package com.sun.enterprise.iiop;

import com.sun.corba.ee.impl.encoding.CDROutputStream;
import com.sun.corba.ee.impl.encoding.EncapsInputStream;
import com.sun.corba.ee.org.omg.CSIIOP.AS_ContextSec;
import com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech;
import com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMechList;
import com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMechListHelper;
import com.sun.corba.ee.org.omg.CSIIOP.SAS_ContextSec;
import com.sun.corba.ee.org.omg.CSIIOP.ServiceConfiguration;
import com.sun.corba.ee.org.omg.CSIIOP.TLS_SEC_TRANS;
import com.sun.corba.ee.org.omg.CSIIOP.TLS_SEC_TRANSHelper;
import com.sun.corba.ee.org.omg.CSIIOP.TransportAddress;
import com.sun.corba.ee.spi.ior.IOR;
import com.sun.corba.ee.spi.ior.iiop.IIOPProfileTemplate;
import com.sun.enterprise.deployment.EjbDescriptor;
import com.sun.enterprise.deployment.EjbIORConfigurationDescriptor;
import com.sun.enterprise.iiop.security.GSSUtils;
import com.sun.enterprise.util.ORBManager;
import com.sun.enterprise.util.Utility;
import com.sun.logging.LogDomains;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.omg.CORBA.ORB;
import org.omg.IOP.TaggedComponent;

/* loaded from: input_file:119167-06/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/enterprise/iiop/CSIV2TaggedComponentInfo.class */
public final class CSIV2TaggedComponentInfo {
    private static Logger _logger;
    private String _realm_name = null;
    private byte[] _realm_name_bytes = null;
    private static final String DEFAULT_REALM = "default";
    public static final int SUPPORTED_IDENTITY_TOKEN_TYPES = 15;
    private ORB orb;
    private int sslMutualAuthPort;

    public CSIV2TaggedComponentInfo(ORB orb) {
        this.orb = orb;
    }

    public TaggedComponent createSecurityTaggedComponent(int i, EjbDescriptor ejbDescriptor) {
        TaggedComponent taggedComponent = null;
        try {
            if (_logger.isLoggable(Level.FINE)) {
                _logger.log(Level.FINE, "IIOP: Creating a Security Tagged Component");
            }
            this._realm_name = ejbDescriptor.getApplication().getRealm();
            taggedComponent = createTaggedComponent(createCompoundSecMechs(i, ejbDescriptor));
        } catch (Exception e) {
            _logger.log(Level.SEVERE, "iiop.createcompund_exception", (Throwable) e);
        }
        return taggedComponent;
    }

    public TaggedComponent createSecurityTaggedComponent(int i) {
        TaggedComponent taggedComponent = null;
        try {
            boolean z = false;
            String property = System.getProperty(ORBManager.ORB_SSL_SERVER_REQUIRED);
            if (property != null && property.equals("true")) {
                z = true;
            }
            boolean z2 = false;
            String property2 = System.getProperty(ORBManager.ORB_CLIENT_AUTH_REQUIRED);
            if (property2 != null && property2.equals("true")) {
                z2 = true;
            }
            CompoundSecMech[] compoundSecMechArr = new CompoundSecMech[1];
            compoundSecMechArr[0] = new CompoundSecMech(z2 ? (short) 64 : (short) 0, createSSLInfo(i, null, z), createASContextSec(null), createSASContextSec(null));
            taggedComponent = createTaggedComponent(compoundSecMechArr);
        } catch (Exception e) {
            _logger.log(Level.SEVERE, "iiop.createcompund_exception", (Throwable) e);
        }
        return taggedComponent;
    }

    private TaggedComponent createTaggedComponent(CompoundSecMech[] compoundSecMechArr) {
        CDROutputStream create_output_stream = this.orb.create_output_stream();
        create_output_stream.putEndian();
        CompoundSecMechListHelper.write(create_output_stream, new CompoundSecMechList(false, compoundSecMechArr));
        return new TaggedComponent(33, create_output_stream.toByteArray());
    }

    public void setSSLMutualAuthPort(int i) {
        this.sslMutualAuthPort = i;
    }

    private int getSSLMutualAuthPort() {
        return this.sslMutualAuthPort;
    }

