package com.sun.security.sasl.gsskerb;

import java.util.Map;
import java.util.logging.Level;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.MessageProp;
import sun.security.krb5.PrincipalName;

/* loaded from: classes3.dex */
final class GssKrb5Server extends GssKrb5Base implements SaslServer {
    private static final String MY_CLASS_NAME = "com.sun.security.sasl.gsskerb.GssKrb5Server";
    private String authzid;
    private CallbackHandler cbh;
    private int handshakeStage;
    private String peer;

    /* JADX INFO: Access modifiers changed from: package-private */
    public GssKrb5Server(String str, String str2, Map map, CallbackHandler callbackHandler) throws SaslException {
        super(map, MY_CLASS_NAME);
        this.handshakeStage = 0;
        this.cbh = callbackHandler;
        String str3 = str + PrincipalName.NAME_REALM_SEPARATOR_STR + str2;
        logger.log(Level.FINE, "KRB5SRV01:Using service name: {0}", str3);
        try {
            GSSManager gSSManager = GSSManager.getInstance();
            this.secCtx = gSSManager.createContext(gSSManager.createCredential(gSSManager.createName(str3, GSSName.NT_HOSTBASED_SERVICE, KRB5_OID), Integer.MAX_VALUE, KRB5_OID, 2));
            if ((this.allQop & 2) != 0) {
                this.secCtx.requestInteg(true);
            }
            if ((this.allQop & 4) != 0) {
                this.secCtx.requestConf(true);
            }
            logger.log(Level.FINE, "KRB5SRV02:Initialization complete");
        } catch (GSSException e) {
            throw new SaslException("Failure to initialize security context", e);
        }
    }

    private byte[] doHandshake1(byte[] bArr) throws SaslException {
        if (bArr != null) {
            try {
                if (bArr.length > 0) {
                    throw new SaslException("Handshake expecting no response data from server");
                }
            } catch (GSSException e) {
                throw new SaslException("Problem wrapping handshake1", e);
            }
        }
        byte[] bArr2 = new byte[4];
        bArr2[0] = this.allQop;
        intToNetworkByteOrder(this.recvMaxBufSize, bArr2, 1, 3);
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, "KRB5SRV06:Supported protections: {0}; recv max buf size: {1}", new Object[]{new Byte(this.allQop), new Integer(this.recvMaxBufSize)});
        }
        this.handshakeStage = 2;
        if (logger.isLoggable(Level.FINER)) {
            traceOutput(MY_CLASS_NAME, "doHandshake1", "KRB5SRV07:Challenge [raw]", bArr2);
        }
        byte[] wrap = this.secCtx.wrap(bArr2, 0, 4, new MessageProp(0, false));
        if (logger.isLoggable(Level.FINER)) {
            traceOutput(MY_CLASS_NAME, "doHandshake1", "KRB5SRV08:Challenge [after wrap]", wrap);
        }
        return wrap;
    }

