package com.ibm.db2.jcc.b;

import com.ibm.security.jgss.GSSManagerImpl;
import java.io.PrintWriter;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;

/* loaded from: input_file:com/ibm/db2/jcc/b/qb.class */
public class qb implements PrivilegedExceptionAction {
    transient i a;
    private String b;
    private GSSName c;
    private String d;
    private GSSManager e;
    private GSSName f;
    private GSSContext g;
    private String h;
    private GSSCredential i;
    private boolean j;
    private boolean k;

    public qb(i iVar) {
        this.b = null;
        this.c = null;
        this.d = null;
        this.e = GSSManager.getInstance();
        this.f = null;
        this.g = null;
        this.h = null;
        this.i = null;
        this.a = iVar;
    }

    public qb(i iVar, String str, String str2, String str3) {
        this.b = null;
        this.c = null;
        this.d = null;
        this.e = GSSManager.getInstance();
        this.f = null;
        this.g = null;
        this.h = null;
        this.i = null;
        this.a = iVar;
        this.b = str;
        this.d = str2;
        this.h = str3;
    }

    public qb(i iVar, String str, String str2, String str3, GSSCredential gSSCredential) {
        this.b = null;
        this.c = null;
        this.d = null;
        this.e = GSSManager.getInstance();
        this.f = null;
        this.g = null;
        this.h = null;
        this.i = null;
        this.a = iVar;
        this.b = str;
        this.d = str2;
        this.h = str3;
        this.i = gSSCredential;
    }

    public void a(boolean z) {
        this.j = z;
        String str = z ? "true" : "false";
        AccessController.doPrivileged(new rb(this, str));
    }

    public void a(GSSCredential gSSCredential) {
        this.i = gSSCredential;
    }

    public GSSCredential a() {
        return this.i;
    }

    @Override // java.security.PrivilegedExceptionAction
    public Object run() throws SqlException {
        b();
        return null;
    }

    public void b() throws SqlException {
        try {
            if (this.i == null) {
                if (this.b != null) {
                    this.c = this.e.createName(this.b, GSSName.NT_USER_NAME, GSSManagerImpl.MECH_TYPE_KRB5);
                } else {
                    this.c = null;
                }
                this.i = this.e.createCredential(this.c, 0, (Oid) null, 1);
                if (this.c == null) {
                    this.k = true;
                    this.c = this.i.getName();
                    this.b = this.c.toString();
                }
            }
            this.f = this.e.createName(this.d, GSSName.NT_USER_NAME, GSSManagerImpl.MECH_TYPE_KRB5);
        } catch (GSSException e) {
            throw new SqlException(this.a.k, (Throwable) e, new StringBuffer().append("org.ietf.jgss.GSSException is caught when initializing KerberosManager '").append(e.getMessage()).append("'").toString());
        }
    }

    private byte[] c() throws SqlException {
        try {
            this.g = this.e.createContext(this.f, (Oid) null, this.i, Integer.MAX_VALUE);
            this.g.requestMutualAuth(true);
            return this.g.initSecContext((byte[]) null, 0, 0);
        } catch (GSSException e) {
            throw new SqlException(this.a.k, (Throwable) e, new StringBuffer().append("org.ietf.jgss.GSSException is caught when getting Kerberos ticket. '").append(e.getMessage()).append("'").toString());
        }
    }

    public byte[] a(String str) throws SqlException {
        try {
            if (this.b == null) {
                a(false);
                if (this.i != null) {
                    a(this.i);
                }
                b();
            } else {
                a(true);
                if (this.i != null) {
                    a(this.i);
                    b();
                } else {
                    sb sbVar = new sb();
                    sbVar.a(this.b);
                    sbVar.b(str);
                    LoginContext loginContext = new LoginContext("JAASClient", sbVar);
                    loginContext.login();
                    Subject.doAsPrivileged(loginContext.getSubject(), this, (AccessControlContext) null);
                }
            }
            return c();
        } catch (PrivilegedActionException e) {
            throw new SqlException(this.a.k, e, new StringBuffer().append("java.security.PrivilegedActionException is caught when using JAASLogin '").append(e.getMessage()).append("'").toString());
        } catch (LoginException e2) {
            throw new SqlException(this.a.k, e2, new StringBuffer().append("javax.security.auth.login.LoginException is caught when using JAASLogin '").append(e2.getMessage()).append("'").toString());
        }
    }

    public boolean a(byte[] bArr) throws SqlException {
        try {
            this.g.initSecContext(bArr, 0, bArr.length);
            return this.g.isEstablished();
        } catch (GSSException e) {
            throw new SqlException(this.a.k, (Throwable) e, new StringBuffer().append("org.ietf.jgss.GSSException is caught when verifying token from the server '").append(e.getMessage()).append("'").toString());
        }
    }

    public void a(String str, PrintWriter printWriter) {
        if (this.j) {
            printWriter.println(new StringBuffer().append(str).append(" javax.security.auth.useSubjectCredsOnly property is being used.").append(" JAASLogin module is not being used. ").toString());
        } else {
            printWriter.println(new StringBuffer().append(str).append(" javax.security.auth.useSubjectCredsOnly property is not being used.").append(" JAASLogin module is being used. ").toString());
        }
        printWriter.println(new StringBuffer().append(str).append(" Canonicalized GSS Name = ").append(this.c).toString());
        if (this.k) {
            printWriter.println(new StringBuffer().append(str).append(" Using default GSS Credential").toString());
            printWriter.println(new StringBuffer().append(str).append(" Default GSS Credential Principal = ").append(this.b).toString());
        } else {
            printWriter.println(new StringBuffer().append(str).append(" Not using default GSS Credential").toString());
            printWriter.println(new StringBuffer().append(str).append(" USER_NAME = ").append(this.b).toString());
        }
        printWriter.println(new StringBuffer().append(str).append(" GSS Credential = ").append(this.i).toString());
        printWriter.println(new StringBuffer().append(str).append(" Kerberos Server Principal = ").append(this.d).toString());
        printWriter.println(new StringBuffer().append(str).append(" Canonicalized Server = ").append(this.f).toString());
    }
}
