package com.teradata.tdgss.jgssp2ldap;

import com.teradata.jdbc.Const;
import com.teradata.tdgss.jalgapi.AlgParcel;
import com.teradata.tdgss.jalgapi.AlgQop;
import com.teradata.tdgss.jalgapi.AlgQopDer;
import com.teradata.tdgss.jgssp2td2.Td2Crypto;
import com.teradata.tdgss.jgssp2td2.Td2Token;
import com.teradata.tdgss.jgssp2td2.TokenDefinition;
import com.teradata.tdgss.jtdgss.TdgssException;
import com.teradata.tdgss.jtdgss.TdgssParseXml;
import com.teradata.tdgss.jtdgss.TdgssVersion;
import com.teradata.tdgss.jtdgss.tdgssdefines;
import com.teradata.tdgss.logging.TdgssLogger;
import com.teradata.tdgss.logging.TdgssLoggingManager;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import org.ietf.jgss.ChannelBinding;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.MessageProp;
import org.ietf.jgss.Oid;

/* loaded from: input_file:com/teradata/tdgss/jgssp2ldap/LdapContext.class */
public final class LdapContext implements GSSContext {
    private static final short maxshort = Short.MAX_VALUE;
    private static final int CTX_NEW = 0;
    private static final int CTX_SEND_KEYS = 1;
    private static final int CTX_BINDABLE = 3;
    private static final int CTX_USER_PROPERTIES = 4;
    private static final int CTX_SETUP_COMPLETE = 5;
    private byte contextInit;
    private int contextState;
    private byte server_client;
    private TdgssVersion mylibraryversion;
    private LdapVersion mymethodversion;
    private byte myendien;
    private boolean protReady;
    private byte mytargetendien;
    private int mycbmaxtoken;
    private byte[] masterKey;
    private String[] endien_txt;
    private boolean initiator;
    private LdapCredential credential;
    private LdapName targetName;
    private int lifetime;
    private short requestedServices;
    private LdapDH DH;
    private static String[] QOPComp;
    private int publicKeyLength;
    private byte[] publicKeybuf;
    private AlgQop legacyQop;
    private AlgQop[] globalQops;
    private static final int HEADERLEN = 16;
    protected static final int LIB_MAJOR_REL_VER_INDEX = 16;
    private static final int LIB_MINOR_REL_VER_INDEX = 17;
    private static final int LIB_MAINT_REL_VER_INDEX = 18;
    private static final int LIB_EMG_REL_VER_INDEX = 19;
    protected static final int PKEY_LENGTH = 20;
    private static final int GKEY_LENGTH = 24;
    private static final int PUBLICKEY_LENGTH = 28;
    private static final int PARCEL_LENGTH = 36;
    private static final int ENCRYPTED_LOGDATA = 40;
    private static final int KEY_DATA = 80;
    private static final byte TDGSS_BIGENDIEN = 1;
    private static final byte TDGSS_SMALLENDIEN = 0;
    private static final byte TDGSS_SERVER = 1;
    private static final byte TDGSS_CLIENT = 0;
    protected static final byte FLAG_BYTE = 12;
    private static final int INITMSGLEN = 64;
    static final int keysize = 64;
    private byte[] UserPropBytes;
    private BigInteger mySeqNum;
    private BigInteger peerSeqNum;
    private int peerCapabilities;
    private Td2Crypto[] td2Crypto;
    private static final TdgssLogger logger = TdgssLoggingManager.getInstance().getLogger();
    static final String[] msgexttxt = {"client", "server"};

    public LdapContext(LdapCredential ldapCredential, Object[] objArr) throws GSSException {
        this.contextInit = (byte) 0;
        this.contextState = 0;
        this.server_client = (byte) 1;
        this.myendien = (byte) 1;
        this.protReady = false;
        this.mytargetendien = (byte) -1;
        this.mycbmaxtoken = -1;
        this.masterKey = null;
        this.endien_txt = new String[]{"small endien", "big endien"};
        this.UserPropBytes = null;
        this.mySeqNum = new BigInteger("1");
        this.peerSeqNum = new BigInteger("1");
        this.peerCapabilities = 0;
        this.td2Crypto = new Td2Crypto[4];
        this.initiator = false;
        this.credential = ldapCredential;
        InitialiseData();
        this.requestedServices = (short) 99;
    }

