package eu.radoop.connections.service.test.connection;

import com.google.common.collect.ImmutableMap;
import eu.radoop.connections.RadoopConnectionEntry;
import eu.radoop.connections.service.test.AbstractRadoopTest;
import eu.radoop.connections.service.test.RadoopTest;
import eu.radoop.connections.service.test.RadoopTestContext;
import eu.radoop.connections.service.test.RadoopTestType;
import eu.radoop.exception.ConnectionException;
import java.io.File;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import java.util.TreeSet;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.kerberos.KeyTab;
import org.apache.commons.lang3.ArrayUtils;

/* loaded from: input_file:eu/radoop/connections/service/test/connection/TestKerberos.class */
public class TestKerberos extends AbstractRadoopTest {
    public static final Map<String, String> KerberosAlgorithmNameAliases = ImmutableMap.of("DES", "DES", "DESede", "DESede", "ArcFourHmac", "ARCFOUR", "AES128", "AES", "AES256", "AES");
    static final String AES256 = "AES256";

    private TestKerberos(RadoopTestContext radoopTestContext) throws ConnectionException {
        super(RadoopTestType.KERBEROS, radoopTestContext);
    }

    public static RadoopTest create(RadoopTestContext radoopTestContext) throws ConnectionException {
        return new TestKerberos(radoopTestContext);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.util.concurrent.Callable
    public RadoopTest.RadoopTestStatus call() throws ConnectionException {
        RadoopConnectionEntry connection = getTestContext().getConnection();
        KeyTab keyTab = KeyTab.getInstance(new File(connection.getKeytabFile()));
        KerberosPrincipal kerberosPrincipal = new KerberosPrincipal(connection.getClientPrincipal());
        KerberosKey[] keys = keyTab.getKeys(kerberosPrincipal);
        TreeSet treeSet = new TreeSet();
        TreeSet treeSet2 = new TreeSet();
        if (ArrayUtils.isEmpty(keys)) {
            log(5, "Could not found keys for principal " + connection.getClientPrincipal() + ". Please check your keytab file.");
            return RadoopTest.RadoopTestStatus.ERROR;
        }
        for (KerberosKey kerberosKey : keys) {
            String algorithm = kerberosKey.getAlgorithm();
            treeSet.add(algorithm);
            if (connection.getClientPrincipal().equals(kerberosPrincipal.getName())) {
                String cipherAlgorithmName = getCipherAlgorithmName(algorithm);
                try {
                    Cipher.getInstance(cipherAlgorithmName);
                    if (!"AES256".equals(algorithm) || Cipher.getMaxAllowedKeyLength(cipherAlgorithmName) >= 256) {
                        treeSet2.add(algorithm);
                    } else {
                        log(5, "256 bit key length not supported by your client. Please update your JCE to unlimited strength jurisdiction policy.");
                    }
                } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
                }
            }
        }
        log(2, "Supported algorithms: " + treeSet2);
        treeSet.removeAll(treeSet2);
        if (!treeSet.isEmpty()) {
            log(2, "Not supported algorithms: " + treeSet);
        }
        return RadoopTest.RadoopTestStatus.SUCCESS;
    }

    private String getCipherAlgorithmName(String str) {
        if (KerberosAlgorithmNameAliases.containsKey(str)) {
            return KerberosAlgorithmNameAliases.get(str);
        }
        log(5, "Could not match Kerberos algorithm name: " + str);
        return str;
    }
}
