package com.ibm.ws.security.registry.nt;

import com.ibm.ISecurityUtilityImpl.SecConstants;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.CustomRegistryException;
import com.ibm.websphere.security.EntryNotFoundException;
import com.ibm.websphere.security.PasswordCheckFailedException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.registry.RegistryErrorException;
import com.ibm.wsspi.management.agent.AdminSubsystemExtensionHandler;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Properties;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/registry/nt/NTRegistryImpl.class */
public class NTRegistryImpl {
    private static TraceComponent tc = Tr.register(NTRegistryImpl.class, (String) null, AdminConstants.MSG_BUNDLE_NAME);
    private static final int NERR_BASE = 2100;
    private static final int NERR_UserNotFound = 2221;
    private static final int NERR_GroupNotFound = 2220;
    private int nativeStructure;
    public static final String NONE = "";
    public static final String USERTYPE = "user";
    public static final String GROUPTYPE = "group";
    protected static final String realmSeparator = "/";
    public static final String typeSeparator = ":";
    private boolean localRegistry;
    private String serverName = null;
    private String realm = null;
    private String realmWithSep = null;
    private boolean isLocalOrDomain = false;
    int maxUidSize = -1;
    int maxPWSize = -1;

    public NTRegistryImpl() {
        this.localRegistry = true;
        this.localRegistry = true;
    }

    public NTRegistryImpl(boolean z) {
        this.localRegistry = true;
        this.localRegistry = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getNativeStructure() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getNativeStructure");
        }
        int i = this.nativeStructure;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getNativeStructure");
        }
        return i;
    }

    public String getRealm() throws CustomRegistryException {
        if (tc.isEntryEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "getRealm");
        }
        if (tc.isEntryEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "getRealm", this.realm);
        }
        return this.realm;
    }

    public String checkPassword(String str, String str2) throws PasswordCheckFailedException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkPassword", str);
        }
        if (str.length() > getMaxUidSize() || str2.length() > getMaxPWSize()) {
            Tr.error(tc, "security.registry.checkpass.failed", new Object[]{str});
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkPassword");
            }
            throw new PasswordCheckFailedException("checkPassword failed due to userid length (" + str.length() + ") and/or password length " + str2.length() + ") too large.");
        }
        try {
            if (!p_checkPassword(str, str2)) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "checkPassword ");
                }
                throw new PasswordCheckFailedException("Authentication failed for user " + str);
            }
            if (this.isLocalOrDomain) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "checkPassword ", str);
                }
                return str;
            }
            String str3 = this.realm + SecConstants.STRING_ESCAPE_CHARACTER + str;
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkPassword ", str3);
            }
            return str3;
        } catch (NTException e) {
            logErrorCode(e);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkPassword");
            }
            throw new PasswordCheckFailedException("Authentication failed for user " + str + " with the following error message " + e.getMessage(), e);
        }
    }

    public String getGroupDisplayName(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroupDisplayName", str);
        }
        if (!tc.isEntryEnabled()) {
            return "";
        }
        Tr.exit(tc, "getGroupDisplayName");
        return "";
    }

    public String getUniqueGroupId(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUniqueGroupId", str);
        }
        String privilegeAttributeId = getPrivilegeAttributeId(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUniqueGroupId", privilegeAttributeId);
        }
        return privilegeAttributeId;
    }

    public Enumeration getGroups(String str) throws RegistryErrorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroups", str);
        }
        GroupEnumeration groupEnumeration = new GroupEnumeration(this, str, true);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getGroups");
        }
        return groupEnumeration;
    }

    public String[] getGroupsForUser(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroupsForUser", str);
        }
        try {
            String[] p_getGroupsForUser = p_getGroupsForUser(str);
            if (p_getGroupsForUser == null || p_getGroupsForUser.length < 1) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No groups for user: " + str);
                }
                p_getGroupsForUser = new String[0];
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getGroupsForUser");
            }
            return p_getGroupsForUser;
        } catch (NTException e) {
            logErrorCode(e);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getGroupsForUser", e);
            }
            if (e.getErrorCode() == NERR_UserNotFound) {
                throw new EntryNotFoundException(str, e);
            }
            throw new CustomRegistryException(e.getMessage(), e);
        }
    }

