package com.sun.rpc;

import com.sun.gssapi.GSSContext;
import com.sun.gssapi.GSSException;
import com.sun.gssapi.GSSName;
import com.sun.gssapi.MessageProp;
import com.sun.gssapi.Oid;
import java.io.IOException;
import java.io.InterruptedIOException;
import net.sf.jftp.config.Settings;

/* loaded from: input_file:jftp.jar:com/sun/rpc/CredGss.class */
public class CredGss extends Cred {
    public int serviceType;
    Oid mechOid;
    int qop;
    String serviceName;
    int seq_num_out;
    int seq_window;
    int control;
    GSSContext gssCtx;
    byte[] ctx_handle;
    public static final int RPCSEC_GSS = 6;
    public static final int RPCSEC_GSS_DATA = 0;
    public static final int RPCSEC_GSS_INIT = 1;
    public static final int RPCSEC_GSS_CONTINUE_INIT = 2;
    public static final int RPCSEC_GSS_DESTROY = 3;
    public static final int RPCSEC_GSS_VERS_1 = 1;
    private static final int RPCGSS_MAXSZ = 1024;
    private static final int PROC_NULL = 0;

    public CredGss(String str, Oid oid, int i, int i2) {
        this.mechOid = oid;
        this.serviceName = str;
        this.serviceType = i;
        this.qop = i2;
        this.seq_num_out = 0;
        this.ctx_handle = null;
        this.gssCtx = null;
        this.control = 1;
    }

    public CredGss(String str, String str2, int i, int i2) throws IOException {
        try {
            this.mechOid = new Oid(str2);
            this.serviceName = str;
            this.serviceType = i;
            this.qop = i2;
            this.seq_num_out = 0;
            this.ctx_handle = null;
            this.gssCtx = null;
            this.control = 1;
        } catch (GSSException unused) {
            throw new IOException("can not construct CredGss object");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sun.rpc.Cred
    public synchronized void destroy(Rpc rpc) throws RpcException {
        if (this.gssCtx != null) {
            try {
                Xdr xdr = new Xdr(1024);
                this.control = 3;
                rpc.rpc_header(xdr, 0);
                rpc.rpc_call(xdr, Settings.connectionTimeout, 5);
                this.gssCtx.dispose();
                this.mechOid = null;
                this.gssCtx = null;
                this.ctx_handle = null;
            } catch (GSSException unused) {
            } catch (IOException unused2) {
            }
        }
    }

