package sun.security.jgss.krb5;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.kerberos.KerberosTicket;
import javax.security.auth.kerberos.KeyTab;
import sun.security.krb5.Credentials;
import sun.security.krb5.EncryptionKey;
import sun.security.krb5.KrbException;
import sun.security.krb5.PrincipalName;

/* loaded from: classes7.dex */
public final class ServiceCreds {
    private Set<KerberosPrincipal> allPrincs;
    private boolean destroyed;
    private List<KerberosKey> kk;
    private KerberosPrincipal kp;
    private List<KeyTab> ktabs;
    private KerberosTicket tgt;

    private ServiceCreds() {
    }

    public static ServiceCreds getInstance(Subject subject, String str) {
        ServiceCreds serviceCreds = new ServiceCreds();
        serviceCreds.allPrincs = subject.getPrincipals(KerberosPrincipal.class);
        Iterator it2 = SubjectComber.findMany(subject, str, null, KerberosKey.class).iterator();
        while (it2.getHasNext()) {
            serviceCreds.allPrincs.add(((KerberosKey) it2.next()).getPrincipal());
        }
        if (str != null) {
            serviceCreds.kp = new KerberosPrincipal(str);
        } else {
            boolean z = true;
            if (serviceCreds.allPrincs.size() == 1) {
                Iterator it3 = SubjectComber.findMany(subject, null, null, KeyTab.class).iterator();
                while (true) {
                    if (!it3.getHasNext()) {
                        z = false;
                        break;
                    }
                    if (!((KeyTab) it3.next()).isBound()) {
                        break;
                    }
                }
                if (!z) {
                    KerberosPrincipal next = serviceCreds.allPrincs.iterator().next();
                    serviceCreds.kp = next;
                    str = next.getName();
                }
            }
        }
        serviceCreds.ktabs = SubjectComber.findMany(subject, str, null, KeyTab.class);
        serviceCreds.kk = SubjectComber.findMany(subject, str, null, KerberosKey.class);
        serviceCreds.tgt = (KerberosTicket) SubjectComber.find(subject, null, str, KerberosTicket.class);
        if (serviceCreds.ktabs.isEmpty() && serviceCreds.kk.isEmpty() && serviceCreds.tgt == null) {
            return null;
        }
        serviceCreds.destroyed = false;
        return serviceCreds;
    }

    public void destroy() {
        this.destroyed = true;
        this.kp = null;
        this.ktabs.clear();
        this.kk.clear();
        this.tgt = null;
    }

    public EncryptionKey[] getEKeys(PrincipalName principalName) {
        if (this.destroyed) {
            throw new IllegalStateException("This object is destroyed");
        }
        KerberosKey[] kKeys = getKKeys(new KerberosPrincipal(principalName.getName()));
        if (kKeys.length == 0) {
            kKeys = getKKeys();
        }
        int length = kKeys.length;
        EncryptionKey[] encryptionKeyArr = new EncryptionKey[length];
        for (int i = 0; i < length; i++) {
            encryptionKeyArr[i] = new EncryptionKey(kKeys[i].getEncoded(), kKeys[i].getKeyType(), new Integer(kKeys[i].getVersionNumber()));
        }
        return encryptionKeyArr;
    }

    public Credentials getInitCred() {
        if (this.destroyed) {
            throw new IllegalStateException("This object is destroyed");
        }
        KerberosTicket kerberosTicket = this.tgt;
        if (kerberosTicket == null) {
            return null;
        }
        try {
            return Krb5Util.ticketToCreds(kerberosTicket);
        } catch (IOException | KrbException unused) {
            return null;
        }
    }

    public KerberosKey[] getKKeys() {
        if (this.destroyed) {
            throw new IllegalStateException("This object is destroyed");
        }
        KerberosPrincipal kerberosPrincipal = this.kp;
        if (kerberosPrincipal == null && !this.allPrincs.isEmpty()) {
            kerberosPrincipal = this.allPrincs.iterator().next();
        }
        if (kerberosPrincipal == null) {
            Iterator<KeyTab> it2 = this.ktabs.iterator();
            while (true) {
                if (!it2.getHasNext()) {
                    break;
                }
                PrincipalName oneName = Krb5Util.snapshotFromJavaxKeyTab(it2.next()).getOneName();
                if (oneName != null) {
                    kerberosPrincipal = new KerberosPrincipal(oneName.getName());
                    break;
                }
            }
        }
        return kerberosPrincipal != null ? getKKeys(kerberosPrincipal) : new KerberosKey[0];
    }

    public KerberosKey[] getKKeys(KerberosPrincipal kerberosPrincipal) {
        if (this.destroyed) {
            throw new IllegalStateException("This object is destroyed");
        }
        ArrayList arrayList = new ArrayList();
        KerberosPrincipal kerberosPrincipal2 = this.kp;
        if (kerberosPrincipal2 != null && !kerberosPrincipal.equals(kerberosPrincipal2)) {
            return new KerberosKey[0];
        }
        for (KerberosKey kerberosKey : this.kk) {
            if (kerberosKey.getPrincipal().equals(kerberosPrincipal)) {
                arrayList.add(kerberosKey);
            }
        }
        for (KeyTab keyTab : this.ktabs) {
            if (keyTab.getPrincipal() != null || !keyTab.isBound() || this.allPrincs.contains(kerberosPrincipal)) {
                for (KerberosKey kerberosKey2 : keyTab.getKeys(kerberosPrincipal)) {
                    arrayList.add(kerberosKey2);
                }
            }
        }
        return (KerberosKey[]) arrayList.toArray(new KerberosKey[arrayList.size()]);
    }

    public String getName() {
        if (this.destroyed) {
            throw new IllegalStateException("This object is destroyed");
        }
        KerberosPrincipal kerberosPrincipal = this.kp;
        if (kerberosPrincipal == null) {
            return null;
        }
        return kerberosPrincipal.getName();
    }
}
