package orbasec.secrep.gsskrb5;

import java.io.File;
import orbasec.corba.CDRBuffer;
import orbasec.corba.CDRDecoder;
import orbasec.corba.CredUtil;
import orbasec.corba.LocalObject;
import orbasec.corba.MinorBadOperation;
import orbasec.corba.MinorBadParam;
import orbasec.corba.MinorCommFailure;
import orbasec.corba.MinorInternal;
import orbasec.corba.MinorNoPermission;
import orbasec.corba.SecurityFeatures;
import orbasec.krb5.gss;
import orbasec.krb5.gss_OID;
import orbasec.krb5.gss_buffer_holder;
import orbasec.krb5.gss_channel_bindings_t;
import orbasec.krb5.gss_cred_id_t;
import orbasec.krb5.gss_ctx_id_t;
import orbasec.krb5.gss_int_holder;
import orbasec.krb5.gss_name_t;
import orbasec.krb5.gss_string_holder;
import orbasec.util.List;
import orbasec.util.Util;
import org.omg.CORBA.BAD_OPERATION;
import org.omg.CORBA.BAD_PARAM;
import org.omg.CORBA.COMM_FAILURE;
import org.omg.CORBA.CompletionStatus;
import org.omg.CORBA.INTERNAL;
import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.SystemException;
import org.omg.CORBA.UNKNOWN;
import org.omg.SECIOP.KerberosV5;
import org.omg.SECIOP.KerberosV5Helper;
import org.omg.Security.AssociationStatus;
import org.omg.Security.ChannelBindings;
import org.omg.Security.DelegationMode;
import org.omg.Security.DelegationState;
import org.omg.Security.OpaqueBuffer;
import org.omg.Security.OpaqueBufferHolder;
import org.omg.Security.OpaqueHolder;
import org.omg.Security.OptionsDirectionPair;
import org.omg.Security.QOP;
import org.omg.Security.QOPHolder;
import org.omg.Security.SecurityContextState;
import org.omg.Security.SecurityContextType;
import org.omg.SecurityLevel2.Credentials;
import org.omg.SecurityLevel2.ReceivedCredentials;
import org.omg.SecurityLevel2.TargetCredentials;
import org.omg.SecurityReplaceable.ClientSecurityContext;
import org.omg.SecurityReplaceable.ServerSecurityContext;
import org.omg.TimeBase.UtcTHolder;

/* loaded from: input_file:orbasec/secrep/gsskrb5/Kerberos_SecurityContext.class */
class Kerberos_SecurityContext extends LocalObject implements ClientSecurityContext, ServerSecurityContext {
    SecurityContextType context_type_;
    int context_state_;
    String mechanism_;
    ChannelBindings chan_bindings_;
    short options_used_;
    DelegationMode delegation_mode_;
    SecurityFeatures features_;
    byte[] mech_data_;
    Kerberos_Credentials client_credentials_;
    short server_options_supported_;
    short server_options_required_;
    String server_security_name_;
    Kerberos_Credentials peer_credentials_;
    Kerberos_Credentials server_credentials_;
    short association_options_used_;
    List authorities_;
    String conf_file_;
    String cred_cache_file;
    String keytab;
    boolean valid;
    int context_orientation;
    static final int CLIENT = 0;
    static final int SERVER = 1;
    static final int Initialized = 100;
    static final int Continued = 200;
    static final int ContinuedGSSEstablished = 205;
    static final int Established = 300;
    static final int Invalid = 400;
    gss_ctx_id_t gss_context;
    gss_cred_id_t gss_target_creds;
    int gss_client_options;
    gss_cred_id_t gss_client_creds;
    String target_security_name;
    private static final int STATE_CONTRADICTION = 128;
    private static final int[] vault_to_gss = {128, 128, 32, 128, 16, 128, 48, 128, 4, 128, 36, 128, 20, 128, 52, 128, 8, 128, 40, 128, 24, 128, 56, 128, 12, 128, 44, 128, 28, 128, 60, 128, 2, 128, 34, 128, 16, 128, 50, 128, 6, 128, 38, 128, 22, 128, 54, 128, 8, 128, 42, 128, 26, 128, 58, 14, 128, 46, 128, 30, 128, 62, 128};
    static int file_counter = 1;

    public SecurityContextType context_type() {
        return this.context_orientation == 0 ? SecurityContextType.ClientSecurityContext : SecurityContextType.ServerSecurityContext;
    }

    public SecurityContextState context_state() {
        switch (this.context_state_) {
            case Initialized /* 100 */:
                return SecurityContextState.SecContextInitialized;
            case Continued /* 200 */:
            case ContinuedGSSEstablished /* 205 */:
                return SecurityContextState.SecContextContinued;
            case Established /* 300 */:
                return SecurityContextState.SecContextEstablished;
            case Invalid /* 400 */:
                return SecurityContextState.SecContextInvalid;
            default:
                return null;
        }
    }

    public String mechanism() {
        return this.mechanism_;
    }

    public ChannelBindings chan_binding() {
        return this.chan_bindings_;
    }

    public short association_options_used() {
        return this.options_used_;
    }

    public DelegationMode delegation_mode() {
        return this.delegation_mode_;
    }

    public SecurityFeatures features() {
        return this.features_;
    }

    public byte[] mech_data() {
        if (this.context_orientation != 0) {
            throw new BAD_OPERATION("Only on ClientSecurityContext.", MinorBadOperation.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        return this.mech_data_;
    }

    public Credentials client_credentials() {
        if (this.context_orientation != 0) {
            throw new BAD_OPERATION("Only on ClientSecurityContext.", MinorBadOperation.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        return this.client_credentials_;
    }

    public short server_options_supported() {
        return this.server_options_supported_;
    }

    public short server_options_required() {
        return this.server_options_required_;
    }

    public byte[] server_security_name() {
        return this.server_security_name_.getBytes();
    }

    public ReceivedCredentials received_credentials() {
        if (this.context_orientation != 1) {
            throw new BAD_OPERATION("Only on ServerSecurityContext.", MinorBadOperation.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        return this.peer_credentials_;
    }

    public Credentials peer_credentials() {
        return this.peer_credentials_;
    }