    public String[] getGroupIDsForUser(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroupIDsForUser", str);
        }
        String[] strArr = new String[0];
        try {
            String[] p_getGroupIDsForUser = p_getGroupIDsForUser(str);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getGroupIDsForUser");
            }
            return p_getGroupIDsForUser;
        } catch (NTException e) {
            logErrorCode(e);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getGroupIDsForUser", e);
            }
            if (e.getErrorCode() == NERR_UserNotFound) {
                Tr.error(tc, "security.registry.getgrpsforuser.error", new Object[]{str, e});
                throw new EntryNotFoundException(str, e);
            }
            Tr.error(tc, "security.registry.getgrpsforuser.error", new Object[]{str, e});
            throw new CustomRegistryException(e.getMessage(), e);
        }
    }

    public String getGroupSecurityName(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroupSecurityName", str);
        }
        String securityName0 = getSecurityName0(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getGroupSecurityName");
        }
        return securityName0;
    }

    public String getUserDisplayName(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUserDisplayName", str);
        }
        try {
            String p_getUserName = p_getUserName(str);
            if (p_getUserName.length() != 0) {
                p_getUserName = this.realm + SecConstants.STRING_ESCAPE_CHARACTER + p_getUserName;
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getUserDisplayName");
            }
            return p_getUserName;
        } catch (NTException e) {
            logErrorCode(e);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getUserDisplayName", e);
            }
            if (e.getErrorCode() == NERR_UserNotFound) {
                throw new EntryNotFoundException(str, e);
            }
            throw new CustomRegistryException(e.getMessage(), e);
        }
    }

    public String getUniqueUserId(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUniqueUserId", str);
        }
        if (str != null && str.equalsIgnoreCase(this.realm)) {
            str = new StringBuffer(this.realm).append(SecConstants.STRING_ESCAPE_CHARACTER).append(str).toString();
        }
        String privilegeAttributeId = getPrivilegeAttributeId(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUniqueUserId", privilegeAttributeId);
        }
        return privilegeAttributeId;
    }

    public ArrayList getOneUser(String str) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOneUser", str);
        }
        try {
            String p_getOneUser = p_getOneUser(str);
            ArrayList arrayList = new ArrayList(1);
            arrayList.add(p_getOneUser);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getOneUser");
            }
            return arrayList;
        } catch (NTException e) {
            logErrorCode(e);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getOneUser", e);
            }
            throw new CustomRegistryException(e.getMessage(), e);
        }
    }

    public Enumeration getUsers(String str) throws RegistryErrorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUsers", str);
        }
        UserEnumeration userEnumeration = new UserEnumeration(this, str, true);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUsers");
        }
        return userEnumeration;
    }

    public Enumeration getUsers() throws RegistryErrorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUsers");
        }
        UserEnumeration userEnumeration = new UserEnumeration(this);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUsers");
        }
        return userEnumeration;
    }

    public String getUserSecurityName(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUserSecurityName", str);
        }
        String securityName0 = getSecurityName0(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUserSecurityName");
        }
        return securityName0;
    }

    public void initialize(Properties properties) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AdminSubsystemExtensionHandler.INITIALIZE);
        }
        String str = null;
        if (properties != null) {
            str = properties.getProperty(CommonConstants.USE_LOCAL_OR_DOMAIN);
        }
        if (str == null || !(str.equalsIgnoreCase("Domain") || str.equalsIgnoreCase(CommonConstants.LOCAL))) {
            try {
                this.realm = p_getDomainName();
                if (this.realm == null && !this.localRegistry) {
                    throw new CustomRegistryException("Unable to contact domain controller");
                }
                if (this.realm != null) {
                    this.serverName = p_getDCName();
                } else {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Getting the machine name");
                    }
                    this.realm = p_getMachineName();
                }
                p_initNativeStructure();
            } catch (NTException e) {
                logErrorCode(e);
                throw new CustomRegistryException(e.getMessage(), e);
            }
        } else {
            this.isLocalOrDomain = true;
            try {
                if (str.equalsIgnoreCase("Domain")) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Getting the Domain Name");
                    }
                    this.realm = p_getDomainName();
                } else {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Getting the Computer Name");
                    }
                    this.realm = p_getMachineName();
                }
                p_initNativeStructure();
            } catch (NTException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.registry.nt.NTRegistryImpl.initialize", "350", this);
                logErrorCode(e2);
                Tr.error(tc, "security.registry.initerror", new Object[]{e2});
                throw new CustomRegistryException(e2.getMessage(), e2);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, AdminSubsystemExtensionHandler.INITIALIZE);
        }
    }

    public boolean isValidGroup(String str) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isValidGroup", str);
        }
        try {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "isValidGroup");
            }
            return p_isValidGroup(str);
        } catch (NTException e) {
            logErrorCode(e);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "isValidGroup", e);
            }
            throw new CustomRegistryException(e.getMessage(), e);
        }
    }

