package sun.security.krb5;

import java.io.IOException;
import sun.security.krb5.internal.EncTicketPart;
import sun.security.krb5.internal.KerberosTime;
import sun.security.krb5.internal.Ticket;
import sun.security.krb5.internal.a6;
import sun.security.krb5.internal.aa;
import sun.security.krb5.internal.ab;
import sun.security.krb5.internal.ac;
import sun.security.krb5.internal.ad;
import sun.security.krb5.internal.ak;
import sun.security.krb5.internal.bs;
import sun.security.krb5.internal.crypto.m;
import sun.security.krb5.internal.i;
import sun.security.krb5.internal.j;
import sun.security.krb5.internal.p;
import sun.security.krb5.internal.r;
import sun.security.krb5.internal.rcache.ba;
import sun.security.krb5.internal.rcache.bb;
import sun.security.util.DerValue;

/* compiled from: DashoA12275 */
/* loaded from: input_file:118668-04/SUNWj5rt/reloc/jdk/instances/jdk1.5.0/jre/lib/rt.jar:sun/security/krb5/KrbApReq.class */
public class KrbApReq {
    private byte[] a;
    private KerberosTime b;
    private int c;
    private ac d;
    private Credentials e;
    private ad f;
    private static bb g = new bb();
    private static boolean h = bs.ed;

    public KrbApReq(Credentials credentials, boolean z, boolean z2, boolean z3, Checksum checksum) throws Asn1Exception, KrbCryptoException, KrbException, IOException {
        aa aaVar = z ? new aa(2) : new aa();
        if (h) {
            System.out.println(new StringBuffer().append(">>> KrbApReq: APOptions are ").append((Object) aaVar).toString());
        }
        a(aaVar, credentials, checksum, z2 ? new EncryptionKey(credentials.getSessionKey()) : null, new a6(), null, 11);
    }

    public KrbApReq(byte[] bArr, EncryptionKey[] encryptionKeyArr) throws KrbException, IOException {
        this.a = bArr;
        if (this.f == null) {
            a();
        }
        a(encryptionKeyArr, null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KrbApReq(aa aaVar, Ticket ticket, EncryptionKey encryptionKey, Realm realm, PrincipalName principalName, Checksum checksum, KerberosTime kerberosTime, EncryptionKey encryptionKey2, ab abVar, r rVar) throws Asn1Exception, IOException, i, KrbCryptoException {
        a(aaVar, ticket, encryptionKey, realm, principalName, checksum, kerberosTime, encryptionKey2, abVar, rVar, 7);
    }

    private void a(aa aaVar, Credentials credentials, Checksum checksum, EncryptionKey encryptionKey, ab abVar, r rVar, int i) throws KrbException, IOException {
        this.b = new KerberosTime(true);
        a(aaVar, credentials.a, credentials.d, credentials.b.getRealm(), credentials.b, checksum, this.b, encryptionKey, abVar, rVar, i);
    }

    private void a(aa aaVar, Ticket ticket, EncryptionKey encryptionKey, Realm realm, PrincipalName principalName, Checksum checksum, KerberosTime kerberosTime, EncryptionKey encryptionKey2, ab abVar, r rVar, int i) throws Asn1Exception, IOException, i, KrbCryptoException {
        b(aaVar, ticket, encryptionKey, realm, principalName, checksum, kerberosTime, encryptionKey2, abVar, rVar, i);
        this.a = this.f.a();
    }

    void a() throws KrbException, IOException {
        a(new DerValue(this.a));
    }

    void a(DerValue derValue) throws KrbException, IOException {
        this.f = null;
        try {
            this.f = new ad(derValue);
        } catch (Asn1Exception e) {
            this.f = null;
            ak akVar = new ak(derValue);
            KrbException krbException = new KrbException(akVar.g, akVar.l.charAt(akVar.l.length() - 1) == 0 ? akVar.l.substring(0, akVar.l.length() - 1) : akVar.l);
            krbException.initCause(e);
            throw krbException;
        }
    }

