package org.jboss.security.srp;

import java.io.IOException;
import java.rmi.RemoteException;
import java.rmi.server.RMIClientSocketFactory;
import java.rmi.server.RMIServerSocketFactory;
import java.rmi.server.UnicastRemoteObject;
import java.security.GeneralSecurityException;
import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.SealedObject;
import org.jboss.crypto.CryptoUtil;
import org.jboss.logging.Logger;
import org.jboss.security.srp.SRPVerifierStore;

/* loaded from: input_file:org/jboss/security/srp/SRPRemoteServer.class */
public class SRPRemoteServer extends UnicastRemoteObject implements SRPRemoteServerInterface {
    private static Logger log = Logger.getLogger(SRPRemoteServer.class);
    private static int userSessionCount = 0;
    private Map sessionMap;
    private SRPVerifierStore verifierStore;
    private SRPServerListener listener;
    private boolean requireAuxChallenge;

    public SRPRemoteServer(SRPVerifierStore sRPVerifierStore) throws RemoteException {
        this.sessionMap = Collections.synchronizedMap(new HashMap());
        setVerifierStore(sRPVerifierStore);
    }

    public SRPRemoteServer(SRPVerifierStore sRPVerifierStore, int i) throws RemoteException {
        super(i);
        this.sessionMap = Collections.synchronizedMap(new HashMap());
        setVerifierStore(sRPVerifierStore);
    }

    public SRPRemoteServer(SRPVerifierStore sRPVerifierStore, int i, RMIClientSocketFactory rMIClientSocketFactory, RMIServerSocketFactory rMIServerSocketFactory) throws RemoteException {
        super(i, rMIClientSocketFactory, rMIServerSocketFactory);
        this.sessionMap = Collections.synchronizedMap(new HashMap());
        setVerifierStore(sRPVerifierStore);
    }

    public void setVerifierStore(SRPVerifierStore sRPVerifierStore) {
        this.verifierStore = sRPVerifierStore;
        log.info("setVerifierStore, " + sRPVerifierStore);
    }

    public void addSRPServerListener(SRPServerListener sRPServerListener) {
        this.listener = sRPServerListener;
    }

    public void removeSRPServerListener(SRPServerListener sRPServerListener) {
        if (this.listener == sRPServerListener) {
            this.listener = null;
        }
    }

    public boolean getRequireAuxChallenge() {
        return this.requireAuxChallenge;
    }

