package org.globus.gsi.gssapi;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.LinkedList;
import java.util.Map;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.jce.provider.X509CertificateObject;
import org.globus.gsi.GSIConstants;
import org.globus.gsi.ProviderLoader;
import org.globus.gsi.TrustedCertificates;
import org.globus.gsi.X509Credential;
import org.globus.gsi.bc.BouncyCastleCertProcessingFactory;
import org.globus.gsi.bc.BouncyCastleUtil;
import org.globus.gsi.jsse.SSLConfigurator;
import org.globus.gsi.stores.Stores;
import org.globus.gsi.util.CertificateLoadUtil;
import org.globus.gsi.util.CertificateUtil;
import org.globus.gsi.util.ProxyCertificateUtil;
import org.globus.util.I18n;
import org.gridforum.jgss.ExtendedGSSContext;
import org.gridforum.jgss.ExtendedGSSCredential;
import org.ietf.jgss.ChannelBinding;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.MessageProp;
import org.ietf.jgss.Oid;

/* loaded from: input_file:org/globus/gsi/gssapi/GlobusGSSContextImpl.class */
public class GlobusGSSContextImpl implements ExtendedGSSContext {
    private static Log logger = LogFactory.getLog(GlobusGSSContextImpl.class.getName());
    private static I18n i18n = I18n.getI18n("org.globus.gsi.gssapi.errors", GlobusGSSContextImpl.class.getClassLoader());
    public static final int GSI_WRAP = 26;
    private static final int GSI_SEQUENCE_SIZE = 8;
    private static final int GSI_MESSAGE_DIGEST_PADDING = 12;
    private static final String[] ENABLED_PROTOCOLS;
    private static final String[] GRAM_PROTOCOLS;
    private static final String[] NO_ENCRYPTION;
    private static final String[] GRAM_ENCRYPTION_CIPHER_SUITES;
    private static final String[] GRAM_NO_ENCRYPTION_CIPHER_SUITES;
    private static final byte[] DELEGATION_TOKEN;
    private static final int UNDEFINED = 0;
    private static final int INITIATE = 1;
    private static final int ACCEPT = 2;
    private static final int HANDSHAKE = 0;
    private static final int CLIENT_START_DEL = 2;
    private static final int CLIENT_END_DEL = 3;
    private static final int SERVER_START_DEL = 4;
    private static final int SERVER_END_DEL = 5;
    private static final int DELEGATION_START = 0;
    private static final int DELEGATION_SIGN_CERT = 1;
    private static final int DELEGATION_COMPLETE_CRED = 2;
    protected ExtendedGSSCredential delegatedCred;
    protected ExtendedGSSCredential delegCred;
    protected GlobusGSSCredentialImpl ctxCred;
    protected GSSName expectedTargetName;
    protected SSLConfigurator sslConfigurator;
    protected BouncyCastleCertProcessingFactory certFactory;
    protected KeyPair keyPair;
    protected TrustedCertificates tc;
    protected Map proxyPolicyHandlers;
    private KeyPairCache keyPairCache = KeyPairCache.getKeyPairCache();
    protected int state = 0;
    protected int delegationState = 0;
    protected boolean delegationFinished = false;
    protected boolean credentialDelegation = false;
    protected boolean anonymity = false;
    protected boolean encryption = true;
    protected boolean established = false;
    protected GSSName sourceName = null;
    protected GSSName targetName = null;
    protected int role = 0;
    protected GSIConstants.DelegationType delegationType = GSIConstants.DelegationType.LIMITED;
    protected Integer gssMode = GSIConstants.MODE_GSI;
    protected Boolean checkContextExpiration = Boolean.FALSE;
    protected Boolean rejectLimitedProxy = Boolean.FALSE;
    protected Boolean requireClientAuth = Boolean.TRUE;
    protected Boolean acceptNoClientCerts = Boolean.FALSE;
    protected Boolean requireAuthzWithDelegation = Boolean.TRUE;
    protected Boolean forceSSLv3AndConstrainCipherSuitesForGram = Boolean.FALSE;
    protected Date goodUntil = null;
    protected SSLContext sslContext = null;
    protected SSLEngine sslEngine = null;
    protected boolean conn = false;
    private byte[] savedInBytes = null;
    private ByteBuffer outByteBuff = null;
    protected Boolean peerLimited = null;
    private String[] bannedCiphers = new String[0];

    public GlobusGSSContextImpl(GSSName gSSName, GlobusGSSCredentialImpl globusGSSCredentialImpl) throws GSSException {
        this.expectedTargetName = null;
        this.sslConfigurator = null;
        if (globusGSSCredentialImpl == null) {
            throw new GSSException(13);
        }
        this.expectedTargetName = gSSName;
        this.ctxCred = globusGSSCredentialImpl;
        try {
            this.sslConfigurator = new SSLConfigurator();
            if (System.getProperty("com.sun.net.ssl.rsaPreMasterSecretFix") == null) {
                System.setProperty("com.sun.net.ssl.rsaPreMasterSecretFix", "true");
            }
            System.setProperty("jsse.enableCBCProtection", "false");
        } catch (Exception e) {
            throw new GlobusGSSException(11, e);
        }
    }

    private void runDelegatedTasks(SSLEngine sSLEngine) throws Exception {
        while (true) {
            Runnable delegatedTask = sSLEngine.getDelegatedTask();
            if (delegatedTask == null) {
                break;
            }
            logger.debug("\trunning delegated task...");
            delegatedTask.run();
        }
        SSLEngineResult.HandshakeStatus handshakeStatus = sSLEngine.getHandshakeStatus();
        if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
            throw new Exception("handshake shouldn't need additional tasks");
        }
        logger.debug("\tnew HandshakeStatus: " + handshakeStatus);
    }

