package com.ibm.crypto.pkcs11impl.module;

import com.ibm.crypto.pkcs11impl.provider.Session;
import com.ibm.crypto.pkcs11impl.provider.SessionManager;
import com.ibm.java.diagnostics.healthcenter.agent.mbean.HealthCenterOptionHandler;
import com.ibm.pkcs11.PKCS11;
import com.ibm.pkcs11.PKCS11Exception;
import com.ibm.pkcs11.PKCS11Slot;
import com.ibm.pkcs11.nat.NativePKCS11;
import com.ibm.xtq.xslt.jaxp.TransformerKeys;
import java.io.File;
import java.io.IOException;
import java.security.Principal;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.TextInputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/* loaded from: input_file:jre/lib/ext/ibmpkcs11impl.jar:com/ibm/crypto/pkcs11impl/module/PKCS11LoginModule.class */
public class PKCS11LoginModule implements LoginModule {
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map sharedState;
    private Map options;
    private PKCS11Principal principal;
    private SessionManager sessionManager;
    private boolean debug = false;
    private boolean succeeded = false;
    private boolean commitSucceeded = false;
    private PKCS11 pkcs11 = null;
    private PKCS11Slot tokenSlot = null;

    @Override // javax.security.auth.spi.LoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        this.debug = "true".equalsIgnoreCase((String) map2.get(TransformerKeys.Old.DEBUG));
    }

    @Override // javax.security.auth.spi.LoginModule
    public boolean login() throws LoginException {
        String str;
        int i = 0;
        this.succeeded = false;
        if (this.callbackHandler == null) {
            throw new FailedLoginException("callbackHandler is required for the PKCS11 Login Module.");
        }
        Callback[] callbackArr = {new TextInputCallback("PKCS11 DLL name: "), new PasswordCallback("password: ", false)};
        try {
            this.callbackHandler.handle(callbackArr);
            String text = ((TextInputCallback) callbackArr[0]).getText();
            char[] password = ((PasswordCallback) callbackArr[1]).getPassword();
            char[] cArr = new char[password.length];
            System.arraycopy(password, 0, cArr, 0, password.length);
            ((PasswordCallback) callbackArr[1]).clearPassword();
            if (this.debug) {
                System.out.println("DLL name: " + text);
            }
            if (text.toLowerCase().indexOf(".dll") >= 0) {
                if (this.debug) {
                    System.out.println("P4");
                }
                int indexOf = text.toLowerCase().indexOf(".dll:") + 4;
                if (indexOf > 3) {
                    str = text.substring(0, indexOf);
                    try {
                        i = Integer.valueOf(text.substring(indexOf + 1, text.length())).intValue();
                    } catch (NumberFormatException e) {
                        throw new LoginException("Invalid slot number");
                    }
                } else {
                    str = text;
                }
                if (str.toLowerCase().endsWith(".dll")) {
                    str = str.substring(0, str.length() - 4);
                }
            } else {
                if (text.toLowerCase().indexOf(".so") < 0) {
                    if (this.debug) {
                        System.out.println("fullFileName=" + text);
                        System.out.println("fullFileName.toLowerCase().indexOf()=" + text.toLowerCase().indexOf(".so"));
                    }
                    throw new LoginException("Invalid library name");
                }
                if (this.debug) {
                    System.out.println("a unix lib:" + text);
                }
                int indexOf2 = text.toLowerCase().indexOf(".so:") + 3;
                if (this.debug) {
                    System.out.println("findex=" + indexOf2);
                }
                if (indexOf2 > 2) {
                    str = text.substring(0, indexOf2);
                    try {
                        if (this.debug) {
                            System.out.println("substring=" + text.substring(indexOf2 + 1, text.length()));
                        }
                        i = Integer.valueOf(text.substring(indexOf2 + 1, text.length())).intValue();
                        if (this.debug) {
                            System.out.println("slotIndex=" + i);
                        }
                    } catch (NumberFormatException e2) {
                        if (this.debug) {
                            e2.printStackTrace();
                        }
                        throw new LoginException("Invalid slot number");
                    }
                } else {
                    int indexOf3 = text.toLowerCase().indexOf(".so64:") + 3;
                    if (indexOf3 > 2) {
                        int i2 = indexOf3 + 2;
                        str = text.substring(0, i2);
                        try {
                            if (this.debug) {
                                System.out.println("substring=" + text.substring(i2 + 1, text.length()));
                            }
                            i = Integer.valueOf(text.substring(i2 + 1, text.length())).intValue();
                            if (this.debug) {
                                System.out.println("slotIndex=" + i);
                            }
                        } catch (NumberFormatException e3) {
                            throw new LoginException("Invalid slot number");
                        }
                    } else {
                        str = text;
                    }
                }
                File file = new File(str);
                String name = file.getName();
                if (name != null && name.toLowerCase().startsWith(HealthCenterOptionHandler.LIB)) {
                    str = file.getParent() + File.separator + name.substring(3);
                }
                if (str.toLowerCase().endsWith(".so")) {
                    str = str.substring(0, str.length() - 3);
                }
            }
            try {
                this.pkcs11 = new NativePKCS11(str);
                if (this.debug) {
                    System.out.println("P5");
                }
                this.pkcs11.libInitialize();
                try {
                    this.pkcs11.libInitialize();
                } catch (PKCS11Exception e4) {
                }
                PKCS11Slot[] slotList = this.pkcs11.getSlotList(true);
                if (i < 0 || i > slotList.length - 1) {
                    throw new LoginException("Invalid slot number : " + i);
                }
                this.tokenSlot = slotList[i];
                try {
                    this.sessionManager = SessionManager.getInstance(this.tokenSlot);
                    Session opSession = this.sessionManager.getOpSession();
                    if (cArr == null) {
                        opSession.login(false, null);
                    } else {
                        opSession.login(false, new String(cArr));
                    }
                    this.sessionManager.releaseSession(opSession);
                    this.principal = new PKCS11Principal(text, this.sessionManager);
                    this.succeeded = true;
                    return this.succeeded;
                } catch (Throwable th) {
                    this.sessionManager.releaseSession(null);
                    throw th;
                }
            } catch (PKCS11Exception e5) {
                throw new LoginException("Invalid dll name : " + str);
            }
        } catch (IOException e6) {
            throw new LoginException(e6.toString());
        } catch (UnsupportedCallbackException e7) {
            throw new LoginException("Error: " + e7.getCallback().toString() + " not available to garner authentication information from the user");
        }
    }