    public TargetCredentials target_credentials() {
        if (this.context_orientation != 0) {
            throw new BAD_OPERATION("Only on ServerSecurityContext.", MinorBadOperation.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        return this.peer_credentials_;
    }

    public Credentials server_credentials() {
        if (this.context_orientation != 1) {
            throw new BAD_OPERATION("Only on ServerSecurityContext.", MinorBadOperation.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        return this.server_credentials_;
    }

    void check_set_delegation(Kerberos_Credentials kerberos_Credentials, Kerberos_SecurityContext kerberos_SecurityContext, DelegationMode delegationMode) {
        switch (delegationMode.value()) {
            case 0:
                this.features_._A_no_delegation(true);
                return;
            case 1:
                if (!kerberos_Credentials._A_can_be_delegated()) {
                    throw new BAD_PARAM("Credentials cannot be delegated.", MinorBadParam.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
                }
                this.features_._A_simple_delegation(true);
                this.features_._A_no_delegation(false);
                return;
            case 2:
                throw new BAD_PARAM("Composite Delegation is not supported.", MinorBadParam.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
            default:
                throw new INTERNAL("Bad DelegationMode value.", MinorInternal.BadEnumValue.value(), CompletionStatus.COMPLETED_NO);
        }
    }

    void check_set_server_options(Kerberos_Credentials kerberos_Credentials, short s, byte[] bArr) {
        CDRBuffer cDRBuffer = new CDRBuffer(bArr, 0, bArr.length);
        cDRBuffer.readEndian();
        KerberosV5 read = KerberosV5Helper.read(new CDRDecoder(cDRBuffer));
        this.server_options_supported_ = read.target_supports;
        this.server_options_required_ = read.target_requires;
        if (s != (this.server_options_supported_ & s)) {
            throw new BAD_PARAM(new StringBuffer("     Target does not support all the selected options of ").append(CredUtil.toString(s)).append(", target only supports ").append(CredUtil.toString(this.server_options_supported_)).toString(), MinorBadParam.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        if (this.server_options_required_ != (this.server_options_required_ & kerberos_Credentials.invocation_options_supported())) {
            throw new BAD_PARAM(new StringBuffer("     Target requires more than the selected options of 0x").append(CredUtil.toString(kerberos_Credentials.invocation_options_supported())).append(", target requires ").append(CredUtil.toString(this.server_options_required_)).toString(), MinorBadParam.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        short invocation_options_required = kerberos_Credentials.invocation_options_required();
        if (invocation_options_required != (s & invocation_options_required)) {
            throw new BAD_PARAM(new StringBuffer("     Credentials require more than the selected options of ").append(CredUtil.toString(s)).append(", credentials require ").append(CredUtil.toString(invocation_options_required)).toString(), MinorBadParam.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        this.features_._A_set_from_options(s);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Kerberos_SecurityContext(Kerberos_Credentials kerberos_Credentials, byte[] bArr, DelegationMode delegationMode, short s, String str, byte[] bArr2, ChannelBindings channelBindings) {
        this.valid = true;
        this.context_orientation = 0;
        this.context_state_ = 0;
        this.server_security_name_ = new String(bArr);
        this.mechanism_ = str;
        this.mech_data_ = bArr2;
        this.chan_bindings_ = channelBindings;
        this.conf_file_ = kerberos_Credentials.conf_file_;
        this.features_ = new SecurityFeatures();
        check_set_delegation(kerberos_Credentials, this, delegationMode);
        this.client_credentials_ = kerberos_Credentials;
        check_set_server_options(kerberos_Credentials, (short) (s | 8), bArr2);
        this.authorities_ = Kerberos_Vault.getClientPeerAuthorities();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Kerberos_SecurityContext(Kerberos_Credentials kerberos_Credentials, ChannelBindings channelBindings) {
        this.valid = true;
        this.context_orientation = 1;
        this.context_state_ = 0;
        this.mechanism_ = "Kerberos_MIT";
        this.chan_bindings_ = channelBindings;
        this.conf_file_ = kerberos_Credentials.conf_file_;
        this.features_ = new SecurityFeatures();
        this.server_security_name_ = new String(CredUtil.getAccessId(kerberos_Credentials));
        this.server_credentials_ = kerberos_Credentials;
        this.server_options_supported_ = kerberos_Credentials.accepting_options_supported();
        this.server_options_required_ = kerberos_Credentials.accepting_options_required();
        this.client_credentials_ = null;
        this.mech_data_ = null;
        this.authorities_ = Kerberos_Vault.getServerPeerAuthorities();
    }

    public AssociationStatus continue_security_context(OpaqueBuffer opaqueBuffer, OpaqueBufferHolder opaqueBufferHolder) {
        if (this.context_state_ < Continued || this.context_state_ >= Established) {
            throw new INTERNAL("Bad security context state", MinorInternal.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        try {
            return internal_continue_security_context(opaqueBuffer, opaqueBufferHolder);
        } catch (Exception e) {
            throw new UNKNOWN(new StringBuffer("Other Exception : ").append(e.toString()).toString());
        } catch (SystemException e2) {
            throw e2;
        } catch (GSSError e3) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("Kerberos.continue_security_context:GSS Error: ").append(e3.getMessage()).toString());
            }
            throw new COMM_FAILURE(new StringBuffer("GSS Error: ").append(e3.getMessage()).toString(), MinorCommFailure.MinorGSSError.value(), CompletionStatus.COMPLETED_NO);
        }
    }

    private AssociationStatus internal_continue_security_context(OpaqueBuffer opaqueBuffer, OpaqueBufferHolder opaqueBufferHolder) {
        AssociationStatus cont_accept_context;
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityCcontext:internal_continue_security_context");
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("    token[").append(opaqueBuffer.buffer.length).append("] : ").append(Util.toHexString(opaqueBuffer.buffer)).toString());
        }
        AssociationStatus associationStatus = AssociationStatus.SecAssocFailure;
        switch (this.context_orientation) {
            case 0:
                cont_accept_context = cont_init_context(opaqueBuffer, opaqueBufferHolder);
                break;
            case 1:
                cont_accept_context = cont_accept_context(opaqueBuffer, opaqueBufferHolder);
                break;
            default:
                throw new INTERNAL("Kerberos Context.continue_sec_ctx: Bad Context State", MinorInternal.SecurityContext.value(), CompletionStatus.COMPLETED_NO);
        }
        return cont_accept_context;
    }

