package org.wildfly.security.sasl.gs2;

import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.Oid;
import org.wildfly.common.bytes.ByteStringBuilder;
import org.wildfly.common.codec.Base32Alphabet;
import org.wildfly.common.iteration.ByteIterator;
import org.wildfly.security.mechanism.gssapi.GSSCredentialSecurityFactory;

/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.12.1.Final.jar:org/wildfly/security/sasl/gs2/Gs2.class */
public final class Gs2 {
    public static final String GS2_PREFIX = "GS2-";
    public static final String PLUS_SUFFIX = "-PLUS";
    public static final String GS2_KRB5 = "GS2-KRB5";
    public static final String GS2_KRB5_PLUS = "GS2-KRB5-PLUS";
    public static final String SPNEGO = "SPNEGO";
    public static final String SPNEGO_PLUS = "SPNEGO-PLUS";

    public static String getSaslNameForMechanism(Oid oid, boolean z) throws GSSException {
        if (oid == null) {
            throw new GSSException(2);
        }
        if (oid.equals(GSSCredentialSecurityFactory.KERBEROS_V5)) {
            return z ? "GS2-KRB5-PLUS" : "GS2-KRB5";
        }
        if (oid.equals(GSSCredentialSecurityFactory.SPNEGO)) {
            return z ? SPNEGO_PLUS : "SPNEGO";
        }
        ByteStringBuilder byteStringBuilder = new ByteStringBuilder();
        byteStringBuilder.append(GS2_PREFIX);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(oid.getDER());
            byte[] digest = messageDigest.digest();
            digest[6] = (byte) (digest[6] & 254);
            String drainToString = ByteIterator.ofBytes(digest, 0, 7).base32Encode(Base32Alphabet.STANDARD, false).drainToString();
            byteStringBuilder.append(drainToString.substring(0, drainToString.length() - 1));
            if (z) {
                byteStringBuilder.append(PLUS_SUFFIX);
            }
            return new String(byteStringBuilder.toArray(), StandardCharsets.UTF_8);
        } catch (NoSuchAlgorithmException e) {
            throw new GSSException(11);
        }
    }

    public static String getSaslNameForMechanism(Oid oid) throws GSSException {
        return getSaslNameForMechanism(oid, false);
    }

    public static Oid getMechanismForSaslName(GSSManager gSSManager, String str) throws GSSException {
        int indexOf = str.indexOf(PLUS_SUFFIX);
        if (indexOf != -1) {
            str = str.substring(0, indexOf);
        }
        if (str.equals("GS2-KRB5")) {
            return GSSCredentialSecurityFactory.KERBEROS_V5;
        }
        if (str.equals("SPNEGO")) {
            return GSSCredentialSecurityFactory.SPNEGO;
        }
        Oid[] mechs = gSSManager.getMechs();
        if (mechs == null) {
            throw new GSSException(2);
        }
        for (Oid oid : mechs) {
            if (getSaslNameForMechanism(oid).equals(str)) {
                return oid;
            }
        }
        throw new GSSException(2);
    }
}
