package xsul.secconv.autha;

import gov.anl.protocol.autha.AuthAProtocol;
import java.math.BigInteger;
import java.net.URI;
import java.rmi.RemoteException;
import java.security.Key;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.spec.SecretKeySpec;
import org.xmlpull.v1.builder.XmlElement;
import org.xmlpull.v1.builder.adapter.XmlElementAdapter;
import sun.misc.BASE64Encoder;
import xsul.MLogger;
import xsul.secconv.ClientNegotiator;
import xsul.secconv.SCConstants;
import xsul.secconv.SecurityRequestorService;
import xsul.secconv.token.RequestSecurityTokenResponseType;
import xsul.secconv.token.RequestSecurityTokenType;
import xsul.secconv.token.RequestedSecurityTokenType;
import xsul.secconv.token.SecurityContextTokenType;
import xsul.secconv.token.autha.ClientInitTokenType;
import xsul.secconv.token.autha.ClientResponseTokenType;
import xsul.secconv.token.autha.ServerResponseTokenType;

/* loaded from: input_file:xsul/secconv/autha/AuthaClientNegotiator.class */
public class AuthaClientNegotiator implements ClientNegotiator {
    private static final MLogger logger = MLogger.getLogger();
    private static BASE64Encoder encoder = new BASE64Encoder();
    protected String contextId;
    private char[] password;
    private String clientName;
    private String serverName;
    private int bitLength;
    private BigInteger p;
    private BigInteger g;
    private byte[] clientPubkey;
    private byte[] serverPubkey;
    private byte[] authA1;
    private byte[] authB2;
    private byte[] authB1;
    private byte[] dhKey;
    private byte[] rawsessionKey;
    private Key sessionKey;
    private String sKeyalgorithm;
    private AuthAProtocol protocol;
    private SecurityContextTokenType contextToken;

    public AuthaClientNegotiator() {
        this.password = new char[]{'a', 'b', '4', 's', '2', '3', '$', '0'};
        this.clientName = "Liang";
        this.serverName = "Ying";
        this.bitLength = 512;
        this.p = null;
        this.g = null;
        this.sessionKey = null;
        this.sKeyalgorithm = "HmacMD5";
    }

    public AuthaClientNegotiator(char[] cArr) {
        this.password = new char[]{'a', 'b', '4', 's', '2', '3', '$', '0'};
        this.clientName = "Liang";
        this.serverName = "Ying";
        this.bitLength = 512;
        this.p = null;
        this.g = null;
        this.sessionKey = null;
        this.sKeyalgorithm = "HmacMD5";
        this.password = cArr;
    }

    public void setSKeyalgorithm(String str) {
        this.sKeyalgorithm = str;
    }

    public String getSKeyalgorithm() {
        return this.sKeyalgorithm;
    }

    public void setBitLength(int i) {
        this.bitLength = i;
    }

    public int getBitLength() {
        return this.bitLength;
    }

    public SecurityContextTokenType getContextToken() {
        return this.contextToken;
    }

    public void setContextId(String str) {
        this.contextId = str;
    }

    @Override // xsul.secconv.ClientNegotiator
    public String getContextId() {
        return this.contextId;
    }

    public void setPassword(char[] cArr) {
        this.password = cArr;
    }

    public byte[] getRawSessionKey() {
        return this.rawsessionKey;
    }

    @Override // xsul.secconv.ClientNegotiator
    public Key getSessionKey() {
        if (this.sessionKey == null) {
            if (this.rawsessionKey == null) {
                return null;
            }
            this.sessionKey = new SecretKeySpec(this.rawsessionKey, this.sKeyalgorithm);
        }
        return this.sessionKey;
    }