    public void protect_message(OpaqueBuffer opaqueBuffer, QOP qop, OpaqueBufferHolder opaqueBufferHolder, OpaqueBufferHolder opaqueBufferHolder2) {
        if (this.context_state_ < ContinuedGSSEstablished) {
            new INTERNAL("Bad security context state");
        }
        try {
            internal_protect_message(opaqueBuffer, qop, opaqueBufferHolder, opaqueBufferHolder2);
        } catch (GSSError e) {
            throw new COMM_FAILURE(new StringBuffer("GSS error : ").append(e.getMessage()).toString(), MinorCommFailure.MinorGSSError.value(), CompletionStatus.COMPLETED_NO);
        } catch (SystemException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new UNKNOWN(new StringBuffer("Other Exception : ").append(e3.toString()).toString());
        }
    }

    public void internal_protect_message(OpaqueBuffer opaqueBuffer, QOP qop, OpaqueBufferHolder opaqueBufferHolder, OpaqueBufferHolder opaqueBufferHolder2) {
        gss_int_holder gss_int_holderVar = new gss_int_holder();
        gss_int_holder gss_int_holderVar2 = new gss_int_holder();
        gss_buffer_holder gss_buffer_holderVar = new gss_buffer_holder();
        switch (qop.value()) {
            case 0:
                if (orbasec.util.Debug.debug) {
                    orbasec.util.Debug.println(Debug.SECIOP, "KERBEROS USING NoProtection!!!!!");
                }
                opaqueBufferHolder.value = new OpaqueBuffer(opaqueBuffer.buffer, 0, opaqueBuffer.buffer.length);
                opaqueBufferHolder2.value = new OpaqueBuffer(new byte[0], 0, 0);
                break;
            case 1:
                if (orbasec.util.Debug.debug) {
                    orbasec.util.Debug.println(Debug.SECIOP, "KERBEROS USING GET_MIC!!!!!");
                }
                int i = gss.get_mic(gss_int_holderVar, this.gss_context, 0, opaqueBuffer.buffer, gss_buffer_holderVar);
                if (i == 0) {
                    opaqueBufferHolder.value = new OpaqueBuffer(opaqueBuffer.buffer, 0, opaqueBuffer.buffer.length);
                    opaqueBufferHolder2.value = new OpaqueBuffer(gss_buffer_holderVar.buffer(), 0, gss_buffer_holderVar.buffer().length);
                    break;
                } else {
                    throw new GSSError("get_mic message", i, gss_int_holderVar.value);
                }
            case 2:
            case gss.GSS_C_AF_IMPLINK /* 3 */:
                if (orbasec.util.Debug.debug) {
                    orbasec.util.Debug.println(Debug.SECIOP, "KERBEROS USING WRAP!!!!!");
                }
                int wrap = gss.wrap(gss_int_holderVar, this.gss_context, 1, 0, opaqueBuffer.buffer, gss_int_holderVar2, gss_buffer_holderVar);
                if (wrap == 0) {
                    opaqueBufferHolder.value = new OpaqueBuffer((byte[]) null, 0, 0);
                    opaqueBufferHolder2.value = new OpaqueBuffer(gss_buffer_holderVar.buffer(), 0, gss_buffer_holderVar.buffer().length);
                    break;
                } else {
                    throw new GSSError("wrapping message", wrap, gss_int_holderVar.value);
                }
            default:
                throw new INTERNAL("Bad QOP value!");
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, "MSG: ");
            if (opaqueBuffer != null) {
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("length = ").append(opaqueBuffer.buffer.length).append(" >> ").append(Util.toHexString(opaqueBuffer.buffer)).toString());
            }
            orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, "TOKEN: ");
            if (opaqueBufferHolder2.value != null && opaqueBufferHolder2.value.buffer != null) {
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("length = ").append(opaqueBufferHolder2.value.buffer.length).append(" >> ").append(Util.toHexString(opaqueBufferHolder2.value.buffer)).toString());
            }
            orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, "DATA: ");
            if (opaqueBufferHolder.value == null || opaqueBufferHolder.value.buffer == null) {
                return;
            }
            orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("length = ").append(opaqueBufferHolder.value.buffer.length).append(" >> ").append(Util.toHexString(opaqueBufferHolder.value.buffer)).toString());
        }
    }

    public void reclaim_message(OpaqueBuffer opaqueBuffer, OpaqueBuffer opaqueBuffer2, QOPHolder qOPHolder, OpaqueBufferHolder opaqueBufferHolder) {
        if (this.context_state_ < Established) {
            throw new INTERNAL(new StringBuffer("Bad security context state: ").append(this.context_state_).toString());
        }
        try {
            internal_reclaim_message(opaqueBuffer, opaqueBuffer2, qOPHolder, opaqueBufferHolder);
        } catch (GSSError e) {
            throw new COMM_FAILURE(new StringBuffer("GSS Error: ").append(e.getMessage()).toString());
        } catch (Exception e2) {
            throw new UNKNOWN(new StringBuffer("Other Exception : ").append(e2.toString()).toString());
        } catch (SystemException e3) {
            throw e3;
        }
    }

