package sun.security.krb5.internal.tools;

import java.io.File;
import java.io.IOException;
import java.util.Arrays;
import javax.security.auth.kerberos.KeyTab;
import sun.security.krb5.Config;
import sun.security.krb5.KrbAsReqBuilder;
import sun.security.krb5.KrbException;
import sun.security.krb5.PrincipalName;
import sun.security.krb5.RealmException;
import sun.security.krb5.internal.HostAddresses;
import sun.security.krb5.internal.KDCOptions;
import sun.security.krb5.internal.Krb5;
import sun.security.krb5.internal.ccache.Credentials;
import sun.security.krb5.internal.ccache.CredentialsCache;
import sun.security.util.Password;

/* loaded from: input_file:jre/lib/rt.jar:sun/security/krb5/internal/tools/Kinit.class */
public class Kinit {
    private KinitOptions options;
    private static final boolean DEBUG = Krb5.DEBUG;

    public static void main(String[] strArr) {
        try {
            new Kinit(strArr);
        } catch (Exception e) {
            String message = e instanceof KrbException ? ((KrbException) e).krbErrorMessage() + " " + ((KrbException) e).returnCodeMessage() : e.getMessage();
            if (message != null) {
                System.err.println("Exception: " + message);
            } else {
                System.out.println("Exception: " + ((Object) e));
            }
            e.printStackTrace();
            System.exit(-1);
        }
    }

    private Kinit(String[] strArr) throws IOException, RealmException, KrbException {
        if (strArr == null || strArr.length == 0) {
            this.options = new KinitOptions();
        } else {
            this.options = new KinitOptions(strArr);
        }
        switch (this.options.action) {
            case 1:
                acquire();
                return;
            case 2:
                renew();
                return;
            default:
                throw new KrbException("kinit does not support action " + this.options.action);
        }
    }

    private void renew() throws IOException, RealmException, KrbException {
        PrincipalName principal = this.options.getPrincipal();
        String realmAsString = principal.getRealmAsString();
        CredentialsCache credentialsCache = CredentialsCache.getInstance(this.options.cachename);
        if (credentialsCache == null) {
            throw new IOException("Unable to find existing cache file " + this.options.cachename);
        }
        Credentials cCacheCreds = credentialsCache.getCreds(PrincipalName.tgsService(realmAsString, realmAsString)).setKrbCreds().renew().toCCacheCreds();
        CredentialsCache create = CredentialsCache.create(principal, this.options.cachename);
        if (create == null) {
            throw new IOException("Unable to create the cache file " + this.options.cachename);
        }
        create.update(cCacheCreds);
        create.save();
    }

    private void acquire() throws IOException, RealmException, KrbException {
        KrbAsReqBuilder krbAsReqBuilder;
        String str = null;
        PrincipalName principal = this.options.getPrincipal();
        if (principal != null) {
            str = principal.toString();
        }
        if (DEBUG) {
            System.out.println("Principal is " + ((Object) principal));
        }
        char[] cArr = this.options.password;
        if (this.options.useKeytabFile()) {
            if (DEBUG) {
                System.out.println(">>> Kinit using keytab");
            }
            if (str == null) {
                throw new IllegalArgumentException("Principal name must be specified.");
            }
            String keytabFileName = this.options.keytabFileName();
            if (keytabFileName != null && DEBUG) {
                System.out.println(">>> Kinit keytab file name: " + keytabFileName);
            }
            krbAsReqBuilder = new KrbAsReqBuilder(principal, keytabFileName == null ? KeyTab.getInstance() : KeyTab.getInstance(new File(keytabFileName)));
        } else {
            if (str == null) {
                throw new IllegalArgumentException(" Can not obtain principal name");
            }
            if (cArr == null) {
                System.out.print("Password for " + str + ":");
                System.out.flush();
                cArr = Password.readPassword(System.in);
                if (DEBUG) {
                    System.out.println(">>> Kinit console input " + new String(cArr));
                }
            }
            krbAsReqBuilder = new KrbAsReqBuilder(principal, cArr);
        }
        KDCOptions kDCOptions = new KDCOptions();
        setOptions(1, this.options.forwardable, kDCOptions);
        setOptions(3, this.options.proxiable, kDCOptions);
        krbAsReqBuilder.setOptions(kDCOptions);
        String kDCRealm = this.options.getKDCRealm();
        if (kDCRealm == null) {
            kDCRealm = Config.getInstance().getDefaultRealm();
        }
        if (DEBUG) {
            System.out.println(">>> Kinit realm name is " + kDCRealm);
        }
        krbAsReqBuilder.setTarget(PrincipalName.tgsService(kDCRealm, kDCRealm));
        if (DEBUG) {
            System.out.println(">>> Creating KrbAsReq");
        }
        if (this.options.getAddressOption()) {
            krbAsReqBuilder.setAddresses(HostAddresses.getLocalAddresses());
        }
        krbAsReqBuilder.setTill(this.options.lifetime);
        krbAsReqBuilder.setRTime(this.options.renewable_lifetime);
        krbAsReqBuilder.action();
        Credentials cCreds = krbAsReqBuilder.getCCreds();
        krbAsReqBuilder.destroy();
        CredentialsCache create = CredentialsCache.create(principal, this.options.cachename);
        if (create == null) {
            throw new IOException("Unable to create the cache file " + this.options.cachename);
        }
        create.update(cCreds);
        create.save();
        if (this.options.password == null) {
            System.out.println("New ticket is stored in cache file " + this.options.cachename);
        } else {
            Arrays.fill(this.options.password, '0');
        }
        if (cArr != null) {
            Arrays.fill(cArr, '0');
        }
        this.options = null;
    }

    private static void setOptions(int i, int i2, KDCOptions kDCOptions) {
        switch (i2) {
            case -1:
                kDCOptions.set(i, false);
                return;
            case 0:
            default:
                return;
            case 1:
                kDCOptions.set(i, true);
                return;
        }
    }
}