    private X509Certificate bcConvert(X509Certificate x509Certificate) throws GSSException {
        if (x509Certificate instanceof X509CertificateObject) {
            return x509Certificate;
        }
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            try {
                byteArrayInputStream = new ByteArrayInputStream(x509Certificate.getEncoded());
                X509Certificate loadCertificate = CertificateLoadUtil.loadCertificate(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e) {
                        logger.warn("Unable to close streamreader.");
                    }
                }
                return loadCertificate;
            } catch (Exception e2) {
                throw new GlobusGSSException(11, e2);
            }
        } catch (Throwable th) {
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e3) {
                    logger.warn("Unable to close streamreader.");
                }
            }
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v181, types: [java.security.cert.Certificate[]] */
    /* JADX WARN: Type inference failed for: r0v67, types: [java.security.cert.Certificate[]] */
    public byte[] acceptSecContext(byte[] bArr, int i, int i2) throws GSSException {
        ByteBuffer wrap;
        X509Certificate[] x509CertificateArr;
        X509Certificate[] x509CertificateArr2;
        logger.debug("enter acceptSecContext");
        if (!this.conn) {
            this.role = 2;
            logger.debug("enter initializing in acceptSecContext");
            if (this.ctxCred.getName().isAnonymous()) {
                throw new GlobusGSSException(9, 102, "acceptCtx00");
            }
            if (this.ctxCred.getUsage() != 2 && this.ctxCred.getUsage() != 0) {
                throw new GlobusGSSException(9, 102, "badCredUsage");
            }
            setCredential();
            try {
                init(this.role);
                this.conn = true;
                logger.debug("done initializing in acceptSecContext");
            } catch (SSLException e) {
                throw new GlobusGSSException(11, e);
            }
        }
        this.outByteBuff.clear();
        if (this.savedInBytes != null) {
            if (i2 > 0) {
                byte[] bArr2 = new byte[this.savedInBytes.length + i2];
                logger.debug("ALLOCATED for allInBytes " + this.savedInBytes.length + " + " + i2 + " bytes\n");
                System.arraycopy(this.savedInBytes, 0, bArr2, 0, this.savedInBytes.length);
                System.arraycopy(bArr, i, bArr2, this.savedInBytes.length, i2);
                wrap = ByteBuffer.wrap(bArr2, 0, bArr2.length);
            } else {
                wrap = ByteBuffer.wrap(this.savedInBytes, 0, this.savedInBytes.length);
            }
            this.savedInBytes = null;
        } else {
            wrap = ByteBuffer.wrap(bArr, i, i2);
        }
        switch (this.state) {
            case 0:
                try {
                    logger.debug("STATUS BEFORE: " + this.sslEngine.getHandshakeStatus().toString());
                    if (this.sslEngine.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                        throw new Exception("GSSAPI in HANDSHAKE state but SSLEngine in NOT_HANDSHAKING state!");
                    }
                    this.outByteBuff = sslProcessHandshake(wrap, this.outByteBuff);
                    logger.debug("STATUS AFTER: " + this.sslEngine.getHandshakeStatus().toString());
                    this.outByteBuff.flip();
                    if (this.sslEngine.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                        logger.debug("acceptSecContext handshake finished");
                        handshakeFinished();
                        for (X509Certificate x509Certificate : this.ctxCred.getCertificateChain()) {
                            setGoodUntil(x509Certificate.getNotAfter());
                        }
                        this.targetName = this.ctxCred.getName();
                        try {
                            x509CertificateArr = this.sslEngine.getSession().getPeerCertificates();
                        } catch (SSLPeerUnverifiedException e2) {
                            x509CertificateArr = null;
                        }
                        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
                            this.sourceName = new GlobusGSSName();
                            this.anonymity = true;
                        } else {
                            for (X509Certificate x509Certificate2 : x509CertificateArr) {
                                setGoodUntil(x509Certificate2.getNotAfter());
                            }
                            String identity = BouncyCastleUtil.getIdentity(bcConvert(BouncyCastleUtil.getIdentityCertificate(x509CertificateArr)));
                            this.sourceName = new GlobusGSSName(CertificateUtil.toGlobusID(identity, false));
                            this.peerLimited = Boolean.valueOf(ProxyCertificateUtil.isLimitedProxy(BouncyCastleUtil.getCertificateType(x509CertificateArr[0])));
                            logger.debug("Peer Identity is: " + identity + " Target name is: " + this.targetName + " Limited Proxy: " + this.peerLimited.toString());
                            this.anonymity = false;
                        }
                        if (this.gssMode == GSIConstants.MODE_GSI) {
                            this.state = 4;
                        } else {
                            setDone();
                        }
                    }
                    break;
                } catch (IOException e3) {
                    throw new GlobusGSSException(11, e3);
                } catch (Exception e4) {
                    throw new GlobusGSSException(11, e4);
                }
            case 4:
                try {
                    if (wrap.remaining() <= 0) {
                        return null;
                    }
                    this.outByteBuff = sslDataUnwrap(wrap, this.outByteBuff);
                    this.outByteBuff.flip();
                    byte[] bArr3 = new byte[this.outByteBuff.remaining()];
                    this.outByteBuff.get(bArr3, 0, bArr3.length);
                    if (!Arrays.equals(bArr3, DELEGATION_TOKEN)) {
                        setDone();
                        break;
                    } else {
                        try {
                            x509CertificateArr2 = this.sslEngine.getSession().getPeerCertificates();
                        } catch (SSLPeerUnverifiedException e5) {
                            x509CertificateArr2 = null;
                        }
                        if (x509CertificateArr2 != null && x509CertificateArr2.length != 0) {
                            byte[] generateCertRequest = generateCertRequest(x509CertificateArr2[0]);
                            wrap = ByteBuffer.wrap(generateCertRequest, 0, generateCertRequest.length);
                            this.outByteBuff.clear();
                            this.outByteBuff = sslDataWrap(wrap, this.outByteBuff);
                            this.outByteBuff.flip();
                            this.state = 5;
                            break;
                        } else {
                            throw new GlobusGSSException(11, 30, "noClientCert");
                        }
                    }
                } catch (GeneralSecurityException e6) {
                    throw new GlobusGSSException(11, e6);
                }
                break;
            case 5:
                try {
                    if (wrap.remaining() <= 0) {
                        return null;
                    }
                    this.outByteBuff = sslDataUnwrap(wrap, this.outByteBuff);
                    this.outByteBuff.flip();
                    if (!this.outByteBuff.hasRemaining()) {
                        break;
                    } else {
                        byte[] bArr4 = new byte[this.outByteBuff.remaining()];
                        this.outByteBuff.get(bArr4, 0, bArr4.length);
                        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr4, 0, bArr4.length);
                        try {
                            X509Certificate x509Certificate3 = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                            byteArrayInputStream.close();
                            if (logger.isTraceEnabled()) {
                                logger.trace("Received delegated cert: " + x509Certificate3.toString());
                            }
                            verifyDelegatedCert(x509Certificate3);
                            Certificate[] peerCertificates = this.sslEngine.getSession().getPeerCertificates();
                            int length = peerCertificates.length;
                            X509Certificate[] x509CertificateArr3 = new X509Certificate[length + 1];
                            x509CertificateArr3[0] = bcConvert(x509Certificate3);
                            for (int i3 = 0; i3 < length; i3++) {
                                x509CertificateArr3[i3 + 1] = bcConvert((X509Certificate) peerCertificates[i3]);
                            }
                            this.delegCred = new GlobusGSSCredentialImpl(new X509Credential(this.keyPair.getPrivate(), x509CertificateArr3), 0);
                            setDone();
                            break;
                        } catch (Throwable th) {
                            byteArrayInputStream.close();
                            throw th;
                        }
                    }
                } catch (IOException e7) {
                    throw new GlobusGSSException(11, e7);
                } catch (GeneralSecurityException e8) {
                    throw new GlobusGSSException(11, e8);
                }
            default:
                throw new GSSException(11);
        }
        if (wrap.hasRemaining()) {
            logger.debug("Not all data processed; Original: " + i2 + " Remaining: " + wrap.remaining() + " Handshaking status: " + this.sslEngine.getHandshakeStatus());
            logger.debug("SAVING unprocessed " + wrap.remaining() + "BYTES\n");
            this.savedInBytes = new byte[wrap.remaining()];
            wrap.get(this.savedInBytes, 0, this.savedInBytes.length);
        }
        logger.debug("exit acceptSecContext");
        if (!this.outByteBuff.hasRemaining()) {
            return null;
        }
        byte[] bArr5 = new byte[this.outByteBuff.remaining()];
        this.outByteBuff.get(bArr5, 0, bArr5.length);
        return bArr5;
    }