    private void internal_reclaim_message(OpaqueBuffer opaqueBuffer, OpaqueBuffer opaqueBuffer2, QOPHolder qOPHolder, OpaqueBufferHolder opaqueBufferHolder) {
        if (opaqueBuffer == null) {
            throw new InternalError("Kerberos_SecurityContext.internal_reclaim_message: null text_buffer");
        }
        if (opaqueBuffer2 == null) {
            throw new InternalError("Kerberos_SecurityContext.internal_reclaim_message: null token");
        }
        if (opaqueBufferHolder == null) {
            throw new InternalError("Kerberos_SecurityContext.internal_reclaim_message: null message");
        }
        gss_int_holder gss_int_holderVar = new gss_int_holder();
        gss_int_holder gss_int_holderVar2 = new gss_int_holder();
        gss_int_holder gss_int_holderVar3 = new gss_int_holder();
        gss_buffer_holder gss_buffer_holderVar = new gss_buffer_holder();
        gss_int_holderVar2.value = 0;
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, "DATA  : ");
        }
        if (opaqueBuffer.buffer == null) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "KERBEROS USING UNWRAP!!!!!");
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, "TOKEN: ");
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("length = ").append(opaqueBuffer2.buffer.length).append(" << ").append(Util.toHexString(opaqueBuffer2.buffer)).toString());
            }
            if (opaqueBuffer2.buffer == null) {
                throw new InternalError("Kerberos_SecurityContext.reclaim_message: both buf and token are null");
            }
            int unwrap = gss.unwrap(gss_int_holderVar, this.gss_context, opaqueBuffer2.buffer, gss_buffer_holderVar, gss_int_holderVar2, gss_int_holderVar3);
            if (unwrap != 0) {
                throw new GSSError("unwrapping message", unwrap, gss_int_holderVar.value);
            }
            opaqueBufferHolder.value = new OpaqueBuffer(gss_buffer_holderVar.buffer(), 0, gss_buffer_holderVar.buffer().length);
            if (gss_int_holderVar2.value == 0) {
                qOPHolder.value = QOP.SecQOPIntegrity;
                Kerberos_Credentials kerberos_Credentials = this.client_credentials_;
                kerberos_Credentials.association_options_used_ = (short) (kerberos_Credentials.association_options_used_ | 2);
                Kerberos_Credentials kerberos_Credentials2 = this.client_credentials_;
                kerberos_Credentials2.association_options_used_ = (short) (kerberos_Credentials2.association_options_used_ & (-6));
            } else {
                qOPHolder.value = QOP.SecQOPIntegrityAndConfidentiality;
                Kerberos_Credentials kerberos_Credentials3 = this.client_credentials_;
                kerberos_Credentials3.association_options_used_ = (short) (kerberos_Credentials3.association_options_used_ | 6);
                Kerberos_Credentials kerberos_Credentials4 = this.client_credentials_;
                kerberos_Credentials4.association_options_used_ = (short) (kerberos_Credentials4.association_options_used_ & (-2));
            }
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("value = ").append(opaqueBufferHolder.value).append(" conf_state = ").append(gss_int_holderVar2.value).toString());
            }
        } else if (opaqueBuffer2.buffer == null || opaqueBuffer2.buffer.length == 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "KERBEROS USING No Protection!!!!!");
                orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("length = ").append(opaqueBuffer.buffer.length).append(" << ").append(Util.toHexString(opaqueBuffer.buffer)).toString());
            }
            opaqueBufferHolder.value = opaqueBuffer;
            qOPHolder.value = QOP.SecQOPNoProtection;
            Kerberos_Credentials kerberos_Credentials5 = this.client_credentials_;
            kerberos_Credentials5.association_options_used_ = (short) (kerberos_Credentials5.association_options_used_ | 1);
            Kerberos_Credentials kerberos_Credentials6 = this.client_credentials_;
            kerberos_Credentials6.association_options_used_ = (short) (kerberos_Credentials6.association_options_used_ & (-7));
        } else {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "KERBEROS USING VERIFY!!!!!");
                orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("length = ").append(opaqueBuffer.buffer.length).append(" << ").append(Util.toHexString(opaqueBuffer.buffer)).toString());
            }
            int verify_mic = gss.verify_mic(gss_int_holderVar, this.gss_context, opaqueBuffer.buffer, opaqueBuffer2.buffer, gss_int_holderVar3);
            if (verify_mic != 0) {
                throw new GSSError("verifying token", verify_mic, gss_int_holderVar.value);
            }
            opaqueBufferHolder.value = opaqueBuffer;
            qOPHolder.value = QOP.SecQOPIntegrity;
            Kerberos_Credentials kerberos_Credentials7 = this.client_credentials_;
            kerberos_Credentials7.association_options_used_ = (short) (kerberos_Credentials7.association_options_used_ | 2);
            Kerberos_Credentials kerberos_Credentials8 = this.client_credentials_;
            kerberos_Credentials8.association_options_used_ = (short) (kerberos_Credentials8.association_options_used_ & (-6));
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("KERBEROS QOP WAS ").append(qOPHolder.value.value()).toString());
            orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("RECLAIMED: ").append(opaqueBufferHolder.value.buffer.length).toString());
            orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, Util.toHexString(opaqueBufferHolder.value.buffer));
        }
    }

    public boolean is_valid(UtcTHolder utcTHolder) {
        return this.valid;
    }

    public boolean supports_refresh() {
        return false;
    }

    public boolean refresh_security_context(OpaqueBuffer opaqueBuffer, OpaqueBufferHolder opaqueBufferHolder) {
        throw new BAD_OPERATION();
    }

    public boolean process_refresh_token(OpaqueBuffer opaqueBuffer) {
        throw new BAD_OPERATION();
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:4:0x001f. Please report as an issue. */
    public boolean discard_security_context(byte[] bArr, OpaqueBufferHolder opaqueBufferHolder) {
        gss_int_holder gss_int_holderVar = new gss_int_holder();
        gss_buffer_holder gss_buffer_holderVar = new gss_buffer_holder();
        try {
            switch (gss.delete_sec_context(gss_int_holderVar, this.gss_context, gss_buffer_holderVar)) {
                case 0:
                    byte[] buffer = gss_buffer_holderVar.buffer();
                    opaqueBufferHolder.value = new OpaqueBuffer(buffer, 0, buffer.length);
                    return true;
                case gss.GSS_S_NO_CONTEXT /* 524288 */:
                    return false;
                case 851968:
                    return false;
                default:
                    return false;
            }
        } catch (SystemException e) {
            throw e;
        } catch (GSSError e2) {
            throw new COMM_FAILURE(new StringBuffer("GSS error : ").append(e2.getMessage()).toString(), MinorCommFailure.MinorGSSError.value(), CompletionStatus.COMPLETED_NO);
        } catch (Exception e3) {
            throw new UNKNOWN(new StringBuffer("Other Exception : ").append(e3.toString()).toString());
        }
    }

