package sun.security.jgss.spnego;

import java.security.Provider;
import java.util.Vector;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;
import sun.security.jgss.GSSCaller;
import sun.security.jgss.GSSManagerImpl;
import sun.security.jgss.GSSUtil;
import sun.security.jgss.ProviderList;
import sun.security.jgss.SunProvider;
import sun.security.jgss.krb5.Krb5AcceptCredential;
import sun.security.jgss.krb5.Krb5InitCredential;
import sun.security.jgss.krb5.Krb5MechFactory;
import sun.security.jgss.krb5.Krb5NameElement;
import sun.security.jgss.spi.GSSContextSpi;
import sun.security.jgss.spi.GSSCredentialSpi;
import sun.security.jgss.spi.GSSNameSpi;
import sun.security.jgss.spi.MechanismFactory;

/* loaded from: input_file:sun/security/jgss/spnego/SpNegoMechFactory.class */
public final class SpNegoMechFactory implements MechanismFactory {
    static final Provider PROVIDER = new SunProvider();
    static final Oid GSS_SPNEGO_MECH_OID = GSSUtil.createOid("1.3.6.1.5.5.2");
    private static Oid[] nameTypes = {GSSName.NT_USER_NAME, GSSName.NT_HOSTBASED_SERVICE, GSSName.NT_EXPORT_NAME};
    private static final Oid DEFAULT_SPNEGO_MECH_OID;
    final GSSManagerImpl manager;
    final Oid[] availableMechs;

    private static SpNegoCredElement getCredFromSubject(GSSNameSpi gSSNameSpi, boolean z) throws GSSException {
        Vector searchSubject = GSSUtil.searchSubject(gSSNameSpi, GSS_SPNEGO_MECH_OID, z, SpNegoCredElement.class);
        SpNegoCredElement spNegoCredElement = (searchSubject == null || searchSubject.isEmpty()) ? null : (SpNegoCredElement) searchSubject.firstElement();
        if (spNegoCredElement != null) {
            GSSCredentialSpi internalCred = spNegoCredElement.getInternalCred();
            if (GSSUtil.isKerberosMech(internalCred.getMechanism())) {
                if (z) {
                    Krb5MechFactory.checkInitCredPermission((Krb5NameElement) ((Krb5InitCredential) internalCred).getName());
                } else {
                    Krb5MechFactory.checkAcceptCredPermission((Krb5NameElement) ((Krb5AcceptCredential) internalCred).getName(), gSSNameSpi);
                }
            }
        }
        return spNegoCredElement;
    }

    public SpNegoMechFactory(GSSCaller gSSCaller) {
        this.manager = new GSSManagerImpl(gSSCaller, false);
        Oid[] mechs = this.manager.getMechs();
        this.availableMechs = new Oid[mechs.length - 1];
        int i = 0;
        for (int i2 = 0; i2 < mechs.length; i2++) {
            if (!mechs[i2].equals(GSS_SPNEGO_MECH_OID)) {
                int i3 = i;
                i++;
                this.availableMechs[i3] = mechs[i2];
            }
        }
        for (int i4 = 0; i4 < this.availableMechs.length; i4++) {
            if (this.availableMechs[i4].equals(DEFAULT_SPNEGO_MECH_OID)) {
                if (i4 != 0) {
                    this.availableMechs[i4] = this.availableMechs[0];
                    this.availableMechs[0] = DEFAULT_SPNEGO_MECH_OID;
                    return;
                }
                return;
            }
        }
    }

    public GSSNameSpi getNameElement(String str, Oid oid) throws GSSException {
        return this.manager.getNameElement(str, oid, DEFAULT_SPNEGO_MECH_OID);
    }

    public GSSNameSpi getNameElement(byte[] bArr, Oid oid) throws GSSException {
        return this.manager.getNameElement(bArr, oid, DEFAULT_SPNEGO_MECH_OID);
    }

    public GSSCredentialSpi getCredentialElement(GSSNameSpi gSSNameSpi, int i, int i2, int i3) throws GSSException {
        SpNegoCredElement credFromSubject = getCredFromSubject(gSSNameSpi, i3 != 2);
        if (credFromSubject == null) {
            credFromSubject = new SpNegoCredElement(this.manager.getCredentialElement(gSSNameSpi, i, i2, (Oid) null, i3));
        }
        return credFromSubject;
    }

    public GSSContextSpi getMechanismContext(GSSNameSpi gSSNameSpi, GSSCredentialSpi gSSCredentialSpi, int i) throws GSSException {
        if (gSSCredentialSpi == null) {
            gSSCredentialSpi = getCredFromSubject(null, true);
        } else if (!(gSSCredentialSpi instanceof SpNegoCredElement)) {
            return new SpNegoContext(this, gSSNameSpi, new SpNegoCredElement(gSSCredentialSpi), i);
        }
        return new SpNegoContext(this, gSSNameSpi, gSSCredentialSpi, i);
    }

    public GSSContextSpi getMechanismContext(GSSCredentialSpi gSSCredentialSpi) throws GSSException {
        if (gSSCredentialSpi == null) {
            gSSCredentialSpi = getCredFromSubject(null, false);
        } else if (!(gSSCredentialSpi instanceof SpNegoCredElement)) {
            return new SpNegoContext(this, new SpNegoCredElement(gSSCredentialSpi));
        }
        return new SpNegoContext(this, gSSCredentialSpi);
    }

    public GSSContextSpi getMechanismContext(byte[] bArr) throws GSSException {
        return new SpNegoContext(this, bArr);
    }

    public final Oid getMechanismOid() {
        return GSS_SPNEGO_MECH_OID;
    }

    public Provider getProvider() {
        return PROVIDER;
    }

    public Oid[] getNameTypes() {
        return nameTypes;
    }

    static {
        DEFAULT_SPNEGO_MECH_OID = ProviderList.DEFAULT_MECH_OID.equals(GSS_SPNEGO_MECH_OID) ? GSSUtil.GSS_KRB5_MECH_OID : ProviderList.DEFAULT_MECH_OID;
    }
}