    public LdapContext(LdapCredential ldapCredential, LdapName ldapName, int i, Object[] objArr, short s) throws GSSException {
        this.contextInit = (byte) 0;
        this.contextState = 0;
        this.server_client = (byte) 1;
        this.myendien = (byte) 1;
        this.protReady = false;
        this.mytargetendien = (byte) -1;
        this.mycbmaxtoken = -1;
        this.masterKey = null;
        this.endien_txt = new String[]{"small endien", "big endien"};
        this.UserPropBytes = null;
        this.mySeqNum = new BigInteger("1");
        this.peerSeqNum = new BigInteger("1");
        this.peerCapabilities = 0;
        this.td2Crypto = new Td2Crypto[4];
        this.initiator = true;
        this.credential = ldapCredential;
        this.targetName = ldapName;
        this.lifetime = i;
        this.requestedServices = s;
        InitialiseData();
    }

    public static TdgssVersion InquireLibraryVersion() {
        return new TdgssVersion();
    }

    public static LdapVersion InquireMethodVersion() {
        return new LdapVersion();
    }

    private void InitialiseData() throws GSSException {
        this.contextState = 0;
        this.mylibraryversion = InquireLibraryVersion();
        this.mymethodversion = InquireMethodVersion();
        this.myendien = (byte) 1;
        this.mycbmaxtoken = 80;
        this.DH = new LdapDH();
        if (QOPComp == null) {
            QOPComp = ParseQOP(1);
        }
    }

    private Td2Token ValidateMsgInfo(byte[] bArr, int i, int i2) throws GSSException {
        if (i2 <= 16) {
            throw new TdgssException(10, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
        }
        byte[] bArr2 = new byte[16];
        System.arraycopy(bArr, (i + i2) - 16, bArr2, 0, 16);
        Td2Token td2Token = new Td2Token(bArr2, 0);
        byte version = td2Token.getVersion();
        byte msgType = td2Token.getMsgType();
        byte byteVar = td2Token.getByteVar();
        if (version == 1 && ((msgType != 3 && msgType != 4) || byteVar != 2)) {
            throw new TdgssException(10, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
        }
        if (version == 3 && msgType != 7 && msgType != 8) {
            throw new TdgssException(10, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
        }
        boolean z = (td2Token.getFlags() & 4) == 4;
        if (version == 3 && msgType == 7 && !z) {
            if (i2 != td2Token.getMsgLength()) {
                throw new TdgssException(10, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
            }
        } else if (i2 != td2Token.getMsgLength() + 16) {
            throw new TdgssException(10, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
        }
        return td2Token;
    }

    public String[] ParseQOP(int i) throws GSSException {
        String[] strArr = new String[5];
        switch (i) {
            case 0:
                strArr[0] = tdgssdefines.ALGORITHMNAME_AES;
                strArr[1] = tdgssdefines.KEYLENGTH_K128;
                strArr[2] = tdgssdefines.MODE_CFB;
                strArr[3] = tdgssdefines.PADDING_PKCS5PADDING;
                strArr[4] = tdgssdefines.ALGORITHMNAME_MD5;
                break;
            case 1:
                strArr[0] = tdgssdefines.ALGORITHMNAME_AES;
                strArr[1] = tdgssdefines.KEYLENGTH_K128;
                strArr[2] = tdgssdefines.MODE_OFB;
                strArr[3] = tdgssdefines.PADDING_PKCS5PADDING;
                strArr[4] = tdgssdefines.ALGORITHMNAME_SHA1;
                break;
            default:
                throw new TdgssException(14, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        return strArr;
    }

    private byte[] BuildInitMsg(byte b) throws GSSException {
        byte[] bArr = {6, 12, 43, 6, 1, 4, 1, -127, 63, 1, -121, 116, 1, 20, 70, 8, 0, 1, -127, 0, 3, 0, 0, 0, 1, 0, 0, 0, 30, 1};
        logger.debug("We will initiate the handshake now...");
        byte[] cipherSuitesParcel = AlgParcel.getCipherSuitesParcel();
        int length = cipherSuitesParcel.length;
        byte[] bArr2 = new byte[this.mycbmaxtoken + length + bArr.length];
        for (int i = 0; i < bArr2.length; i++) {
            bArr2[i] = 0;
        }
        byte[] GetTokenBytes = new Td2Token((byte) 1, b, (byte) 1, isserver() ? (byte) 1 : (byte) 0, 13, (this.requestedServices & 1) == 1 ? (byte) (0 | 16) : (byte) 0, 0, 64 + length, null).GetTokenBytes();
        System.arraycopy(GetTokenBytes, 0, bArr2, 0, GetTokenBytes.length);
        bArr2[16] = this.mylibraryversion.MajorRelease;
        bArr2[17] = this.mylibraryversion.MinorRelease;
        bArr2[18] = this.mylibraryversion.MaintenanceRelease;
        bArr2[19] = this.mylibraryversion.EmergencyRelease;
        byte[] inttobytearray = LdapUtil.inttobytearray(length);
        System.arraycopy(inttobytearray, 0, bArr2, 36, inttobytearray.length);
        System.arraycopy(cipherSuitesParcel, 0, bArr2, this.mycbmaxtoken, length);
        System.arraycopy(bArr, 0, bArr2, this.mycbmaxtoken + length, bArr.length);
        logger.debug("Successfully generated first message as", bArr2);
        return bArr2;
    }

