package com.ibm.msg.client.wmq.v6.direct.internal;

import com.ibm.disthub2.impl.client.DebugObject;
import com.ibm.disthub2.impl.util.Assert;
import com.ibm.disthub2.spi.AuthException;
import com.ibm.disthub2.spi.AuthResult;
import com.ibm.disthub2.spi.ExceptionBuilder;
import com.ibm.disthub2.spi.Principal;
import com.ibm.msg.client.commonservices.trace.Trace;
import com.ibm.msg.client.wmq.v6.base.internal.MQC;
import com.ibm.msg.client.wmq.v6.direct.internal.AuthBase;
import java.io.IOException;
import java.net.Socket;
import java.util.Arrays;
import java.util.Properties;

/* loaded from: input_file:com/ibm/msg/client/wmq/v6/direct/internal/AuthClient.class */
public class AuthClient extends AuthBase {
    static final String copyright_notice = "Licensed Materials - Property of IBM 5724-H72, 5655-R36, 5724-L26, 5655-L82                (c) Copyright IBM Corp. 2008, 2010 All Rights Reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    protected static DebugObject debug;
    public static final String sccsid = "@(#) com.ibm.msg.client.wmq.v6/src/com/ibm/msg/client/wmq/v6/direct/internal/AuthClient.java, jmscc.wmq.v6, k710, k710-007-151026 1.10.1.1 11/10/17 16:04:52";

    public AuthClient(Socket socket, AuthPrincipal authPrincipal, Properties properties, short[] sArr, ISSL issl) {
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "<init>(Socket,AuthPrincipal,Properties,short [ ],ISSL)", new Object[]{socket, authPrincipal, properties, sArr, issl});
        }
        this.sock = socket;
        this.credentials = authPrincipal;
        this.metaData = properties;
        this.cfgProtos = sArr;
        this.xssl = issl;
        this.role = false;
        if (Trace.isOn) {
            Trace.exit(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "<init>(Socket,AuthPrincipal,Properties,short [ ],ISSL)");
        }
    }

    public AuthResult authenticate() throws AuthException {
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "authenticate()");
        }
        try {
            setupDataStreams();
            if (debug.debugIt(16)) {
                debug.debug(-153415734321212L, "runClient", "Starting client auth protocol...");
                for (int i = 0; i < this.cfgProtos.length; i++) {
                    debug.debug(-153415734321212L, "runClient", "Client proto: " + i + " " + ((int) this.cfgProtos[i]) + " (" + ((char) (this.cfgProtos[i] >> 8)) + ")");
                }
            }
            new AuthBase.Hello(this.cfgProtos).writeMsg(this.ostr);
            AuthBase.MsgBase readMsg = AuthBase.xDummy.readMsg(this.istr);
            short type = readMsg.getType();
            if (type == 88) {
                termException((AuthBase.AuthExceptionMsg) readMsg);
            }
            if (debug.debugIt(16)) {
                debug.debug(-153415734321212L, "runClient", "Server requests proto (" + readMsg.getClass() + ") : " + ((int) type) + " (" + ((char) (type >> 8)) + ")");
            }
            short s = 0;
            if (this.cfgProtos != null) {
                int i2 = 0;
                while (true) {
                    if (i2 >= this.cfgProtos.length) {
                        break;
                    }
                    if (type == this.cfgProtos[i2]) {
                        s = type;
                        break;
                    }
                    i2++;
                }
            }
            this.whichProto = s;
            if (debug.debugIt(16)) {
                debug.debug(-153415734321212L, "runClient", "Running client with protocol: " + ((int) s) + " (" + ((char) (s >> 8)) + ")");
            }
            AuthResult authResult = null;
            switch (s) {
                case 67:
                    authResult = clntChallengeUP(readMsg);
                    break;
                case MQC.MQIA_COMMAND_EVENT /* 99 */:
                    authResult = clntChallengeUP(readMsg);
                    break;
                case 19779:
                    authResult = clntChallengeMPR(readMsg);
                    break;
                case 21059:
                    authResult = clntChallengeSSLPure(readMsg);
                    break;
                case 21315:
                    authResult = clntChallengeSSLUP(readMsg);
                    break;
                default:
                    termException(ExceptionBuilder.buildReasonString(813349304, new Object[]{Short.valueOf(s)}), 1);
                    break;
            }
            if (debug.debugIt(64)) {
                debug.debug(-142394261359015L, "runClient", authResult);
            }
            if (Trace.isOn) {
                Trace.exit(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "authenticate()", authResult, 1);
            }
            return authResult;
        } catch (IOException e) {
            if (Trace.isOn) {
                Trace.catchBlock(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "authenticate()", e, 2);
            }
            AuthException authException = new AuthException(2, e, (Principal) null);
            if (Trace.isOn) {
                Trace.throwing(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "authenticate()", authException);
            }
            throw authException;
        } catch (AuthException e2) {
            if (Trace.isOn) {
                Trace.catchBlock(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "authenticate()", e2, 1);
            }
            termException(e2);
            Assert.condition(false);
            if (!Trace.isOn) {
                return null;
            }
            Trace.exit(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "authenticate()", (Object) null, 2);
            return null;
        }
    }

