[]) null, kDCOptions, principalName, principalName2, kerberosTime, kerberosTime2, kerberosTime3, iArr, hostAddresses, ticketArr);
    }

    /* JADX WARN: Finally extract failed */
    public KrbAsReq(char[] cArr, boolean z, int i, byte[] bArr, byte[] bArr2, KDCOptions kDCOptions, PrincipalName principalName, PrincipalName principalName2, KerberosTime kerberosTime, KerberosTime kerberosTime2, KerberosTime kerberosTime3, int[] iArr, HostAddresses hostAddresses, Ticket[] ticketArr) throws KrbException, IOException {
        this.DEBUG = Krb5.DEBUG;
        this.PA_ENC_TIMESTAMP_REQUIRED = false;
        this.pa_exists = false;
        this.pa_etype = 0;
        this.pa_salt = null;
        this.pa_s2kparams = null;
        EncryptionKey[] encryptionKeyArr = null;
        if (z) {
            updatePA(i, bArr, bArr2, principalName);
        }
        encryptionKeyArr = cArr != null ? EncryptionKey.acquireSecretKeys(cArr, principalName.getSalt(), z, this.pa_etype, this.pa_s2kparams) : encryptionKeyArr;
        if (this.DEBUG) {
            System.out.println(">>>KrbAsReq salt is " + principalName.getSalt());
        }
        try {
            init(encryptionKeyArr, kDCOptions, principalName, principalName2, kerberosTime, kerberosTime2, kerberosTime3, iArr, hostAddresses, ticketArr);
            if (encryptionKeyArr != null) {
                for (EncryptionKey encryptionKey : encryptionKeyArr) {
                    encryptionKey.destroy();
                }
            }
        } catch (Throwable th) {
            if (encryptionKeyArr != null) {
                for (EncryptionKey encryptionKey2 : encryptionKeyArr) {
                    encryptionKey2.destroy();
                }
            }
            throw th;
        }
    }

    public KrbAsReq(EncryptionKey[] encryptionKeyArr, KDCOptions kDCOptions, PrincipalName principalName, PrincipalName principalName2, KerberosTime kerberosTime, KerberosTime kerberosTime2, KerberosTime kerberosTime3, int[] iArr, HostAddresses hostAddresses, Ticket[] ticketArr) throws KrbException, IOException {
        this(encryptionKeyArr, false, 0, (byte[]) null, (byte[]) null, kDCOptions, principalName, principalName2, kerberosTime, kerberosTime2, kerberosTime3, iArr, hostAddresses, ticketArr);
    }

    public KrbAsReq(EncryptionKey[] encryptionKeyArr, boolean z, int i, byte[] bArr, byte[] bArr2, KDCOptions kDCOptions, PrincipalName principalName, PrincipalName principalName2, KerberosTime kerberosTime, KerberosTime kerberosTime2, KerberosTime kerberosTime3, int[] iArr, HostAddresses hostAddresses, Ticket[] ticketArr) throws KrbException, IOException {
        this.DEBUG = Krb5.DEBUG;
        this.PA_ENC_TIMESTAMP_REQUIRED = false;
        this.pa_exists = false;
        this.pa_etype = 0;
        this.pa_salt = null;
        this.pa_s2kparams = null;
        if (z) {
            updatePA(i, bArr, bArr2, principalName);
            if (this.DEBUG) {
                System.out.println(">>>KrbAsReq salt is " + principalName.getSalt());
            }
        }
        init(encryptionKeyArr, kDCOptions, principalName, principalName2, kerberosTime, kerberosTime2, kerberosTime3, iArr, hostAddresses, ticketArr);
    }