    private void ProcessInitMsg(byte[] bArr, int i, int i2) throws GSSException {
        logger.debug("Receiving and processing first message");
        if (i != 0) {
            logger.debug("Only offset = 0 is allowed!");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_OFFSET_NOT_ZERO);
        }
        Td2Token td2Token = new Td2Token(bArr, i);
        this.mytargetendien = (byte) 0;
        if ((td2Token.getFlags() & 16) != 16) {
            this.requestedServices = (short) (this.requestedServices & 32766);
        }
        logger.debug(new StringBuffer().append("Checking target endien as ").append((int) this.mytargetendien).toString());
        if (byteflipneeded()) {
            logger.debug("We have to byte-flip!");
        }
        if (!chklibrary(bArr, this.mylibraryversion)) {
            logger.debug("*** Illegal library version *** ");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_VERSION_MISMATCH);
        }
        if ((td2Token.getMsgType() != 1 && td2Token.getMsgType() != 2) || td2Token.getByteVar() != 1) {
            logger.debug(" Message header is not proper");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
        }
        this.peerCapabilities = (byte) td2Token.getCapabilities();
        logger.debug("The received message is OK!");
    }

    private void ExtractKeys(byte[] bArr, int i, int i2) throws GSSException {
        byte[] bArr2 = new byte[4];
        byte[] bArr3 = new byte[4];
        byte[] bArr4 = new byte[4];
        byte[] bArr5 = new byte[4];
        System.arraycopy(bArr, 20, bArr2, 0, 4);
        int ByteAtoInt = LdapUtil.ByteAtoInt(bArr2);
        byte[] bArr6 = new byte[ByteAtoInt];
        System.arraycopy(bArr, 80, bArr6, 0, ByteAtoInt);
        System.arraycopy(bArr, 24, bArr3, 0, 4);
        int ByteAtoInt2 = LdapUtil.ByteAtoInt(bArr3);
        byte[] bArr7 = new byte[ByteAtoInt2];
        System.arraycopy(bArr, 80 + ByteAtoInt, bArr7, 0, ByteAtoInt2);
        System.arraycopy(bArr, 28, bArr4, 0, 4);
        int ByteAtoInt3 = LdapUtil.ByteAtoInt(bArr4);
        byte[] bArr8 = new byte[ByteAtoInt3];
        System.arraycopy(bArr, 80 + ByteAtoInt + ByteAtoInt2, bArr8, 0, ByteAtoInt3);
        if ((this.peerCapabilities & 4) == 4) {
            System.arraycopy(bArr, 36, bArr5, 0, 4);
            int ByteAtoInt4 = LdapUtil.ByteAtoInt(bArr5);
            byte[] bArr9 = new byte[ByteAtoInt4];
            System.arraycopy(bArr, 80 + ByteAtoInt + ByteAtoInt2 + ByteAtoInt3, bArr9, 0, ByteAtoInt4);
            AlgQopDer algQopDer = new AlgQopDer(bArr9);
            this.globalQops = new AlgQop[4];
            this.globalQops[0] = algQopDer.getAlgQop(0);
            this.globalQops[1] = algQopDer.getAlgQop(1);
            this.globalQops[2] = algQopDer.getAlgQop(2);
            this.globalQops[3] = algQopDer.getAlgQop(3);
        } else {
            this.legacyQop = new AlgQop(QOPComp[0], Integer.parseInt(QOPComp[1].substring(1)), QOPComp[2], QOPComp[3], QOPComp[4], tdgssdefines.ALGORITHMNAME_DH, 640);
        }
        logger.debug("Generate DH Parameters ...");
        this.DH.GenerateParameters(1, bArr7, bArr6);
        logger.debug("Generate DH Public Key ...");
        this.publicKeybuf = this.DH.GenerateKey();
        logger.debug("Compute  DH Private Key ...");
        this.masterKey = this.DH.ComputeKey(bArr8);
        logger.debug("The Matser Key is ***********************************", this.masterKey);
        this.publicKeyLength = ByteAtoInt3;
        if ((this.peerCapabilities & 4) == 4) {
            int i3 = 0;
            for (int i4 = 0; i4 < 4; i4++) {
                AlgQop algQop = this.globalQops[i4];
                int keyLength = algQop.getKeyLength() / 8;
                byte[] bArr10 = new byte[keyLength];
                System.arraycopy(this.masterKey, i3, bArr10, 0, keyLength);
                this.td2Crypto[i4] = new Td2Crypto(this.DH.BytetoKey(algQop.getConfidentialityAlgorithm(), bArr10, 0, keyLength), bArr10, algQop, this.peerCapabilities);
                this.td2Crypto[i4].computeKeyHash();
                i3 += keyLength;
            }
        } else {
            this.td2Crypto[0] = new Td2Crypto(this.DH.BytetoKey(this.legacyQop.getConfidentialityAlgorithm(), this.masterKey, 0, this.legacyQop.getKeyLength() / 8), this.masterKey, this.legacyQop, this.peerCapabilities);
            this.td2Crypto[0].computeKeyHash();
        }
        this.protReady = true;
    }

