package jcifs.smb;

import java.security.Key;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Iterator;
import javax.security.auth.Subject;
import jcifs.Config;
import org.ietf.jgss.GSSException;

/* loaded from: classes3.dex */
public class Kerb5Authenticator implements SmbExtendedAuthenticator {
    public static final String CAPABILITIES = "-2147483436";
    public static final String FLAGS2 = "55301";
    private static final String SERVICE = "cifs";
    private Subject subject;
    private String user = null;
    private String service = SERVICE;
    private int userLifetime = 0;
    private int contextLifetime = 0;

    public Kerb5Authenticator(Subject subject) {
        this.subject = null;
        this.subject = subject;
    }

    private Kerb5Context createContext(String str) throws GSSException {
        Kerb5Context kerb5Context = new Kerb5Context(str, this.service, this.user, this.userLifetime, this.contextLifetime);
        kerb5Context.getGSSContext().requestAnonymity(false);
        kerb5Context.getGSSContext().requestSequenceDet(false);
        kerb5Context.getGSSContext().requestMutualAuth(false);
        kerb5Context.getGSSContext().requestConf(false);
        kerb5Context.getGSSContext().requestInteg(false);
        kerb5Context.getGSSContext().requestReplayDet(false);
        return kerb5Context;
    }

    private String getDefaultDomain() {
        return Config.getProperty("jcifs.smb.client.domain", "?");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setup(SmbSession smbSession, ServerMessageBlock serverMessageBlock, ServerMessageBlock serverMessageBlock2) throws SmbAuthException, SmbException {
        Kerb5Context createContext;
        Kerb5Context kerb5Context = null;
        try {
            try {
                String hostAddress = smbSession.transport.address.getHostAddress();
                try {
                    hostAddress = smbSession.transport.address.getHostName();
                } catch (Throwable unused) {
                }
                createContext = createContext(hostAddress);
            } catch (Throwable th) {
                th = th;
            }
        } catch (GSSException e) {
            e = e;
        }
        try {
            SpnegoContext spnegoContext = new SpnegoContext(createContext.getGSSContext());
            byte[] bArr = new byte[0];
            Kerb5SessionSetupAndXResponse kerb5SessionSetupAndXResponse = null;
            while (!spnegoContext.isEstablished()) {
                bArr = spnegoContext.initSecContext(bArr, 0, bArr.length);
                if (bArr != null) {
                    Kerb5SessionSetupAndX kerb5SessionSetupAndX = new Kerb5SessionSetupAndX(smbSession, null);
                    kerb5SessionSetupAndX.getSecurityBlob().set(bArr);
                    Kerb5SessionSetupAndXResponse kerb5SessionSetupAndXResponse2 = new Kerb5SessionSetupAndXResponse(serverMessageBlock2);
                    if (smbSession.transport.digest == null && (smbSession.transport.server.signaturesRequired || (smbSession.transport.server.signaturesEnabled && SmbConstants.SIGNPREF))) {
                        Key searchSessionKey = createContext.searchSessionKey(this.subject);
                        if (searchSessionKey == null) {
                            throw new SmbException("Not found the session key.");
                        }
                        kerb5SessionSetupAndX.digest = new SigningDigest(searchSessionKey.getEncoded());
                    }
                    smbSession.transport.send(kerb5SessionSetupAndX, kerb5SessionSetupAndXResponse2);
                    smbSession.transport.digest = kerb5SessionSetupAndX.digest;
                    kerb5SessionSetupAndXResponse = kerb5SessionSetupAndXResponse2;
                    bArr = kerb5SessionSetupAndXResponse2.getSecurityBlob().get();
                }
            }
            smbSession.setUid(kerb5SessionSetupAndXResponse.uid);
            smbSession.setSessionSetup(true);
            if (createContext != null) {
                try {
                    createContext.dispose();
                } catch (GSSException unused2) {
                }
            }
        } catch (GSSException e2) {
            e = e2;
            e.printStackTrace();
            throw new SmbException(e.getMessage());
        } catch (Throwable th2) {
            th = th2;
            kerb5Context = createContext;
            if (kerb5Context != null) {
                try {
                    kerb5Context.dispose();
                } catch (GSSException unused3) {
                }
            }
            throw th;
        }
    }

    public boolean equals(Object obj) {
        return getSubject() == ((Kerb5Authenticator) obj).getSubject();
    }

    @Override // jcifs.smb.SmbExtendedAuthenticator
    public String getDomain() {
        String str;
        Subject subject = this.subject;
        if (subject != null) {
            Iterator<Principal> it = subject.getPrincipals().iterator();
            while (it.hasNext()) {
                try {
                    str = it.next().getRealm();
                    break;
                } catch (Exception unused) {
                }
            }
        }
        str = "";
        return str.isEmpty() ? getDefaultDomain() : str;
    }

    public int getLifeTime() {
        return this.contextLifetime;
    }

    public String getService() {
        return this.service;
    }

    public Subject getSubject() {
        return this.subject;
    }

    public String getUser() {
        return this.user;
    }

    public int getUserLifeTime() {
        return this.userLifetime;
    }

    @Override // jcifs.smb.SmbExtendedAuthenticator
    public void sessionSetup(final SmbSession smbSession, final ServerMessageBlock serverMessageBlock, final ServerMessageBlock serverMessageBlock2) throws SmbException {
        try {
            Subject.doAs(this.subject, new PrivilegedExceptionAction() { // from class: jcifs.smb.Kerb5Authenticator.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Kerb5Authenticator.this.setup(smbSession, serverMessageBlock, serverMessageBlock2);
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            if (!(e.getException() instanceof SmbException)) {
                throw new SmbException(e.getMessage(), e.getException());
            }
            throw ((SmbException) e.getException());
        }
    }

    public void setLifeTime(int i) {
        this.contextLifetime = i;
    }

    public void setService(String str) {
        this.service = str;
    }

    public void setUser(String str) {
        this.user = str;
    }

    public void setUserLifeTime(int i) {
        this.userLifetime = i;
    }
}