    @Override // com.sun.rpc.Cred
    public void getCred(Xdr xdr) {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sun.rpc.Cred
    public synchronized void init(Connection connection, int i, int i2) throws RpcException {
        byte[] bArr = new byte[0];
        int i3 = 0;
        try {
            GSSContext gSSContext = new GSSContext(new GSSName(this.serviceName, GSSName.NT_HOSTBASED_SERVICE), this.mechOid, null, 0);
            gSSContext.requestConf(true);
            gSSContext.requestInteg(true);
            gSSContext.requestMutualAuth(true);
            gSSContext.requestReplayDet(true);
            gSSContext.requestSequenceDet(true);
            CredGss credGss = new CredGss(this.serviceName, this.mechOid, this.serviceType, this.qop);
            Rpc rpc = new Rpc(connection, i, i2, credGss);
            Xdr xdr = new Xdr(1024);
            credGss.control = 1;
            int i4 = 2;
            do {
                byte[] init = gSSContext.init(bArr, 0, bArr.length);
                if (init != null) {
                    rpc.rpc_header(xdr, 0);
                    xdr.xdr_bytes(init);
                    try {
                        Xdr rpc_send = rpc_send(rpc, xdr, Settings.connectionTimeout, 5);
                        this.ctx_handle = rpc_send.xdr_bytes();
                        i3 = rpc_send.xdr_int();
                        rpc_send.xdr_int();
                        if (i3 != 0 && i3 != 1) {
                            throw new RpcException("cred.init server failed");
                        }
                        this.seq_window = rpc_send.xdr_int();
                        bArr = rpc_send.xdr_bytes();
                        if (!gSSContext.isEstablished() && bArr == null) {
                            throw new RpcException("cred.init:bad token");
                        }
                    } catch (MsgRejectedException e) {
                        if (i4 <= 0 || !(e.why == 13 || e.why == 14)) {
                            throw e;
                        }
                        bArr = new byte[0];
                        gSSContext = new GSSContext(new GSSName(this.serviceName, GSSName.NT_HOSTBASED_SERVICE), this.mechOid, null, 0);
                        gSSContext.requestConf(true);
                        gSSContext.requestInteg(true);
                        gSSContext.requestMutualAuth(true);
                        gSSContext.requestReplayDet(true);
                        gSSContext.requestSequenceDet(true);
                        credGss.gssCtx = null;
                        credGss.ctx_handle = null;
                        credGss.control = 1;
                        i4--;
                    } catch (RpcException e2) {
                        throw e2;
                    }
                } else if (i3 == 1) {
                    throw new RpcException("cred.init:server needs token");
                }
                credGss.control = 2;
                credGss.ctx_handle = this.ctx_handle;
            } while (!gSSContext.isEstablished());
            this.gssCtx = gSSContext;
            this.control = 0;
        } catch (GSSException unused) {
            throw new RpcException("cred.init: gss errors");
        } catch (IOException unused2) {
            throw new RpcException("cred.init: io errors ");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sun.rpc.Cred
    public synchronized void putCred(Xdr xdr) throws RpcException {
        MessageProp messageProp = new MessageProp(this.qop, false);
        xdr.xdr_int(6);
        if (this.control == 0 || this.control == 3) {
            this.seq_num_out++;
        }
        if (this.ctx_handle != null) {
            xdr.xdr_int(20 + this.ctx_handle.length);
            xdr.xdr_int(1);
            xdr.xdr_int(this.control);
            xdr.xdr_int(this.seq_num_out);
            xdr.xdr_int(this.serviceType);
            xdr.xdr_bytes(this.ctx_handle);
        } else {
            xdr.xdr_int(20);
            xdr.xdr_int(1);
            xdr.xdr_int(this.control);
            xdr.xdr_int(this.seq_num_out);
            xdr.xdr_int(this.serviceType);
            xdr.xdr_int(0);
        }
        if (this.gssCtx != null) {
            try {
                byte[] mic = this.gssCtx.getMIC(xdr.xdr_buf(), 0, xdr.xdr_offset(), messageProp);
                xdr.xdr_int(6);
                xdr.xdr_bytes(mic);
            } catch (GSSException unused) {
                throw new RpcException("can not checksum the header");
            }
        } else {
            xdr.xdr_int(0);
            xdr.xdr_int(0);
        }
        xdr.xdr_wrap_offset(xdr.xdr_offset());
        if (this.control != 0 || this.serviceType == 1) {
            return;
        }
        xdr.xdr_int(this.seq_num_out);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sun.rpc.Cred
    public synchronized boolean refresh(Connection connection, int i, int i2) {
        if (this.ctx_handle == null) {
            return false;
        }
        this.gssCtx = null;
        this.ctx_handle = null;
        try {
            init(connection, i, i2);
            return true;
        } catch (RpcException unused) {
            return false;
        }
    }

