package jcifs.smb;

import frames.v01;
import frames.x01;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.Key;
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosTicket;
import jcifs.CIFSException;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.MessageProp;
import org.ietf.jgss.Oid;

/* loaded from: classes2.dex */
class Kerb5Context implements SSPContext {
    private static final Class<?> EXT_GSS_CONTEXT_CLASS;
    private static final String IBM_JGSS_EXT_GSSCTX_CLASS = "com.ibm.security.jgss.ExtendedGSSContext";
    private static final String IBM_JGSS_INQUIRE_TYPE_CLASS = "com.ibm.security.jgss.InquireType";
    private static final Method INQUIRE_SEC_CONTEXT;
    private static final Object INQUIRE_TYPE_SESSION_KEY;
    private static final Oid JGSS_KRB5_MECH_OID;
    private static final Oid JGSS_KRB5_NAME_OID;
    private static final ASN1ObjectIdentifier KRB5_MECH_OID;
    private static final ASN1ObjectIdentifier KRB5_MS_MECH_OID;
    private static final String OPENJDK_JGSS_EXT_GSSCTX_CLASS = "com.sun.security.jgss.ExtendedGSSContext";
    private static final String OPENJDK_JGSS_INQUIRE_TYPE_CLASS = "com.sun.security.jgss.InquireType";
    static final ASN1ObjectIdentifier[] SUPPORTED_MECHS;
    private static final v01 log = x01.i(Kerb5Context.class);
    private final GSSName clientName;
    private final GSSContext gssContext;
    private final GSSName serviceName;

    /* JADX WARN: Can't wrap try/catch for region: R(13:51|52|7|8|9|11|12|(2:13|14)|(0)|31|32|18|(1:29)(1:30)) */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x00a0, code lost:
    
        r0 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:35:0x00a3, code lost:
    
        r1 = jcifs.smb.Kerb5Context.log;
     */
    /* JADX WARN: Code restructure failed: missing block: B:36:0x00a9, code lost:
    
        if (r1.isDebugEnabled() != false) goto L49;
     */
    /* JADX WARN: Code restructure failed: missing block: B:37:0x00ab, code lost:
    
        r1.debug("Failed to initalize ExtendedGSSContext initializdation for IBM JDK", r0);
     */
    /* JADX WARN: Removed duplicated region for block: B:16:0x0081 A[ADDED_TO_REGION] */
    /* JADX WARN: Removed duplicated region for block: B:20:0x00b8 A[ADDED_TO_REGION] */
    /* JADX WARN: Removed duplicated region for block: B:30:? A[ADDED_TO_REGION, RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:42:0x007a  */
    static {
        /*
            Method dump skipped, instructions count: 221
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: jcifs.smb.Kerb5Context.<clinit>():void");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Kerb5Context(String str, String str2, String str3, int i, int i2, String str4) throws GSSException {
        GSSManager gSSManager = GSSManager.getInstance();
        Oid oid = JGSS_KRB5_MECH_OID;
        if (str4 != null) {
            this.serviceName = gSSManager.createName(str2 + "/" + str + "@" + str4, JGSS_KRB5_NAME_OID, oid);
        } else {
            this.serviceName = gSSManager.createName(str2 + "@" + str, GSSName.NT_HOSTBASED_SERVICE, oid);
        }
        v01 v01Var = log;
        if (v01Var.isDebugEnabled()) {
            v01Var.debug("Service name is " + this.serviceName);
        }
        GSSCredential gSSCredential = null;
        if (str3 != null) {
            GSSName createName = gSSManager.createName(str3, GSSName.NT_USER_NAME, oid);
            this.clientName = createName;
            gSSCredential = gSSManager.createCredential(createName, i, oid, 1);
        } else {
            this.clientName = null;
        }
        GSSContext createContext = gSSManager.createContext(this.serviceName, oid, gSSCredential, i2);
        this.gssContext = createContext;
        createContext.requestAnonymity(false);
        createContext.requestSequenceDet(false);
        createContext.requestConf(false);
        createContext.requestInteg(false);
        createContext.requestReplayDet(false);
        createContext.requestMutualAuth(true);
        createContext.requestCredDeleg(true);
    }

    private static <T extends Enum<T>> Object getSessionKeyInquireType(Class<?> cls) {
        return Enum.valueOf(cls, "KRB5_GET_SESSION_KEY");
    }

    @Override // jcifs.smb.SSPContext
    public byte[] calculateMIC(byte[] bArr) throws CIFSException {
        try {
            return this.gssContext.getMIC(bArr, 0, bArr.length, new MessageProp(false));
        } catch (GSSException e) {
            throw new CIFSException("Failed to calculate MIC", e);
        }
    }

    @Override // jcifs.smb.SSPContext
    public void dispose() throws SmbException {
        GSSContext gSSContext = this.gssContext;
        if (gSSContext != null) {
            try {
                gSSContext.dispose();
            } catch (GSSException e) {
                throw new SmbException("Context disposal failed", (Throwable) e);
            }
        }
    }

