package dev.galasa.zossecurity;

import jakarta.xml.bind.DatatypeConverter;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.MessageProp;

/* loaded from: input_file:dev/galasa/zossecurity/KerberosInitiator.class */
public class KerberosInitiator {
    private static final Log logger = LogFactory.getLog(KerberosInitiator.class);
    private GSSContext context;
    private final IZosKerberosPrincipal service;
    private final IZosKerberosPrincipal client;
    private final String kdc;
    private boolean requestMutualAuth = false;
    private boolean requestConf = false;
    private boolean requestCredDeleg = false;

    public KerberosInitiator(IZosKerberosPrincipal iZosKerberosPrincipal, IZosKerberosPrincipal iZosKerberosPrincipal2, String str) {
        this.service = iZosKerberosPrincipal;
        this.client = iZosKerberosPrincipal2;
        this.kdc = str;
    }

    public boolean isRequestMutualAuth() {
        return this.requestMutualAuth;
    }

    public void setRequestMutualAuth(boolean z) {
        this.requestMutualAuth = z;
    }

    public boolean isRequestConf() {
        return this.requestConf;
    }

    public void setRequestConf(boolean z) {
        this.requestConf = z;
    }

    public boolean isRequestCredDeleg() {
        return this.requestCredDeleg;
    }

    public void setRequestCredDeleg(boolean z) {
        this.requestCredDeleg = z;
    }

    public boolean isContextEstablished() {
        return this.context.isEstablished();
    }

    public void create() throws ZosSecurityManagerException {
        dispose();
        System.setProperty("java.security.krb5.realm", this.service.getRealm());
        System.setProperty("java.security.krb5.kdc", this.kdc);
        System.setProperty("javax.security.auth.useSubjectCredsOnly", "true");
        logger.debug("Attempting login to the KDC at '" + this.kdc + "' as '" + this.client.getPrincipalName() + "'");
        if (this.context == null) {
            throw new ZosSecurityManagerException("The security context has not been created. Check preceding log entries for details of the error.");
        }
    }

    public KerberosToken initiate() throws ZosSecurityManagerException {
        return initiate(null);
    }

    public KerberosToken initiate(KerberosToken kerberosToken) throws ZosSecurityManagerException {
        byte[] bArr = new byte[0];
        if (kerberosToken != null) {
            bArr = kerberosToken.getBytes();
        }
        try {
            return new KerberosToken(this.context.initSecContext(bArr, 0, bArr.length));
        } catch (GSSException e) {
            throw new ZosSecurityManagerException("Unable to initiate security context", e);
        }
    }

    public String unwrap(String str) throws ZosSecurityManagerException {
        try {
            Thread.sleep(3000L);
            return DatatypeConverter.printBase64Binary(unwrap(DatatypeConverter.parseBase64Binary(str)));
        } catch (InterruptedException e) {
            throw new ZosSecurityManagerException("Interrupted", e);
        }
    }

    public byte[] unwrap(byte[] bArr) throws ZosSecurityManagerException {
        try {
            return this.context.unwrap(bArr, 0, bArr.length, new MessageProp(this.requestConf));
        } catch (GSSException e) {
            throw new ZosSecurityManagerException("Unable to unwrap message", e);
        }
    }

    public void dispose() {
        if (this.context != null) {
            try {
                this.context.dispose();
            } catch (GSSException e) {
                logger.error("There was an error attempting to dispose of the security context. Processing will continue, but there may be issues if this initiator is re-used.", e);
            }
            this.context = null;
        }
    }

    public void finalize() {
        dispose();
    }
}