    public boolean isValidUser(String str) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isValidUser", str);
        }
        try {
            return p_isValidUser(str);
        } catch (NTException e) {
            logErrorCode(e);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "isValidUser", e);
            }
            throw new CustomRegistryException(e.getMessage(), e);
        }
    }

    private String getPrivilegeAttributeId(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getPrivilegeAttributeId", str);
        }
        try {
            String p_lookupAccountName = p_lookupAccountName(str);
            if (p_lookupAccountName != null) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getPrivilegeAttributeId", p_lookupAccountName);
                }
                return p_lookupAccountName;
            }
            EntryNotFoundException entryNotFoundException = new EntryNotFoundException("Cannot obtain the uniqueID for " + str);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getPrivilegeAttributeId", entryNotFoundException);
            }
            throw entryNotFoundException;
        } catch (NTException e) {
            logErrorCode(e);
            throw new CustomRegistryException("Cannot find uniqueID for the user " + str, e);
        }
    }

    private String getSecurityName0(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecurityName0", str);
        }
        try {
            String p_lookupAccountSID = p_lookupAccountSID(str);
            if (p_lookupAccountSID != null) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getSecurityName0", p_lookupAccountSID);
                }
                return p_lookupAccountSID;
            }
            EntryNotFoundException entryNotFoundException = new EntryNotFoundException("cannot find entry " + str);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSecurityName0", entryNotFoundException);
            }
            throw entryNotFoundException;
        } catch (NTException e) {
            logErrorCode(e);
            throw new CustomRegistryException("no security name configured for privilege id: " + str, e);
        }
    }

    private int getMaxUidSize() {
        if (this.maxUidSize == -1) {
            String property = SecurityObjectLocator.getSecurityConfig().getProperty("com.ibm.websphere.security.registry.maxUseridSize");
            if (property != null) {
                this.maxUidSize = Integer.parseInt(property);
            } else {
                this.maxUidSize = Integer.parseInt("256");
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getMaxUidSize: " + this.maxUidSize);
            }
        }
        return this.maxUidSize;
    }

    private int getMaxPWSize() {
        if (this.maxPWSize == -1) {
            String property = SecurityObjectLocator.getSecurityConfig().getProperty("com.ibm.websphere.security.registry.maxPasswordSize");
            if (property != null) {
                this.maxPWSize = Integer.parseInt(property);
            } else {
                this.maxPWSize = Integer.parseInt("256");
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getMaxPWSize: " + this.maxPWSize);
            }
        }
        return this.maxPWSize;
    }

    private void logErrorCode(NTException nTException) {
        StringBuffer stringBuffer = new StringBuffer("Native error code = ");
        stringBuffer.append(nTException.getErrorCode());
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, stringBuffer.toString());
        }
    }

    public static void nativeDebugTr(int i, String str) {
        if (tc.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("Native line ");
            stringBuffer.append(i);
            stringBuffer.append(": ");
            stringBuffer.append(str);
            Tr.debug(tc, stringBuffer.toString());
        }
    }

    public static void nativeTr(String str, char c, Object[] objArr) {
        if (str != null) {
            switch (c) {
                case 'A':
                case 'a':
                    Tr.audit(tc, str, objArr);
                    return;
                case 'E':
                case 'e':
                    Tr.error(tc, str, objArr);
                    return;
                case 'W':
                case 'w':
                    Tr.warning(tc, str, objArr);
                    return;
                default:
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Invalid msg ID: " + str, objArr);
                        return;
                    }
                    return;
            }
        }
    }

    private native void p_initNativeStructure() throws NTException;

    public native String p_getDomainName() throws NTException;

    public native String p_getDCName() throws NTException;

    public native String p_getMachineName() throws NTException;

    private native String[] p_getGroupsForUser(String str) throws NTException;

    private native String p_getUserName(String str) throws NTException;

    private native boolean p_isValidGroup(String str) throws NTException;

    private native boolean p_isValidUser(String str) throws NTException;

    private native String p_getOneUser(String str) throws NTException;

    private native boolean p_checkPassword(String str, String str2) throws NTException;

    private native String p_lookupAccountName(String str) throws NTException;

    private native String p_lookupAccountSID(String str) throws NTException;

    private native String[] p_getGroupIDsForUser(String str) throws NTException;

    static {
        System.loadLibrary("NTRegistry");
    }
}