    protected AuthResult clntChallengeMPR(AuthBase.MsgBase msgBase) throws AuthException, IOException {
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "clntChallengeMPR(MsgBase)", new Object[]{msgBase});
        }
        if (debug.debugIt(32)) {
            debug.debug(-165922073994779L, "clntChallengeMPR", msgBase);
        }
        AuthBase.ChallengeMPR challengeMPR = (AuthBase.ChallengeMPR) msgBase;
        String str = challengeMPR.serverId;
        String str2 = challengeMPR.serverXid;
        byte[] random = AuthBase.random(20);
        String name = this.credentials.getName();
        String password = this.credentials.getPassword();
        String transformPropObj = AuthBase.transformPropObj(this.metaData);
        mutualPasswordMacs(password, str, str2, challengeMPR.Rs, name, transformPropObj, random);
        new AuthBase.ResponseAndCounter(name, transformPropObj, random, this.macClnt).writeMsg(this.ostr);
        close_ostr();
        AuthBase.MsgBase readMsg = AuthBase.xDummy.readMsg(this.istr);
        if (readMsg.getType() != 19791) {
            termWrongMsg(readMsg);
        }
        if (!Arrays.equals(((AuthBase.OkayResponse) readMsg).MacS, this.macServ)) {
            termException(ExceptionBuilder.buildReasonString(1231952836, (Object[]) null), 3);
        }
        AuthResult authResult = new AuthResult();
        authResult.authPrincipal = new DefaultPrincipal(str, "");
        authResult.authMetaData = AuthBase.transformPropString(str2);
        authResult.sharedSecret = this.sessionSecret;
        Assert.condition(this.sessionSecret != null);
        cleanup();
        if (debug.debugIt(64)) {
            debug.debug(-142394261359015L, "clntChallengeMPR", authResult);
        }
        if (Trace.isOn) {
            Trace.exit(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "clntChallengeMPR(MsgBase)", authResult);
        }
        return authResult;
    }

    protected AuthResult clntChallengeSSLPure(AuthBase.MsgBase msgBase) throws AuthException, IOException {
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "clntChallengeSSLPure(MsgBase)", new Object[]{msgBase});
        }
        if (debug.debugIt(32)) {
            debug.debug(-165922073994779L, "clntChallengeSSLPure", msgBase);
        }
        sslStart(false, (short) 21059);
        byte[] random = AuthBase.random(20);
        new AuthBase.ReplySSLPure(this.credentials.getName(), "", AuthBase.transformPropObj(this.metaData), random).writeMsg(this.ostr);
        close_ostr();
        AuthBase.MsgBase readMsg = AuthBase.xDummy.readMsg(this.istr);
        if (readMsg.getType() != 21071) {
            termWrongMsg(readMsg);
        }
        AuthBase.OkaySSLPure okaySSLPure = (AuthBase.OkaySSLPure) readMsg;
        String extractUserID = this.sslSession.extractUserID();
        if (extractUserID == null) {
            extractUserID = okaySSLPure.serverId;
        }
        sslDeriveSessionKey(this.sslSession, okaySSLPure.Rs, random);
        AuthResult authResult = new AuthResult();
        authResult.authPrincipal = new DefaultPrincipal(extractUserID, "");
        authResult.authMetaData = AuthBase.transformPropString(okaySSLPure.serverXid);
        authResult.sharedSecret = this.sessionSecret;
        Assert.condition(authResult.sharedSecret != null);
        cleanup();
        if (debug.debugIt(64)) {
            debug.debug(-142394261359015L, "clntChallengeSSLPure", authResult);
        }
        if (Trace.isOn) {
            Trace.exit(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "clntChallengeSSLPure(MsgBase)", authResult);
        }
        return authResult;
    }

