package com.sun.security.sasl;

import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
import daikon.dcomp.DCRuntime;
import daikon.dcomp.DCompClone;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import java.util.Random;
import java.util.logging.Level;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;

/* loaded from: input_file:dcomp-rt/com/sun/security/sasl/CramMD5Server.class */
final class CramMD5Server extends CramMD5Base implements SaslServer {
    private String fqdn;
    private byte[] challengeData;
    private String authzid;
    private CallbackHandler cbh;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CramMD5Server(String str, String str2, Map map, CallbackHandler callbackHandler) throws SaslException {
        this.challengeData = null;
        if (str2 == null) {
            throw new SaslException("CRAM-MD5: fully qualified server name must be specified");
        }
        this.fqdn = str2;
        this.cbh = callbackHandler;
    }

    @Override // javax.security.sasl.SaslServer
    public byte[] evaluateResponse(byte[] bArr) throws SaslException {
        if (this.completed) {
            throw new IllegalStateException("CRAM-MD5 authentication already completed");
        }
        if (this.aborted) {
            throw new IllegalStateException("CRAM-MD5 authentication previously aborted due to error");
        }
        try {
            if (this.challengeData == null) {
                if (bArr.length != 0) {
                    this.aborted = true;
                    throw new SaslException("CRAM-MD5 does not expect any initial response");
                }
                long nextLong = new Random().nextLong();
                long currentTimeMillis = System.currentTimeMillis();
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append('<');
                stringBuffer.append(nextLong);
                stringBuffer.append('.');
                stringBuffer.append(currentTimeMillis);
                stringBuffer.append('@');
                stringBuffer.append(this.fqdn);
                stringBuffer.append('>');
                String stringBuffer2 = stringBuffer.toString();
                logger.log(Level.FINE, "CRAMSRV01:Generated challenge: {0}", stringBuffer2);
                this.challengeData = stringBuffer2.getBytes(Canonicalizer.ENCODING);
                return (byte[]) this.challengeData.clone();
            }
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, "CRAMSRV02:Received response: {0}", new String(bArr, Canonicalizer.ENCODING));
            }
            int i = 0;
            int i2 = 0;
            while (true) {
                if (i2 >= bArr.length) {
                    break;
                }
                if (bArr[i2] == 32) {
                    i = i2;
                    break;
                }
                i2++;
            }
            if (i == 0) {
                this.aborted = true;
                throw new SaslException("CRAM-MD5: Invalid response; space missing");
            }
            String str = new String(bArr, 0, i, Canonicalizer.ENCODING);
            logger.log(Level.FINE, "CRAMSRV03:Extracted username: {0}", str);
            NameCallback nameCallback = new NameCallback("CRAM-MD5 authentication ID: ", str);
            PasswordCallback passwordCallback = new PasswordCallback("CRAM-MD5 password: ", false);
            this.cbh.handle(new Callback[]{nameCallback, passwordCallback});
            char[] password = passwordCallback.getPassword();
            if (password == null || password.length == 0) {
                this.aborted = true;
                throw new SaslException("CRAM-MD5: username not found: " + str);
            }
            passwordCallback.clearPassword();
            String str2 = new String(password);
            for (int i3 = 0; i3 < password.length; i3++) {
                password[i3] = 0;
            }
            this.pw = str2.getBytes(Canonicalizer.ENCODING);
            String HMAC_MD5 = HMAC_MD5(this.pw, this.challengeData);
            logger.log(Level.FINE, "CRAMSRV04:Expecting digest: {0}", HMAC_MD5);
            clearPassword();
            byte[] bytes = HMAC_MD5.getBytes(Canonicalizer.ENCODING);
            if (bytes.length != (bArr.length - i) - 1) {
                this.aborted = true;
                throw new SaslException("Invalid response");
            }
            int i4 = 0;
            for (int i5 = i + 1; i5 < bArr.length; i5++) {
                int i6 = i4;
                i4++;
                if (bytes[i6] != bArr[i5]) {
                    this.aborted = true;
                    throw new SaslException("Invalid response");
                }
            }
            AuthorizeCallback authorizeCallback = new AuthorizeCallback(str, str);
            this.cbh.handle(new Callback[]{authorizeCallback});
            if (!authorizeCallback.isAuthorized()) {
                this.aborted = true;
                throw new SaslException("CRAM-MD5: user not authorized: " + str);
            }
            this.authzid = authorizeCallback.getAuthorizedID();
            logger.log(Level.FINE, "CRAMSRV05:Authorization id: {0}", this.authzid);
            this.completed = true;
            return null;
        } catch (UnsupportedEncodingException e) {
            this.aborted = true;
            throw new SaslException("UTF8 not available on platform", e);
        } catch (IOException e2) {
            this.aborted = true;
            throw new SaslException("CRAM-MD5 authentication failed", e2);
        } catch (NoSuchAlgorithmException e3) {
            this.aborted = true;
            throw new SaslException("MD5 algorithm not available on platform", e3);
        } catch (UnsupportedCallbackException e4) {
            this.aborted = true;
            throw new SaslException("CRAM-MD5 authentication failed", e4);
        } catch (SaslException e5) {
            throw e5;
        }
    }