    /* JADX WARN: Removed duplicated region for block: B:14:0x004a  */
    /* JADX WARN: Removed duplicated region for block: B:17:0x006a A[Catch: UnsupportedCallbackException -> 0x0130, IOException -> 0x0137, GSSException -> 0x013e, TryCatch #3 {IOException -> 0x0137, UnsupportedCallbackException -> 0x0130, GSSException -> 0x013e, blocks: (B:3:0x0002, B:5:0x0019, B:6:0x0022, B:8:0x0029, B:10:0x002e, B:11:0x0030, B:12:0x0038, B:15:0x0052, B:17:0x006a, B:18:0x00b1, B:30:0x00b5, B:22:0x00ce, B:24:0x00f1, B:27:0x00fb, B:28:0x0118, B:21:0x00ca, B:33:0x00c2, B:34:0x00c9, B:35:0x004c, B:36:0x0033, B:39:0x0119, B:40:0x012f), top: B:2:0x0002, inners: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:21:0x00ca A[Catch: UnsupportedCallbackException -> 0x0130, IOException -> 0x0137, GSSException -> 0x013e, TryCatch #3 {IOException -> 0x0137, UnsupportedCallbackException -> 0x0130, GSSException -> 0x013e, blocks: (B:3:0x0002, B:5:0x0019, B:6:0x0022, B:8:0x0029, B:10:0x002e, B:11:0x0030, B:12:0x0038, B:15:0x0052, B:17:0x006a, B:18:0x00b1, B:30:0x00b5, B:22:0x00ce, B:24:0x00f1, B:27:0x00fb, B:28:0x0118, B:21:0x00ca, B:33:0x00c2, B:34:0x00c9, B:35:0x004c, B:36:0x0033, B:39:0x0119, B:40:0x012f), top: B:2:0x0002, inners: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:24:0x00f1 A[Catch: UnsupportedCallbackException -> 0x0130, IOException -> 0x0137, GSSException -> 0x013e, TryCatch #3 {IOException -> 0x0137, UnsupportedCallbackException -> 0x0130, GSSException -> 0x013e, blocks: (B:3:0x0002, B:5:0x0019, B:6:0x0022, B:8:0x0029, B:10:0x002e, B:11:0x0030, B:12:0x0038, B:15:0x0052, B:17:0x006a, B:18:0x00b1, B:30:0x00b5, B:22:0x00ce, B:24:0x00f1, B:27:0x00fb, B:28:0x0118, B:21:0x00ca, B:33:0x00c2, B:34:0x00c9, B:35:0x004c, B:36:0x0033, B:39:0x0119, B:40:0x012f), top: B:2:0x0002, inners: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:27:0x00fb A[Catch: UnsupportedCallbackException -> 0x0130, IOException -> 0x0137, GSSException -> 0x013e, TryCatch #3 {IOException -> 0x0137, UnsupportedCallbackException -> 0x0130, GSSException -> 0x013e, blocks: (B:3:0x0002, B:5:0x0019, B:6:0x0022, B:8:0x0029, B:10:0x002e, B:11:0x0030, B:12:0x0038, B:15:0x0052, B:17:0x006a, B:18:0x00b1, B:30:0x00b5, B:22:0x00ce, B:24:0x00f1, B:27:0x00fb, B:28:0x0118, B:21:0x00ca, B:33:0x00c2, B:34:0x00c9, B:35:0x004c, B:36:0x0033, B:39:0x0119, B:40:0x012f), top: B:2:0x0002, inners: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:29:0x00b5 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:35:0x004c A[Catch: UnsupportedCallbackException -> 0x0130, IOException -> 0x0137, GSSException -> 0x013e, TryCatch #3 {IOException -> 0x0137, UnsupportedCallbackException -> 0x0130, GSSException -> 0x013e, blocks: (B:3:0x0002, B:5:0x0019, B:6:0x0022, B:8:0x0029, B:10:0x002e, B:11:0x0030, B:12:0x0038, B:15:0x0052, B:17:0x006a, B:18:0x00b1, B:30:0x00b5, B:22:0x00ce, B:24:0x00f1, B:27:0x00fb, B:28:0x0118, B:21:0x00ca, B:33:0x00c2, B:34:0x00c9, B:35:0x004c, B:36:0x0033, B:39:0x0119, B:40:0x012f), top: B:2:0x0002, inners: #1 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private byte[] doHandshake2(byte[] r12) throws javax.security.sasl.SaslException {
        /*
            Method dump skipped, instructions count: 327
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.security.sasl.gsskerb.GssKrb5Server.doHandshake2(byte[]):byte[]");
    }

    @Override // javax.security.sasl.SaslServer
    public byte[] evaluateResponse(byte[] bArr) throws SaslException {
        if (this.completed) {
            throw new SaslException("SASL authentication already complete");
        }
        if (logger.isLoggable(Level.FINER)) {
            traceOutput(MY_CLASS_NAME, "evaluateResponse", "KRB5SRV03:Response [raw]:", bArr);
        }
        int i = this.handshakeStage;
        if (i == 1) {
            return doHandshake1(bArr);
        }
        if (i == 2) {
            return doHandshake2(bArr);
        }
        try {
            byte[] acceptSecContext = this.secCtx.acceptSecContext(bArr, 0, bArr.length);
            if (logger.isLoggable(Level.FINER)) {
                traceOutput(MY_CLASS_NAME, "evaluateResponse", "KRB5SRV04:Challenge: [after acceptSecCtx]", acceptSecContext);
            }
            if (!this.secCtx.isEstablished()) {
                return acceptSecContext;
            }
            this.handshakeStage = 1;
            this.peer = this.secCtx.getSrcName().toString();
            logger.log(Level.FINE, "KRB5SRV05:Peer name is : {0}", this.peer);
            return acceptSecContext == null ? doHandshake1(EMPTY) : acceptSecContext;
        } catch (GSSException e) {
            throw new SaslException("GSS initiate failed", e);
        }
    }

    @Override // javax.security.sasl.SaslServer
    public String getAuthorizationID() {
        if (this.completed) {
            return this.authzid;
        }
        throw new IllegalStateException("Authentication incomplete");
    }
}