    private ByteBuffer sslDataWrap(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws GSSException {
        try {
            if (this.sslEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                throw new Exception("SSLEngine handshaking needed! HandshakeStatus: " + this.sslEngine.getHandshakeStatus().toString());
            }
            int i = 0;
            do {
                i++;
                logger.debug("PROCESSING DATA (WRAP) " + i + ": " + byteBuffer.remaining());
                SSLEngineResult wrap = this.sslEngine.wrap(byteBuffer, byteBuffer2);
                if (wrap.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_TASK) {
                    runDelegatedTasks(this.sslEngine);
                } else if (wrap.getStatus() == SSLEngineResult.Status.BUFFER_OVERFLOW) {
                    ByteBuffer allocate = ByteBuffer.allocate(this.sslEngine.getSession().getPacketBufferSize() + byteBuffer2.position());
                    byteBuffer2.flip();
                    allocate.put(byteBuffer2);
                    byteBuffer2 = allocate;
                } else {
                    if (wrap.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                        throw new GlobusGSSException(11, new Exception("Unexpected BUFFER_UNDERFLOW; Handshaking status: " + this.sslEngine.getHandshakeStatus()));
                    }
                    if (wrap.getStatus() != SSLEngineResult.Status.OK) {
                        throw new GlobusGSSException(11, 29, wrap.getStatus().toString());
                    }
                }
            } while (byteBuffer.hasRemaining());
            return byteBuffer2;
        } catch (Exception e) {
            throw new GlobusGSSException(11, e);
        }
    }

    private ByteBuffer sslDataUnwrap(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws GSSException {
        try {
            int i = 0;
            if (this.sslEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                throw new Exception("SSLEngine handshaking needed! HandshakeStatus: " + this.sslEngine.getHandshakeStatus().toString());
            }
            do {
                i++;
                logger.debug("PROCESSING DATA (UNWRAP) " + i + ": " + byteBuffer.remaining());
                SSLEngineResult unwrap = this.sslEngine.unwrap(byteBuffer, byteBuffer2);
                if (unwrap.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NEED_TASK) {
                    if (unwrap.getStatus() != SSLEngineResult.Status.BUFFER_OVERFLOW) {
                        if (unwrap.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                            break;
                        }
                        if (unwrap.getStatus() == SSLEngineResult.Status.CLOSED) {
                            throw new ClosedGSSException();
                        }
                        if (unwrap.getStatus() != SSLEngineResult.Status.OK) {
                            throw new GlobusGSSException(11, 29, unwrap.getStatus().toString());
                        }
                    } else {
                        ByteBuffer allocate = ByteBuffer.allocate(this.sslEngine.getSession().getApplicationBufferSize() + byteBuffer2.position());
                        byteBuffer2.flip();
                        allocate.put(byteBuffer2);
                        byteBuffer2 = allocate;
                    }
                } else {
                    runDelegatedTasks(this.sslEngine);
                }
            } while (byteBuffer.hasRemaining());
            return byteBuffer2;
        } catch (IllegalArgumentException e) {
            throw new GlobusGSSException(10, e);
        } catch (SSLException e2) {
            if (e2.toString().endsWith("bad record MAC")) {
                throw new GlobusGSSException(6, e2);
            }
            if (e2.toString().endsWith("ciphertext sanity check failed")) {
                throw new GlobusGSSException(10, e2);
            }
            throw new GlobusGSSException(11, e2);
        } catch (Exception e3) {
            throw new GlobusGSSException(11, e3);
        } catch (GSSException e4) {
            throw e4;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:28:0x0185, code lost:
    
