package krb4.lib;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Date;
import krb4.lib.crypto.des;

/* loaded from: input_file:krb4/lib/Krb4APReq.class */
public class Krb4APReq {
    public byte pvno;
    public byte msgType;
    boolean littleEndian;
    public byte keyVersion;
    public String srealm;
    public byte[] encTicket;
    public byte[] encAuthenticator;
    public Krb4Ticket ticket;
    public Krb4Authenticator authenticator;
    boolean _mutualAuthRequired;
    int checksum;

    public Krb4APReq(Krb4Creds krb4Creds, String str, String str2, String str3, int i, boolean z) throws Krb4Exception, IOException {
        this.pvno = (byte) 4;
        this.littleEndian = false;
        this.keyVersion = krb4Creds.keyVersion;
        this.srealm = krb4Creds.srealm;
        this.encTicket = krb4Creds.encTicket;
        this.checksum = i;
        this.encAuthenticator = new Krb4Authenticator(str, str2, str3, this.checksum).encode(krb4Creds.sessionKey);
        this._mutualAuthRequired = z;
        if (this._mutualAuthRequired) {
            this.msgType = (byte) 4;
        } else {
            this.msgType = (byte) 3;
        }
    }

    public Krb4APReq(Krb4Creds krb4Creds, String str, String str2, String str3, boolean z) throws Krb4Exception, IOException {
        this(krb4Creds, str, str2, str3, 0, z);
    }

    public Krb4APReq(int i, String str, byte[] bArr, byte[] bArr2, boolean z) {
        this.pvno = (byte) 4;
        this.littleEndian = false;
        this.keyVersion = (byte) i;
        this.srealm = str;
        this.encTicket = bArr;
        this.encAuthenticator = bArr2;
        this._mutualAuthRequired = z;
        if (this._mutualAuthRequired) {
            this.msgType = (byte) 4;
        } else {
            this.msgType = (byte) 3;
        }
    }

    public byte[] encode() throws Krb4Exception, IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(this.pvno);
        if (this._mutualAuthRequired) {
            this.msgType = (byte) 4;
        } else {
            this.msgType = (byte) 3;
        }
        byteArrayOutputStream.write((byte) ((this.msgType << 1) + (this.littleEndian ? 1 : 0)));
        byteArrayOutputStream.write(this.keyVersion);
        byteArrayOutputStream.write(Krb4Encode.toBytes(this.srealm));
        byteArrayOutputStream.write((byte) this.encTicket.length);
        byteArrayOutputStream.write((byte) this.encAuthenticator.length);
        byteArrayOutputStream.write(this.encTicket);
        byteArrayOutputStream.write(this.encAuthenticator);
        return byteArrayOutputStream.toByteArray();
    }

    public Krb4APReq(byte[] bArr) throws Krb4Exception {
        Krb4Encode krb4Encode = new Krb4Encode(bArr);
        this.pvno = krb4Encode.getByte();
        if (this.pvno != 4) {
            throw new Krb4Exception(39);
        }
        byte b = krb4Encode.getByte();
        this.msgType = (byte) (b >>> 1);
        if (this.msgType != 3 && this.msgType != 4) {
            throw new Krb4Exception(40);
        }
        this._mutualAuthRequired = this.msgType == 4;
        this.littleEndian = (b & 1) == 1;
        krb4Encode.setByteOrder(this.littleEndian);
        this.keyVersion = krb4Encode.getByte();
        this.srealm = krb4Encode.getNameString();
        int unsignedByte = krb4Encode.getUnsignedByte();
        int unsignedByte2 = krb4Encode.getUnsignedByte();
        this.encTicket = krb4Encode.getBytes(unsignedByte);
        this.encAuthenticator = krb4Encode.getBytes(unsignedByte2);
    }

    public void authenticate(byte[] bArr) throws Krb4Exception {
        authenticate(bArr, null, null, null, null);
    }

