package sun.security.jgss;

import com.sun.security.jgss.ExtendedGSSContext;
import com.sun.security.jgss.InquireSecContextPermission;
import com.sun.security.jgss.InquireType;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import org.ietf.jgss.ChannelBinding;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.MessageProp;
import org.ietf.jgss.Oid;
import sun.security.jgss.spi.GSSContextSpi;
import sun.security.jgss.spi.GSSCredentialSpi;
import sun.security.util.ObjectIdentifier;

/* loaded from: input_file:unix/1.8.0_265/lib/rt.jar:sun/security/jgss/GSSContextImpl.class */
class GSSContextImpl implements ExtendedGSSContext {
    private final GSSManagerImpl gssManager;
    private final boolean initiator;
    private static final int PRE_INIT = 1;
    private static final int IN_PROGRESS = 2;
    private static final int READY = 3;
    private static final int DELETED = 4;
    private int currentState;
    private GSSContextSpi mechCtxt;
    private Oid mechOid;
    private ObjectIdentifier objId;
    private GSSCredentialImpl myCred;
    private GSSNameImpl srcName;
    private GSSNameImpl targName;
    private int reqLifetime;
    private ChannelBinding channelBindings;
    private boolean reqConfState;
    private boolean reqIntegState;
    private boolean reqMutualAuthState;
    private boolean reqReplayDetState;
    private boolean reqSequenceDetState;
    private boolean reqCredDelegState;
    private boolean reqAnonState;
    private boolean reqDelegPolicyState;

    public GSSContextImpl(GSSManagerImpl gSSManagerImpl, GSSName gSSName, Oid oid, GSSCredential gSSCredential, int i) throws GSSException {
        this.currentState = 1;
        this.mechCtxt = null;
        this.mechOid = null;
        this.objId = null;
        this.myCred = null;
        this.srcName = null;
        this.targName = null;
        this.reqLifetime = Integer.MAX_VALUE;
        this.channelBindings = null;
        this.reqConfState = true;
        this.reqIntegState = true;
        this.reqMutualAuthState = true;
        this.reqReplayDetState = true;
        this.reqSequenceDetState = true;
        this.reqCredDelegState = false;
        this.reqAnonState = false;
        this.reqDelegPolicyState = false;
        if (gSSName == null || !(gSSName instanceof GSSNameImpl)) {
            throw new GSSException(3);
        }
        oid = oid == null ? ProviderList.DEFAULT_MECH_OID : oid;
        this.gssManager = gSSManagerImpl;
        this.myCred = (GSSCredentialImpl) gSSCredential;
        this.reqLifetime = i;
        this.targName = (GSSNameImpl) gSSName;
        this.mechOid = oid;
        this.initiator = true;
    }

    public GSSContextImpl(GSSManagerImpl gSSManagerImpl, GSSCredential gSSCredential) throws GSSException {
        this.currentState = 1;
        this.mechCtxt = null;
        this.mechOid = null;
        this.objId = null;
        this.myCred = null;
        this.srcName = null;
        this.targName = null;
        this.reqLifetime = Integer.MAX_VALUE;
        this.channelBindings = null;
        this.reqConfState = true;
        this.reqIntegState = true;
        this.reqMutualAuthState = true;
        this.reqReplayDetState = true;
        this.reqSequenceDetState = true;
        this.reqCredDelegState = false;
        this.reqAnonState = false;
        this.reqDelegPolicyState = false;
        this.gssManager = gSSManagerImpl;
        this.myCred = (GSSCredentialImpl) gSSCredential;
        this.initiator = false;
    }