        return r10;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.nio.ByteBuffer sslProcessHandshake(java.nio.ByteBuffer r9, java.nio.ByteBuffer r10) throws org.ietf.jgss.GSSException {
        /*
            Method dump skipped, instructions count: 402
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.globus.gsi.gssapi.GlobusGSSContextImpl.sslProcessHandshake(java.nio.ByteBuffer, java.nio.ByteBuffer):java.nio.ByteBuffer");
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:47:0x01a6. Please report as an issue. */
    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Removed duplicated region for block: B:64:0x05ff  */
    /* JADX WARN: Removed duplicated region for block: B:67:0x0689  */
    /* JADX WARN: Removed duplicated region for block: B:69:0x06a5 A[RETURN] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public byte[] initSecContext(byte[] r11, int r12, int r13) throws org.ietf.jgss.GSSException {
        /*
            Method dump skipped, instructions count: 1703
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.globus.gsi.gssapi.GlobusGSSContextImpl.initSecContext(byte[], int, int):byte[]");
    }

    private void setDone() {
        logger.debug("DONE with Handshaking and any initial cred delegation");
        this.established = true;
    }

    private void setGoodUntil(Date date) {
        if (this.goodUntil == null) {
            this.goodUntil = date;
        } else if (date.before(this.goodUntil)) {
            this.goodUntil = date;
        }
    }

    private void init(int i) throws GSSException, SSLException {
        try {
            if (this.tc == null) {
                this.sslConfigurator.setTrustAnchorStore(Stores.getDefaultTrustStore());
                this.sslConfigurator.setCrlStore(Stores.getDefaultCRLStore());
                this.sslConfigurator.setPolicyStore(Stores.getDefaultSigningPolicyStore());
            }
            this.sslConfigurator.setRejectLimitProxy(this.rejectLimitedProxy.booleanValue());
            if (this.proxyPolicyHandlers != null) {
                this.sslConfigurator.setHandlers(this.proxyPolicyHandlers);
            }
            this.sslContext = this.sslConfigurator.getSSLContext();
            this.sslEngine = this.sslContext.createSSLEngine();
            if (this.forceSSLv3AndConstrainCipherSuitesForGram.booleanValue()) {
                this.sslEngine.setEnabledProtocols(GRAM_PROTOCOLS);
            } else {
                this.sslEngine.setEnabledProtocols(ENABLED_PROTOCOLS);
            }
            logger.debug("SUPPORTED PROTOCOLS: " + Arrays.toString(this.sslEngine.getSupportedProtocols()) + "; ENABLED PROTOCOLS: " + Arrays.toString(this.sslEngine.getEnabledProtocols()));
            ArrayList arrayList = new ArrayList();
            if (this.encryption) {
                if (this.forceSSLv3AndConstrainCipherSuitesForGram.booleanValue()) {
                    for (String str : GRAM_ENCRYPTION_CIPHER_SUITES) {
                        arrayList.add(str);
                    }
                } else {
                    arrayList.addAll(Arrays.asList(this.sslEngine.getEnabledCipherSuites()));
                }
            } else if (this.forceSSLv3AndConstrainCipherSuitesForGram.booleanValue()) {
                for (String str2 : GRAM_NO_ENCRYPTION_CIPHER_SUITES) {
                    arrayList.add(str2);
                }
            } else {
                for (String str3 : NO_ENCRYPTION) {
                    arrayList.add(str3);
                }
                arrayList.addAll(Arrays.asList(this.sslEngine.getEnabledCipherSuites()));
            }
            arrayList.removeAll(Arrays.asList(this.bannedCiphers));
            this.sslEngine.setEnabledCipherSuites((String[]) arrayList.toArray(new String[0]));
            logger.debug("CIPHER SUITE IS: " + Arrays.toString(this.sslEngine.getEnabledCipherSuites()));
            if (this.requireClientAuth.booleanValue() == Boolean.TRUE.booleanValue()) {
                this.sslEngine.setNeedClientAuth(this.requireClientAuth.booleanValue());
            } else {
                this.sslEngine.setWantClientAuth(!this.acceptNoClientCerts.booleanValue());
            }
            this.sslEngine.setUseClientMode(i == 1);
            this.certFactory = BouncyCastleCertProcessingFactory.getDefault();
            this.state = 0;
            this.outByteBuff = ByteBuffer.allocate(this.sslEngine.getSession().getApplicationBufferSize());
            this.sslEngine.beginHandshake();
        } catch (Exception e) {
            throw new GlobusGSSException(11, e);
        }
    }

    private void handshakeFinished() throws IOException {
        String cipherSuite = this.sslEngine.getSession().getCipherSuite();
        this.encryption = !cipherSuite.contains("WITH_NULL");
        logger.debug("encryption alg: " + cipherSuite);
    }

    private void setCredential() throws GSSException {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null, null);
            X509Credential x509Credential = this.ctxCred.getX509Credential();
            keyStore.setKeyEntry("default", x509Credential.getPrivateKey(), "password".toCharArray(), x509Credential.getCertificateChain());
            this.sslConfigurator.setCredentialStore(keyStore);
            this.sslConfigurator.setCredentialStorePassword("password");
        } catch (GeneralSecurityException e) {
            throw new GlobusGSSException(9, e);
        } catch (Exception e2) {
            throw new GlobusGSSException(11, e2);
        }
    }

    public byte[] wrap(byte[] bArr, int i, int i2, MessageProp messageProp) throws GSSException {
        checkContext();
        logger.debug("enter wrap");
        boolean z = false;
        if (messageProp != null) {
            if (messageProp.getQOP() != 0 && messageProp.getQOP() != 1) {
                throw new GSSException(14);
            }
            z = !messageProp.getPrivacy() && messageProp.getQOP() == 1;
        }
        if (z) {
            throw new GSSException(16);
        }
        byte[] wrap = wrap(bArr, i, i2);
        if (messageProp != null) {
            messageProp.setPrivacy(this.encryption);
            messageProp.setQOP(0);
        }
        logger.debug("exit wrap");
        return wrap;
    }

    private byte[] wrap(byte[] bArr, int i, int i2) throws GSSException {
        try {
            ByteBuffer wrap = ByteBuffer.wrap(bArr, i, i2);
            this.outByteBuff.clear();
            this.outByteBuff = sslDataWrap(wrap, this.outByteBuff);
            this.outByteBuff.flip();
            if (wrap.hasRemaining()) {
                throw new Exception("Not all data processed; Original: " + i2 + " Remaining: " + wrap.remaining() + " Handshaking status: " + this.sslEngine.getHandshakeStatus());
            }
            if (!this.outByteBuff.hasRemaining()) {
                return null;
            }
            byte[] bArr2 = new byte[this.outByteBuff.remaining()];
            this.outByteBuff.get(bArr2, 0, bArr2.length);
            return bArr2;
        } catch (Exception e) {
            throw new GlobusGSSException(11, e);
        }
    }