    @Override // jcifs.smb.SSPContext
    public int getFlags() {
        int i = this.gssContext.getCredDelegState() ? 128 : 0;
        if (this.gssContext.getMutualAuthState()) {
            i |= 64;
        }
        if (this.gssContext.getReplayDetState()) {
            i |= 32;
        }
        if (this.gssContext.getSequenceDetState()) {
            i |= 16;
        }
        if (this.gssContext.getAnonymityState()) {
            i |= 8;
        }
        if (this.gssContext.getConfState()) {
            i |= 4;
        }
        return this.gssContext.getIntegState() ? i | 2 : i;
    }

    @Override // jcifs.smb.SSPContext
    public String getNetbiosName() {
        return null;
    }

    @Override // jcifs.smb.SSPContext
    public byte[] getSigningKey() throws SmbException {
        Method method;
        Object obj;
        Class<?> cls = EXT_GSS_CONTEXT_CLASS;
        if (cls == null || (method = INQUIRE_SEC_CONTEXT) == null || (obj = INQUIRE_TYPE_SESSION_KEY) == null) {
            throw new SmbException("ExtendedGSSContext support not available from JRE");
        }
        if (!cls.isAssignableFrom(this.gssContext.getClass())) {
            throw new SmbException("ExtendedGSSContext is not implemented by GSSContext");
        }
        try {
            return ((Key) method.invoke(this.gssContext, obj)).getEncoded();
        } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
            throw new SmbException("Failed to query Kerberos session key from ExtendedGSSContext", e);
        }
    }

    @Override // jcifs.smb.SSPContext
    public ASN1ObjectIdentifier[] getSupportedMechs() {
        return SUPPORTED_MECHS;
    }

    @Override // jcifs.smb.SSPContext
    public byte[] initSecContext(byte[] bArr, int i, int i2) throws SmbException {
        try {
            return this.gssContext.initSecContext(bArr, i, i2);
        } catch (GSSException e) {
            throw new SmbAuthException("GSSAPI mechanism failed", e);
        }
    }

    @Override // jcifs.smb.SSPContext
    public boolean isEstablished() {
        GSSContext gSSContext = this.gssContext;
        return gSSContext != null && gSSContext.isEstablished();
    }

    @Override // jcifs.smb.SSPContext
    public boolean isMICAvailable() {
        return this.gssContext.getIntegState();
    }

    @Override // jcifs.smb.SSPContext
    public boolean isPreferredMech(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        return isSupported(aSN1ObjectIdentifier);
    }

    @Override // jcifs.smb.SSPContext
    public boolean isSupported(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        return KRB5_MECH_OID.equals((ASN1Primitive) aSN1ObjectIdentifier) || KRB5_MS_MECH_OID.equals((ASN1Primitive) aSN1ObjectIdentifier);
    }

    Key searchSessionKey(Subject subject) throws GSSException {
        MIEName mIEName = new MIEName(this.gssContext.getSrcName().export());
        MIEName mIEName2 = new MIEName(this.gssContext.getTargName().export());
        ASN1ObjectIdentifier aSN1ObjectIdentifier = ASN1ObjectIdentifier.getInstance(this.gssContext.getMech().getDER());
        for (KerberosTicket kerberosTicket : subject.getPrivateCredentials(KerberosTicket.class)) {
            MIEName mIEName3 = new MIEName(aSN1ObjectIdentifier, kerberosTicket.getClient().getName());
            MIEName mIEName4 = new MIEName(aSN1ObjectIdentifier, kerberosTicket.getServer().getName());
            if (mIEName.equals(mIEName3) && mIEName2.equals(mIEName4)) {
                return kerberosTicket.getSessionKey();
            }
        }
        return null;
    }

    @Override // jcifs.smb.SSPContext
    public boolean supportsIntegrity() {
        return true;
    }

    public String toString() {
        GSSContext gSSContext = this.gssContext;
        if (gSSContext == null || !gSSContext.isEstablished()) {
            return String.format("KERB5[src=%s,targ=%s]", this.clientName, this.serviceName);
        }
        try {
            return String.format("KERB5[src=%s,targ=%s,mech=%s]", this.gssContext.getSrcName(), this.gssContext.getTargName(), this.gssContext.getMech());
        } catch (GSSException e) {
            log.debug("Failed to get info", e);
            return super.toString();
        }
    }

    @Override // jcifs.smb.SSPContext
    public void verifyMIC(byte[] bArr, byte[] bArr2) throws CIFSException {
        try {
            this.gssContext.verifyMIC(bArr2, 0, bArr2.length, bArr, 0, bArr.length, new MessageProp(false));
        } catch (GSSException e) {
            throw new CIFSException("Failed to verify MIC", e);
        }
    }
}
