package weblogic.management.internal;

import java.io.IOException;
import java.net.URLConnection;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Random;
import weblogic.management.Admin;
import weblogic.security.HMAC;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityServiceManager;
import weblogic.utils.encoders.BASE64Decoder;
import weblogic.utils.encoders.BASE64Encoder;

/* loaded from: input_file:weblogic.jar:weblogic/management/internal/ConnectionSigner.class */
public class ConnectionSigner {
    public static final String REQUEST_SALT = "wls_salt";
    public static final String REQUEST_SIGNATURE = "wls_signature";
    private static byte[] domainWideSecret = null;
    private static boolean gotSecret = false;
    private static byte[] credentialBytes = {78, 19, 9, 37, 37, 7, 81, 99, 37, 36, 7, 91, 5};
    private static String signatureString = null;
    private static String saltString = null;
    private static boolean isSaltInitialized = false;
    private static AuthenticatedSubject KERNEL_ID = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    static Class class$weblogic$management$internal$ConnectionSigner;

    private static byte[] getSecret() {
        Class cls;
        if (!gotSecret) {
            if (class$weblogic$management$internal$ConnectionSigner == null) {
                cls = class$("weblogic.management.internal.ConnectionSigner");
                class$weblogic$management$internal$ConnectionSigner = cls;
            } else {
                cls = class$weblogic$management$internal$ConnectionSigner;
            }
            Class cls2 = cls;
            synchronized (cls) {
                if (!gotSecret) {
                    domainWideSecret = ((String) SecurityServiceManager.runAs(KERNEL_ID, KERNEL_ID, new PrivilegedAction() { // from class: weblogic.management.internal.ConnectionSigner.1
                        @Override // java.security.PrivilegedAction
                        public Object run() {
                            return Admin.getInstance().getActiveDomain().getSecurityConfiguration().getCredential();
                        }
                    })).getBytes();
                    gotSecret = true;
                }
            }
        }
        return domainWideSecret;
    }

    public static void signConnection(URLConnection uRLConnection, AuthenticatedSubject authenticatedSubject) {
        Class cls;
        SecurityServiceManager.checkKernelIdentity(authenticatedSubject);
        if (!isSaltInitialized) {
            if (class$weblogic$management$internal$ConnectionSigner == null) {
                cls = class$("weblogic.management.internal.ConnectionSigner");
                class$weblogic$management$internal$ConnectionSigner = cls;
            } else {
                cls = class$weblogic$management$internal$ConnectionSigner;
            }
            Class cls2 = cls;
            synchronized (cls) {
                if (!isSaltInitialized) {
                    byte[] bArr = new byte[16];
                    new Random().nextBytes(bArr);
                    BASE64Encoder bASE64Encoder = new BASE64Encoder();
                    saltString = bASE64Encoder.encodeBuffer(bArr);
                    signatureString = bASE64Encoder.encodeBuffer(HMAC.digest(credentialBytes, getSecret(), bArr));
                    isSaltInitialized = true;
                }
            }
        }
        uRLConnection.setRequestProperty(REQUEST_SALT, saltString);
        uRLConnection.setRequestProperty(REQUEST_SIGNATURE, signatureString);
    }

    public static boolean authenticate(String str, String str2) {
        try {
            BASE64Decoder bASE64Decoder = new BASE64Decoder();
            byte[] decodeBuffer = bASE64Decoder.decodeBuffer(str);
            return HMAC.verify(bASE64Decoder.decodeBuffer(str2), credentialBytes, getSecret(), decodeBuffer);
        } catch (IOException e) {
            return false;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
