package com.sun.enterprise.iiop.security;

import com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech;
import com.sun.corba.ee.org.omg.GSSUP.InitialContextToken;
import com.sun.corba.ee.org.omg.GSSUP.InitialContextTokenHelper;
import com.sun.enterprise.security.auth.login.common.PasswordCredential;
import com.sun.enterprise.util.Utility;
import com.sun.logging.LogDomains;
import java.io.IOException;
import java.util.StringTokenizer;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.omg.CORBA.Any;
import org.omg.CORBA.ORB;
import org.omg.IOP.Codec;

/* loaded from: input_file:MICRO-INF/runtime/ejb.security-5.193.jar:com/sun/enterprise/iiop/security/GSSUPToken.class */
public class GSSUPToken {
    private static Logger _logger;
    public static final String DELIMITER_REGEXP = "\\@";
    public static final String ESCAPE_CHAR_REGEXP = "\\\\\\@";
    public static final String ESCAPE_CHAR = "\\";
    public static final String DELIMITER = "@";
    public static final String DEFAULT_REALM_NAME = "default";
    private byte[] cdr_encoded_token;
    PasswordCredential pwdcred;

    public static GSSUPToken getClientSideInstance(ORB orb, Codec codec, PasswordCredential passwordCredential, CompoundSecMech compoundSecMech) {
        return new GSSUPToken(orb, codec, passwordCredential, compoundSecMech);
    }

    public static GSSUPToken getServerSideInstance(ORB orb, Codec codec, byte[] bArr) throws SecurityMechanismException {
        return new GSSUPToken(orb, codec, bArr);
    }

    private GSSUPToken(ORB orb, Codec codec, PasswordCredential passwordCredential, CompoundSecMech compoundSecMech) {
        this.cdr_encoded_token = new byte[0];
        this.pwdcred = null;
        byte[] bArr = new byte[0];
        byte[] bArr2 = new byte[0];
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "IIOP: Going to construct a GSSUPToken:");
            _logger.log(Level.FINE, passwordCredential.toString());
        }
        try {
            String user = passwordCredential.getUser();
            if (user.indexOf("@") != -1) {
                user = user.indexOf("\\") == -1 ? user.replaceAll(DELIMITER_REGEXP, ESCAPE_CHAR_REGEXP) : user.replaceAll(ESCAPE_CHAR_REGEXP, DELIMITER_REGEXP).replaceAll(DELIMITER_REGEXP, ESCAPE_CHAR_REGEXP);
            }
            String realm = passwordCredential.getRealm();
            bArr = (realm != null ? user + "@" + realm : user).getBytes("UTF8");
            bArr2 = Utility.convertCharArrayToByteArray(passwordCredential.getPassword(), "UTF-8");
        } catch (Exception e) {
            _logger.log(Level.SEVERE, "iiop.password_exception", (Throwable) e);
        }
        byte[] bArr3 = compoundSecMech.as_context_mech.target_name;
        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("Username (UTF8) " + GSSUtils.dumpHex(bArr));
            _logger.fine("Password (UTF8) ########");
            _logger.fine("Targetname      " + GSSUtils.dumpHex(bArr3));
        }
        InitialContextToken initialContextToken = new InitialContextToken(bArr, bArr2, bArr3);
        Any create_any = orb.create_any();
        InitialContextTokenHelper.insert(create_any, initialContextToken);
        try {
            this.cdr_encoded_token = codec.encode_value(create_any);
        } catch (Exception e2) {
            _logger.log(Level.SEVERE, "iiop.encode_exception", (Throwable) e2);
        }
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "IIOP:Mech specific token length (CDR encoded) = " + this.cdr_encoded_token.length);
        }
    }