    private byte[] BuildServerMsg() throws GSSException {
        byte[] bArr;
        byte b = (this.peerCapabilities & 1) == 1 ? (byte) 3 : (byte) 1;
        byte b2 = (this.requestedServices & 1) == 1 ? (byte) (0 | 16) : (byte) 0;
        if ((this.peerCapabilities & 8) == 8) {
            byte[] logdataUTF8 = getLogdataUTF8();
            byte[] wrap = wrap(logdataUTF8, 0, logdataUTF8.length, new MessageProp(0, true));
            int length = 64 + wrap.length + this.publicKeyLength;
            byte[] GetTokenBytes = new Td2Token(b, (byte) 1, (byte) 2, isserver() ? (byte) 1 : (byte) 0, TokenDefinition.NOTAPPLICABLE, b2, 0, length, null).GetTokenBytes();
            bArr = new byte[16 + length];
            for (int i = 0; i < bArr.length; i++) {
                bArr[i] = 0;
            }
            System.arraycopy(GetTokenBytes, 0, bArr, 0, GetTokenBytes.length);
            bArr[16] = this.mylibraryversion.MajorRelease;
            bArr[17] = this.mylibraryversion.MinorRelease;
            bArr[18] = this.mylibraryversion.MaintenanceRelease;
            bArr[19] = this.mylibraryversion.EmergencyRelease;
            byte[] inttobytearray = LdapUtil.inttobytearray(this.publicKeyLength);
            System.arraycopy(inttobytearray, 0, bArr, 28, inttobytearray.length);
            System.arraycopy(this.publicKeybuf, 0, bArr, 80, this.publicKeybuf.length);
            byte[] inttobytearray2 = LdapUtil.inttobytearray(wrap.length);
            System.arraycopy(inttobytearray2, 0, bArr, 40, inttobytearray2.length);
            System.arraycopy(wrap, 0, bArr, 80 + this.publicKeybuf.length, wrap.length);
            logger.debug("Successfully generated second message as", bArr);
        } else {
            byte[] GetTokenBytes2 = new Td2Token(b, (byte) 1, (byte) 2, isserver() ? (byte) 1 : (byte) 0, TokenDefinition.NOTAPPLICABLE, b2, 0, this.publicKeyLength, null).GetTokenBytes();
            bArr = new byte[16 + this.publicKeyLength];
            for (int i2 = 0; i2 < bArr.length; i2++) {
                bArr[i2] = 0;
            }
            System.arraycopy(GetTokenBytes2, 0, bArr, 0, GetTokenBytes2.length);
            System.arraycopy(this.publicKeybuf, 0, bArr, GetTokenBytes2.length, this.publicKeybuf.length);
            logger.debug("Successfully generated second message as", bArr);
        }
        this.publicKeybuf = null;
        logger.debug("The received message is OK!");
        return bArr;
    }

    private byte[] getLogdataUTF8() throws GSSException {
        String str = Const.URL_LSS_TYPE_DEFAULT;
        GSSName srcName = getSrcName();
        if (srcName != null) {
            str = srcName.toString();
        }
        try {
            return str.getBytes(TdgssParseXml.outputEncoding);
        } catch (UnsupportedEncodingException e) {
            logger.error(e.getMessage());
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_LDAP, e);
        }
    }

    public void setkey(byte[] bArr) {
        this.masterKey = (byte[]) bArr.clone();
    }