    public boolean process_discard_token(OpaqueBuffer opaqueBuffer) {
        try {
            switch (gss.process_context_token(new gss_int_holder(), opaqueBuffer.buffer, this.gss_context)) {
                case 0:
                    return true;
                case gss.GSS_S_NO_CONTEXT /* 524288 */:
                    return false;
                case gss.GSS_S_DEFECTIVE_TOKEN /* 589824 */:
                    return false;
                case 851968:
                    return false;
                default:
                    return false;
            }
        } catch (Exception e) {
            throw new UNKNOWN(new StringBuffer("Other Exception : ").append(e.toString()).toString());
        } catch (SystemException e2) {
            throw e2;
        } catch (GSSError e3) {
            throw new COMM_FAILURE(new StringBuffer("GSS error : ").append(e3.getMessage()).toString(), MinorCommFailure.MinorGSSError.value(), CompletionStatus.COMPLETED_NO);
        }
    }

    private void print_flags(int i) {
        if ((i & gss.GSS_C_TRANS_FLAG) != 0 && orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_TRANS_FLAG on!");
        }
        if ((i & 128) != 0 && orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_PROT_READY_FLAG on!");
        }
        if ((i & 64) != 0 && orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_ANON_FLAG on!");
        }
        if ((i & 2) != 0 && orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_MUTUAL_FLAG on!");
        }
        if ((i & 1) != 0 && orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_DELEG_FLAG on!");
        }
        if ((i & 4) != 0 && orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_REPLAY_FLAG on!");
        }
        if ((i & 8) != 0 && orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_SEQUENCE_FLAG on!");
        }
        if ((i & 16) != 0 && orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_CONF_FLAG on!");
        }
        if ((i & 32) == 0 || !orbasec.util.Debug.debug) {
            return;
        }
        orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_INTEG_FLAG on!");
    }

    private void set_features_and_association_options_used(int i) {
        this.features_._A_no_delegation(true);
        this.features_._A_establish_trust_in_client(true);
        this.association_options_used_ = (short) (this.association_options_used_ | 64);
        if ((i & 2) != 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_MUTUAL_FLAG on!");
            }
            this.features_._A_establish_trust_in_target(true);
            this.association_options_used_ = (short) (this.association_options_used_ | 32);
        }
        if ((i & 1) != 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_DELEG_FLAG on!");
            }
            this.features_._A_no_delegation(false);
            this.features_._A_simple_delegation(true);
        }
        if ((i & 4) != 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_REPLAY_FLAG on!");
            }
            this.features_._A_detect_replay(true);
            this.association_options_used_ = (short) (this.association_options_used_ | 8);
        }
        if ((i & 8) != 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_SEQUENCE_FLAG on!");
            }
            this.features_._A_detect_misordering(true);
            this.association_options_used_ = (short) (this.association_options_used_ | 16);
        }
        if ((i & 16) != 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_CONF_FLAG on!");
            }
            this.features_._A_confidentiality(true);
            this.association_options_used_ = (short) (this.association_options_used_ | 2);
            this.association_options_used_ = (short) (this.association_options_used_ | 4);
        }
        if ((i & 32) != 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext: GSS_C_INTEG_FLAG on!");
            }
            this.features_._A_integrity(true);
            this.association_options_used_ = (short) (this.association_options_used_ | 2);
        }
        if (this.features_.integrity() && this.features_.confidentiality()) {
            this.features_._A_integrity_and_confidentiality(true);
        }
        this.association_options_used_ = this.features_._A_get_association_options();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AssociationStatus accept_context(byte[] bArr, OpaqueHolder opaqueHolder) {
        if (this.context_state_ != 0) {
            throw new INTERNAL(new StringBuffer("Bad security context state: ").append(this.context_state_).toString());
        }
        this.context_state_ = Initialized;
        try {
            return internal_accept_context(bArr, opaqueHolder);
        } catch (Exception e) {
            throw new UNKNOWN(new StringBuffer("Other Exception : ").append(e.toString()).toString());
        } catch (SystemException e2) {
            throw e2;
        } catch (GSSError e3) {
            throw new COMM_FAILURE(new StringBuffer("GSS error : ").append(e3.getMessage()).toString(), MinorCommFailure.MinorGSSError.value(), CompletionStatus.COMPLETED_NO);
        }
    }

    private AssociationStatus internal_accept_context(byte[] bArr, OpaqueHolder opaqueHolder) {
        this.context_orientation = 1;
        this.gss_context = new gss_ctx_id_t();
        this.gss_target_creds = this.server_credentials_.get_gss_cred_id_t();
        this.cred_cache_file = this.server_credentials_.ccache;
        this.keytab = this.server_credentials_.keytab;
        Kerberos_Credentials kerberos_Credentials = new Kerberos_Credentials(this.server_credentials_.conf_file_, null, this.cred_cache_file);
        kerberos_Credentials._A_setReceived();
        kerberos_Credentials._A_accepting_credentials(this.server_credentials_);
        kerberos_Credentials.delegation_state(DelegationState.SecInitiator);
        this.peer_credentials_ = kerberos_Credentials;
        this.client_credentials_ = kerberos_Credentials;
        return cont_accept_context1(bArr, opaqueHolder);
    }

    private AssociationStatus cont_accept_context(OpaqueBuffer opaqueBuffer, OpaqueBufferHolder opaqueBufferHolder) {
        if (this.context_state_ < Continued || this.context_state_ >= Established) {
            throw new INTERNAL(new StringBuffer("Bad security context state: ").append(this.context_state_).toString());
        }
        OpaqueHolder opaqueHolder = new OpaqueHolder();
        AssociationStatus cont_accept_context1 = cont_accept_context1(opaqueBuffer.buffer, opaqueHolder);
        opaqueBufferHolder.value = new OpaqueBuffer();
        opaqueBufferHolder.value.buffer = opaqueHolder.value;
        opaqueBufferHolder.value.startpos = 0;
        opaqueBufferHolder.value.endpos = opaqueHolder.value.length;
        return cont_accept_context1;
    }

    private AssociationStatus cont_accept_context1(byte[] bArr, OpaqueHolder opaqueHolder) {
        OpaqueHolder opaqueHolder2 = new OpaqueHolder();
        AssociationStatus gss_accept_sec_context = gss_accept_sec_context(bArr, opaqueHolder2);
        if (gss_accept_sec_context.value() != 1) {
            opaqueHolder.value = opaqueHolder2.value;
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("Kerberos_SecurityContext.cont_accept_context1: ret = ").append(gss_accept_sec_context.value()).toString());
                if (opaqueHolder.value == null) {
                    orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, "  out_token is null;");
                } else {
                    orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("  out_token[").append(opaqueHolder.value.length).append("] = ").append(Util.toHexString(opaqueHolder.value)).toString());
                }
            }
            if (opaqueHolder.value == null) {
                opaqueHolder.value = new byte[0];
            }
        }
        return gss_accept_sec_context;
    }