    public void authenticate(byte[] bArr, String str, String str2, String str3, byte[] bArr2) throws Krb4Exception {
        byte[] bArr3 = new byte[this.encTicket.length];
        long[] jArr = new long[16];
        des.des_set_key(bArr, jArr);
        byte[] bArr4 = new byte[bArr.length];
        System.arraycopy(bArr, 0, bArr4, 0, bArr.length);
        des.pcbc_encrypt(this.encTicket, bArr3, jArr, bArr4, false);
        try {
            this.ticket = new Krb4Ticket(bArr3);
            long time = new Date().getTime();
            if (time < this.ticket.timestamp) {
                if (this.ticket.timestamp - time > 300000) {
                    throw new Krb4Exception(33);
                }
            } else if (time - this.ticket.timestamp > this.ticket.lifetime) {
                throw new Krb4Exception(32);
            }
            if (str != null && !str.equals(this.ticket.sname)) {
                throw new Krb4Exception(35);
            }
            if (str2 != null && !str2.equals(this.ticket.sinst)) {
                throw new Krb4Exception(35);
            }
            if (str3 != null && !str3.equals(this.srealm)) {
                throw new Krb4Exception(35);
            }
            if (bArr2 != null) {
                if (this.ticket.caddr.length != bArr2.length) {
                    throw new Krb4Exception(38);
                }
                for (int i = 0; i < bArr2.length; i++) {
                    if (this.ticket.caddr[i] != bArr2[i]) {
                        throw new Krb4Exception(38);
                    }
                }
            }
            byte[] bArr5 = new byte[this.encAuthenticator.length];
            des.des_set_key(this.ticket.sessionKey, jArr);
            byte[] bArr6 = new byte[this.ticket.sessionKey.length];
            System.arraycopy(this.ticket.sessionKey, 0, bArr6, 0, this.ticket.sessionKey.length);
            des.pcbc_encrypt(this.encAuthenticator, bArr5, jArr, bArr6, false);
            try {
                this.authenticator = new Krb4Authenticator(bArr5, this.littleEndian);
                if (!this.authenticator.cname.equals(this.ticket.cname) || !this.authenticator.cinst.equals(this.ticket.cinst) || !this.authenticator.crealm.equals(this.ticket.crealm)) {
                    throw new Krb4Exception(36);
                }
                if (Math.abs((this.authenticator.timestamp + this.authenticator.timestamp_5ms) - time) > 300000) {
                    throw new Krb4Exception(37);
                }
            } catch (Krb4Exception e) {
                this.authenticator = null;
                if (e.returnCode() != 901) {
                    throw e;
                }
                throw new Krb4Exception(31);
            }
        } catch (Krb4Exception e2) {
            this.ticket = null;
            if (e2.returnCode() != 901) {
                throw e2;
            }
            throw new Krb4Exception(31);
        }
    }

    public String getClientName() {
        if (this.ticket != null) {
            return this.ticket.cname;
        }
        return null;
    }

    public String getClientInstance() {
        if (this.ticket != null) {
            return this.ticket.cinst;
        }
        return null;
    }

    public String getClientRealm() {
        if (this.ticket != null) {
            return this.ticket.crealm;
        }
        return null;
    }

    public String getServerName() {
        if (this.ticket != null) {
            return this.ticket.sname;
        }
        return null;
    }

    public String getServerInstance() {
        if (this.ticket != null) {
            return this.ticket.sinst;
        }
        return null;
    }

    public String getServerRealm() {
        return this.srealm;
    }

    public int getServerKeyVersion() {
        return this.keyVersion;
    }

    public boolean mutualAuthRequired() {
        return this._mutualAuthRequired;
    }

    public int getChecksum() {
        return this.checksum;
    }

    public byte[] getSessionKey() {
        if (this.ticket != null) {
            return this.ticket.sessionKey;
        }
        return null;
    }
}