    public byte[] unwrap(byte[] bArr, int i, int i2, MessageProp messageProp) throws GSSException {
        checkContext();
        logger.debug("enter unwrap");
        if (bArr[i] == 26 && bArr[i + 1] == 3 && bArr[i + 2] == 0) {
            throw new GSSException(16);
        }
        byte[] unwrap = unwrap(bArr, i, i2);
        if (messageProp != null) {
            messageProp.setPrivacy(this.encryption);
            messageProp.setQOP(0);
        }
        logger.debug("exit unwrap");
        return unwrap;
    }

    private byte[] unwrap(byte[] bArr, int i, int i2) throws GSSException {
        ByteBuffer wrap;
        if (this.savedInBytes != null) {
            if (i2 > 0) {
                byte[] bArr2 = new byte[this.savedInBytes.length + i2];
                logger.debug("ALLOCATED for allInBytes " + this.savedInBytes.length + " + " + i2 + " bytes\n");
                System.arraycopy(this.savedInBytes, 0, bArr2, 0, this.savedInBytes.length);
                System.arraycopy(bArr, i, bArr2, this.savedInBytes.length, i2);
                wrap = ByteBuffer.wrap(bArr2, 0, bArr2.length);
            } else {
                wrap = ByteBuffer.wrap(this.savedInBytes, 0, this.savedInBytes.length);
            }
            this.savedInBytes = null;
        } else {
            wrap = ByteBuffer.wrap(bArr, i, i2);
        }
        this.outByteBuff.clear();
        this.outByteBuff = sslDataUnwrap(wrap, this.outByteBuff);
        this.outByteBuff.flip();
        if (wrap.hasRemaining()) {
            logger.debug("Not all data processed; Original: " + i2 + " Remaining: " + wrap.remaining() + " Handshaking status: " + this.sslEngine.getHandshakeStatus());
            logger.debug("SAVING unprocessed " + wrap.remaining() + "BYTES\n");
            this.savedInBytes = new byte[wrap.remaining()];
            wrap.get(this.savedInBytes, 0, this.savedInBytes.length);
        }
        if (!this.outByteBuff.hasRemaining()) {
            return null;
        }
        byte[] bArr3 = new byte[this.outByteBuff.remaining()];
        this.outByteBuff.get(bArr3, 0, bArr3.length);
        return bArr3;
    }

    public void dispose() throws GSSException {
        logger.debug("dipose");
    }

    public boolean isEstablished() {
        return this.established;
    }

    public void requestCredDeleg(boolean z) throws GSSException {
        this.credentialDelegation = z;
    }

    public boolean getCredDelegState() {
        return this.credentialDelegation;
    }

    public boolean isInitiator() throws GSSException {
        if (this.role == 0) {
            throw new GSSException(11);
        }
        return this.role == 1;
    }

    public boolean isProtReady() {
        return isEstablished();
    }

    public void requestLifetime(int i) throws GSSException {
        if (i == Integer.MAX_VALUE) {
            throw new GlobusGSSException(11, 102, "badLifetime00");
        }
        if (i != 0) {
            Calendar calendar = Calendar.getInstance();
            calendar.add(13, i);
            setGoodUntil(calendar.getTime());
        }
    }

    public int getLifetime() {
        if (this.goodUntil != null) {
            return (int) ((this.goodUntil.getTime() - System.currentTimeMillis()) / 1000);
        }
        return -1;
    }

    public Oid getMech() throws GSSException {
        return GSSConstants.MECH_OID;
    }

    public GSSCredential getDelegCred() throws GSSException {
        return this.delegCred;
    }

    public void requestConf(boolean z) throws GSSException {
        this.encryption = z;
    }

    public boolean getConfState() {
        return this.encryption;
    }

    public byte[] getMIC(byte[] bArr, int i, int i2, MessageProp messageProp) throws GSSException {
        throw new GSSException(16);
    }

    public void verifyMIC(byte[] bArr, int i, int i2, byte[] bArr2, int i3, int i4, MessageProp messageProp) throws GSSException {
        throw new GSSException(16);
    }

    public int initSecContext(InputStream inputStream, OutputStream outputStream) throws GSSException {
        try {
            byte[] readSslMessage = !this.conn ? new byte[0] : SSLUtil.readSslMessage(inputStream);
            byte[] initSecContext = initSecContext(readSslMessage, 0, readSslMessage.length);
            if (initSecContext == null) {
                return 0;
            }
            outputStream.write(initSecContext);
            return initSecContext.length;
        } catch (IOException e) {
            throw new GlobusGSSException(11, e);
        }
    }

    public void acceptSecContext(InputStream inputStream, OutputStream outputStream) throws GSSException {
        try {
            byte[] readSslMessage = SSLUtil.readSslMessage(inputStream);
            byte[] acceptSecContext = acceptSecContext(readSslMessage, 0, readSslMessage.length);
            if (acceptSecContext != null) {
                outputStream.write(acceptSecContext);
            }
        } catch (IOException e) {
            throw new GlobusGSSException(11, e);
        }
    }

    public GSSName getSrcName() throws GSSException {
        return this.sourceName;
    }

    public GSSName getTargName() throws GSSException {
        return this.targetName;
    }

    public void requestInteg(boolean z) throws GSSException {
        if (!z) {
            throw new GlobusGSSException(11, GlobusGSSException.BAD_OPTION, "integOn");
        }
    }

    public boolean getIntegState() {
        return true;
    }

    public void requestSequenceDet(boolean z) throws GSSException {
        if (!z) {
            throw new GlobusGSSException(11, GlobusGSSException.BAD_OPTION, "seqDet");
        }
    }

    public boolean getSequenceDetState() {
        return true;
    }

    public void requestReplayDet(boolean z) throws GSSException {
        if (!z) {
            throw new GlobusGSSException(11, GlobusGSSException.BAD_OPTION, "replayDet");
        }
    }