    public GSSContextImpl(GSSManagerImpl gSSManagerImpl, byte[] bArr) throws GSSException {
        this.currentState = 1;
        this.mechCtxt = null;
        this.mechOid = null;
        this.objId = null;
        this.myCred = null;
        this.srcName = null;
        this.targName = null;
        this.reqLifetime = Integer.MAX_VALUE;
        this.channelBindings = null;
        this.reqConfState = true;
        this.reqIntegState = true;
        this.reqMutualAuthState = true;
        this.reqReplayDetState = true;
        this.reqSequenceDetState = true;
        this.reqCredDelegState = false;
        this.reqAnonState = false;
        this.reqDelegPolicyState = false;
        this.gssManager = gSSManagerImpl;
        this.mechCtxt = gSSManagerImpl.getMechanismContext(bArr);
        this.initiator = this.mechCtxt.isInitiator();
        this.mechOid = this.mechCtxt.getMech();
    }

    @Override // org.ietf.jgss.GSSContext
    public byte[] initSecContext(byte[] bArr, int i, int i2) throws GSSException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(600);
        if (initSecContext(new ByteArrayInputStream(bArr, i, i2), byteArrayOutputStream) == 0) {
            return null;
        }
        return byteArrayOutputStream.toByteArray();
    }

    @Override // org.ietf.jgss.GSSContext
    public int initSecContext(InputStream inputStream, OutputStream outputStream) throws GSSException {
        if (this.mechCtxt != null && this.currentState != 2) {
            throw new GSSExceptionImpl(11, "Illegal call to initSecContext");
        }
        int i = -1;
        GSSCredentialSpi gSSCredentialSpi = null;
        boolean z = false;
        try {
            if (this.mechCtxt == null) {
                if (this.myCred != null) {
                    try {
                        gSSCredentialSpi = this.myCred.getElement(this.mechOid, true);
                    } catch (GSSException e) {
                        if (!GSSUtil.isSpNegoMech(this.mechOid) || e.getMajor() != 13) {
                            throw e;
                        }
                        gSSCredentialSpi = this.myCred.getElement(this.myCred.getMechs()[0], true);
                    }
                }
                this.mechCtxt = this.gssManager.getMechanismContext(this.targName.getElement(this.mechOid), gSSCredentialSpi, this.reqLifetime, this.mechOid);
                this.mechCtxt.requestConf(this.reqConfState);
                this.mechCtxt.requestInteg(this.reqIntegState);
                this.mechCtxt.requestCredDeleg(this.reqCredDelegState);
                this.mechCtxt.requestMutualAuth(this.reqMutualAuthState);
                this.mechCtxt.requestReplayDet(this.reqReplayDetState);
                this.mechCtxt.requestSequenceDet(this.reqSequenceDetState);
                this.mechCtxt.requestAnonymity(this.reqAnonState);
                this.mechCtxt.setChannelBinding(this.channelBindings);
                this.mechCtxt.requestDelegPolicy(this.reqDelegPolicyState);
                this.objId = new ObjectIdentifier(this.mechOid.toString());
                this.currentState = 2;
                z = true;
            } else if (!this.mechCtxt.getProvider().getName().equals("SunNativeGSS") && !GSSUtil.isSpNegoMech(this.mechOid)) {
                GSSHeader gSSHeader = new GSSHeader(inputStream);
                if (!gSSHeader.getOid().equals((Object) this.objId)) {
                    throw new GSSExceptionImpl(10, "Mechanism not equal to " + this.mechOid.toString() + " in initSecContext token");
                }
                i = gSSHeader.getMechTokenLength();
            }
            byte[] initSecContext = this.mechCtxt.initSecContext(inputStream, i);
            int i2 = 0;
            if (initSecContext != null) {
                i2 = initSecContext.length;
                if (!this.mechCtxt.getProvider().getName().equals("SunNativeGSS") && (z || !GSSUtil.isSpNegoMech(this.mechOid))) {
                    i2 += new GSSHeader(this.objId, initSecContext.length).encode(outputStream);
                }
                outputStream.write(initSecContext);
            }
            if (this.mechCtxt.isEstablished()) {
                this.currentState = 3;
            }
            return i2;
        } catch (IOException e2) {
            throw new GSSExceptionImpl(10, e2.getMessage());
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public byte[] acceptSecContext(byte[] bArr, int i, int i2) throws GSSException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(100);
        acceptSecContext(new ByteArrayInputStream(bArr, i, i2), byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        if (byteArray.length == 0) {
            return null;
        }
        return byteArray;
    }