    @Override // javax.security.sasl.SaslServer
    public String getAuthorizationID() {
        if (this.completed) {
            return this.authzid;
        }
        throw new IllegalStateException("CRAM-MD5 authentication not completed");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    /* JADX WARN: Not initialized variable reg: 0, insn: 0x0035: THROW (r0 I:java.lang.Throwable), block:B:10:0x0035 */
    public CramMD5Server(String str, String str2, Map map, CallbackHandler callbackHandler, DCompMarker dCompMarker) throws SaslException {
        super(null);
        DCRuntime.create_tag_frame("6");
        this.challengeData = null;
        if (str2 == null) {
            SaslException saslException = new SaslException("CRAM-MD5: fully qualified server name must be specified", (DCompMarker) null);
            DCRuntime.throw_op();
            throw saslException;
        }
        this.fqdn = str2;
        this.cbh = callbackHandler;
        DCRuntime.normal_exit();
    }

    /* JADX WARN: Type inference failed for: r0v6, types: [java.lang.Throwable, boolean] */
    @Override // javax.security.sasl.SaslServer
    public byte[] evaluateResponse(byte[] bArr, DCompMarker dCompMarker) throws SaslException {
        Object[] create_tag_frame = DCRuntime.create_tag_frame("?");
        completed_com_sun_security_sasl_CramMD5Server__$get_tag();
        boolean z = this.completed;
        DCRuntime.discard_tag(1);
        if (z) {
            IllegalStateException illegalStateException = new IllegalStateException("CRAM-MD5 authentication already completed", (DCompMarker) null);
            DCRuntime.throw_op();
            throw illegalStateException;
        }
        aborted_com_sun_security_sasl_CramMD5Server__$get_tag();
        ?? r0 = this.aborted;
        DCRuntime.discard_tag(1);
        if (r0 != 0) {
            IllegalStateException illegalStateException2 = new IllegalStateException("CRAM-MD5 authentication previously aborted due to error", (DCompMarker) null);
            DCRuntime.throw_op();
            throw illegalStateException2;
        }
        try {
            try {
                try {
                    try {
                        if (this.challengeData == null) {
                            DCRuntime.push_array_tag(bArr);
                            int length = bArr.length;
                            DCRuntime.discard_tag(1);
                            if (length != 0) {
                                DCRuntime.push_const();
                                aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
                                this.aborted = true;
                                SaslException saslException = new SaslException("CRAM-MD5 does not expect any initial response", (DCompMarker) null);
                                DCRuntime.throw_op();
                                throw saslException;
                            }
                            long nextLong = new Random((DCompMarker) null).nextLong(null);
                            DCRuntime.pop_local_tag(create_tag_frame, 4);
                            long currentTimeMillis = System.currentTimeMillis(null);
                            DCRuntime.pop_local_tag(create_tag_frame, 6);
                            StringBuffer stringBuffer = new StringBuffer((DCompMarker) null);
                            DCRuntime.push_const();
                            stringBuffer.append('<', (DCompMarker) null);
                            DCRuntime.push_local_tag(create_tag_frame, 4);
                            stringBuffer.append(nextLong, (DCompMarker) null);
                            DCRuntime.push_const();
                            stringBuffer.append('.', (DCompMarker) null);
                            DCRuntime.push_local_tag(create_tag_frame, 6);
                            stringBuffer.append(currentTimeMillis, (DCompMarker) null);
                            DCRuntime.push_const();
                            stringBuffer.append('@', (DCompMarker) null);
                            stringBuffer.append(this.fqdn, (DCompMarker) null);
                            DCRuntime.push_const();
                            stringBuffer.append('>', (DCompMarker) null);
                            String stringBuffer2 = stringBuffer.toString();
                            logger.log(Level.FINE, "CRAMSRV01:Generated challenge: {0}", stringBuffer2, (DCompMarker) null);
                            this.challengeData = stringBuffer2.getBytes(Canonicalizer.ENCODING, (DCompMarker) null);
                            byte[] bArr2 = this.challengeData;
                            byte[] bArr3 = (byte[]) (bArr2 instanceof DCompClone ? bArr2.clone(null) : DCRuntime.uninstrumented_clone(bArr2, bArr2.clone()));
                            DCRuntime.normal_exit();
                            return bArr3;
                        }
                        boolean isLoggable = logger.isLoggable(Level.FINE, null);
                        DCRuntime.discard_tag(1);
                        if (isLoggable) {
                            logger.log(Level.FINE, "CRAMSRV02:Received response: {0}", new String(bArr, Canonicalizer.ENCODING, (DCompMarker) null), (DCompMarker) null);
                        }
                        DCRuntime.push_const();
                        DCRuntime.pop_local_tag(create_tag_frame, 3);
                        int i = 0;
                        DCRuntime.push_const();
                        DCRuntime.pop_local_tag(create_tag_frame, 4);
                        int i2 = 0;
                        while (true) {
                            DCRuntime.push_local_tag(create_tag_frame, 4);
                            int i3 = i2;
                            DCRuntime.push_array_tag(bArr);
                            int length2 = bArr.length;
                            DCRuntime.cmp_op();
                            if (i3 >= length2) {
                                break;
                            }
                            DCRuntime.push_local_tag(create_tag_frame, 4);
                            int i4 = i2;
                            DCRuntime.primitive_array_load(bArr, i4);