    public boolean byteflipneeded() {
        boolean z = false;
        if (this.mytargetendien != this.myendien) {
            logger.debug(new StringBuffer().append("target endien is [").append(this.endien_txt[this.mytargetendien]).append("] different against our endien [").append(this.endien_txt[this.myendien]).append("]").toString());
            try {
                if (isserver()) {
                    logger.debug("We are server! No need to byte-flip!");
                } else {
                    logger.debug("We are client, we have to byte-flip!");
                    z = true;
                }
            } catch (Exception e) {
                logger.error(e.getMessage());
            }
        }
        return z;
    }

    public byte[] msgcvt(byte[] bArr) {
        if (!byteflipneeded()) {
            logger.debug("No flipping needed!");
            return bArr;
        }
        for (int i = 0; i + 3 < bArr.length; i += 4) {
            byte b = bArr[i];
            bArr[i] = bArr[i + 3];
            bArr[i + 3] = b;
            byte b2 = bArr[i + 1];
            bArr[i + 1] = bArr[i + 2];
            bArr[i + 2] = b2;
        }
        return bArr;
    }

    private boolean chklibrary(byte[] bArr, TdgssVersion tdgssVersion) {
        return bArr[16] >= 6;
    }

    private void checkInputToken(byte[] bArr, int i, int i2) throws GSSException {
        if (bArr == null) {
            logger.debug("Input Buffer is NULL");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
        }
        if (i < 0 || i + i2 > bArr.length) {
            logger.debug("Offset value is incorrect");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
        }
        if (i2 < 16) {
            logger.debug("Input buffer is less than token header (16 bytes)");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
        }
        byte[] bArr2 = new byte[i2];
        System.arraycopy(bArr, i, bArr2, 0, i2);
        new Td2Token(bArr2, 0);
    }

    public byte[] initSecContext(byte[] bArr, int i, int i2) throws GSSException {
        Td2Token td2Token;
        byte[] bArr2 = null;
        logger.debug(new StringBuffer().append("Context state is now ").append(this.contextState).toString());
        if (this.contextInit == 0) {
            this.contextInit = (byte) 1;
        }
        switch (this.contextState) {
            case 0:
                this.server_client = (byte) 0;
                logger.debug(new StringBuffer().append("Confirming that we are now ").append(msgexttxt[this.server_client]).toString());
                bArr2 = BuildInitMsg((byte) 1);
                this.contextState = 1;
                break;
            case 1:
                logger.debug("Just receive info-data from server as:", bArr);
                checkInputToken(bArr, i, i2);
                ProcessInitMsg(bArr, i, i2);
                ExtractKeys(bArr, i, i2);
                bArr2 = BuildServerMsg();
                if ((this.peerCapabilities & 8) != 8) {
                    this.contextState = 3;
                    break;
                } else {
                    this.contextState = 4;
                    break;
                }
            case 2:
            default:
                throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_BAD_CONTEXT_STATE);
            case 3:
                logger.debug("Received data from server as:", bArr);
                checkInputToken(bArr, i, i2);
                byte[] logdataUTF8 = getLogdataUTF8();
                byte b = 0;
                if ((this.requestedServices & 1) == 1) {
                    b = (byte) (0 | 16);
                }
                if ((this.peerCapabilities & 1) == 1) {
                    td2Token = new Td2Token((byte) 3, (byte) 5, (byte) 2, isserver() ? (byte) 1 : (byte) 0, 1, b, 0, logdataUTF8.length, null);
                } else {
                    td2Token = new Td2Token((byte) 1, (byte) 5, (byte) 2, isserver() ? (byte) 1 : (byte) 0, 0, b, 0, logdataUTF8.length, null);
                }
                byte[] bArr3 = new byte[16 + logdataUTF8.length];
                byte[] GetTokenBytes = td2Token.GetTokenBytes();
                System.arraycopy(GetTokenBytes, 0, bArr3, 0, GetTokenBytes.length);
                System.arraycopy(logdataUTF8, 0, bArr3, 16, logdataUTF8.length);
                bArr2 = wrap(bArr3, 0, bArr3.length, new MessageProp(0, true));
                this.contextState = 4;
                break;
            case 4:
                logger.debug("Receive info-data from server as:", bArr);
                checkInputToken(bArr, i, i2);
                byte[] bArr4 = new byte[4];
                System.arraycopy(bArr, 4, bArr4, 0, 4);
                int intValue = new BigInteger(bArr4).intValue();
                this.UserPropBytes = new byte[intValue];
                System.arraycopy(bArr, 16, this.UserPropBytes, 0, intValue);
                this.contextState = 5;
                break;
            case 5:
                break;
        }
        logger.debug(new StringBuffer().append("Context state before leaving is ").append(this.contextState).toString());
        return bArr2;
    }

