package com.microsoft.sqlserver.jdbc;

import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public final class KerbAuthentication extends SSPIAuthentication {
    private static final String CONFIGNAME = "SQLJDBCDriver";
    private static final Logger authLogger = Logger.getLogger("com.microsoft.sqlserver.jdbc.internals.KerbAuthentication");
    private final SQLServerConnection con;
    private final String spn;
    private final GSSManager manager = GSSManager.getInstance();
    private LoginContext lc = null;
    private GSSCredential peerCredentials = null;
    private GSSContext peerContext = null;

    static {
        new Configuration() { // from class: com.microsoft.sqlserver.jdbc.KerbAuthentication.1SQLJDBCDriverConfig
            Configuration current;
            AppConfigurationEntry[] driverConf;

            {
                AppConfigurationEntry appConfigurationEntry;
                this.current = null;
                try {
                    this.current = Configuration.getConfiguration();
                } catch (SecurityException e) {
                    KerbAuthentication.authLogger.finer(toString() + " No configurations provided, setting driver default");
                }
                if ((this.current != null ? this.current.getAppConfigurationEntry(KerbAuthentication.CONFIGNAME) : null) == null) {
                    if (KerbAuthentication.authLogger.isLoggable(Level.FINER)) {
                        KerbAuthentication.authLogger.finer(toString() + " SQLJDBCDriver configuration entry is not provided, setting driver default");
                    }
                    if (Util.isIBM()) {
                        HashMap hashMap = new HashMap();
                        hashMap.put("useDefaultCcache", "true");
                        hashMap.put("moduleBanner", "false");
                        appConfigurationEntry = new AppConfigurationEntry("com.ibm.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap);
                        if (KerbAuthentication.authLogger.isLoggable(Level.FINER)) {
                            KerbAuthentication.authLogger.finer(toString() + " Setting IBM Krb5LoginModule");
                        }
                    } else {
                        HashMap hashMap2 = new HashMap();
                        hashMap2.put("useTicketCache", "true");
                        hashMap2.put("doNotPrompt", "true");
                        appConfigurationEntry = new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap2);
                        if (KerbAuthentication.authLogger.isLoggable(Level.FINER)) {
                            KerbAuthentication.authLogger.finer(toString() + " Setting Sun Krb5LoginModule");
                        }
                    }
                    this.driverConf = new AppConfigurationEntry[1];
                    this.driverConf[0] = appConfigurationEntry;
                    Configuration.setConfiguration(this);
                }
            }

            public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
                if (str.equals(KerbAuthentication.CONFIGNAME)) {
                    return this.driverConf;
                }
                if (this.current != null) {
                    return this.current.getAppConfigurationEntry(str);
                }
                return null;
            }

            public void refresh() {
                if (this.current != null) {
                    this.current.refresh();
                }
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KerbAuthentication(SQLServerConnection sQLServerConnection, String str, int i) throws SQLServerException {
        this.con = sQLServerConnection;
        this.spn = makeSpn(str, i);
    }

    private static GSSCredential getClientCredential(Subject subject, final GSSManager gSSManager, final Oid oid) throws PrivilegedActionException {
        return (GSSCredential) Subject.doAs(subject, new PrivilegedExceptionAction<GSSCredential>() { // from class: com.microsoft.sqlserver.jdbc.KerbAuthentication.1
            @Override // java.security.PrivilegedExceptionAction
            public GSSCredential run() throws GSSException {
                return gSSManager.createCredential((GSSName) null, 0, oid, 1);
            }
        });
    }

    private byte[] intAuthHandShake(byte[] bArr, boolean[] zArr) throws SQLServerException {
        try {
            if (authLogger.isLoggable(Level.FINER)) {
                authLogger.finer(toString() + " Sending token to server over secure context");
            }
            byte[] initSecContext = this.peerContext.initSecContext(bArr, 0, bArr.length);
            if (this.peerContext.isEstablished()) {
                zArr[0] = true;
                if (!authLogger.isLoggable(Level.FINER)) {
                    return initSecContext;
                }
                authLogger.finer(toString() + "Authentication done.");
                return initSecContext;
            }
            if (initSecContext != null) {
                return initSecContext;
            }
            authLogger.info(toString() + "byteToken is null in initSecContext.");
            this.con.terminate(0, SQLServerException.getErrString("R_integratedAuthenticationFailed"));
            return initSecContext;
        } catch (GSSException e) {
            authLogger.finer(toString() + "initSecContext Failed :-" + e);
            this.con.terminate(0, SQLServerException.getErrString("R_integratedAuthenticationFailed"), e);
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:12:0x0068 A[Catch: GSSException -> 0x00b2, PrivilegedActionException -> 0x00df, TryCatch #4 {PrivilegedActionException -> 0x00df, GSSException -> 0x00b2, blocks: (B:3:0x0002, B:5:0x0009, B:18:0x0013, B:7:0x0027, B:9:0x003a, B:10:0x0056, B:12:0x0068, B:13:0x0084, B:22:0x00a3), top: B:2:0x0002 }] */
    /* JADX WARN: Removed duplicated region for block: B:9:0x003a A[Catch: GSSException -> 0x00b2, PrivilegedActionException -> 0x00df, TryCatch #4 {PrivilegedActionException -> 0x00df, GSSException -> 0x00b2, blocks: (B:3:0x0002, B:5:0x0009, B:18:0x0013, B:7:0x0027, B:9:0x003a, B:10:0x0056, B:12:0x0068, B:13:0x0084, B:22:0x00a3), top: B:2:0x0002 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void intAuthInit() throws com.microsoft.sqlserver.jdbc.SQLServerException {
        /*
            Method dump skipped, instructions count: 273
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.microsoft.sqlserver.jdbc.KerbAuthentication.intAuthInit():void");
    }

    private String makeSpn(String str, int i) throws SQLServerException {
        if (authLogger.isLoggable(Level.FINER)) {
            authLogger.finer(toString() + " Server: " + str + " port: " + i);
        }
        String str2 = "MSSQLSvc/" + str + ":" + i;
        if (authLogger.isLoggable(Level.FINER)) {
            authLogger.finer(toString() + " SPN: " + str2);
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.microsoft.sqlserver.jdbc.SSPIAuthentication
    public byte[] GenerateClientContext(byte[] bArr, boolean[] zArr) throws SQLServerException {
        if (this.peerContext == null) {
            intAuthInit();
        }
        return intAuthHandShake(bArr, zArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.microsoft.sqlserver.jdbc.SSPIAuthentication
    public int ReleaseClientContext() throws SQLServerException {
        try {
            if (this.peerCredentials != null) {
                this.peerCredentials.dispose();
            }
            if (this.peerContext != null) {
                this.peerContext.dispose();
            }
            if (this.lc == null) {
                return 0;
            }
            this.lc.logout();
            return 0;
        } catch (GSSException e) {
            authLogger.fine(toString() + " Release of the credentials failed GSSException: " + e);
            return 0;
        } catch (LoginException e2) {
            authLogger.fine(toString() + " Release of the credentials failed LoginException: " + e2);
            return 0;
        }
    }
}