                            byte b = bArr[i4];
                            DCRuntime.push_const();
                            DCRuntime.cmp_op();
                            if (b == 32) {
                                DCRuntime.push_local_tag(create_tag_frame, 4);
                                DCRuntime.pop_local_tag(create_tag_frame, 3);
                                i = i2;
                                break;
                            }
                            i2++;
                        }
                        DCRuntime.push_local_tag(create_tag_frame, 3);
                        int i5 = i;
                        DCRuntime.discard_tag(1);
                        if (i5 == 0) {
                            DCRuntime.push_const();
                            aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
                            this.aborted = true;
                            SaslException saslException2 = new SaslException("CRAM-MD5: Invalid response; space missing", (DCompMarker) null);
                            DCRuntime.throw_op();
                            throw saslException2;
                        }
                        DCRuntime.push_const();
                        DCRuntime.push_local_tag(create_tag_frame, 3);
                        String str = new String(bArr, 0, i, Canonicalizer.ENCODING, (DCompMarker) null);
                        logger.log(Level.FINE, "CRAMSRV03:Extracted username: {0}", str, (DCompMarker) null);
                        NameCallback nameCallback = new NameCallback("CRAM-MD5 authentication ID: ", str, null);
                        DCRuntime.push_const();
                        PasswordCallback passwordCallback = new PasswordCallback("CRAM-MD5 password: ", false, null);
                        CallbackHandler callbackHandler = this.cbh;
                        DCRuntime.push_const();
                        Callback[] callbackArr = new Callback[2];
                        DCRuntime.push_array_tag(callbackArr);
                        DCRuntime.cmp_op();
                        DCRuntime.push_const();
                        DCRuntime.aastore(callbackArr, 0, nameCallback);
                        DCRuntime.push_const();
                        DCRuntime.aastore(callbackArr, 1, passwordCallback);
                        callbackHandler.handle(callbackArr, null);
                        char[] password = passwordCallback.getPassword(null);
                        if (password != null) {
                            DCRuntime.push_array_tag(password);
                            int length3 = password.length;
                            DCRuntime.discard_tag(1);
                            if (length3 != 0) {
                                passwordCallback.clearPassword(null);
                                String str2 = new String(password, (DCompMarker) null);
                                DCRuntime.push_const();
                                DCRuntime.pop_local_tag(create_tag_frame, 9);
                                int i6 = 0;
                                while (true) {
                                    DCRuntime.push_local_tag(create_tag_frame, 9);
                                    int i7 = i6;
                                    DCRuntime.push_array_tag(password);
                                    int length4 = password.length;
                                    DCRuntime.cmp_op();
                                    if (i7 >= length4) {
                                        break;
                                    }
                                    DCRuntime.push_local_tag(create_tag_frame, 9);
                                    DCRuntime.push_const();
                                    DCRuntime.castore(password, i6, (char) 0);
                                    i6++;
                                }
                                this.pw = str2.getBytes(Canonicalizer.ENCODING, (DCompMarker) null);
                                String HMAC_MD5 = HMAC_MD5(this.pw, this.challengeData, null);
                                logger.log(Level.FINE, "CRAMSRV04:Expecting digest: {0}", HMAC_MD5, (DCompMarker) null);
                                clearPassword(null);
                                byte[] bytes = HMAC_MD5.getBytes(Canonicalizer.ENCODING, (DCompMarker) null);
                                DCRuntime.push_array_tag(bArr);
                                int length5 = bArr.length;
                                DCRuntime.push_local_tag(create_tag_frame, 3);
                                DCRuntime.binary_tag_op();
                                DCRuntime.push_const();
                                DCRuntime.binary_tag_op();
                                int i8 = (length5 - i) - 1;
                                DCRuntime.pop_local_tag(create_tag_frame, 11);
                                DCRuntime.push_array_tag(bytes);
                                int length6 = bytes.length;
                                DCRuntime.push_local_tag(create_tag_frame, 11);
                                DCRuntime.cmp_op();
                                if (length6 != i8) {
                                    DCRuntime.push_const();
                                    aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
                                    this.aborted = true;
                                    SaslException saslException3 = new SaslException("Invalid response", (DCompMarker) null);
                                    DCRuntime.throw_op();
                                    throw saslException3;
                                }
                                DCRuntime.push_const();
                                DCRuntime.pop_local_tag(create_tag_frame, 12);
                                int i9 = 0;
                                DCRuntime.push_local_tag(create_tag_frame, 3);
                                DCRuntime.push_const();
                                DCRuntime.binary_tag_op();
                                DCRuntime.pop_local_tag(create_tag_frame, 13);
                                int i10 = i + 1;
                                while (true) {