    private AssociationStatus gss_accept_sec_context(byte[] bArr, OpaqueHolder opaqueHolder) {
        gss_int_holder gss_int_holderVar = new gss_int_holder();
        gss_OID gss_oid = new gss_OID();
        gss_int_holder gss_int_holderVar2 = new gss_int_holder();
        gss_buffer_holder gss_buffer_holderVar = new gss_buffer_holder();
        gss_name_t gss_name_tVar = new gss_name_t();
        gss_string_holder gss_string_holderVar = new gss_string_holder();
        gss_cred_id_t gss_cred_id_tVar = new gss_cred_id_t();
        gss_int_holder gss_int_holderVar3 = new gss_int_holder();
        gss_channel_bindings_t gss_channel_bindings_tVar = new gss_channel_bindings_t();
        int create_channel_bindings = gss.create_channel_bindings(this.chan_bindings_.initiator_addrtype, this.chan_bindings_.initiator_address, this.chan_bindings_.acceptor_addrtype, this.chan_bindings_.acceptor_address, this.chan_bindings_.application_data, gss_channel_bindings_tVar);
        if (orbasec.util.Debug.debug(Debug.SECIOP)) {
            orbasec.util.Debug.println("krb5_gss_accept_sec_context:ChannelBindings:");
            orbasec.util.Debug.println(new StringBuffer("  ia=").append(Util.toHexString(this.chan_bindings_.initiator_address)).toString());
            orbasec.util.Debug.println(new StringBuffer("  aa=").append(Util.toHexString(this.chan_bindings_.acceptor_address)).toString());
        }
        if (create_channel_bindings != 0) {
            throw new INTERNAL("No Memory");
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContext.gss_accept_sec_context:");
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("    recv_token[").append(bArr.length).append("]").toString());
            orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, Util.hexDump(bArr));
        }
        String str = this.cred_cache_file;
        if (gss.version.major == 1 && gss.version.minor == 0) {
            this.cred_cache_file = copy_cred_cache(this.server_credentials_);
            gss.krb_set_cache(this.cred_cache_file);
            this.client_credentials_.ccache = this.cred_cache_file;
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("    Accepting with new cache file ").append(this.cred_cache_file).toString());
            }
        }
        if (gss.version.major == 1 && gss.version.minor == 0 && this.keytab != null) {
            gss.krb_set_keytab(this.keytab);
        }
        if (this.conf_file_ != null) {
            gss.krb_set_config_file(this.conf_file_);
        }
        int accept_sec_context = gss.accept_sec_context(gss_int_holderVar, this.gss_context, this.gss_target_creds, bArr, gss_channel_bindings_tVar, gss_name_tVar, gss_oid, gss_buffer_holderVar, gss_int_holderVar2, gss_int_holderVar3, gss_cred_id_tVar);
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("KerberosSecurityContext: gss_accept_sec_context: returns ").append(accept_sec_context).toString());
        }
        if (accept_sec_context != 0 && accept_sec_context != 1) {
            if (gss.version.major == 1 && gss.version.minor == 0) {
                gss.krb_set_cache(str);
            }
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(new GSSError("accepting context", accept_sec_context, gss_int_holderVar.value).getMessage());
            }
            throw new GSSError("accepting context", accept_sec_context, gss_int_holderVar.value);
        }
        if (accept_sec_context == 1) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "   Accept is Continued.");
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("    out_token[").append(gss_buffer_holderVar.buffer().length).append("] = ").toString());
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, Util.hexDump(gss_buffer_holderVar.buffer()));
            }
            opaqueHolder.value = gss_buffer_holderVar.buffer();
            if (gss.version.major == 1 && gss.version.minor == 0) {
                gss.krb_set_cache(str);
            }
            this.context_state_ = Continued;
            return AssociationStatus.SecAssocContinue;
        }
        if (gss_buffer_holderVar.buffer().length != 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, "   Accept is Complete.");
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("   out_token[").append(gss_buffer_holderVar.buffer().length).append("]").toString());
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, Util.hexDump(gss_buffer_holderVar.buffer()));
            }
            opaqueHolder.value = gss_buffer_holderVar.buffer();
        }
        gss_string_holder gss_string_holderVar2 = new gss_string_holder();
        int oid_to_str = gss.oid_to_str(gss_int_holderVar, gss_oid, gss_string_holderVar2);
        if (oid_to_str != 0) {
            if (gss.version.major == 1 && gss.version.minor == 0) {
                gss.krb_set_cache(str);
            }
            throw new GSSError("converting oid->string", oid_to_str, gss_int_holderVar.value);
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("   Accepted connection using mechanism OID ").append(gss_string_holderVar2.buffer()).toString());
        }
        int display_name = gss.display_name(gss_int_holderVar, gss_name_tVar, gss_string_holderVar, gss_oid);
        if (display_name != 0) {
            if (gss.version.major == 1 && gss.version.minor == 0) {
                gss.krb_set_cache(str);
            }
            throw new GSSError("displaying name", display_name, gss_int_holderVar.value);
        }
        set_features_and_association_options_used(gss_int_holderVar2.value);
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "Kerberos_SecurityContextContext Accepted");
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("GSS Flags: ").append(Integer.toHexString(gss_int_holderVar2.value)).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("Features: ").append(this.features_).toString());
        }
        this.client_credentials_.features_ = this.features_._A_copy();
        this.client_credentials_.association_options_used_ = this.association_options_used_;
        this.client_credentials_._A_set_access_id(gss_string_holderVar.buffer());
        this.client_credentials_._A_accepting_credentials(this.server_credentials_);
        if (!Kerberos_Vault.verifyAuthority(this.client_credentials_._A_get_issuer_id(), this.authorities_)) {
            return AssociationStatus.SecAssocFailure;
        }
        if ((gss_int_holderVar2.value & 1) != 0) {
            this.client_credentials_._A_set_simple_delegate();
            Kerberos_Credentials kerberos_Credentials = this.client_credentials_;
            kerberos_Credentials.invocation_options_supported_ = (short) (kerberos_Credentials.invocation_options_supported_ | 256);
            if (gss.version.major != 1 || gss.version.minor != 0) {
                this.client_credentials_.gss_creds = gss_cred_id_tVar;
            }
        } else {
            this.client_credentials_._A_set_no_delegate();
            this.client_credentials_.invocation_options_supported_ = (short) 0;
            this.client_credentials_.invocation_options_required_ = (short) 0;
        }
        this.context_state_ = Established;
        return AssociationStatus.SecAssocSuccess;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AssociationStatus init_context(byte[] bArr, OptionsDirectionPair[] optionsDirectionPairArr, DelegationMode delegationMode, OpaqueHolder opaqueHolder) {
        this.context_orientation = 0;
        this.gss_context = new gss_ctx_id_t();
        this.target_security_name = new String(bArr);
        this.gss_client_creds = this.client_credentials_.get_gss_cred_id_t();
        this.gss_client_options = convert_options_to_gss(optionsDirectionPairArr, delegationMode);
        this.cred_cache_file = this.client_credentials_.ccache;
        this.keytab = this.client_credentials_.keytab;
        this.server_security_name_ = new String(bArr);
        OpaqueHolder opaqueHolder2 = new OpaqueHolder();
        AssociationStatus gss_init_sec_context = gss_init_sec_context(new byte[0], opaqueHolder2);
        if (gss_init_sec_context.value() != 1) {
            if (opaqueHolder2.value == null) {
                opaqueHolder.value = new byte[0];
            } else {
                opaqueHolder.value = opaqueHolder2.value;
            }
        }
        return gss_init_sec_context;
    }