    public int initSecContext(InputStream inputStream, OutputStream outputStream) throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    public byte[] acceptSecContext(byte[] bArr, int i, int i2) throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    public void acceptSecContext(InputStream inputStream, OutputStream outputStream) throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    public boolean isEstablished() {
        return this.contextState == 5;
    }

    public boolean isserver() throws GSSException {
        if (this.server_client == 1) {
            return true;
        }
        if (this.server_client == 0) {
            return false;
        }
        throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_BAD_CONTEXT_STATE);
    }

    public void dispose() throws GSSException {
        if (this.credential != null) {
            this.credential.dispose();
        }
    }

    public int getWrapSizeLimit(int i, boolean z, int i2) throws GSSException {
        if (!isProtReady()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_CONTEXT_NOT_READY);
        }
        int validateQop = validateQop(i);
        return this.td2Crypto[validateQop].getWrapSizeLimit(validateQop, z, i2);
    }

    public byte[] wrap(byte[] bArr, int i, int i2, MessageProp messageProp) throws GSSException {
        Td2Token td2Token;
        logger.debug("Entering!");
        boolean z = false;
        byte b = 0;
        if (!isProtReady()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_CONTEXT_NOT_READY);
        }
        if (i < 0 || i2 < 0) {
            logger.debug("Argument out of Range");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        if (bArr.length < i2 + i) {
            logger.debug(new StringBuffer().append("INPUT BUFFER SIZE ").append(bArr.length).append(" IS SMALLER THAN LENGTH + OFFSET ").append(i2 + i).toString());
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        if (messageProp == null) {
            throw new TdgssException(14, LdapMinorStatus.LDAPV3_ERR_INVALID_INPUT);
        }
        int validateQop = validateQop(messageProp.getQOP());
        if (getConfState() && messageProp.getPrivacy()) {
            b = (byte) (0 | 4);
            z = true;
        }
        if (this.peerCapabilities == 0) {
            td2Token = new Td2Token((byte) 1, (byte) 3, (byte) 2, isserver() ? (byte) 1 : (byte) 0, TokenDefinition.NOTAPPLICABLE, b, validateQop, 0, null);
        } else {
            if ((this.peerCapabilities & 1) != 1) {
                logger.debug("Unknown peer capabilities");
                throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
            }
            td2Token = new Td2Token((byte) 3, (byte) 7, (byte) 2, isserver() ? (byte) 1 : (byte) 0, 1, b, validateQop, 0, this.mySeqNum);
        }
        byte[] wrap = this.td2Crypto[validateQop].wrap(bArr, i, i2, messageProp, td2Token);
        this.mySeqNum = this.mySeqNum.add(BigInteger.ONE);
        if (z) {
            messageProp.setPrivacy(true);
        }
        logger.debug("Leaving!");
        return wrap;
    }

    public void wrap(InputStream inputStream, OutputStream outputStream, MessageProp messageProp) throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    public byte[] unwrap(byte[] bArr, int i, int i2, MessageProp messageProp) throws GSSException {
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        logger.debug("Entering!");
        if (!isProtReady()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_CONTEXT_NOT_READY);
        }
        if (i < 0 || i2 < 0) {
            logger.debug("Argument out of Range");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        if (bArr == null) {
            logger.debug("Input argument is null");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_INPUT);
        }
        if (bArr.length < i2 + i) {
            logger.debug(new StringBuffer().append("INPUT BUFFER SIZE ").append(bArr.length).append(" IS SMALLER THAN LENGTH + OFFSET ").append(i2 + i).toString());
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        Td2Token ValidateMsgInfo = ValidateMsgInfo(bArr, i, i2);
        boolean z5 = (ValidateMsgInfo.getFlags() & 4) == 4;
        if ((this.peerCapabilities & 1) == 1) {
            BigInteger seqNumber = ValidateMsgInfo.getSeqNumber();
            if (0 != seqNumber.compareTo(this.peerSeqNum)) {
                LdapMinorStatus ldapMinorStatus = LdapMinorStatus.LDAPV3_ERR_ILLEGAL_SEQUENCE;
                if (seqNumber.equals(this.peerSeqNum.subtract(BigInteger.ONE))) {
                    z = true;
                }
                if (seqNumber.compareTo(this.peerSeqNum) > 0) {
                    z4 = true;
                }
                if (seqNumber.compareTo(this.peerSeqNum) < 0) {
                    z2 = true;
                    z3 = true;
                }
                if (messageProp != null) {
                    messageProp.setSupplementaryStates(z, z2, z3, z4, ldapMinorStatus.getErrorCode(), ldapMinorStatus.getErrorMessage());
                }
            }
        }
        int validateQop = validateQop(ValidateMsgInfo.getQOP());
        byte[] unwrap = this.td2Crypto[validateQop].unwrap(bArr, i, i2, messageProp, ValidateMsgInfo);
        this.peerSeqNum = this.peerSeqNum.add(BigInteger.ONE);
        if (messageProp != null) {
            messageProp.setPrivacy(z5);
            messageProp.setQOP(validateQop);
        }
        logger.debug("Leaving!");
        return unwrap;
    }

