package org.kaazing.specification.socks5.internal;

import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.security.auth.Subject;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.MessageProp;
import org.ietf.jgss.Oid;
import org.kaazing.k3po.lang.el.Function;
import org.kaazing.k3po.lang.el.spi.FunctionMapperSpi;

/* loaded from: input_file:org/kaazing/specification/socks5/internal/Functions.class */
public final class Functions {
    private static final Oid krb5Oid;

    /* loaded from: input_file:org/kaazing/specification/socks5/internal/Functions$Mapper.class */
    public static class Mapper extends FunctionMapperSpi.Reflective {
        public Mapper() {
            super(Functions.class);
        }

        public String getPrefixName() {
            return "socks5";
        }
    }

    @Function
    public static GSSContext createClientGSSContext(String str) {
        try {
            GSSManager gSSManager = GSSManager.getInstance();
            GSSContext createContext = gSSManager.createContext(gSSManager.createName(str, (Oid) null), krb5Oid, (GSSCredential) null, 0);
            createContext.requestMutualAuth(true);
            createContext.requestConf(true);
            createContext.requestInteg(true);
            return createContext;
        } catch (GSSException e) {
            throw new RuntimeException("Exception creating client GSSContext", e);
        }
    }

    @Function
    public static byte[] getClientToken(GSSContext gSSContext) {
        byte[] bArr = new byte[0];
        if (gSSContext.isEstablished()) {
            return null;
        }
        try {
            return getTokenWithLengthPrefix(gSSContext.initSecContext(bArr, 0, bArr.length));
        } catch (GSSException e) {
            throw new RuntimeException("Exception getting client token", e);
        }
    }

    @Function
    public static MessageProp createMessageProp(boolean z) {
        return new MessageProp(0, z);
    }

    @Function
    public static byte[] wrapMessage(GSSContext gSSContext, MessageProp messageProp, byte[] bArr) {
        try {
            return getTokenWithLengthPrefix(gSSContext.wrap(bArr, 0, bArr.length, messageProp));
        } catch (GSSException e) {
            throw new RuntimeException("Exception wrapping message", e);
        }
    }

    @Function
    public static boolean verifyMIC(GSSContext gSSContext, MessageProp messageProp, byte[] bArr, byte[] bArr2) {
        try {
            gSSContext.verifyMIC(bArr2, 0, bArr2.length, bArr, 0, bArr.length, messageProp);
            return true;
        } catch (GSSException e) {
            throw new RuntimeException("Exception verifying mic", e);
        }
    }

    @Function
    public static GSSContext createServerGSSContext() {
        System.out.println("createServerGSSContext()...");
        try {
            final GSSManager gSSManager = GSSManager.getInstance();
            try {
                GSSContext createContext = gSSManager.createContext((GSSCredential) Subject.doAs(new Subject(), new PrivilegedExceptionAction<GSSCredential>() { // from class: org.kaazing.specification.socks5.internal.Functions.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public GSSCredential run() throws GSSException {
                        return gSSManager.createCredential((GSSName) null, Integer.MAX_VALUE, Functions.krb5Oid, 2);
                    }
                }));
                System.out.println("createServerGSSContext(), context: " + createContext);
                return createContext;
            } catch (PrivilegedActionException e) {
                throw new RuntimeException("Exception creating server credentials", e);
            }
        } catch (GSSException e2) {
            System.out.println("createServerGSSContext(), finished with exception");
            throw new RuntimeException("Exception creating server GSSContext", e2);
        }
    }

    @Function
    public static boolean acceptClientToken(GSSContext gSSContext, byte[] bArr) {
        try {
            if (gSSContext.isEstablished()) {
                return true;
            }
            return gSSContext.acceptSecContext(bArr, 0, bArr.length) == null;
        } catch (GSSException e) {
            throw new RuntimeException("Exception accepting client token", e);
        }
    }

    @Function
    public static byte[] generateMIC(GSSContext gSSContext, MessageProp messageProp, byte[] bArr) {
        try {
            messageProp.setQOP(0);
            return getTokenWithLengthPrefix(gSSContext.getMIC(bArr, 0, bArr.length, messageProp));
        } catch (GSSException e) {
            throw new RuntimeException("Exception generating MIC for message", e);
        }
    }

    private static byte[] getTokenWithLengthPrefix(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length + 4];
        bArr2[0] = (byte) ((bArr.length >>> 24) & 255);
        bArr2[1] = (byte) ((bArr.length >>> 16) & 255);
        bArr2[2] = (byte) ((bArr.length >>> 8) & 255);
        bArr2[3] = (byte) ((bArr.length >>> 0) & 255);
        System.arraycopy(bArr, 0, bArr2, 4, bArr.length);
        return bArr2;
    }

    private Functions() {
    }

    static {
        System.setProperty("java.security.auth.login.config", "docker-kdc/bcsLogin.conf");
        System.setProperty("java.security.krb5.conf", "docker-kdc/krb5.conf");
        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
        System.setProperty("sun.security.krb5.principal", "test1/kdc.km.test@KM.TEST");
        try {
            krb5Oid = new Oid("1.2.840.113554.1.2.2");
        } catch (GSSException e) {
            throw new RuntimeException("Exception creating kerberos OID", e);
        }
    }
}