    @Override // xsul.secconv.ClientNegotiator
    public void negotiate(SecurityRequestorService securityRequestorService) throws RemoteException {
        generateAuthaClientKeysStep1();
        try {
            RequestSecurityTokenType requestSecurityTokenType = new RequestSecurityTokenType();
            requestSecurityTokenType.setTokenType(new URI(SCConstants.AUTHA_TOKEN));
            requestSecurityTokenType.setRequestType(new URI(SCConstants.REQUEST_TYPE_ISSUE));
            ClientInitTokenType clientInitTokenType = new ClientInitTokenType();
            clientInitTokenType.setBitLength(this.bitLength);
            clientInitTokenType.setP(this.p);
            clientInitTokenType.setG(this.g);
            clientInitTokenType.setClientName(this.clientName);
            clientInitTokenType.setServerName(this.serverName);
            clientInitTokenType.setX(this.clientPubkey);
            requestSecurityTokenType.setClientInitToken(clientInitTokenType);
            logger.finest("request security token: " + requestSecurityTokenType.toString());
            RequestSecurityTokenResponseType requestSecurityToken = securityRequestorService.requestSecurityToken(requestSecurityTokenType);
            logger.finest("request security token response: " + requestSecurityToken.toString());
            processResponse(requestSecurityToken);
            generateAuthaClientKeysStep2();
            RequestSecurityTokenResponseType requestSecurityTokenResponseType = new RequestSecurityTokenResponseType();
            requestSecurityTokenResponseType.setTokenType(new URI(SCConstants.AUTHA_TOKEN));
            requestSecurityTokenResponseType.setRequestType(new URI(SCConstants.REQUEST_TYPE_ISSUE));
            RequestedSecurityTokenType requestedSecurityTokenType = new RequestedSecurityTokenType();
            requestedSecurityTokenType.setSecurityContextToken(this.contextToken);
            requestSecurityTokenResponseType.setRequestedSecurityToken(requestedSecurityTokenType);
            ClientResponseTokenType clientResponseTokenType = new ClientResponseTokenType();
            clientResponseTokenType.setAuthA(this.authA1);
            requestSecurityTokenResponseType.setClientResponseToken(clientResponseTokenType);
            securityRequestorService.requestSecurityTokenResponse(requestSecurityTokenResponseType);
            logger.finest("negotiation done");
        } catch (Exception e) {
            logger.finest(e.getMessage());
            throw new RemoteException(e.getMessage(), e);
        }
    }

    private void generateAuthaClientKeysStep2() throws Exception {
        logger.finest("server pub key: " + encoder.encode(this.serverPubkey));
        this.protocol.calculateKeys(this.serverPubkey, true);
        this.authB1 = this.protocol.getAuthB();
        if (!Arrays.equals(this.authB1, this.authB2)) {
            logger.finest("AuthB's are not equal");
            logger.finest("AuthB client: " + encoder.encode(this.authB1));
            logger.finest("AuthB server: " + encoder.encode(this.authB2));
            throw new Exception("AuthB's are not equal");
        }
        logger.finest("AuthB's are equal");
        this.dhKey = this.protocol.getDHKey();
        this.authA1 = this.protocol.getAuthA();
        this.rawsessionKey = this.protocol.getSessionKey();
        logger.finest("got session key: " + encoder.encode(this.rawsessionKey));
    }

    private void processResponse(RequestSecurityTokenResponseType requestSecurityTokenResponseType) throws Exception {
        XmlElement serverResponseToken = requestSecurityTokenResponseType.getServerResponseToken();
        if (serverResponseToken != null) {
            ServerResponseTokenType serverResponseTokenType = (ServerResponseTokenType) XmlElementAdapter.castOrWrap(serverResponseToken, ServerResponseTokenType.class);
            this.serverPubkey = serverResponseTokenType.getY();
            this.authB2 = serverResponseTokenType.getAuthB();
        } else {
            logger.finest("srte null");
        }
        XmlElement requestedSecurityToken = requestSecurityTokenResponseType.getRequestedSecurityToken();
        if (requestedSecurityToken == null) {
            logger.finest("rste null");
            return;
        }
        XmlElement securityContextToken = ((RequestedSecurityTokenType) XmlElementAdapter.castOrWrap(requestedSecurityToken, RequestedSecurityTokenType.class)).getSecurityContextToken();
        if (securityContextToken == null) {
            logger.finest("scte null");
            return;
        }
        SecurityContextTokenType securityContextTokenType = (SecurityContextTokenType) XmlElementAdapter.castOrWrap(securityContextToken, SecurityContextTokenType.class);
        this.contextId = securityContextTokenType.getIdentifier().toString();
        this.contextToken = securityContextTokenType;
        logger.finest("got contextid from server: " + this.contextId);
    }

    private void generateAuthaClientKeysStep1() {
        try {
            SecureRandom secureRandom = new SecureRandom();
            this.p = BigInteger.probablePrime(this.bitLength, secureRandom);
            this.g = BigInteger.probablePrime(this.bitLength, secureRandom);
            logger.finest("p: *********************\n" + this.p);
            logger.finest("g: *********************\n" + this.g);
            this.protocol = new AuthAProtocol(this.clientName, this.password, this.p, this.g, false);
            this.protocol.setTheothername(this.serverName);
            this.protocol.generateKeyPair();
            logger.finest("client key pair generated. ");
            this.clientPubkey = this.protocol.getPubkeyBytes(true);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