    @Override // org.ietf.jgss.GSSContext
    public void acceptSecContext(InputStream inputStream, OutputStream outputStream) throws GSSException {
        if (this.mechCtxt != null && this.currentState != 2) {
            throw new GSSExceptionImpl(11, "Illegal call to acceptSecContext");
        }
        int i = -1;
        GSSCredentialSpi gSSCredentialSpi = null;
        try {
            if (this.mechCtxt == null) {
                GSSHeader gSSHeader = new GSSHeader(inputStream);
                i = gSSHeader.getMechTokenLength();
                this.objId = gSSHeader.getOid();
                this.mechOid = new Oid(this.objId.toString());
                if (this.myCred != null) {
                    gSSCredentialSpi = this.myCred.getElement(this.mechOid, false);
                }
                this.mechCtxt = this.gssManager.getMechanismContext(gSSCredentialSpi, this.mechOid);
                this.mechCtxt.setChannelBinding(this.channelBindings);
                this.currentState = 2;
            } else if (!this.mechCtxt.getProvider().getName().equals("SunNativeGSS") && !GSSUtil.isSpNegoMech(this.mechOid)) {
                GSSHeader gSSHeader2 = new GSSHeader(inputStream);
                if (!gSSHeader2.getOid().equals((Object) this.objId)) {
                    throw new GSSExceptionImpl(10, "Mechanism not equal to " + this.mechOid.toString() + " in acceptSecContext token");
                }
                i = gSSHeader2.getMechTokenLength();
            }
            byte[] acceptSecContext = this.mechCtxt.acceptSecContext(inputStream, i);
            if (acceptSecContext != null) {
                int length = acceptSecContext.length;
                if (!this.mechCtxt.getProvider().getName().equals("SunNativeGSS") && !GSSUtil.isSpNegoMech(this.mechOid)) {
                    int encode = length + new GSSHeader(this.objId, acceptSecContext.length).encode(outputStream);
                }
                outputStream.write(acceptSecContext);
            }
            if (this.mechCtxt.isEstablished()) {
                this.currentState = 3;
            }
        } catch (IOException e) {
            throw new GSSExceptionImpl(10, e.getMessage());
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean isEstablished() {
        return this.mechCtxt != null && this.currentState == 3;
    }

    @Override // org.ietf.jgss.GSSContext
    public int getWrapSizeLimit(int i, boolean z, int i2) throws GSSException {
        if (this.mechCtxt != null) {
            return this.mechCtxt.getWrapSizeLimit(i, z, i2);
        }
        throw new GSSExceptionImpl(12, "No mechanism context yet!");
    }

    @Override // org.ietf.jgss.GSSContext
    public byte[] wrap(byte[] bArr, int i, int i2, MessageProp messageProp) throws GSSException {
        if (this.mechCtxt != null) {
            return this.mechCtxt.wrap(bArr, i, i2, messageProp);
        }
        throw new GSSExceptionImpl(12, "No mechanism context yet!");
    }

    @Override // org.ietf.jgss.GSSContext
    public void wrap(InputStream inputStream, OutputStream outputStream, MessageProp messageProp) throws GSSException {
        if (this.mechCtxt == null) {
            throw new GSSExceptionImpl(12, "No mechanism context yet!");
        }
        this.mechCtxt.wrap(inputStream, outputStream, messageProp);
    }

    @Override // org.ietf.jgss.GSSContext
    public byte[] unwrap(byte[] bArr, int i, int i2, MessageProp messageProp) throws GSSException {
        if (this.mechCtxt != null) {
            return this.mechCtxt.unwrap(bArr, i, i2, messageProp);
        }
        throw new GSSExceptionImpl(12, "No mechanism context yet!");
    }

