package weblogic.security.internal;

import java.security.Principal;
import weblogic.management.Admin;
import weblogic.security.HMAC;
import weblogic.security.principal.WLSServerIdentity;
import weblogic.security.service.SecurityServiceManager;
import weblogic.security.spi.PrincipalValidator;

/* loaded from: input_file:weblogic.jar:weblogic/security/internal/ServerPrincipalValidatorImpl.class */
public class ServerPrincipalValidatorImpl implements PrincipalValidator {
    private byte[] secret;
    static Class class$weblogic$security$principal$WLSServerIdentity;

    @Override // weblogic.security.spi.PrincipalValidator
    public boolean validate(Principal principal) throws SecurityException {
        WLSServerIdentity wLSServerIdentity;
        byte[] signature;
        if ((principal instanceof WLSServerIdentity) && (signature = (wLSServerIdentity = (WLSServerIdentity) principal).getSignature()) != null) {
            return HMAC.verify(signature, wLSServerIdentity.getSignedData(), getSecret(), wLSServerIdentity.getSalt());
        }
        return false;
    }

    @Override // weblogic.security.spi.PrincipalValidator
    public boolean sign(Principal principal) {
        if (!(principal instanceof WLSServerIdentity)) {
            return false;
        }
        WLSServerIdentity wLSServerIdentity = (WLSServerIdentity) principal;
        SecurityServiceManager.checkKernelPermission();
        wLSServerIdentity.setSignature(HMAC.digest(wLSServerIdentity.getSignedData(), getSecret(), wLSServerIdentity.getSalt()));
        return true;
    }

    @Override // weblogic.security.spi.PrincipalValidator
    public Class getPrincipalBaseClass() {
        if (class$weblogic$security$principal$WLSServerIdentity != null) {
            return class$weblogic$security$principal$WLSServerIdentity;
        }
        Class class$ = class$("weblogic.security.principal.WLSServerIdentity");
        class$weblogic$security$principal$WLSServerIdentity = class$;
        return class$;
    }

    private byte[] getSecret() {
        if (this.secret == null) {
            this.secret = Admin.getInstance().getActiveDomain().getSecurityConfiguration().getCredential().getBytes();
        }
        return this.secret;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