                                    DCRuntime.push_local_tag(create_tag_frame, 13);
                                    int i11 = i10;
                                    DCRuntime.push_array_tag(bArr);
                                    int length7 = bArr.length;
                                    DCRuntime.cmp_op();
                                    if (i11 >= length7) {
                                        AuthorizeCallback authorizeCallback = new AuthorizeCallback(str, str, null);
                                        CallbackHandler callbackHandler2 = this.cbh;
                                        DCRuntime.push_const();
                                        Callback[] callbackArr2 = new Callback[1];
                                        DCRuntime.push_array_tag(callbackArr2);
                                        DCRuntime.cmp_op();
                                        DCRuntime.push_const();
                                        DCRuntime.aastore(callbackArr2, 0, authorizeCallback);
                                        callbackHandler2.handle(callbackArr2, null);
                                        boolean isAuthorized = authorizeCallback.isAuthorized(null);
                                        DCRuntime.discard_tag(1);
                                        if (!isAuthorized) {
                                            DCRuntime.push_const();
                                            aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
                                            this.aborted = true;
                                            SaslException saslException4 = new SaslException(new StringBuilder((DCompMarker) null).append("CRAM-MD5: user not authorized: ", (DCompMarker) null).append(str, (DCompMarker) null).toString(), (DCompMarker) null);
                                            DCRuntime.throw_op();
                                            throw saslException4;
                                        }
                                        this.authzid = authorizeCallback.getAuthorizedID(null);
                                        logger.log(Level.FINE, "CRAMSRV05:Authorization id: {0}", this.authzid, (DCompMarker) null);
                                        DCRuntime.push_const();
                                        completed_com_sun_security_sasl_CramMD5Server__$set_tag();
                                        this.completed = true;
                                        DCRuntime.normal_exit();
                                        return null;
                                    }
                                    DCRuntime.push_local_tag(create_tag_frame, 12);
                                    int i12 = i9;
                                    i9++;
                                    DCRuntime.primitive_array_load(bytes, i12);
                                    byte b2 = bytes[i12];
                                    DCRuntime.push_local_tag(create_tag_frame, 13);
                                    int i13 = i10;
                                    DCRuntime.primitive_array_load(bArr, i13);
                                    byte b3 = bArr[i13];
                                    DCRuntime.cmp_op();
                                    if (b2 != b3) {
                                        DCRuntime.push_const();
                                        aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
                                        this.aborted = true;
                                        SaslException saslException5 = new SaslException("Invalid response", (DCompMarker) null);
                                        DCRuntime.throw_op();
                                        throw saslException5;
                                    }
                                    i10++;
                                }
                            }
                        }
                        DCRuntime.push_const();
                        aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
                        this.aborted = true;
                        SaslException saslException6 = new SaslException(new StringBuilder((DCompMarker) null).append("CRAM-MD5: username not found: ", (DCompMarker) null).append(str, (DCompMarker) null).toString(), (DCompMarker) null);
                        DCRuntime.throw_op();
                        throw saslException6;
                    } catch (UnsupportedCallbackException e) {
                        DCRuntime.push_const();
                        aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
                        this.aborted = true;
                        SaslException saslException7 = new SaslException("CRAM-MD5 authentication failed", e, null);
                        DCRuntime.throw_op();
                        throw saslException7;
                    }
                } catch (IOException e2) {
                    DCRuntime.push_const();
                    aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
                    this.aborted = true;
                    SaslException saslException8 = new SaslException("CRAM-MD5 authentication failed", e2, null);
                    DCRuntime.throw_op();
                    throw saslException8;
                }
            } catch (SaslException e3) {
                DCRuntime.throw_op();
                throw e3;
            }
        } catch (UnsupportedEncodingException e4) {
            DCRuntime.push_const();
            aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
            this.aborted = true;
            SaslException saslException9 = new SaslException("UTF8 not available on platform", e4, null);
            DCRuntime.throw_op();
            throw saslException9;
        } catch (NoSuchAlgorithmException e5) {
            DCRuntime.push_const();
            aborted_com_sun_security_sasl_CramMD5Server__$set_tag();
            this.aborted = true;
            SaslException saslException10 = new SaslException("MD5 algorithm not available on platform", e5, null);
            DCRuntime.throw_op();
            throw saslException10;
        }
    }

