package weblogic.iiop.csi;

import weblogic.iiop.ConnectionKey;
import weblogic.iiop.IIOPInputStream;
import weblogic.iiop.IIOPOutputStream;
import weblogic.iiop.MuxableSocketIIOP;
import weblogic.iiop.TLSSecTransComponent;
import weblogic.iiop.TaggedComponent;
import weblogic.kernel.Kernel;
import weblogic.protocol.ServerChannel;
import weblogic.protocol.ServerIdentity;
import weblogic.rmi.internal.RuntimeDescriptor;
import weblogic.server.Server;

/* loaded from: input_file:weblogic.jar:weblogic/iiop/csi/CompoundSecMech.class */
public class CompoundSecMech {
    private static final boolean DEBUG = false;
    private short requires;
    private TaggedComponent transportMech;
    private ASContextSec asContextMech;
    private SASContextSec sasContextMech;
    private boolean foreign;

    public CompoundSecMech() {
        this.foreign = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CompoundSecMech(IIOPInputStream iIOPInputStream, ServerIdentity serverIdentity) {
        this.foreign = false;
        read(iIOPInputStream, serverIdentity);
        this.foreign = true;
    }

    public CompoundSecMech(boolean z, String str, ServerIdentity serverIdentity, RuntimeDescriptor runtimeDescriptor) {
        String identityAssertion;
        String clientAuthentication;
        this.foreign = false;
        if (z) {
            this.transportMech = new TLSSecTransComponent(str, serverIdentity, runtimeDescriptor);
            this.requires = ((TLSSecTransComponent) this.transportMech).getRequires();
        } else {
            this.transportMech = null;
        }
        boolean isClientCertificateEnforced = Kernel.getConfig().getSSL().isClientCertificateEnforced();
        boolean z2 = false;
        try {
            z2 = MuxableSocketIIOP.isValidDefaultUser();
            if (!z2) {
                z2 = !Server.getSecurityConfig().isGuestDisabled();
            }
        } catch (Exception e) {
        }
        boolean z3 = true;
        boolean z4 = false;
        if (!z2 && (!z || !z || !isClientCertificateEnforced)) {
            z4 = true;
        }
        if (runtimeDescriptor != null && (clientAuthentication = runtimeDescriptor.getClientAuthentication()) != null) {
            if (clientAuthentication.equals("none")) {
                z3 = false;
                z4 = false;
            } else if (clientAuthentication.equals("supported")) {
                z3 = true;
                z4 = false;
            } else if (clientAuthentication.equals("required")) {
                z3 = true;
                z4 = true;
            }
        }
        boolean z5 = true;
        boolean z6 = false;
        if (runtimeDescriptor != null && (identityAssertion = runtimeDescriptor.getIdentityAssertion()) != null) {
            if (identityAssertion.equals("none")) {
                z5 = false;
                z6 = false;
            } else if (identityAssertion.equals("supported")) {
                z5 = true;
                z6 = false;
            } else if (identityAssertion.equals("required")) {
                z5 = true;
                z6 = false;
            }
        }
        this.asContextMech = new ASContextSec(z3, z4);
        this.requires = (short) (this.requires | this.asContextMech.getRequires());
        this.sasContextMech = new SASContextSec(z5, z6);
        this.requires = (short) (this.requires | this.sasContextMech.getRequires());
    }

    public final TaggedComponent getTransportMech() {
        return this.transportMech;
    }

    public final ASContextSec getASContextMech() {
        return this.asContextMech;
    }

    public final SASContextSec getSASContextMech() {
        return this.sasContextMech;
    }

    public final boolean useSAS() {
        if (this.asContextMech == null || !this.asContextMech.hasGSSUP()) {
            return this.sasContextMech != null && this.sasContextMech.hasGSSUPIdentity();
        }
        return true;
    }

    public final boolean hasGSSUP() {
        return this.asContextMech != null && this.asContextMech.hasGSSUP();
    }

    public final boolean hasGSSUPIdentity() {
        return this.sasContextMech != null && this.sasContextMech.hasGSSUPIdentity();
    }

    public final byte[] getGSSUPTarget() {
        if (this.asContextMech == null) {
            return null;
        }
        return this.asContextMech.getGSSUPTarget();
    }

    public final String getSecureHost() {
        ConnectionKey[] addresses;
        if (this.transportMech == null || !(this.transportMech instanceof TLSSecTransComponent) || (addresses = ((TLSSecTransComponent) this.transportMech).getAddresses()) == null) {
            return null;
        }
        return addresses[0].getAddress();
    }

    public final int getSecurePort() {
        ConnectionKey[] addresses;
        if (this.transportMech == null || !(this.transportMech instanceof TLSSecTransComponent) || (addresses = ((TLSSecTransComponent) this.transportMech).getAddresses()) == null) {
            return -1;
        }
        return addresses[0].getPort();
    }

    public final void read(IIOPInputStream iIOPInputStream, ServerIdentity serverIdentity) {
        this.requires = iIOPInputStream.read_short();
        int read_long = iIOPInputStream.read_long();
        switch (read_long) {
            case 34:
                new TaggedComponent(read_long, iIOPInputStream);
                this.transportMech = null;
                break;
            case 36:
                this.transportMech = new TLSSecTransComponent(iIOPInputStream, serverIdentity);
                break;
            default:
                this.transportMech = new TaggedComponent(read_long, iIOPInputStream);
                break;
        }
        this.asContextMech = new ASContextSec(iIOPInputStream);
        this.sasContextMech = new SASContextSec(iIOPInputStream);
    }

    public final void write(IIOPOutputStream iIOPOutputStream) {
        iIOPOutputStream.write_short(this.requires);
        if (this.transportMech == null || !(this.foreign || iIOPOutputStream.getChannel() == null || ((ServerChannel) iIOPOutputStream.getChannel()).supportsTLS())) {
            iIOPOutputStream.write_long(34);
            iIOPOutputStream.write_long(0);
        } else {
            this.transportMech.write(iIOPOutputStream);
        }
        this.asContextMech.write(iIOPOutputStream);
        this.sasContextMech.write(iIOPOutputStream);
    }

    public String toString() {
        return new StringBuffer().append("CompoundSecMech (requires = ").append((int) this.requires).append("\n  tranport = ").append(this.transportMech).append("\n  ASContext = ").append(this.asContextMech).append("\n  SASContext = ").append(this.sasContextMech).append(")").toString();
    }

    protected static void p(String str) {
        System.out.println(new StringBuffer().append("<CompoundSecMech>: ").append(str).toString());
    }
}
