package com.sun.jdmk.security.sasl.plain;

import com.sun.jdmk.security.sasl.AuthenticateCallback;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthenticationException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;

/* loaded from: input_file:+libs/jdmkrt.jar:com/sun/jdmk/security/sasl/plain/PlainServer.class */
final class PlainServer implements SaslServer {
    private boolean completed;
    private CallbackHandler cbh;
    private String authorizationID;
    private static final byte SEPARATOR = 0;

    public PlainServer(CallbackHandler callbackHandler) {
        this.cbh = callbackHandler;
    }

    public String getMechanismName() {
        return "PLAIN";
    }

    public byte[] evaluateResponse(byte[] bArr) throws SaslException {
        if (this.completed) {
            throw new IllegalStateException("PLAIN authentication already completed");
        }
        this.completed = true;
        int i = -1;
        int i2 = -1;
        for (int i3 = 0; i3 < bArr.length; i3++) {
            if (bArr[i3] == 0) {
                if (i == -1) {
                    i = i3;
                } else if (i2 == -1) {
                    i2 = i3;
                }
            }
        }
        if (i < 0 || i2 < 0 || i + 1 == i2 || i2 + 1 == bArr.length) {
            throw new IllegalStateException("PLAIN authentication error: Response format should be: [authorization_id]<US-ASCII NUL>authentication_id<US-ASCII NUL>password.");
        }
        int i4 = i;
        int i5 = (i2 - i) - 1;
        int length = (bArr.length - i2) - 1;
        byte[] bArr2 = new byte[i4];
        byte[] bArr3 = new byte[i5];
        byte[] bArr4 = new byte[length];
        System.arraycopy(bArr, 0, bArr2, 0, i4);
        System.arraycopy(bArr, i + 1, bArr3, 0, i5);
        System.arraycopy(bArr, i2 + 1, bArr4, 0, length);
        try {
            String str = new String(bArr3, "UTF-8");
            String str2 = new String(bArr4, "UTF-8");
            for (int i6 = 0; i6 < bArr4.length; i6++) {
                bArr4[i6] = 0;
            }
            String str3 = bArr2.length == 0 ? str : new String(bArr2, "UTF-8");
            verifyAuthenticationCredentials(str, str2);
            verifyAuthorizationID(str, str3);
            return null;
        } catch (UnsupportedEncodingException e) {
            throw new SaslException("PLAIN: Cannot get UTF-8 encoding of ids", e);
        }
    }

    public String getAuthorizationID() {
        return this.authorizationID;
    }

    public boolean isComplete() {
        return this.completed;
    }

    public byte[] unwrap(byte[] bArr, int i, int i2) throws SaslException {
        if (this.completed) {
            throw new SaslException("PLAIN supports neither integrity nor privacy");
        }
        throw new IllegalStateException("PLAIN authentication not completed");
    }

    public byte[] wrap(byte[] bArr, int i, int i2) throws SaslException {
        if (this.completed) {
            throw new SaslException("PLAIN supports neither integrity nor privacy");
        }
        throw new IllegalStateException("PLAIN authentication not completed");
    }

    public Object getNegotiatedProperty(String str) {
        if (!this.completed) {
            throw new IllegalStateException("PLAIN authentication not completed");
        }
        if (str.equals("javax.security.sasl.qop")) {
            return "auth";
        }
        return null;
    }

    public void dispose() throws SaslException {
    }

    private void verifyAuthenticationCredentials(String str, String str2) throws SaslException {
        char[] charArray = str2.toCharArray();
        AuthenticateCallback authenticateCallback = new AuthenticateCallback(str, charArray);
        for (int i = 0; i < charArray.length; i++) {
            charArray[i] = ' ';
        }
        try {
            this.cbh.handle(new Callback[]{authenticateCallback});
            authenticateCallback.clearPassword();
            if (!authenticateCallback.isAuthenticated()) {
                throw new AuthenticationException("PLAIN: Authentication credentials verification failed!");
            }
        } catch (IOException e) {
            throw new SaslException("PLAIN: Authentication credentials verification failed!", e);
        } catch (UnsupportedCallbackException e2) {
            throw new SaslException("PLAIN: Authentication credentials verification failed!", e2);
        }
    }

    private void verifyAuthorizationID(String str, String str2) throws SaslException {
        Callback authorizeCallback = new AuthorizeCallback(str, str2);
        try {
            this.cbh.handle(new Callback[]{authorizeCallback});
            if (!authorizeCallback.isAuthorized()) {
                throw new SaslException(new StringBuffer().append("PLAIN: ").append(str).append(" is not authorized to act as ").append(str2).toString());
            }
            this.authorizationID = authorizeCallback.getAuthorizedID();
        } catch (IOException e) {
            throw new SaslException("PLAIN: AuthorizationID verification failed!", e);
        } catch (UnsupportedCallbackException e2) {
            throw new SaslException("PLAIN: AuthorizationID verification failed!", e2);
        }
    }
}