    private AssociationStatus cont_init_context(OpaqueBuffer opaqueBuffer, OpaqueBufferHolder opaqueBufferHolder) {
        OpaqueHolder opaqueHolder = new OpaqueHolder();
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("Kerberos_SecurityContext.cont_init_context: recv_tok.buffer[").append(opaqueBuffer.buffer.length).append("] = ").append(Util.toHexString(opaqueBuffer.buffer)).toString());
        }
        if (this.context_state_ == ContinuedGSSEstablished) {
            if (opaqueBuffer.buffer.length != 0) {
                throw new COMM_FAILURE("Zero SECIOP Token Received", MinorCommFailure.MinorRecvZero.value(), CompletionStatus.COMPLETED_NO);
            }
            this.context_state_ = Established;
            return AssociationStatus.SecAssocSuccess;
        }
        AssociationStatus gss_init_sec_context = gss_init_sec_context(opaqueBuffer.buffer, opaqueHolder);
        if (gss_init_sec_context == AssociationStatus.SecAssocContinue) {
            opaqueBufferHolder.value = new OpaqueBuffer(opaqueHolder.value, 0, opaqueHolder.value.length);
        }
        return gss_init_sec_context;
    }

    private AssociationStatus gss_init_sec_context(byte[] bArr, OpaqueHolder opaqueHolder) {
        AssociationStatus associationStatus;
        gss_int_holder gss_int_holderVar = new gss_int_holder();
        gss_name_t gss_name_tVar = new gss_name_t();
        gss_buffer_holder gss_buffer_holderVar = new gss_buffer_holder();
        gss_int_holder gss_int_holderVar2 = new gss_int_holder();
        gss_channel_bindings_t gss_channel_bindings_tVar = new gss_channel_bindings_t();
        if (this.conf_file_ != null) {
            gss.krb_set_config_file(this.conf_file_);
        }
        if (gss.create_channel_bindings(this.chan_bindings_.initiator_addrtype, this.chan_bindings_.initiator_address, this.chan_bindings_.acceptor_addrtype, this.chan_bindings_.acceptor_address, this.chan_bindings_.application_data, gss_channel_bindings_tVar) != 0) {
            throw new INTERNAL("No Memory");
        }
        int import_name = gss.import_name(gss_int_holderVar, this.target_security_name, gss.gss_nt_user_name, gss_name_tVar);
        if (import_name != 0) {
            throw new GSSError("parsing target name", import_name, gss_int_holderVar.value);
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("Kerberos_SecurityContext.init_sec_context: flags ").append(Integer.toHexString(this.gss_client_options)).toString());
        }
        gss_string_holder gss_string_holderVar = new gss_string_holder();
        gss_OID gss_oid = new gss_OID();
        int display_name = gss.display_name(gss_int_holderVar, gss_name_tVar, gss_string_holderVar, gss_oid);
        if (display_name != 0) {
            throw new GSSError("displaying name", display_name, gss_int_holderVar.value);
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("init_sec_context: imported target name =").append(gss_string_holderVar.buffer()).toString());
        }
        if (!Kerberos_Vault.verifyAuthority(Kerberos_Credentials._A_issuerIdOf(gss_string_holderVar.buffer()), this.authorities_)) {
            throw new NO_PERMISSION("Violation of trusted authority policy", MinorNoPermission.PolicyViolation.value(), CompletionStatus.COMPLETED_NO);
        }
        gss_string_holder gss_string_holderVar2 = new gss_string_holder();
        int oid_to_str = gss.oid_to_str(gss_int_holderVar, gss_oid, gss_string_holderVar2);
        if (oid_to_str != 0) {
            throw new GSSError("converting oid->string", oid_to_str, gss_int_holderVar.value);
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("The name has type ").append(gss_string_holderVar2.buffer()).toString());
        }
        if (gss.version.major == 1 && gss.version.minor == 0) {
            gss.krb_set_cache(this.cred_cache_file);
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("Initing with cache file ").append(this.cred_cache_file).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("Kerberos_Cedentials.inquire = ").append(this.client_credentials_._A_inquire()).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("Initing with cache file ").append(this.cred_cache_file).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("gss_client_creds = ").append(this.gss_client_creds.handle).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("gss_context \t = ").append(Integer.toHexString(this.gss_context.handle)).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("target_name \t = ").append(Integer.toHexString(gss_name_tVar.handle)).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("gss_client_options = ").append(Integer.toHexString(this.gss_client_options)).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("ret_flags\t\t = ").append(Integer.toHexString(gss_int_holderVar2.value)).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("recv_token.len   = ").append(bArr.length).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("send_tok.len\t = ").append(gss_buffer_holderVar.buff.length).toString());
            print_flags(this.gss_client_options);
        }
        if (this.conf_file_ != null) {
            gss.krb_set_config_file(this.conf_file_);
        }
        int init_sec_context = gss.init_sec_context(gss_int_holderVar, this.gss_client_creds, this.gss_context, gss_name_tVar, gss.GSS_C_NO_OID, this.gss_client_options, 0, gss_channel_bindings_tVar, bArr, null, gss_buffer_holderVar, gss_int_holderVar2, null);
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("init_sec_context: client options  0x").append(Integer.toHexString(this.gss_client_options)).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("                  actual options  0x").append(Integer.toHexString(gss_int_holderVar2.value)).toString());
            print_flags(gss_int_holderVar2.value);
        }
        if (init_sec_context != 0 && init_sec_context != 1) {
            throw new GSSError("initializing context", init_sec_context, gss_int_holderVar.value);
        }
        if (gss_buffer_holderVar.buffer().length != 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, new StringBuffer("Sending GSSKRB5 accept_sec_context token (Complete) (size=").append(gss_buffer_holderVar.buffer().length).append(") :").toString());
                orbasec.util.Debug.println(Debug.SECIOP_HEXDUMPS, Util.hexDump(gss_buffer_holderVar.buffer()));
            }
            opaqueHolder.value = gss_buffer_holderVar.buffer();
        }
        if (init_sec_context == 0) {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("init_sec_context: COMPLETE ON INIT ").append(Integer.toHexString(gss_int_holderVar2.value)).toString());
            }
            if (this.context_state_ == Continued) {
                this.context_state_ = Established;
            } else {
                this.context_state_ = ContinuedGSSEstablished;
            }
            associationStatus = AssociationStatus.SecAssocSuccess;
            assignTargetCredentials();
        } else {
            if (orbasec.util.Debug.debug) {
                orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("init_sec_context: CONITNUE ON INIT ").append(Integer.toHexString(gss_int_holderVar2.value)).toString());
            }
            this.context_state_ = Continued;
            associationStatus = AssociationStatus.SecAssocContinue;
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("Init_sec_context id = ").append(this.gss_context.handle).toString());
        }
        return associationStatus;
    }

