package org.apache.hadoop.hdfs.protocol.datatransfer.sasl;

import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hdfs.protocol.datatransfer.IOStreamPair;
import org.apache.hadoop.security.SaslInputStream;
import org.apache.hadoop.security.SaslOutputStream;

@InterfaceAudience.Private
/* loaded from: input_file:WEB-INF/lib/hadoop-hdfs-2.6.0-cdh5.15.97.jar:org/apache/hadoop/hdfs/protocol/datatransfer/sasl/SaslParticipant.class */
class SaslParticipant {
    private static final String SERVER_NAME = "0";
    private static final String PROTOCOL = "hdfs";
    private static final String MECHANISM = "DIGEST-MD5";
    private final SaslServer saslServer;
    private final SaslClient saslClient;

    public static SaslParticipant createServerSaslParticipant(Map<String, String> map, CallbackHandler callbackHandler) throws SaslException {
        return new SaslParticipant(Sasl.createSaslServer(MECHANISM, "hdfs", "0", map, callbackHandler));
    }

    public static SaslParticipant createClientSaslParticipant(String str, Map<String, String> map, CallbackHandler callbackHandler) throws SaslException {
        return new SaslParticipant(Sasl.createSaslClient(new String[]{MECHANISM}, str, "hdfs", "0", map, callbackHandler));
    }

    private SaslParticipant(SaslServer saslServer) {
        this.saslServer = saslServer;
        this.saslClient = null;
    }

    private SaslParticipant(SaslClient saslClient) {
        this.saslServer = null;
        this.saslClient = saslClient;
    }

    public byte[] evaluateChallengeOrResponse(byte[] bArr) throws SaslException {
        return this.saslClient != null ? this.saslClient.evaluateChallenge(bArr) : this.saslServer.evaluateResponse(bArr);
    }

    public String getNegotiatedQop() {
        return this.saslClient != null ? (String) this.saslClient.getNegotiatedProperty("javax.security.sasl.qop") : (String) this.saslServer.getNegotiatedProperty("javax.security.sasl.qop");
    }

    public boolean isNegotiatedQopPrivacy() {
        String negotiatedQop = getNegotiatedQop();
        return negotiatedQop != null && "auth-conf".equalsIgnoreCase(negotiatedQop);
    }

    public byte[] wrap(byte[] bArr, int i, int i2) throws SaslException {
        return this.saslClient != null ? this.saslClient.wrap(bArr, i, i2) : this.saslServer.wrap(bArr, i, i2);
    }

    public byte[] unwrap(byte[] bArr, int i, int i2) throws SaslException {
        return this.saslClient != null ? this.saslClient.unwrap(bArr, i, i2) : this.saslServer.unwrap(bArr, i, i2);
    }

    public boolean isComplete() {
        return this.saslClient != null ? this.saslClient.isComplete() : this.saslServer.isComplete();
    }

    public IOStreamPair createStreamPair(DataOutputStream dataOutputStream, DataInputStream dataInputStream) {
        return this.saslClient != null ? new IOStreamPair(new SaslInputStream(dataInputStream, this.saslClient), new SaslOutputStream(dataOutputStream, this.saslClient)) : new IOStreamPair(new SaslInputStream(dataInputStream, this.saslServer), new SaslOutputStream(dataOutputStream, this.saslServer));
    }
}
