package sun.security.krb5;

import java.io.IOException;
import sun.security.krb5.internal.EncKrbCredPart;
import sun.security.krb5.internal.HostAddresses;
import sun.security.krb5.internal.KDCOptions;
import sun.security.krb5.internal.KRBCred;
import sun.security.krb5.internal.KerberosTime;
import sun.security.krb5.internal.Krb5;
import sun.security.krb5.internal.KrbCredInfo;
import sun.security.krb5.internal.Ticket;
import sun.security.krb5.internal.TicketFlags;
import sun.security.util.DerValue;

/* loaded from: classes5.dex */
public class KrbCred {
    private static boolean DEBUG = Krb5.DEBUG;
    private KRBCred credMessg;
    private Credentials creds;
    private EncKrbCredPart encPart;
    private byte[] obuf;
    private Ticket ticket;
    private KerberosTime timeStamp;

    public KrbCred(Credentials credentials, Credentials credentials2, EncryptionKey encryptionKey) throws KrbException, IOException {
        String str;
        KrbTgsRep reply;
        this.obuf = null;
        this.credMessg = null;
        this.ticket = null;
        this.encPart = null;
        this.creds = null;
        this.timeStamp = null;
        PrincipalName client = credentials.getClient();
        PrincipalName server = credentials.getServer();
        PrincipalName server2 = credentials2.getServer();
        if (!credentials2.getClient().equals(client)) {
            throw new KrbException("TBD");
        }
        KDCOptions kDCOptions = new KDCOptions();
        kDCOptions.set(2, true);
        kDCOptions.set(1, true);
        KrbTgsReq krbTgsReq = new KrbTgsReq(kDCOptions, credentials, server, null, null, null, null, server2.getNameType() == 3 ? new HostAddresses(server2) : null, null, null, null);
        try {
            str = krbTgsReq.send();
            try {
                reply = krbTgsReq.getReply();
            } catch (KrbException e) {
                e = e;
                if (e.returnCode() != 52) {
                    throw e;
                }
                krbTgsReq.send(server.getRealmString(), str, true);
                reply = krbTgsReq.getReply();
                KRBCred createMessage = createMessage(reply.getCreds(), encryptionKey);
                this.credMessg = createMessage;
                this.obuf = createMessage.asn1Encode();
            }
        } catch (KrbException e2) {
            e = e2;
            str = null;
        }
        KRBCred createMessage2 = createMessage(reply.getCreds(), encryptionKey);
        this.credMessg = createMessage2;
        this.obuf = createMessage2.asn1Encode();
    }

    public KrbCred(byte[] bArr, EncryptionKey encryptionKey) throws KrbException, IOException {
        this.obuf = null;
        this.credMessg = null;
        this.ticket = null;
        this.encPart = null;
        this.creds = null;
        this.timeStamp = null;
        KRBCred kRBCred = new KRBCred(bArr);
        this.credMessg = kRBCred;
        this.ticket = kRBCred.tickets[0];
        EncKrbCredPart encKrbCredPart = new EncKrbCredPart(new DerValue(this.credMessg.encPart.reset(this.credMessg.encPart.decrypt(encryptionKey, 14), true)));
        this.timeStamp = encKrbCredPart.timeStamp;
        KrbCredInfo krbCredInfo = encKrbCredPart.ticketInfo[0];
        EncryptionKey encryptionKey2 = krbCredInfo.key;
        Realm realm = krbCredInfo.prealm;
        PrincipalName principalName = krbCredInfo.pname;
        principalName.setRealm(realm);
        TicketFlags ticketFlags = krbCredInfo.flags;
        KerberosTime kerberosTime = krbCredInfo.authtime;
        KerberosTime kerberosTime2 = krbCredInfo.starttime;
        KerberosTime kerberosTime3 = krbCredInfo.endtime;
        KerberosTime kerberosTime4 = krbCredInfo.renewTill;
        Realm realm2 = krbCredInfo.srealm;
        PrincipalName principalName2 = krbCredInfo.sname;
        principalName2.setRealm(realm2);
        HostAddresses hostAddresses = krbCredInfo.caddr;
        if (DEBUG) {
            System.out.println(">>>Delegated Creds have pname=" + ((Object) principalName) + " sname=" + ((Object) principalName2) + " authtime=" + ((Object) kerberosTime) + " starttime=" + ((Object) kerberosTime2) + " endtime=" + ((Object) kerberosTime3) + "renewTill=" + ((Object) kerberosTime4));
        }
        this.creds = new Credentials(this.ticket, principalName, principalName2, encryptionKey2, ticketFlags, kerberosTime, kerberosTime2, kerberosTime3, kerberosTime4, hostAddresses);
    }

    KRBCred createMessage(Credentials credentials, EncryptionKey encryptionKey) throws KrbException, IOException {
        EncryptionKey sessionKey = credentials.getSessionKey();
        PrincipalName client = credentials.getClient();
        Realm realm = client.getRealm();
        PrincipalName server = credentials.getServer();
        KrbCredInfo krbCredInfo = new KrbCredInfo(sessionKey, realm, client, credentials.flags, credentials.authTime, credentials.startTime, credentials.endTime, credentials.renewTill, server.getRealm(), server, credentials.cAddr);
        this.timeStamp = new KerberosTime(true);
        KRBCred kRBCred = new KRBCred(new Ticket[]{credentials.ticket}, new EncryptedData(encryptionKey, new EncKrbCredPart(new KrbCredInfo[]{krbCredInfo}, this.timeStamp, null, null, null, null).asn1Encode(), 14));
        this.credMessg = kRBCred;
        return kRBCred;
    }

    public Credentials[] getDelegatedCreds() {
        return new Credentials[]{this.creds};
    }

    public byte[] getMessage() {
        return this.obuf;
    }
}