    /* JADX WARN: Not initialized variable reg: 0, insn: 0x002f: THROW (r0 I:java.lang.Throwable), block:B:10:0x002f */
    @Override // javax.security.sasl.SaslServer
    public String getAuthorizationID(DCompMarker dCompMarker) {
        DCRuntime.create_tag_frame("2");
        completed_com_sun_security_sasl_CramMD5Server__$get_tag();
        boolean z = this.completed;
        DCRuntime.discard_tag(1);
        if (z) {
            String str = this.authzid;
            DCRuntime.normal_exit();
            return str;
        }
        IllegalStateException illegalStateException = new IllegalStateException("CRAM-MD5 authentication not completed", (DCompMarker) null);
        DCRuntime.throw_op();
        throw illegalStateException;
    }

    public final void completed_com_sun_security_sasl_CramMD5Server__$get_tag() {
        DCRuntime.push_field_tag(this, 0);
    }

    protected final void completed_com_sun_security_sasl_CramMD5Server__$set_tag() {
        DCRuntime.pop_field_tag(this, 0);
    }

    public final void aborted_com_sun_security_sasl_CramMD5Server__$get_tag() {
        DCRuntime.push_field_tag(this, 1);
    }

    protected final void aborted_com_sun_security_sasl_CramMD5Server__$set_tag() {
        DCRuntime.pop_field_tag(this, 1);
    }
}