    protected AuthResult clntChallengeSSLUP(AuthBase.MsgBase msgBase) throws AuthException, IOException {
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "clntChallengeSSLUP(MsgBase)", new Object[]{msgBase});
        }
        if (debug.debugIt(32)) {
            debug.debug(-165922073994779L, "clntChallengeSSLUP", msgBase);
        }
        sslStart(false, (short) 21315);
        byte[] random = AuthBase.random(20);
        new AuthBase.ReplySSLUP(this.credentials.getName(), this.credentials.getPassword(), AuthBase.transformPropObj(this.metaData), random).writeMsg(this.ostr);
        close_ostr();
        AuthBase.MsgBase readMsg = AuthBase.xDummy.readMsg(this.istr);
        if (readMsg.getType() != 21327) {
            termWrongMsg(readMsg);
        }
        AuthBase.OkaySSLUP okaySSLUP = (AuthBase.OkaySSLUP) readMsg;
        String extractUserID = this.sslSession.extractUserID();
        if (extractUserID == null) {
            extractUserID = okaySSLUP.serverId;
        }
        sslDeriveSessionKey(this.sslSession, okaySSLUP.Rs, random);
        AuthResult authResult = new AuthResult();
        authResult.authPrincipal = new DefaultPrincipal(extractUserID, "");
        authResult.authMetaData = AuthBase.transformPropString(okaySSLUP.serverXid);
        authResult.sharedSecret = this.sessionSecret;
        Assert.condition(authResult.sharedSecret != null);
        cleanup();
        if (debug.debugIt(64)) {
            debug.debug(-142394261359015L, "clntChallengeSSLUP", authResult);
        }
        if (Trace.isOn) {
            Trace.exit(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "clntChallengeSSLUP(MsgBase)", authResult);
        }
        return authResult;
    }

    protected AuthResult clntChallengeUP(AuthBase.MsgBase msgBase) throws AuthException, IOException {
        if (Trace.isOn) {
            Trace.entry(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "clntChallengeUP(MsgBase)", new Object[]{msgBase});
        }
        if (debug.debugIt(32)) {
            debug.debug(-165922073994779L, "clntChallengeUP", msgBase);
        }
        new AuthBase.ReplyUP(this.credentials.getName(), this.credentials.getPassword(), AuthBase.transformPropObj(this.metaData)).writeMsg(this.ostr);
        close_ostr();
        AuthBase.MsgBase readMsg = AuthBase.xDummy.readMsg(this.istr);
        if (readMsg.getType() != 111 && readMsg.getType() != 79) {
            termWrongMsg(readMsg);
        }
        AuthBase.OkayUP okayUP = (AuthBase.OkayUP) readMsg;
        AuthResult authResult = new AuthResult();
        authResult.authPrincipal = new DefaultPrincipal(okayUP.serverId, "");
        authResult.authMetaData = AuthBase.transformPropString(okayUP.serverXid);
        authResult.sharedSecret = "NOT A GOOD SECRET!".getBytes();
        cleanup();
        if (debug.debugIt(64)) {
            debug.debug(-142394261359015L, "clntChallengeUP", authResult);
        }
        if (Trace.isOn) {
            Trace.exit(this, "com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "clntChallengeUP(MsgBase)", authResult);
        }
        return authResult;
    }

    static {
        if (Trace.isOn) {
            Trace.data("com.ibm.msg.client.wmq.v6.direct.internal.AuthClient", "static", "SCCS id", "@(#) com.ibm.msg.client.wmq.v6/src/com/ibm/msg/client/wmq/v6/direct/internal/AuthClient.java, jmscc.wmq.v6, k710, k710-007-151026  1.10.1.1 11/10/17 16:04:52");
        }
        debug = new DebugObject("AuthClient");
    }
}
