package com.nuodb.impl.net;

import com.nuodb.descriptions.DescriptionBackoffStats;
import com.nuodb.impl.security.CipherBaseAESCTR;
import com.nuodb.impl.security.RemotePassword;
import com.nuodb.impl.security.SessionCiphersInfo;
import com.nuodb.jdbc.ConnectionUrl;
import com.nuodb.xml.Tag;
import com.nuodb.xml.TagFactory;
import com.nuodb.xml.XmlException;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;

/* loaded from: input_file:com/nuodb/impl/net/AuthUtil.class */
public final class AuthUtil {
    private static final Logger logger = Logger.getLogger(AuthUtil.class.getName());
    public static final String CIPHER_RC4 = "RC4";
    public static final String CIPHER_AES256CTR = "AES-256-CTR";
    public static final String DEFAULT_CIPHER = "RC4";
    public static final List<String> SUPPORTED_CIPHERS;
    public static final String SUPPORTED_CIPHERS_CSV;

    public static String selectCipher(String str) throws GeneralSecurityException {
        String selectCipherOrNull = selectCipherOrNull(SUPPORTED_CIPHERS, str);
        if (selectCipherOrNull == null) {
            throw new GeneralSecurityException("No common cipher");
        }
        return selectCipherOrNull;
    }

    public static String selectCipherOrNull(List<String> list, String str) {
        if (str == null || str.isEmpty()) {
            return "RC4";
        }
        for (String str2 : list) {
            Iterator it = Arrays.asList(str.split(ConnectionUrl.DEFAULT_URLDELIMITER)).iterator();
            while (it.hasNext()) {
                if (str2.equals((String) it.next())) {
                    return str2;
                }
            }
        }
        return null;
    }

    public static void initiateAuthorizedSession(SocketListener socketListener, String str, String str2) throws IOException {
        Tag createTag = TagFactory.createTag("Authorize");
        createTag.addAttribute("TargetService", str);
        createTag.addAttribute(DescriptionBackoffStats.BACKOFF_TYPE_ATTR_NAME, str2);
        socketListener.send(createTag);
    }

    public static Tag makeSRPRequestMsg(String str, RemotePassword remotePassword) {
        return makeSRPRequestMsg(str, remotePassword, SUPPORTED_CIPHERS_CSV);
    }

    public static Tag makeSRPRequestMsg(String str, RemotePassword remotePassword, String str2) {
        Tag createTag = TagFactory.createTag("SRPRequest");
        createTag.addAttribute("ClientKey", remotePassword.genClientKey());
        createTag.addAttribute("Cipher", "RC4");
        createTag.addAttribute("Username", str);
        createTag.addAttribute("Ciphers", str2);
        return createTag;
    }

    public static Tag makeSRPResponseMsg(String str, String str2, String str3, byte[] bArr, byte[] bArr2) {
        Tag createTag = TagFactory.createTag("SRPResponse");
        createTag.addAttribute("ServerKey", str);
        createTag.addAttribute("Salt", str2);
        createTag.addAttribute("Cipher", str3);
        if (bArr != null && bArr2 != null) {
            createTag.addAttribute("OutgoingIV", RemotePassword.getHex(bArr));
            createTag.addAttribute("IncomingIV", RemotePassword.getHex(bArr2));
        }
        return createTag;
    }

    public static SessionCiphersInfo parseSRPResponse(Tag tag, String str, String str2, RemotePassword remotePassword) throws XmlException {
        String attribute = tag.getAttribute("Cipher", "RC4");
        String attribute2 = tag.getAttribute("OutgoingIV", null);
        String attribute3 = tag.getAttribute("IncomingIV", null);
        byte[] bArr = null;
        byte[] bArr2 = null;
        if (attribute2 != null && attribute3 != null) {
            bArr = RemotePassword.getBytes(attribute2);
            bArr2 = RemotePassword.getBytes(attribute3);
        }
        return new SessionCiphersInfo(attribute, remotePassword.computeSessionKey(str, str2, tag.getAttribute("Salt"), tag.getAttribute("ServerKey"), attribute), bArr, bArr2);
    }

    public static SessionCiphersInfo runSRPExchange(SocketListener socketListener, String str, String str2, String str3) throws IOException {
        initiateAuthorizedSession(socketListener, str, "SRP");
        RemotePassword remotePassword = new RemotePassword();
        socketListener.send(makeSRPRequestMsg(str2, remotePassword));
        try {
            try {
                return parseSRPResponse(socketListener.getXmlMessage(), str2, str3, remotePassword);
            } catch (XmlException e) {
                throw new IOException("Invalid response message", e);
            }
        } catch (InterruptedIOException e2) {
            throw e2;
        } catch (IOException e3) {
            throw new IOException("Login credentials were rejected", e3);
        }
    }

    static {
        LinkedList linkedList = new LinkedList();
        try {
            if (Cipher.getMaxAllowedKeyLength(CipherBaseAESCTR.CIPHER_NAME) >= 256) {
                linkedList.add(CIPHER_AES256CTR);
            }
        } catch (NoSuchAlgorithmException e) {
            logger.log(Level.WARNING, "No such algorithm: cipherName={0}, error=[{1}]", new Object[]{CipherBaseAESCTR.CIPHER_NAME, e.toString()});
        }
        linkedList.add("RC4");
        SUPPORTED_CIPHERS = Collections.unmodifiableList(linkedList);
        StringBuilder sb = new StringBuilder(SUPPORTED_CIPHERS.get(0));
        for (int i = 1; i != SUPPORTED_CIPHERS.size(); i++) {
            sb.append(',').append(SUPPORTED_CIPHERS.get(i));
        }
        SUPPORTED_CIPHERS_CSV = sb.toString();
    }
}