    public boolean getReplayDetState() {
        return true;
    }

    public void requestAnonymity(boolean z) throws GSSException {
        this.anonymity = z;
    }

    public boolean getAnonymityState() {
        return this.anonymity;
    }

    public void requestMutualAuth(boolean z) throws GSSException {
        if (!z) {
            throw new GlobusGSSException(11, GlobusGSSException.BAD_OPTION, "mutualAuthOn");
        }
    }

    public boolean getMutualAuthState() {
        return true;
    }

    protected byte[] generateCertRequest(X509Certificate x509Certificate) throws GeneralSecurityException {
        this.keyPair = this.keyPairCache.getKeyPair(((RSAPublicKey) x509Certificate.getPublicKey()).getModulus().bitLength());
        return this.certFactory.createCertificateRequest(x509Certificate, this.keyPair);
    }

    protected void verifyDelegatedCert(X509Certificate x509Certificate) throws GeneralSecurityException {
        if (!((RSAPublicKey) x509Certificate.getPublicKey()).getModulus().equals(((RSAPrivateKey) this.keyPair.getPrivate()).getModulus())) {
            throw new GeneralSecurityException(i18n.getMessage("keyMismatch"));
        }
    }

    protected void checkContext() throws GSSException {
        if (!this.conn || !isEstablished()) {
            throw new GSSException(12);
        }
        if (this.checkContextExpiration.booleanValue() && getLifetime() <= 0) {
            throw new GSSException(7);
        }
    }

    protected void setGssMode(Object obj) throws GSSException {
        if (!(obj instanceof Integer)) {
            throw new GlobusGSSException(11, 100, "badType", new Object[]{"GSS mode", Integer.class});
        }
        Integer num = (Integer) obj;
        if (num != GSIConstants.MODE_GSI && num != GSIConstants.MODE_SSL) {
            throw new GlobusGSSException(11, GlobusGSSException.BAD_OPTION, "badGssMode");
        }
        this.gssMode = num;
    }

    protected void setDelegationType(Object obj) throws GSSException {
        GSIConstants.DelegationType delegationType;
        if (obj instanceof GSIConstants.DelegationType) {
            delegationType = (GSIConstants.DelegationType) obj;
        } else {
            if (!(obj instanceof Integer)) {
                throw new GlobusGSSException(11, 100, "badType", new Object[]{"delegation type", GSIConstants.DelegationType.class});
            }
            delegationType = GSIConstants.DelegationType.get(((Integer) obj).intValue());
        }
        if (delegationType != GSIConstants.DelegationType.FULL && delegationType != GSIConstants.DelegationType.LIMITED) {
            throw new GlobusGSSException(11, GlobusGSSException.BAD_OPTION, "badDelegType");
        }
        this.delegationType = delegationType;
    }

    protected void setCheckContextExpired(Object obj) throws GSSException {
        if (!(obj instanceof Boolean)) {
            throw new GlobusGSSException(11, 100, "badType", new Object[]{"check context expired", Boolean.class});
        }
        this.checkContextExpiration = (Boolean) obj;
    }

    protected void setRejectLimitedProxy(Object obj) throws GSSException {
        if (!(obj instanceof Boolean)) {
            throw new GlobusGSSException(11, 100, "badType", new Object[]{"reject limited proxy", Boolean.class});
        }
        this.rejectLimitedProxy = (Boolean) obj;
    }

    protected void setRequireClientAuth(Object obj) throws GSSException {
        if (!(obj instanceof Boolean)) {
            throw new GlobusGSSException(11, 100, "badType", new Object[]{"require client auth", Boolean.class});
        }
        this.requireClientAuth = (Boolean) obj;
    }

    protected void setRequireAuthzWithDelegation(Object obj) throws GSSException {
        if (!(obj instanceof Boolean)) {
            throw new GlobusGSSException(11, 100, "badType", new Object[]{"require authz with delehation", Boolean.class});
        }
        this.requireAuthzWithDelegation = (Boolean) obj;
    }

    protected void setAcceptNoClientCerts(Object obj) throws GSSException {
        if (!(obj instanceof Boolean)) {
            throw new GlobusGSSException(11, 100, "badType", new Object[]{"accept no client certs", Boolean.class});
        }
        this.acceptNoClientCerts = (Boolean) obj;
    }

    protected void setForceSslV3AndConstrainCipherSuitesForGram(Object obj) throws GSSException {
        if (!(obj instanceof Boolean)) {
            throw new GlobusGSSException(11, 100, "badType", new Object[]{"adjust cipher suites for GRAM", Boolean.class});
        }
        this.forceSSLv3AndConstrainCipherSuitesForGram = (Boolean) obj;
    }

    protected void setProxyPolicyHandlers(Object obj) throws GSSException {
        if (!(obj instanceof Map)) {
            throw new GlobusGSSException(11, 100, "badType", new Object[]{"Proxy policy handlers", Map.class});
        }
        this.proxyPolicyHandlers = (Map) obj;
    }

    protected void setTrustedCertificates(Object obj) throws GSSException {
        if (!(obj instanceof TrustedCertificates)) {
            throw new GlobusGSSException(11, 100, "badType", new Object[]{"Trusted certificates", TrustedCertificates.class});
        }
        this.tc = (TrustedCertificates) obj;
        this.sslConfigurator.setTrustAnchorStore(TrustedCertificates.getTrustStore());
        this.sslConfigurator.setCrlStore(TrustedCertificates.getcrlStore());
        this.sslConfigurator.setPolicyStore(TrustedCertificates.getsigPolStore());
    }