    private Xdr rpc_send(Rpc rpc, Xdr xdr, int i, int i2) throws RpcException, IOException {
        Xdr xdr2 = null;
        if (i2 == 0) {
            i2 = Integer.MAX_VALUE;
        }
        for (int i3 = 0; i3 < i2; i3++) {
            try {
                xdr2 = rpc.rpc_call_one(xdr, null, i);
                break;
            } catch (RpcException e) {
                throw e;
            } catch (IOException unused) {
            }
        }
        if (xdr2 == null) {
            throw new InterruptedIOException();
        }
        return xdr2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sun.rpc.Cred
    public synchronized int unwrap(Xdr xdr) throws RpcException {
        int i = 0;
        MessageProp messageProp = new MessageProp();
        if (this.control != 0) {
            return 0;
        }
        int xdr_offset = xdr.xdr_offset();
        switch (this.serviceType) {
            case 1:
                return 0;
            case 2:
                int xdr_int = xdr.xdr_int();
                if (xdr_int <= 4) {
                    return 0;
                }
                int xdr_offset2 = xdr.xdr_offset();
                i = xdr.xdr_int();
                if (i < this.seq_num_out - this.seq_window || i > this.seq_num_out) {
                    throw new RpcException("unwrap: bad sequence number");
                }
                byte[] xdr_raw = xdr.xdr_raw(xdr_int - 4);
                try {
                    this.gssCtx.verifyMIC(xdr.xdr_buf(), xdr.xdr_offset(), xdr.xdr_int(), xdr.xdr_buf(), xdr_offset2, xdr_int, messageProp);
                    if (messageProp.getQOP() == this.qop) {
                        xdr.xdr_offset(xdr_offset);
                        xdr.xdr_raw(xdr_raw);
                        xdr.xdr_offset(xdr_offset);
                        break;
                    } else {
                        throw new RpcException("unwrap: unexpected qop");
                    }
                } catch (GSSException unused) {
                    throw new RpcException("unwrap: gss_verifyMIC failed");
                }
            case 3:
                int xdr_int2 = xdr.xdr_int();
                if (xdr_int2 == 0) {
                    return 0;
                }
                try {
                    byte[] unwrap = this.gssCtx.unwrap(xdr.xdr_buf(), xdr.xdr_offset(), xdr_int2, messageProp);
                    if (messageProp.getQOP() != this.qop) {
                        throw new RpcException("unwrap: unexpected qop");
                    }
                    xdr.xdr_offset(xdr_offset);
                    xdr.xdr_raw(unwrap);
                    xdr.xdr_offset(xdr_offset);
                    i = xdr.xdr_int();
                    if (i < this.seq_num_out - this.seq_window || i > this.seq_num_out) {
                        throw new RpcException("unwrap: bad sequence number");
                    }
                } catch (GSSException unused2) {
                    throw new RpcException("unwrap: gss_unwrap failed");
                }
                break;
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sun.rpc.Cred
    public synchronized void validate(byte[] bArr, int i) throws RpcException {
        if (this.control != 0) {
            return;
        }
        byte[] bArr2 = {(byte) (i >>> 24), (byte) (i >> 16), (byte) (i >> 8), (byte) i};
        try {
            this.gssCtx.verifyMIC(bArr, 0, bArr.length, bArr2, 0, bArr2.length, new MessageProp());
        } catch (GSSException unused) {
            throw new RpcException("CredGss: validate failed");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sun.rpc.Cred
    public synchronized void wrap(Xdr xdr, byte[] bArr) throws RpcException {
        MessageProp messageProp = new MessageProp(this.qop, false);
        if (this.control != 0) {
            return;
        }
        try {
            switch (this.serviceType) {
                case 1:
                default:
                    return;
                case 2:
                    byte[] mic = this.gssCtx.getMIC(bArr, 0, bArr.length, messageProp);
                    xdr.xdr_offset(xdr.xdr_wrap_offset());
                    xdr.xdr_bytes(bArr);
                    xdr.xdr_bytes(mic);
                    return;
                case 3:
                    messageProp.setPrivacy(true);
                    byte[] wrap = this.gssCtx.wrap(bArr, 0, bArr.length, messageProp);
                    xdr.xdr_offset(xdr.xdr_wrap_offset());
                    xdr.xdr_bytes(wrap);
                    return;
            }
        } catch (GSSException unused) {
            throw new RpcException("wrap: Can not wrap RPC arg");
        }
    }
}