    @Override // javax.security.auth.spi.LoginModule
    public boolean commit() throws LoginException {
        if (!this.succeeded) {
            if (!this.debug) {
                return false;
            }
            System.out.println("\t\t[PKCS11LoginModule]: did not add any Principals to Subject because own authentication failed.");
            return false;
        }
        if (this.subject.isReadOnly()) {
            throw new LoginException("Subject is ReadOnly");
        }
        Set<Principal> principals = this.subject.getPrincipals();
        if (!principals.contains(this.principal)) {
            principals.add(this.principal);
            if (this.debug) {
                System.out.println("\t\t[PKCS11LoginModule]: added PKCS11Principal");
            }
        }
        this.commitSucceeded = true;
        return true;
    }

    @Override // javax.security.auth.spi.LoginModule
    public boolean abort() throws LoginException {
        if (this.debug) {
            System.out.println("\t\t[PKCS11LoginModule]: aborted authentication attempt");
        }
        if (!this.succeeded) {
            return false;
        }
        if (!this.succeeded || this.commitSucceeded) {
            logout();
        } else {
            this.principal = null;
            this.succeeded = false;
            this.sessionManager.closeAllSessions();
            this.tokenSlot.closeAllSessions();
            this.pkcs11.libFinalize();
        }
        return this.succeeded;
    }

    @Override // javax.security.auth.spi.LoginModule
    public boolean logout() throws LoginException {
        if (this.subject.isReadOnly()) {
            throw new LoginException("Subject is ReadOnly");
        }
        this.subject.getPrincipals().remove(this.principal);
        this.succeeded = false;
        this.commitSucceeded = false;
        this.principal = null;
        this.sessionManager.closeAllSessions();
        this.tokenSlot.closeAllSessions();
        this.pkcs11.libFinalize();
        if (!this.debug) {
            return true;
        }
        System.out.println("\t\t[PKCS11LoginModule] completed logout processing");
        return true;
    }
}