    @Override // org.ietf.jgss.GSSContext
    public void unwrap(InputStream inputStream, OutputStream outputStream, MessageProp messageProp) throws GSSException {
        if (this.mechCtxt == null) {
            throw new GSSExceptionImpl(12, "No mechanism context yet!");
        }
        this.mechCtxt.unwrap(inputStream, outputStream, messageProp);
    }

    @Override // org.ietf.jgss.GSSContext
    public byte[] getMIC(byte[] bArr, int i, int i2, MessageProp messageProp) throws GSSException {
        if (this.mechCtxt != null) {
            return this.mechCtxt.getMIC(bArr, i, i2, messageProp);
        }
        throw new GSSExceptionImpl(12, "No mechanism context yet!");
    }

    @Override // org.ietf.jgss.GSSContext
    public void getMIC(InputStream inputStream, OutputStream outputStream, MessageProp messageProp) throws GSSException {
        if (this.mechCtxt == null) {
            throw new GSSExceptionImpl(12, "No mechanism context yet!");
        }
        this.mechCtxt.getMIC(inputStream, outputStream, messageProp);
    }

    @Override // org.ietf.jgss.GSSContext
    public void verifyMIC(byte[] bArr, int i, int i2, byte[] bArr2, int i3, int i4, MessageProp messageProp) throws GSSException {
        if (this.mechCtxt == null) {
            throw new GSSExceptionImpl(12, "No mechanism context yet!");
        }
        this.mechCtxt.verifyMIC(bArr, i, i2, bArr2, i3, i4, messageProp);
    }

    @Override // org.ietf.jgss.GSSContext
    public void verifyMIC(InputStream inputStream, InputStream inputStream2, MessageProp messageProp) throws GSSException {
        if (this.mechCtxt == null) {
            throw new GSSExceptionImpl(12, "No mechanism context yet!");
        }
        this.mechCtxt.verifyMIC(inputStream, inputStream2, messageProp);
    }

    @Override // org.ietf.jgss.GSSContext
    public byte[] export() throws GSSException {
        byte[] bArr = null;
        if (this.mechCtxt.isTransferable() && this.mechCtxt.getProvider().getName().equals("SunNativeGSS")) {
            bArr = this.mechCtxt.export();
        }
        return bArr;
    }

    @Override // org.ietf.jgss.GSSContext
    public void requestMutualAuth(boolean z) throws GSSException {
        if (this.mechCtxt == null && this.initiator) {
            this.reqMutualAuthState = z;
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public void requestReplayDet(boolean z) throws GSSException {
        if (this.mechCtxt == null && this.initiator) {
            this.reqReplayDetState = z;
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public void requestSequenceDet(boolean z) throws GSSException {
        if (this.mechCtxt == null && this.initiator) {
            this.reqSequenceDetState = z;
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public void requestCredDeleg(boolean z) throws GSSException {
        if (this.mechCtxt == null && this.initiator) {
            this.reqCredDelegState = z;
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public void requestAnonymity(boolean z) throws GSSException {
        if (this.mechCtxt == null && this.initiator) {
            this.reqAnonState = z;
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public void requestConf(boolean z) throws GSSException {
        if (this.mechCtxt == null && this.initiator) {
            this.reqConfState = z;
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public void requestInteg(boolean z) throws GSSException {
        if (this.mechCtxt == null && this.initiator) {
            this.reqIntegState = z;
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public void requestLifetime(int i) throws GSSException {
        if (this.mechCtxt == null && this.initiator) {
            this.reqLifetime = i;
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public void setChannelBinding(ChannelBinding channelBinding) throws GSSException {
        if (this.mechCtxt == null) {
            this.channelBindings = channelBinding;
        }
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean getCredDelegState() {
        return this.mechCtxt != null ? this.mechCtxt.getCredDelegState() : this.reqCredDelegState;
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean getMutualAuthState() {
        return this.mechCtxt != null ? this.mechCtxt.getMutualAuthState() : this.reqMutualAuthState;
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean getReplayDetState() {
        return this.mechCtxt != null ? this.mechCtxt.getReplayDetState() : this.reqReplayDetState;
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean getSequenceDetState() {
        return this.mechCtxt != null ? this.mechCtxt.getSequenceDetState() : this.reqSequenceDetState;
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean getAnonymityState() {
        return this.mechCtxt != null ? this.mechCtxt.getAnonymityState() : this.reqAnonState;
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean isTransferable() throws GSSException {
        if (this.mechCtxt != null) {
            return this.mechCtxt.isTransferable();
        }
        return false;
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean isProtReady() {
        if (this.mechCtxt != null) {
            return this.mechCtxt.isProtReady();
        }
        return false;
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean getConfState() {
        return this.mechCtxt != null ? this.mechCtxt.getConfState() : this.reqConfState;
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean getIntegState() {
        return this.mechCtxt != null ? this.mechCtxt.getIntegState() : this.reqIntegState;
    }