    public void unwrap(InputStream inputStream, OutputStream outputStream, MessageProp messageProp) throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    public byte[] getMIC(byte[] bArr, int i, int i2, MessageProp messageProp) throws GSSException {
        Td2Token td2Token;
        int i3 = 0;
        logger.debug("Entering!");
        if (!isProtReady()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_CONTEXT_NOT_READY);
        }
        if (i < 0 || i2 < 0) {
            logger.debug("Argument out of Range");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        if (bArr.length < i2 + i) {
            logger.debug(new StringBuffer().append("INPUT BUFFER SIZE ").append(bArr.length).append(" IS SMALLER THAN LENGTH + OFFSET ").append(i2 + i).toString());
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        if (messageProp != null) {
            i3 = messageProp.getQOP();
        }
        int validateQop = validateQop(i3);
        if (this.peerCapabilities == 0) {
            td2Token = new Td2Token((byte) 1, (byte) 4, (byte) 2, isserver() ? (byte) 1 : (byte) 0, TokenDefinition.NOTAPPLICABLE, (byte) 0, validateQop, 0, null);
        } else {
            if ((this.peerCapabilities & 1) != 1) {
                logger.debug("Unknown peer capabilities");
                throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_WRONG_MSGINFO);
            }
            td2Token = new Td2Token((byte) 3, (byte) 8, (byte) 2, isserver() ? (byte) 1 : (byte) 0, 1, (byte) 0, validateQop, 0, this.mySeqNum);
        }
        byte[] mic = this.td2Crypto[validateQop].getMIC(bArr, i, i2, messageProp, td2Token);
        this.mySeqNum = this.mySeqNum.add(BigInteger.ONE);
        logger.debug("Leaving!");
        return mic;
    }

    public void getMIC(InputStream inputStream, OutputStream outputStream, MessageProp messageProp) throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    public void verifyMIC(byte[] bArr, int i, int i2, byte[] bArr2, int i3, int i4, MessageProp messageProp) throws GSSException {
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        logger.debug("Entering!");
        if (!isProtReady()) {
            throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
        }
        if (i3 < 0 || i4 < 0 || i2 < 0 || i < 0) {
            logger.debug("Argument out of Range");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        if (i2 + i > bArr.length || i4 + i3 > bArr2.length) {
            logger.debug("Input length  is larger than buffer size ");
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        Td2Token ValidateMsgInfo = ValidateMsgInfo(bArr, i, i2);
        if ((this.peerCapabilities & 1) == 1) {
            BigInteger seqNumber = ValidateMsgInfo.getSeqNumber();
            if (0 != seqNumber.compareTo(this.peerSeqNum)) {
                LdapMinorStatus ldapMinorStatus = LdapMinorStatus.LDAPV3_ERR_ILLEGAL_SEQUENCE;
                if (seqNumber.equals(this.peerSeqNum.subtract(BigInteger.ONE))) {
                    z = true;
                }
                if (seqNumber.compareTo(this.peerSeqNum) > 0) {
                    z4 = true;
                }
                if (seqNumber.compareTo(this.peerSeqNum) < 0) {
                    z2 = true;
                    z3 = true;
                }
                if (messageProp != null) {
                    messageProp.setSupplementaryStates(z, z2, z3, z4, ldapMinorStatus.getErrorCode(), ldapMinorStatus.getErrorMessage());
                }
            }
        }
        this.td2Crypto[validateQop(ValidateMsgInfo.getQOP())].verifyMIC(bArr, i, i2, bArr2, i3, i4, messageProp, ValidateMsgInfo);
        this.peerSeqNum = this.peerSeqNum.add(BigInteger.ONE);
        logger.debug("Leaving!");
    }