    private void assignTargetCredentials() {
        gss_int_holder gss_int_holderVar = new gss_int_holder();
        gss_name_t gss_name_tVar = new gss_name_t();
        gss_name_t gss_name_tVar2 = new gss_name_t();
        gss_int_holder gss_int_holderVar2 = new gss_int_holder();
        gss_OID gss_oid = new gss_OID();
        gss_int_holder gss_int_holderVar3 = new gss_int_holder();
        gss_int_holder gss_int_holderVar4 = new gss_int_holder();
        gss_int_holder gss_int_holderVar5 = new gss_int_holder();
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, "assignTargetCredentials");
        }
        int inquire_context = gss.inquire_context(gss_int_holderVar, this.gss_context, gss_name_tVar, gss_name_tVar2, gss_int_holderVar2, gss_oid, gss_int_holderVar3, gss_int_holderVar4, gss_int_holderVar5);
        if (inquire_context != 0) {
            throw new GSSError("inquire_context", inquire_context, gss_int_holderVar.value);
        }
        gss_string_holder gss_string_holderVar = new gss_string_holder();
        int display_name = gss.display_name(gss_int_holderVar, gss_name_tVar2, gss_string_holderVar, new gss_OID());
        if (display_name != 0) {
            throw new GSSError("displaying acceptor name", display_name, gss_int_holderVar.value);
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("assignTargetCredentials: peer is ").append(gss_string_holderVar.buffer()).toString());
        }
        set_features_and_association_options_used(gss_int_holderVar3.value);
        this.server_credentials_ = new Kerberos_Credentials(null, null, null);
        this.server_credentials_._A_setTarget();
        this.server_credentials_.features_ = this.features_._A_copy();
        this.server_credentials_.association_options_used_ = this.association_options_used_;
        this.server_credentials_._A_set_access_id(gss_string_holderVar.buffer());
        this.server_credentials_._A_initiating_credentials(this.client_credentials_);
        if (!Kerberos_Vault.verifyAuthority(this.server_credentials_._A_get_issuer_id(), this.authorities_)) {
            throw new NO_PERMISSION("Violation of trusted authority policy", MinorNoPermission.PolicyViolation.value(), CompletionStatus.COMPLETED_NO);
        }
        this.server_credentials_._A_set_no_delegate();
        this.server_credentials_.invocation_options_supported_ = (short) 0;
        this.server_credentials_.invocation_options_required_ = (short) 0;
        this.peer_credentials_ = this.server_credentials_;
    }

    private static int convert_options_to_gss(OptionsDirectionPair[] optionsDirectionPairArr, DelegationMode delegationMode) {
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("Kerberos_Vault:SecurityContext options are : ").append(optionsDirectionPairArr).toString());
        }
        if (optionsDirectionPairArr == null || optionsDirectionPairArr.length == 0) {
            return 0;
        }
        short s = optionsDirectionPairArr[0].options;
        int i = vault_to_gss[s & 63];
        if (delegationMode.value() != 0) {
            i |= 1;
        }
        if (orbasec.util.Debug.debug) {
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("Kerberos_Vault:SecurityContext convert options are : ").append(Integer.toHexString(s)).toString());
            orbasec.util.Debug.println(Debug.SECIOP, new StringBuffer("                           to gss options are : ").append(Integer.toHexString(i)).toString());
        }
        return i;
    }

    private String copy_cred_cache(Kerberos_Credentials kerberos_Credentials) {
        String str = kerberos_Credentials.ccache;
        StringBuffer append = new StringBuffer(String.valueOf(kerberos_Credentials.ccache)).append("-deleg-");
        int i = file_counter;
        file_counter = i + 1;
        String stringBuffer = append.append(i).toString();
        Util.copyFile(stringBuffer, str);
        return stringBuffer;
    }

    void destroy() {
        new File(this.cred_cache_file).delete();
    }

    public void finalize() {
        destroy();
    }
}
