package sun.security.jgss.krb5;

import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Iterator;
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosTicket;
import sun.security.action.GetBooleanAction;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:efixes/PK67052_Solaris_SPARC/components/prereq.jdk/update.jar:/java/jre/lib/rt.jar:sun/security/jgss/krb5/SubjectComber.class */
public class SubjectComber implements PrivilegedAction {
    private AccessControlContext acc;
    private String serverPrincipal;
    private String clientPrincipal;
    private Subject subject;
    private Class credClass;
    public static final boolean DEBUG = ((Boolean) AccessController.doPrivileged(new GetBooleanAction("sun.security.krb5.debug"))).booleanValue();
    static Class class$javax$security$auth$kerberos$KerberosKey;
    static Class class$javax$security$auth$kerberos$KerberosTicket;

    @Override // java.security.PrivilegedAction
    public Object run() {
        Class cls;
        Class cls2;
        Class cls3;
        Class cls4;
        if (this.subject == null) {
            this.subject = Subject.getSubject(this.acc);
        }
        if (this.subject == null) {
            return null;
        }
        Class cls5 = this.credClass;
        if (class$javax$security$auth$kerberos$KerberosKey == null) {
            cls = class$("javax.security.auth.kerberos.KerberosKey");
            class$javax$security$auth$kerberos$KerberosKey = cls;
        } else {
            cls = class$javax$security$auth$kerberos$KerberosKey;
        }
        if (cls5 == cls) {
            Subject subject = this.subject;
            if (class$javax$security$auth$kerberos$KerberosKey == null) {
                cls4 = class$("javax.security.auth.kerberos.KerberosKey");
                class$javax$security$auth$kerberos$KerberosKey = cls4;
            } else {
                cls4 = class$javax$security$auth$kerberos$KerberosKey;
            }
            for (KerberosKey kerberosKey : subject.getPrivateCredentials(cls4)) {
                if (this.serverPrincipal == null || this.serverPrincipal.equals(kerberosKey.getPrincipal().getName())) {
                    if (DEBUG) {
                        System.out.println(new StringBuffer().append("Found key for ").append(kerberosKey.getPrincipal()).toString());
                    }
                    return kerberosKey;
                }
            }
            return null;
        }
        Class cls6 = this.credClass;
        if (class$javax$security$auth$kerberos$KerberosTicket == null) {
            cls2 = class$("javax.security.auth.kerberos.KerberosTicket");
            class$javax$security$auth$kerberos$KerberosTicket = cls2;
        } else {
            cls2 = class$javax$security$auth$kerberos$KerberosTicket;
        }
        if (cls6 != cls2) {
            return null;
        }
        Subject subject2 = this.subject;
        if (class$javax$security$auth$kerberos$KerberosTicket == null) {
            cls3 = class$("javax.security.auth.kerberos.KerberosTicket");
            class$javax$security$auth$kerberos$KerberosTicket = cls3;
        } else {
            cls3 = class$javax$security$auth$kerberos$KerberosTicket;
        }
        Iterator it = subject2.getPrivateCredentials(cls3).iterator();
        while (it.hasNext()) {
            KerberosTicket kerberosTicket = (KerberosTicket) it.next();
            if (DEBUG) {
                System.out.println(new StringBuffer().append("Found ticket for ").append(kerberosTicket.getClient()).append(" to go to ").append(kerberosTicket.getServer()).append(" expiring on ").append(kerberosTicket.getEndTime()).toString());
            }
            if (kerberosTicket.isCurrent()) {
                if (kerberosTicket.getServer().getName().equals(this.serverPrincipal) && (this.clientPrincipal == null || this.clientPrincipal.equals(kerberosTicket.getClient().getName()))) {
                    return kerberosTicket;
                }
            } else if (!this.subject.isReadOnly()) {
                it.remove();
                if (DEBUG) {
                    System.out.println(new StringBuffer().append("Removed the expired Ticket \n").append(kerberosTicket).toString());
                }
            }
        }
        return null;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    public SubjectComber(AccessControlContext accessControlContext, String str, String str2, Class cls) {
        this.acc = accessControlContext;
        this.serverPrincipal = str;
        this.clientPrincipal = str2;
        this.credClass = cls;
    }

    public SubjectComber(Subject subject, String str, String str2, Class cls) {
        this.subject = subject;
        this.serverPrincipal = str;
        this.clientPrincipal = str2;
        this.credClass = cls;
    }
}