    @Override // org.ietf.jgss.GSSContext
    public int getLifetime() {
        return this.mechCtxt != null ? this.mechCtxt.getLifetime() : this.reqLifetime;
    }

    @Override // org.ietf.jgss.GSSContext
    public GSSName getSrcName() throws GSSException {
        if (this.srcName == null) {
            this.srcName = GSSNameImpl.wrapElement(this.gssManager, this.mechCtxt.getSrcName());
        }
        return this.srcName;
    }

    @Override // org.ietf.jgss.GSSContext
    public GSSName getTargName() throws GSSException {
        if (this.targName == null) {
            this.targName = GSSNameImpl.wrapElement(this.gssManager, this.mechCtxt.getTargName());
        }
        return this.targName;
    }

    @Override // org.ietf.jgss.GSSContext
    public Oid getMech() throws GSSException {
        return this.mechCtxt != null ? this.mechCtxt.getMech() : this.mechOid;
    }

    @Override // org.ietf.jgss.GSSContext
    public GSSCredential getDelegCred() throws GSSException {
        if (this.mechCtxt == null) {
            throw new GSSExceptionImpl(12, "No mechanism context yet!");
        }
        GSSCredentialSpi delegCred = this.mechCtxt.getDelegCred();
        if (delegCred == null) {
            return null;
        }
        return new GSSCredentialImpl(this.gssManager, delegCred);
    }

    @Override // org.ietf.jgss.GSSContext
    public boolean isInitiator() throws GSSException {
        return this.initiator;
    }

    @Override // org.ietf.jgss.GSSContext
    public void dispose() throws GSSException {
        this.currentState = 4;
        if (this.mechCtxt != null) {
            this.mechCtxt.dispose();
            this.mechCtxt = null;
        }
        this.myCred = null;
        this.srcName = null;
        this.targName = null;
    }

    @Override // com.sun.security.jgss.ExtendedGSSContext
    public Object inquireSecContext(InquireType inquireType) throws GSSException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new InquireSecContextPermission(inquireType.toString()));
        }
        if (this.mechCtxt == null) {
            throw new GSSException(12);
        }
        return this.mechCtxt.inquireSecContext(inquireType);
    }

    @Override // com.sun.security.jgss.ExtendedGSSContext
    public void requestDelegPolicy(boolean z) throws GSSException {
        if (this.mechCtxt == null && this.initiator) {
            this.reqDelegPolicyState = z;
        }
    }

    @Override // com.sun.security.jgss.ExtendedGSSContext
    public boolean getDelegPolicyState() {
        return this.mechCtxt != null ? this.mechCtxt.getDelegPolicyState() : this.reqDelegPolicyState;
    }
}