    private CompoundSecMech[] createCompoundSecMechs(int i, EjbDescriptor ejbDescriptor) throws IOException {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "IIOP: Creating CompoundSecMech");
        }
        Set iORConfigurationDescriptors = ejbDescriptor.getIORConfigurationDescriptors();
        int size = iORConfigurationDescriptors.size();
        if (size == 0) {
            EjbIORConfigurationDescriptor ejbIORConfigurationDescriptor = new EjbIORConfigurationDescriptor();
            ejbIORConfigurationDescriptor.setIntegrity(EjbIORConfigurationDescriptor.SUPPORTED);
            ejbIORConfigurationDescriptor.setConfidentiality(EjbIORConfigurationDescriptor.SUPPORTED);
            ejbIORConfigurationDescriptor.setEstablishTrustInClient(EjbIORConfigurationDescriptor.SUPPORTED);
            iORConfigurationDescriptors.add(ejbIORConfigurationDescriptor);
            size = 1;
            if (ejbDescriptor.getPermissionedRoles().size() > 0) {
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.log(Level.FINE, "IIOP:Application has protected methods");
                }
                ejbIORConfigurationDescriptor.setAuthMethodRequired(true);
            }
        }
        CompoundSecMech[] compoundSecMechArr = new CompoundSecMech[size];
        Iterator it = iORConfigurationDescriptors.iterator();
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, new StringBuffer().append("IORDescriptor SIZE:").append(size).toString());
        }
        for (int i2 = 0; i2 < size; i2++) {
            EjbIORConfigurationDescriptor ejbIORConfigurationDescriptor2 = (EjbIORConfigurationDescriptor) it.next();
            int targetRequires = getTargetRequires(ejbIORConfigurationDescriptor2);
            TaggedComponent createSSLInfo = createSSLInfo(i, ejbIORConfigurationDescriptor2, false);
            AS_ContextSec createASContextSec = createASContextSec(ejbIORConfigurationDescriptor2);
            SAS_ContextSec createSASContextSec = createSASContextSec(ejbIORConfigurationDescriptor2);
            compoundSecMechArr[i2] = new CompoundSecMech((short) (targetRequires | createASContextSec.target_requires | createSASContextSec.target_requires), createSSLInfo, createASContextSec, createSASContextSec);
        }
        return compoundSecMechArr;
    }

    public boolean allMechanismsRequireSSL(Set set) {
        int size = set.size();
        if (size == 0) {
            return false;
        }
        Iterator it = set.iterator();
        for (int i = 0; i < size; i++) {
            if (getTargetRequires((EjbIORConfigurationDescriptor) it.next()) == 0) {
                return false;
            }
        }
        return true;
    }

    public AS_ContextSec createASContextSec(EjbIORConfigurationDescriptor ejbIORConfigurationDescriptor) throws IOException {
        int i = 0;
        byte[] bArr = new byte[0];
        byte[] bArr2 = new byte[0];
        String str = null;
        boolean z = false;
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "IIOP: Creating AS_Context");
        }
        if (ejbIORConfigurationDescriptor != null) {
            str = ejbIORConfigurationDescriptor.getAuthenticationMethod();
            z = ejbIORConfigurationDescriptor.isAuthMethodRequired();
        }
        if (str != null && str.equalsIgnoreCase("NONE")) {
            return new AS_ContextSec((short) 0, (short) 0, bArr, bArr2);
        }
        if (this._realm_name == null) {
            if (ejbIORConfigurationDescriptor != null) {
                this._realm_name = ejbIORConfigurationDescriptor.getRealmName();
            }
            if (this._realm_name == null) {
                this._realm_name = "default";
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.log(Level.FINE, "IIOP:AS_Context: Realm Name = null, setting default realm for logging in");
                }
            }
        }
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, new StringBuffer().append("IIOP:AS_Context: Realm Name for login = ").append(this._realm_name).toString());
        }
        this._realm_name_bytes = this._realm_name.getBytes();
        byte[] createExportedName = GSSUtils.createExportedName(GSSUtils.GSSUP_MECH_OID, this._realm_name_bytes);
        if (z) {
            i = 64;
        }
        return new AS_ContextSec((short) 64, (short) i, getMechanism(), createExportedName);
    }

    /* JADX WARN: Type inference failed for: r0v7, types: [byte[], byte[][]] */
    public SAS_ContextSec createSASContextSec(EjbIORConfigurationDescriptor ejbIORConfigurationDescriptor) throws IOException {
        ServiceConfiguration[] serviceConfigurationArr = new ServiceConfiguration[0];
        ?? r0 = new byte[0];
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "IIOP: Creating SAS_Context");
        }
        String callerPropagation = ejbIORConfigurationDescriptor != null ? ejbIORConfigurationDescriptor.getCallerPropagation() : null;
        if (callerPropagation != null && callerPropagation.equalsIgnoreCase("NONE")) {
            return new SAS_ContextSec((short) 0, (short) 0, serviceConfigurationArr, r0, 0);
        }
        byte[] mechanism = getMechanism();
        byte[][] bArr = new byte[1][mechanism.length];
        for (int i = 0; i < mechanism.length; i++) {
            bArr[0][i] = mechanism[i];
        }
        return new SAS_ContextSec((short) 1024, (short) 0, serviceConfigurationArr, bArr, 1024 != 0 ? 15 : 0);
    }