    public void setRequireAuxChallenge(boolean z) {
        this.requireAuxChallenge = z;
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public SRPParameters getSRPParameters(String str) throws KeyException, RemoteException {
        return (SRPParameters) getSRPParameters(str, false)[0];
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public Object[] getSRPParameters(String str, boolean z) throws KeyException, RemoteException {
        boolean isTraceEnabled = log.isTraceEnabled();
        if (isTraceEnabled) {
            log.trace("getSRPParameters, " + str);
        }
        try {
            SRPVerifierStore.VerifierInfo userVerifier = this.verifierStore.getUserVerifier(str);
            if (userVerifier == null) {
                throw new KeyException("Unknown username: " + str);
            }
            SRPParameters sRPParameters = new SRPParameters(userVerifier.N, userVerifier.g, userVerifier.salt, userVerifier.hashAlgorithm, userVerifier.cipherAlgorithm, userVerifier.cipherIV);
            if (log.isTraceEnabled()) {
                log.trace("Params: " + sRPParameters);
                log.trace("H(N): " + CryptoUtil.tob64(CryptoUtil.newDigest().digest(sRPParameters.N)));
                log.trace("H(g): " + CryptoUtil.tob64(CryptoUtil.newDigest().digest(sRPParameters.g)));
            }
            Integer num = SRPSessionKey.NO_SESSION_ID;
            if (z) {
                num = nextSessionID();
            }
            Object[] objArr = {sRPParameters, num};
            SRPSessionKey sRPSessionKey = new SRPSessionKey(str, num);
            this.sessionMap.put(sRPSessionKey, new SRPServerSession(str, userVerifier.verifier, sRPParameters));
            if (isTraceEnabled) {
                log.trace("getSRPParameters, completed " + sRPSessionKey);
            }
            return objArr;
        } catch (IOException e) {
            throw new RemoteException("Error during user info retrieval", e);
        } catch (KeyException e2) {
            throw e2;
        } catch (Throwable th) {
            log.error("Unexpected exception in getSRPParameters", th);
            throw new RemoteException("Unexpected exception in getSRPParameters", th);
        }
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public byte[] init(String str, byte[] bArr) throws SecurityException, NoSuchAlgorithmException, RemoteException {
        return init(str, bArr, 0);
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public byte[] init(String str, byte[] bArr, int i) throws SecurityException, NoSuchAlgorithmException, RemoteException {
        SRPSessionKey sRPSessionKey = new SRPSessionKey(str, i);
        boolean isTraceEnabled = log.isTraceEnabled();
        if (isTraceEnabled) {
            log.trace("init, " + sRPSessionKey);
        }
        SRPServerSession sRPServerSession = (SRPServerSession) this.sessionMap.get(sRPSessionKey);
        if (sRPServerSession == null) {
            throw new SecurityException("Failed to find active session for username: " + str);
        }
        byte[] exponential = sRPServerSession.exponential();
        sRPServerSession.buildSessionKey(bArr);
        if (isTraceEnabled) {
            log.trace("init, completed " + sRPSessionKey);
        }
        return exponential;
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public byte[] verify(String str, byte[] bArr) throws SecurityException, RemoteException {
        return verify(str, bArr, null, 0);
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public byte[] verify(String str, byte[] bArr, int i) throws SecurityException, RemoteException {
        return verify(str, bArr, null, i);
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public byte[] verify(String str, byte[] bArr, Object obj) throws SecurityException, RemoteException {
        return verify(str, bArr, obj, 0);
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public byte[] verify(String str, byte[] bArr, Object obj, int i) throws SecurityException, RemoteException {
        SRPSessionKey sRPSessionKey = new SRPSessionKey(str, i);
        boolean isTraceEnabled = log.isTraceEnabled();
        if (isTraceEnabled) {
            log.trace("verify, " + sRPSessionKey);
        }
        SRPServerSession sRPServerSession = (SRPServerSession) this.sessionMap.get(sRPSessionKey);
        if (sRPServerSession == null) {
            throw new SecurityException("Failed to find active session for username: " + str);
        }
        if (!sRPServerSession.verify(bArr)) {
            throw new SecurityException("Failed to verify M1");
        }
        if (obj != null) {
            if (obj instanceof SealedObject) {
                if (isTraceEnabled) {
                    log.trace("Decrypting sealed object");
                }
                SRPParameters parameters = sRPServerSession.getParameters();
                try {
                    obj = CryptoUtil.accessSealedObject(parameters.cipherAlgorithm, CryptoUtil.createSecretKey(parameters.cipherAlgorithm, sRPServerSession.getSessionKey()), parameters.cipherIV, obj);
                } catch (GeneralSecurityException e) {
                    throw new RemoteException("Failed to access SealedObject", e);
                }
            }
            if (isTraceEnabled) {
                log.trace("Verifing aux challenge");
            }
            this.verifierStore.verifyUserChallenge(str, obj);
        } else if (this.requireAuxChallenge) {
            throw new RemoteException("A non-null auxChallenge is required for verification");
        }
        if (this.listener != null) {
            this.listener.verifiedUser(sRPSessionKey, sRPServerSession);
        }
        if (isTraceEnabled) {
            log.trace("verify, completed " + sRPSessionKey);
        }
        return sRPServerSession.getServerResponse();
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public void close(String str) throws SecurityException, RemoteException {
        close(str, 0);
    }

    @Override // org.jboss.security.srp.SRPServerInterface
    public void close(String str, int i) throws SecurityException, RemoteException {
        SRPSessionKey sRPSessionKey = new SRPSessionKey(str, i);
        boolean isTraceEnabled = log.isTraceEnabled();
        if (isTraceEnabled) {
            log.trace("close, " + sRPSessionKey);
        }
        if (((SRPServerSession) this.sessionMap.remove(sRPSessionKey)) == null) {
            throw new SecurityException("Failed to find active session for username: " + str);
        }
        if (this.listener != null) {
            this.listener.closedUserSession(sRPSessionKey);
        }
        if (isTraceEnabled) {
            log.trace("close, completed " + sRPSessionKey);
        }
    }

    private static synchronized Integer nextSessionID() {
        int i = userSessionCount;
        userSessionCount = i + 1;
        return new Integer(i);
    }
}