    private void a(EncryptionKey[] encryptionKeyArr, p pVar) throws KrbException, IOException {
        int eType = this.f.d.encPart.getEType();
        EncryptionKey findKey = EncryptionKey.findKey(eType, encryptionKeyArr);
        if (findKey == null) {
            throw new KrbException(400, new StringBuffer().append("Cannot find key of appropriate type to decrypt AP REP - ").append(m.c(eType)).toString());
        }
        EncTicketPart encTicketPart = new EncTicketPart(this.f.d.encPart.reset(this.f.d.encPart.decrypt(findKey, 2), true));
        a(encTicketPart.key.getEType());
        this.d = new ac(this.f.e.reset(this.f.e.decrypt(encTicketPart.key, 11), true));
        this.b = this.d.f;
        this.c = this.d.e;
        this.d.f.setMicroSeconds(this.d.e);
        this.d.c.setRealm(this.d.b);
        this.f.d.sname.setRealm(this.f.d.realm);
        encTicketPart.cname.setRealm(encTicketPart.crealm);
        Config.getInstance().resetDefaultRealm(this.f.d.realm.toString());
        if (!this.d.c.equals(encTicketPart.cname)) {
            throw new j(36);
        }
        if (!this.d.f.inClockSkew()) {
            throw new j(37);
        }
        ba baVar = new ba(this.d.f.getTime(), this.d.e);
        String principalName = this.d.c.toString();
        if (g.a(baVar, this.d.c.toString()) != null) {
            throw new j(34);
        }
        g.a(principalName, baVar);
        if (pVar != null && encTicketPart.caddr != null) {
            if (pVar == null) {
                throw new j(38);
            }
            if (!encTicketPart.caddr.inList(pVar)) {
                throw new j(38);
            }
        }
        KerberosTime kerberosTime = new KerberosTime(true);
        if ((encTicketPart.starttime != null && encTicketPart.starttime.greaterThanWRTClockSkew(kerberosTime)) || encTicketPart.flags.a(7)) {
            throw new j(33);
        }
        if (encTicketPart.endtime != null && kerberosTime.greaterThanWRTClockSkew(encTicketPart.endtime)) {
            throw new j(32);
        }
        this.e = new Credentials(this.f.d, this.d.c, this.f.d.sname, encTicketPart.key, null, encTicketPart.authtime, encTicketPart.starttime, encTicketPart.endtime, encTicketPart.renewTill, encTicketPart.caddr);
        if (h) {
            System.out.println(">>> KrbApReq: authenticate succeed.");
        }
    }

    public Credentials getCreds() {
        return this.e;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KerberosTime b() {
        return this.b != null ? this.b : this.d.f;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int c() {
        return this.c;
    }

    aa d() throws KrbException, IOException {
        if (this.f == null) {
            a();
        }
        if (this.f != null) {
            return this.f.c;
        }
        return null;
    }

    public boolean getMutualAuthRequired() throws KrbException, IOException {
        if (this.f == null) {
            a();
        }
        if (this.f != null) {
            return this.f.c.a(2);
        }
        return false;
    }

    boolean e() throws KrbException, IOException {
        if (this.f == null) {
            a();
        }
        if (this.f != null) {
            return this.f.c.a(1);
        }
        return false;
    }

    public EncryptionKey getSubKey() {
        return this.d.d();
    }

    public Integer getSeqNumber() {
        return this.d.c();
    }

    public Checksum getChecksum() {
        return this.d.b();
    }

    public byte[] getMessage() {
        return this.a;
    }

    public PrincipalName getClient() {
        return this.e.getClient();
    }

    private void b(aa aaVar, Ticket ticket, EncryptionKey encryptionKey, Realm realm, PrincipalName principalName, Checksum checksum, KerberosTime kerberosTime, EncryptionKey encryptionKey2, ab abVar, r rVar, int i) throws Asn1Exception, IOException, i, KrbCryptoException {
        Integer num = null;
        if (abVar != null) {
            num = new Integer(abVar.b());
        }
        this.d = new ac(realm, principalName, checksum, kerberosTime.getMicroSeconds(), kerberosTime, encryptionKey2, num, rVar);
        this.f = new ad(aaVar, ticket, new EncryptedData(encryptionKey, this.d.a(), i));
    }

    private static void a(int i) throws KrbException {
        int[] a = m.a("permitted_enctypes");
        if (a == null) {
            throw new KrbException("No supported encryption types listed in permitted_enctypes");
        }
        if (!m.a(i, a)) {
            throw new KrbException(new StringBuffer().append(m.c(i)).append(" encryption type not in permitted_enctypes list").toString());
        }
    }
}