    @Override // org.gridforum.jgss.ExtendedGSSContext
    public void setOption(Oid oid, Object obj) throws GSSException {
        if (oid == null) {
            throw new GlobusGSSException(11, 7, "nullOption");
        }
        if (obj == null) {
            throw new GlobusGSSException(11, 7, "nullOptionValue");
        }
        if (oid.equals(GSSConstants.GSS_MODE)) {
            setGssMode(obj);
            return;
        }
        if (oid.equals(GSSConstants.DELEGATION_TYPE)) {
            setDelegationType(obj);
            return;
        }
        if (oid.equals(GSSConstants.CHECK_CONTEXT_EXPIRATION)) {
            setCheckContextExpired(obj);
            return;
        }
        if (oid.equals(GSSConstants.REJECT_LIMITED_PROXY)) {
            setRejectLimitedProxy(obj);
            return;
        }
        if (oid.equals(GSSConstants.REQUIRE_CLIENT_AUTH)) {
            setRequireClientAuth(obj);
            return;
        }
        if (oid.equals(GSSConstants.TRUSTED_CERTIFICATES)) {
            setTrustedCertificates(obj);
            return;
        }
        if (oid.equals(GSSConstants.PROXY_POLICY_HANDLERS)) {
            setProxyPolicyHandlers(obj);
            return;
        }
        if (oid.equals(GSSConstants.ACCEPT_NO_CLIENT_CERTS)) {
            setAcceptNoClientCerts(obj);
        } else if (oid.equals(GSSConstants.AUTHZ_REQUIRED_WITH_DELEGATION)) {
            setRequireAuthzWithDelegation(obj);
        } else {
            if (!oid.equals(GSSConstants.FORCE_SSLV3_AND_CONSTRAIN_CIPHERSUITES_FOR_GRAM)) {
                throw new GlobusGSSException(11, 37, "unknownOption", new Object[]{oid});
            }
            setForceSslV3AndConstrainCipherSuitesForGram(obj);
        }
    }

    @Override // org.gridforum.jgss.ExtendedGSSContext
    public Object getOption(Oid oid) throws GSSException {
        if (oid == null) {
            throw new GlobusGSSException(11, 7, "nullOption");
        }
        if (oid.equals(GSSConstants.GSS_MODE)) {
            return this.gssMode;
        }
        if (oid.equals(GSSConstants.DELEGATION_TYPE)) {
            return this.delegationType;
        }
        if (oid.equals(GSSConstants.CHECK_CONTEXT_EXPIRATION)) {
            return this.checkContextExpiration;
        }
        if (oid.equals(GSSConstants.REJECT_LIMITED_PROXY)) {
            return this.rejectLimitedProxy;
        }
        if (oid.equals(GSSConstants.REQUIRE_CLIENT_AUTH)) {
            return this.requireClientAuth;
        }
        if (oid.equals(GSSConstants.TRUSTED_CERTIFICATES)) {
            return this.tc;
        }
        if (oid.equals(GSSConstants.PROXY_POLICY_HANDLERS)) {
            throw new GSSException(16);
        }
        if (oid.equals(GSSConstants.ACCEPT_NO_CLIENT_CERTS)) {
            return this.acceptNoClientCerts;
        }
        return null;
    }

    /* JADX WARN: Finally extract failed */
    @Override // org.gridforum.jgss.ExtendedGSSContext
    public byte[] initDelegation(GSSCredential gSSCredential, Oid oid, int i, byte[] bArr, int i2, int i3) throws GSSException {
        byte[] byteArray;
        logger.debug("Enter initDelegation: " + this.delegationState);
        if (oid != null && !oid.equals(getMech())) {
            throw new GSSException(2);
        }
        if (this.gssMode != GSIConstants.MODE_SSL && bArr != null && i3 > 0) {
            bArr = unwrap(bArr, i2, i3);
            i2 = 0;
            i3 = bArr.length;
        }
        switch (this.delegationState) {
            case 0:
                this.delegationFinished = false;
                byteArray = DELEGATION_TOKEN;
                this.delegationState = 1;
                break;
            case 1:
                if (gSSCredential == null) {
                    gSSCredential = new GlobusGSSManagerImpl().createCredential(0);
                }
                if (!(gSSCredential instanceof GlobusGSSCredentialImpl)) {
                    throw new GSSException(9);
                }
                X509Credential x509Credential = ((GlobusGSSCredentialImpl) gSSCredential).getX509Credential();
                X509Certificate[] certificateChain = x509Credential.getCertificateChain();
                int i4 = i == 0 ? -1 : i;
                ByteArrayInputStream byteArrayInputStream = null;
                ByteArrayOutputStream byteArrayOutputStream = null;
                try {
                    try {
                        byteArrayInputStream = new ByteArrayInputStream(bArr, i2, i3);
                        X509Certificate createCertificate = this.certFactory.createCertificate(byteArrayInputStream, certificateChain[0], x509Credential.getPrivateKey(), i4, BouncyCastleCertProcessingFactory.decideProxyType(certificateChain[0], this.delegationType));
                        byteArrayOutputStream = new ByteArrayOutputStream();
                        byteArrayOutputStream.write(createCertificate.getEncoded());
                        for (X509Certificate x509Certificate : certificateChain) {
                            byteArrayOutputStream.write(x509Certificate.getEncoded());
                        }
                        byteArray = byteArrayOutputStream.toByteArray();
                        if (byteArrayInputStream != null) {
                            try {
                                byteArrayInputStream.close();
                            } catch (Exception e) {
                                logger.warn("Unable to close stream.");
                            }
                        }
                        if (byteArrayOutputStream != null) {
                            try {
                                byteArrayOutputStream.close();
                            } catch (Exception e2) {
                                logger.warn("Unable to close stream.");
                            }
                        }
                        this.delegationState = 0;
                        this.delegationFinished = true;
                        break;
                    } catch (Throwable th) {
                        if (byteArrayInputStream != null) {
                            try {
                                byteArrayInputStream.close();
                            } catch (Exception e3) {
                                logger.warn("Unable to close stream.");
                            }
                        }
                        if (byteArrayOutputStream != null) {
                            try {
                                byteArrayOutputStream.close();
                            } catch (Exception e4) {
                                logger.warn("Unable to close stream.");
                            }
                        }
                        throw th;
                    }
                } catch (Exception e5) {
                    throw new GlobusGSSException(11, e5);
                }
            default:
                throw new GSSException(11);
        }
        logger.debug("Exit initDelegation");
        return (this.gssMode == GSIConstants.MODE_SSL || byteArray == null) ? byteArray : wrap(byteArray, 0, byteArray.length);
    }

