package net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.client.request;

import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.KrbException;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.client.KrbContext;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.client.KrbOption;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.common.EncryptionUtil;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.type.base.EncryptionKey;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.type.base.KeyUsage;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.type.base.PrincipalName;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.type.kdc.EncTgsRepPart;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.type.kdc.KdcRep;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.type.kdc.TgsRep;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.type.kdc.TgsReq;
import net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.type.ticket.SgtTicket;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/snowflake/ingest/internal/apache/kerby/kerberos/kerb/client/request/TgsRequest.class */
public class TgsRequest extends KdcRequest {
    private static final Logger LOG = LoggerFactory.getLogger(TgsRequest.class);

    public TgsRequest(KrbContext krbContext) {
        super(krbContext);
    }

    @Override // net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.client.request.KdcRequest
    public PrincipalName getClientPrincipal() {
        return null;
    }

    @Override // net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.client.request.KdcRequest
    public EncryptionKey getClientKey() throws KrbException {
        return null;
    }

    public EncryptionKey getSessionKey() {
        return null;
    }

    @Override // net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.client.request.KdcRequest
    public void process() throws KrbException {
        String stringOption = getRequestOptions().getStringOption(KrbOption.SERVER_PRINCIPAL);
        if (stringOption == null) {
            LOG.warn("Server principal is null.");
        }
        setServerPrincipal(new PrincipalName(stringOption));
        super.process();
        TgsReq tgsReq = new TgsReq();
        tgsReq.setReqBody(getReqBody(null));
        tgsReq.setPaData(getPreauthContext().getOutputPaData());
        setKdcReq(tgsReq);
    }

    @Override // net.snowflake.ingest.internal.apache.kerby.kerberos.kerb.client.request.KdcRequest
    public void processResponse(KdcRep kdcRep) throws KrbException {
        EncTgsRepPart encTgsRepPart;
        setKdcRep(kdcRep);
        TgsRep tgsRep = (TgsRep) getKdcRep();
        try {
            encTgsRepPart = (EncTgsRepPart) EncryptionUtil.unseal(tgsRep.getEncryptedEncPart(), getSessionKey(), KeyUsage.TGS_REP_ENCPART_SESSKEY, EncTgsRepPart.class);
        } catch (KrbException e) {
            encTgsRepPart = (EncTgsRepPart) EncryptionUtil.unseal(tgsRep.getEncryptedEncPart(), getSessionKey(), KeyUsage.TGS_REP_ENCPART_SUBKEY, EncTgsRepPart.class);
        }
        tgsRep.setEncPart(encTgsRepPart);
        if (getChosenNonce() != encTgsRepPart.getNonce()) {
            LOG.error("Nonce " + getChosenNonce() + "didn't match " + encTgsRepPart.getNonce());
            throw new KrbException("Nonce didn't match");
        }
    }

    public SgtTicket getSgt() {
        return new SgtTicket(getKdcRep().getTicket(), (EncTgsRepPart) getKdcRep().getEncPart());
    }
}