    public void verifyMIC(InputStream inputStream, InputStream inputStream2, MessageProp messageProp) throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    private int validateQop(int i) throws GSSException {
        if ((this.peerCapabilities & 4) != 4) {
            i = 0;
        } else if (i < 0 || i >= 4) {
            throw new TdgssException(14, LdapMinorStatus.LDAPV3_ERR_INVALID_ARGUMENT);
        }
        return i;
    }

    public byte[] export() throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    public void requestMutualAuth(boolean z) throws GSSException {
        if (isEstablished()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_REQUEST);
        }
        if (z) {
            this.requestedServices = (short) (this.requestedServices | 2);
        } else {
            this.requestedServices = (short) (this.requestedServices & 32765);
        }
    }

    public void requestReplayDet(boolean z) throws GSSException {
        if (isEstablished()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_REQUEST);
        }
        if (z) {
            this.requestedServices = (short) (this.requestedServices | 4);
        } else {
            this.requestedServices = (short) (this.requestedServices & 32763);
        }
    }

    public void requestSequenceDet(boolean z) throws GSSException {
        if (isEstablished()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_REQUEST);
        }
        if (z) {
            this.requestedServices = (short) (this.requestedServices | 8);
        } else {
            this.requestedServices = (short) (this.requestedServices & 32759);
        }
    }

    public void requestCredDeleg(boolean z) throws GSSException {
        if (isEstablished()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_REQUEST);
        }
        if (z) {
            this.requestedServices = (short) (this.requestedServices | 1);
        } else {
            this.requestedServices = (short) (this.requestedServices & 32766);
        }
    }

    public void requestAnonymity(boolean z) throws GSSException {
        if (isEstablished()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_REQUEST);
        }
        if (z) {
            this.requestedServices = (short) (this.requestedServices | 16);
        } else {
            this.requestedServices = (short) (this.requestedServices & 32751);
        }
    }

    public void requestConf(boolean z) throws GSSException {
        if (isEstablished()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_REQUEST);
        }
        if (z) {
            this.requestedServices = (short) (this.requestedServices | 32);
        } else {
            this.requestedServices = (short) (this.requestedServices & 32735);
        }
    }

    public void requestInteg(boolean z) throws GSSException {
        if (isEstablished()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_REQUEST);
        }
        if (z) {
            this.requestedServices = (short) (this.requestedServices | 64);
        } else {
            this.requestedServices = (short) (this.requestedServices & 32703);
        }
    }

    public void requestLifetime(int i) throws GSSException {
        if (isEstablished()) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_INVALID_REQUEST);
        }
        this.lifetime = i;
    }

    public void setChannelBinding(ChannelBinding channelBinding) throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    public boolean getCredDelegState() {
        return (this.contextInit == 0 || !isEstablished() || (this.requestedServices & 1) == 0) ? false : true;
    }

    public boolean getMutualAuthState() {
        return (this.contextInit == 0 || (this.requestedServices & 2) == 0) ? false : true;
    }

    public boolean getReplayDetState() {
        return (this.contextInit == 0 || (this.requestedServices & 4) == 0) ? false : true;
    }

    public boolean getSequenceDetState() {
        return (this.contextInit == 0 || (this.requestedServices & 8) == 0) ? false : true;
    }

    public boolean getAnonymityState() {
        return false;
    }

    public boolean getConfState() {
        return this.contextInit != 0;
    }

    public boolean getIntegState() {
        return this.contextInit != 0;
    }

    public int getLifetime() {
        if (this.contextInit == 0) {
            return 0;
        }
        return this.lifetime;
    }

    public boolean isTransferable() throws GSSException {
        if (this.contextInit == 0) {
            throw new TdgssException(11, LdapMinorStatus.LDAPV3_ERR_NO_CONTEXT);
        }
        return false;
    }

    public boolean isProtReady() {
        if (this.contextInit == 0) {
            return false;
        }
        return this.protReady;
    }

    public GSSName getSrcName() throws GSSException {
        if (this.credential != null) {
            return this.credential.getName();
        }
        return null;
    }

    public GSSName getTargName() throws GSSException {
        return this.targetName;
    }

    public Oid getMech() throws GSSException {
        return LdapMechanism.mechOid;
    }

    public GSSCredential getDelegCred() throws GSSException {
        throw new TdgssException(16, LdapMinorStatus.LDAPV3_ERR_API_NOT_SUPPORTED);
    }

    public boolean isInitiator() throws GSSException {
        return this.initiator;
    }

    public GSSCredential getCredential() {
        return this.credential;
    }
}