    private TaggedComponent createSSLInfo(int i, EjbIORConfigurationDescriptor ejbIORConfigurationDescriptor, boolean z) {
        int targetSupports;
        int i2 = 0;
        int i3 = i;
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "IIOP: Creating Transport Mechanism");
        }
        if (ejbIORConfigurationDescriptor == null) {
            targetSupports = 102;
            if (z) {
                i2 = 70;
            }
        } else {
            targetSupports = getTargetSupports(ejbIORConfigurationDescriptor);
            i2 = getTargetRequires(ejbIORConfigurationDescriptor);
            if ((i2 & 64) == 64) {
                i3 = getSSLMutualAuthPort();
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.log(Level.FINE, new StringBuffer().append("MUTUAL AUTH PORT=").append(i).toString());
                }
            }
        }
        if ((targetSupports | i2) == 0 || i3 == -1) {
            return new TaggedComponent(34, new byte[0]);
        }
        TLS_SEC_TRANS tls_sec_trans = new TLS_SEC_TRANS((short) targetSupports, (short) i2, generateTransportAddresses(Utility.getLocalAddress(), i3));
        CDROutputStream create_output_stream = this.orb.create_output_stream();
        create_output_stream.putEndian();
        TLS_SEC_TRANSHelper.write(create_output_stream, tls_sec_trans);
        return new TaggedComponent(36, create_output_stream.toByteArray());
    }

    private TransportAddress[] generateTransportAddresses(String str, int i) {
        return new TransportAddress[]{new TransportAddress(str, Utility.intToShort(i))};
    }

    public CompoundSecMech[] getSecurityMechanisms(IOR ior) {
        Iterator iteratorById = ((IIOPProfileTemplate) ior.getProfile().getTaggedProfileTemplate()).iteratorById(33);
        if (!iteratorById.hasNext()) {
            if (!_logger.isLoggable(Level.FINE)) {
                return null;
            }
            _logger.log(Level.FINE, "IIOP:TAG_CSI_SEC_MECH_LIST tagged component not found");
            return null;
        }
        Object next = iteratorById.next();
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, new StringBuffer().append("Component:").append(next).toString());
        }
        if (iteratorById.hasNext()) {
            _logger.log(Level.SEVERE, "iiop.many_tagged_component");
            throw new RuntimeException("More than one TAG_CSI_SEC_MECH_LIST tagged component found ");
        }
        byte[] bArr = ((com.sun.corba.ee.spi.ior.TaggedComponent) next).getIOPComponent(this.orb).component_data;
        EncapsInputStream encapsInputStream = new EncapsInputStream(this.orb, bArr, bArr.length);
        encapsInputStream.consumeEndian();
        return CompoundSecMechListHelper.read(encapsInputStream).mechanism_list;
    }

    public TLS_SEC_TRANS getSSLInformation(CompoundSecMech compoundSecMech) {
        return getSSLComponent(compoundSecMech.transport_mech);
    }

    private TLS_SEC_TRANS getSSLComponent(TaggedComponent taggedComponent) {
        TLS_SEC_TRANS read;
        if (taggedComponent.tag == 34) {
            read = null;
        } else {
            byte[] bArr = taggedComponent.component_data;
            EncapsInputStream encapsInputStream = new EncapsInputStream(this.orb, bArr, bArr.length);
            encapsInputStream.consumeEndian();
            read = TLS_SEC_TRANSHelper.read(encapsInputStream);
        }
        return read;
    }

    public int getTargetSupports(EjbIORConfigurationDescriptor ejbIORConfigurationDescriptor) {
        if (ejbIORConfigurationDescriptor == null) {
            return 0;
        }
        int i = 0;
        if (!ejbIORConfigurationDescriptor.getIntegrity().equalsIgnoreCase("NONE")) {
            i = 0 | 2;
        }
        if (!ejbIORConfigurationDescriptor.getConfidentiality().equalsIgnoreCase("NONE")) {
            i |= 4;
        }
        if (!ejbIORConfigurationDescriptor.getEstablishTrustInTarget().equalsIgnoreCase("NONE")) {
            i |= 32;
        }
        if (!ejbIORConfigurationDescriptor.getEstablishTrustInClient().equalsIgnoreCase("NONE")) {
            i |= 64;
        }
        return i;
    }

    public int getTargetRequires(EjbIORConfigurationDescriptor ejbIORConfigurationDescriptor) {
        if (ejbIORConfigurationDescriptor == null) {
            return 0;
        }
        int i = 0;
        if (ejbIORConfigurationDescriptor.getIntegrity().equalsIgnoreCase(EjbIORConfigurationDescriptor.REQUIRED)) {
            i = 0 | 2;
        }
        if (ejbIORConfigurationDescriptor.getConfidentiality().equalsIgnoreCase(EjbIORConfigurationDescriptor.REQUIRED)) {
            i |= 4;
        }
        if (ejbIORConfigurationDescriptor.getEstablishTrustInTarget().equalsIgnoreCase(EjbIORConfigurationDescriptor.REQUIRED)) {
            i |= 32;
        }
        if (ejbIORConfigurationDescriptor.getEstablishTrustInClient().equalsIgnoreCase(EjbIORConfigurationDescriptor.REQUIRED)) {
            i |= 64;
        }
        return i;
    }

    private byte[] getMechanism() throws IOException {
        return GSSUtils.getDER(GSSUtils.GSSUP_MECH_OID);
    }

    static {
        _logger = null;
        _logger = LogDomains.getLogger(LogDomains.CORBA_LOGGER);
    }
}