    private void init(EncryptionKey[] encryptionKeyArr, KDCOptions kDCOptions, PrincipalName principalName, PrincipalName principalName2, KerberosTime kerberosTime, KerberosTime kerberosTime2, KerberosTime kerberosTime3, int[] iArr, HostAddresses hostAddresses, Ticket[] ticketArr) throws KrbException, IOException {
        int[] defaults;
        EncryptionKey findKey;
        if (kDCOptions.get(2) || kDCOptions.get(4) || kDCOptions.get(28) || kDCOptions.get(30) || kDCOptions.get(31)) {
            throw new KrbException(101);
        }
        if (!kDCOptions.get(6) && kerberosTime != null) {
            kerberosTime = null;
        }
        if (!kDCOptions.get(8) && kerberosTime3 != null) {
            kerberosTime3 = null;
        }
        this.princName = principalName;
        if (!this.pa_exists || this.pa_etype == 0) {
            defaults = EType.getDefaults("default_tkt_enctypes", encryptionKeyArr);
            findKey = EncryptionKey.findKey(defaults[0], encryptionKeyArr);
        } else {
            if (this.DEBUG) {
                System.out.println("Pre-Authenticaton: find key for etype = " + this.pa_etype);
            }
            findKey = EncryptionKey.findKey(this.pa_etype, encryptionKeyArr);
            defaults = new int[]{this.pa_etype};
        }
        PAData[] pADataArr = null;
        if (this.PA_ENC_TIMESTAMP_REQUIRED) {
            if (this.DEBUG) {
                System.out.println("AS-REQ: Add PA_ENC_TIMESTAMP now");
            }
            byte[] asn1Encode = new PAEncTSEnc().asn1Encode();
            if (findKey != null) {
                pADataArr = new PAData[]{new PAData(2, new EncryptedData(findKey, asn1Encode, 1).asn1Encode())};
            }
        }
        if (this.DEBUG) {
            System.out.println(">>> KrbAsReq calling createMessage");
        }
        if (iArr == null) {
            iArr = defaults;
        }
        this.asReqMessg = createMessage(pADataArr, kDCOptions, principalName, principalName.getRealm(), principalName2, kerberosTime, kerberosTime2, kerberosTime3, iArr, hostAddresses, ticketArr);
        this.obuf = this.asReqMessg.asn1Encode();
    }

    public KrbAsRep getReply(char[] cArr) throws KrbException, IOException {
        if (cArr == null) {
            throw new KrbException(400);
        }
        EncryptionKey[] encryptionKeyArr = null;
        try {
            encryptionKeyArr = EncryptionKey.acquireSecretKeys(cArr, this.princName.getSalt(), this.pa_exists, this.pa_etype, this.pa_s2kparams);
            KrbAsRep reply = getReply(encryptionKeyArr);
            if (encryptionKeyArr != null) {
                for (EncryptionKey encryptionKey : encryptionKeyArr) {
                    encryptionKey.destroy();
                }
            }
            return reply;
        } catch (Throwable th) {
            if (encryptionKeyArr != null) {
                for (EncryptionKey encryptionKey2 : encryptionKeyArr) {
                    encryptionKey2.destroy();
                }
            }
            throw th;
        }
    }

    public String send() throws IOException, KrbException {
        String str = null;
        if (this.princName != null) {
            str = this.princName.getRealmString();
        }
        return send(str);
    }

    public KrbAsRep getReply(EncryptionKey[] encryptionKeyArr) throws KrbException, IOException {
        return new KrbAsRep(this.ibuf, encryptionKeyArr, this);
    }

    private ASReq createMessage(PAData[] pADataArr, KDCOptions kDCOptions, PrincipalName principalName, Realm realm, PrincipalName principalName2, KerberosTime kerberosTime, KerberosTime kerberosTime2, KerberosTime kerberosTime3, int[] iArr, HostAddresses hostAddresses, Ticket[] ticketArr) throws Asn1Exception, KrbApErrException, RealmException, UnknownHostException, IOException {
        PrincipalName principalName3;
        if (this.DEBUG) {
            System.out.println(">>> KrbAsReq in createMessage");
        }
        if (principalName2 != null) {
            principalName3 = principalName2;
        } else {
            if (realm == null) {
                throw new RealmException(601, "default realm not specified ");
            }
            principalName3 = new PrincipalName("krbtgt/" + realm.toString(), 2);
        }
        return new ASReq(pADataArr, new KDCReqBody(kDCOptions, principalName, realm, principalName3, kerberosTime, kerberosTime2 == null ? new KerberosTime() : kerberosTime2, kerberosTime3, Nonce.value(), iArr, hostAddresses, null, ticketArr));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ASReq getMessage() {
        return this.asReqMessg;
    }
}