    private GSSUPToken(ORB orb, Codec codec, byte[] bArr) throws SecurityMechanismException {
        String nextToken;
        this.cdr_encoded_token = new byte[0];
        this.pwdcred = null;
        String str = "";
        char[] cArr = null;
        String str2 = "";
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "IIOP:Going to construct a GSSUPToken:");
            _logger.log(Level.FINE, "IIOP:Getting CDR encoded GSSUP mechanism token from client authentication token");
        }
        byte[] mechToken = GSSUtils.getMechToken(GSSUtils.GSSUP_MECH_OID, bArr);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "CDR encoded mech specific token length = " + mechToken.length);
        }
        Any create_any = orb.create_any();
        try {
            create_any = codec.decode_value(mechToken, InitialContextTokenHelper.type());
        } catch (Exception e) {
            _logger.log(Level.SEVERE, "iiop.decode_exception", (Throwable) e);
        }
        InitialContextToken extract = InitialContextTokenHelper.extract(create_any);
        byte[] bArr2 = extract.password;
        byte[] bArr3 = extract.username;
        byte[] bArr4 = extract.target_name;
        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("IIOP:Username (UTF8) " + GSSUtils.dumpHex(bArr3));
            _logger.fine("IIOP:Password (UTF8) ########");
            _logger.fine("IIOP:Targetname      " + GSSUtils.dumpHex(bArr4));
        }
        try {
            str = new String(bArr3, "UTF8");
            cArr = Utility.convertByteArrayToCharArray(bArr2, "UTF-8");
        } catch (Exception e2) {
            _logger.log(Level.SEVERE, "iiop.user_password_exception", (Throwable) e2);
        }
        int indexOf = str.indexOf("@");
        int indexOf2 = str.indexOf("\\");
        if (indexOf == -1) {
            nextToken = str;
        } else {
            if (indexOf == 0 || indexOf2 == 0) {
                throw new SecurityMechanismException("No name_value in username");
            }
            if (indexOf2 == -1) {
                StringTokenizer stringTokenizer = new StringTokenizer(str, "@");
                nextToken = stringTokenizer.nextToken();
                if (stringTokenizer.hasMoreTokens()) {
                    str2 = stringTokenizer.nextToken();
                    if (str2.isEmpty()) {
                        if (_logger.isLoggable(Level.FINE)) {
                            _logger.log(Level.FINE, "IIOP:No Realm specified,  creating a default realm for login");
                        }
                        str2 = "default";
                    }
                }
            } else if (indexOf2 + 2 >= str.length()) {
                nextToken = str.replaceAll(ESCAPE_CHAR_REGEXP, "@");
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.log(Level.FINE, "IIOP:No Realm specified,  creating a default realm for login");
                }
                str2 = "default";
            } else {
                int indexOf3 = str.indexOf("@", indexOf2 + 3);
                if (indexOf3 == -1) {
                    nextToken = str.replaceAll(ESCAPE_CHAR_REGEXP, "@");
                    if (_logger.isLoggable(Level.FINE)) {
                        _logger.log(Level.FINE, "IIOP:No Realm specified,  creating a default realm for login");
                    }
                    str2 = "default";
                } else {
                    nextToken = str.substring(0, indexOf3).replaceAll(ESCAPE_CHAR_REGEXP, "@");
                    str2 = str.substring(indexOf3 + 1);
                    if (str2 == null || str2.isEmpty()) {
                        if (_logger.isLoggable(Level.FINE)) {
                            _logger.log(Level.FINE, "IIOP:No Realm specified,  creating a default realm for login");
                        }
                        str2 = "default";
                    }
                }
            }
        }
        String str3 = null;
        if (bArr4 != null) {
            try {
                if (bArr4.length != 0) {
                    str3 = new String(GSSUtils.importName(GSSUtils.GSSUP_MECH_OID, bArr4));
                }
            } catch (IOException e3) {
                _logger.log(Level.FINE, (String) null, (Throwable) e3);
            }
        }
        if (str3 != null && !"default".equals(str3)) {
            str2 = str3;
        }
        this.pwdcred = new PasswordCredential(nextToken, cArr, str2, bArr4);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, this.pwdcred.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getGSSToken() throws IOException {
        if (_logger.isLoggable(Level.FINER)) {
            _logger.log(Level.FINER, "IIOP:GSSUP mech token : " + GSSUtils.dumpHex(this.cdr_encoded_token));
        }
        byte[] createMechIndToken = GSSUtils.createMechIndToken(GSSUtils.GSSUP_MECH_OID, this.cdr_encoded_token);
        if (_logger.isLoggable(Level.FINER)) {
            _logger.log(Level.FINER, "IIOP:GSSUP token length : " + createMechIndToken.length);
            _logger.log(Level.FINER, "IIOP:GSSUP token: " + GSSUtils.dumpHex(createMechIndToken));
        }
        return createMechIndToken;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PasswordCredential getPwdcred() {
        return this.pwdcred;
    }

    static {
        _logger = null;
        _logger = LogDomains.getLogger(GSSUPToken.class, "javax.enterprise.system.core.security");
    }
}
