package org.apache.directory.server.kerberos.shared.store;

import java.io.IOException;
import java.net.InetAddress;
import java.util.Date;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.kerberos.KerberosTicket;
import org.apache.commons.lang.time.DateUtils;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.io.encoder.TicketEncoder;
import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPart;
import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPartModifier;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.TransitedEncoding;
import org.apache.directory.server.kerberos.shared.messages.value.flags.TicketFlag;
import org.apache.directory.server.kerberos.shared.messages.value.flags.TicketFlags;

/* loaded from: input_file:resources/libs/apacheds-kerberos-shared-1.5.7.jar:org/apache/directory/server/kerberos/shared/store/TicketFactory.class */
public class TicketFactory {
    private static final int ONE_DAY = 86400000;
    private static final int ONE_WEEK = 604800000;
    private CipherTextHandler cipherTextHandler = new CipherTextHandler();

    public EncryptionKey getServerKey(KerberosPrincipal kerberosPrincipal, String str) {
        return new EncryptionKey(EncryptionType.DES_CBC_MD5, new KerberosKey(kerberosPrincipal, str.toCharArray(), "DES").getEncoded());
    }

    public Ticket getTicket(KerberosPrincipal kerberosPrincipal, KerberosPrincipal kerberosPrincipal2, EncryptionKey encryptionKey) throws KerberosException {
        EncTicketPartModifier encTicketPartModifier = new EncTicketPartModifier();
        TicketFlags ticketFlags = new TicketFlags();
        ticketFlags.setFlag(TicketFlag.RENEWABLE);
        encTicketPartModifier.setFlags(ticketFlags);
        encTicketPartModifier.setSessionKey(RandomKeyFactory.getRandomKey(EncryptionType.DES_CBC_MD5));
        encTicketPartModifier.setClientPrincipal(kerberosPrincipal);
        encTicketPartModifier.setTransitedEncoding(new TransitedEncoding());
        encTicketPartModifier.setAuthTime(new KerberosTime());
        long currentTimeMillis = System.currentTimeMillis();
        encTicketPartModifier.setEndTime(new KerberosTime(currentTimeMillis + DateUtils.MILLIS_PER_DAY));
        encTicketPartModifier.setRenewTill(new KerberosTime(currentTimeMillis + 604800000));
        EncTicketPart encTicketPart = encTicketPartModifier.getEncTicketPart();
        EncryptedData seal = this.cipherTextHandler.seal(encryptionKey, encTicketPart, KeyUsage.NUMBER2);
        Ticket ticket = new Ticket();
        ticket.setTktVno(5);
        ticket.setServerPrincipal(kerberosPrincipal2);
        ticket.setEncPart(seal);
        ticket.setEncTicketPart(encTicketPart);
        return ticket;
    }

    public KerberosTicket getKerberosTicket(Ticket ticket) throws IOException {
        byte[] encodeTicket = TicketEncoder.encodeTicket(ticket);
        KerberosPrincipal clientPrincipal = ticket.getEncTicketPart().getClientPrincipal();
        KerberosPrincipal serverPrincipal = ticket.getServerPrincipal();
        byte[] keyValue = ticket.getEncTicketPart().getSessionKey().getKeyValue();
        int ordinal = ticket.getEncTicketPart().getSessionKey().getKeyType().getOrdinal();
        boolean[] zArr = new boolean[32];
        for (int i = 0; i < zArr.length; i++) {
            zArr[i] = ticket.getEncTicketPart().getFlags().isFlagSet(i);
        }
        Date date = ticket.getEncTicketPart().getAuthTime().toDate();
        Date date2 = ticket.getEncTicketPart().getEndTime().toDate();
        return new KerberosTicket(encodeTicket, clientPrincipal, serverPrincipal, keyValue, ordinal, zArr, date, ticket.getEncTicketPart().getStartTime() != null ? ticket.getEncTicketPart().getStartTime().toDate() : null, date2, ticket.getEncTicketPart().getFlags().isRenewable() ? ticket.getEncTicketPart().getRenewTill() != null ? ticket.getEncTicketPart().getRenewTill().toDate() : null : null, new InetAddress[0]);
    }
}