    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v62, types: [java.security.cert.Certificate[]] */
    @Override // org.gridforum.jgss.ExtendedGSSContext
    public byte[] acceptDelegation(int i, byte[] bArr, int i2, int i3) throws GSSException {
        X509Certificate[] x509CertificateArr;
        logger.debug("Enter acceptDelegation: " + this.delegationState);
        if (this.gssMode != GSIConstants.MODE_SSL && bArr != null && i3 > 0) {
            bArr = unwrap(bArr, i2, i3);
            i2 = 0;
            i3 = bArr.length;
        }
        byte[] bArr2 = null;
        switch (this.delegationState) {
            case 0:
                this.delegationFinished = false;
                if (i3 != 1 && bArr[i2] != 68) {
                    throw new GlobusGSSException(11, 30, "delegError00", new Object[]{new Character((char) bArr[i2])});
                }
                try {
                    try {
                        x509CertificateArr = this.sslEngine.getSession().getPeerCertificates();
                    } catch (GeneralSecurityException e) {
                        throw new GlobusGSSException(11, e);
                    }
                } catch (SSLPeerUnverifiedException e2) {
                    x509CertificateArr = null;
                }
                if (x509CertificateArr != null && x509CertificateArr.length != 0) {
                    bArr2 = generateCertRequest(x509CertificateArr[0]);
                    this.delegationState = 2;
                    break;
                } else {
                    throw new GlobusGSSException(11, 30, "noClientCert");
                }
            case 2:
                ByteArrayInputStream byteArrayInputStream = null;
                LinkedList linkedList = new LinkedList();
                try {
                    try {
                        byteArrayInputStream = new ByteArrayInputStream(bArr, i2, i3);
                        while (byteArrayInputStream.available() > 0) {
                            linkedList.add(CertificateLoadUtil.loadCertificate(byteArrayInputStream));
                        }
                        X509Certificate[] x509CertificateArr2 = (X509Certificate[]) linkedList.toArray(new X509Certificate[linkedList.size()]);
                        verifyDelegatedCert(x509CertificateArr2[0]);
                        if (byteArrayInputStream != null) {
                            try {
                                byteArrayInputStream.close();
                            } catch (Exception e3) {
                                logger.warn("Unable to close streamreader.");
                            }
                        }
                        this.delegatedCred = new GlobusGSSCredentialImpl(new X509Credential(this.keyPair.getPrivate(), x509CertificateArr2), 0);
                        this.delegationState = 0;
                        this.delegationFinished = true;
                        break;
                    } catch (Throwable th) {
                        if (byteArrayInputStream != null) {
                            try {
                                byteArrayInputStream.close();
                            } catch (Exception e4) {
                                logger.warn("Unable to close streamreader.");
                            }
                        }
                        throw th;
                    }
                } catch (GeneralSecurityException e5) {
                    throw new GlobusGSSException(11, e5);
                }
            default:
                throw new GSSException(11);
        }
        logger.debug("Exit acceptDelegation");
        return (this.gssMode == GSIConstants.MODE_SSL || bArr2 == null) ? bArr2 : wrap(bArr2, 0, bArr2.length);
    }

    @Override // org.gridforum.jgss.ExtendedGSSContext
    public GSSCredential getDelegatedCredential() {
        return this.delegatedCred;
    }

    @Override // org.gridforum.jgss.ExtendedGSSContext
    public boolean isDelegationFinished() {
        return this.delegationFinished;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v23, types: [java.security.cert.Certificate[]] */
    @Override // org.gridforum.jgss.ExtendedGSSContext
    public Object inquireByOid(Oid oid) throws GSSException {
        X509Certificate[] x509CertificateArr;
        if (oid == null) {
            throw new GlobusGSSException(11, 7, "nullOption");
        }
        if (!oid.equals(GSSConstants.X509_CERT_CHAIN)) {
            if (oid.equals(GSSConstants.RECEIVED_LIMITED_PROXY)) {
                return this.peerLimited;
            }
            return null;
        }
        if (!isEstablished()) {
            return null;
        }
        try {
            try {
                x509CertificateArr = this.sslEngine.getSession().getPeerCertificates();
            } catch (SSLPeerUnverifiedException e) {
                x509CertificateArr = null;
            }
            if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
                return null;
            }
            return x509CertificateArr;
        } catch (Exception e2) {
            throw new GlobusGSSException(9, e2);
        }
    }

    @Override // org.gridforum.jgss.ExtendedGSSContext
    public void setBannedCiphers(String[] strArr) {
        this.bannedCiphers = new String[strArr.length];
        System.arraycopy(strArr, 0, this.bannedCiphers, 0, strArr.length);
    }

    public int getWrapSizeLimit(int i, boolean z, int i2) throws GSSException {
        throw new GSSException(16);
    }

    public void wrap(InputStream inputStream, OutputStream outputStream, MessageProp messageProp) throws GSSException {
        throw new GSSException(16);
    }

    public void unwrap(InputStream inputStream, OutputStream outputStream, MessageProp messageProp) throws GSSException {
        throw new GSSException(16);
    }

    public void getMIC(InputStream inputStream, OutputStream outputStream, MessageProp messageProp) throws GSSException {
        throw new GSSException(16);
    }

    public void verifyMIC(InputStream inputStream, InputStream inputStream2, MessageProp messageProp) throws GSSException {
        throw new GSSException(16);
    }

    public void setChannelBinding(ChannelBinding channelBinding) throws GSSException {
        throw new GSSException(16);
    }

    public boolean isTransferable() throws GSSException {
        throw new GSSException(16);
    }

    public byte[] export() throws GSSException {
        throw new GSSException(16);
    }

    static {
        new ProviderLoader();
        ENABLED_PROTOCOLS = new String[]{"TLSv1", "SSLv3"};
        GRAM_PROTOCOLS = new String[]{"SSLv3"};
        NO_ENCRYPTION = new String[]{"SSL_RSA_WITH_NULL_SHA", "SSL_RSA_WITH_NULL_MD5"};
        GRAM_ENCRYPTION_CIPHER_SUITES = new String[]{"SSL_RSA_WITH_3DES_EDE_CBC_SHA"};
        GRAM_NO_ENCRYPTION_CIPHER_SUITES = new String[]{"SSL_RSA_WITH_NULL_SHA"};
        DELEGATION_TOKEN = new byte[]{68};
    }
}
