package net.jradius.client.auth;

import java.nio.ByteBuffer;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.SSLException;
import net.jradius.client.RadiusClient;
import net.jradius.exception.RadiusException;
import net.jradius.log.RadiusLog;
import net.jradius.packet.AccessChallenge;
import net.jradius.packet.AccessRequest;
import net.jradius.packet.DiameterFormat;
import net.jradius.packet.RadiusPacket;
import net.jradius.packet.attribute.AttributeFactory;
import net.jradius.packet.attribute.AttributeList;

/* loaded from: input_file:net/jradius/client/auth/EAPTTLSAuthenticator.class */
public class EAPTTLSAuthenticator extends EAPTLSAuthenticator implements TunnelAuthenticator {
    public static final String NAME = "eap-ttls";
    private String innerProtocol = "pap";
    private RadiusAuthenticator tunnelAuth;
    private RadiusPacket tunnelRequest;
    private RadiusPacket tunnelChallenge;
    private AttributeList tunneledAttributes;
    private static final DiameterFormat diameterFormat = new DiameterFormat();

    public EAPTTLSAuthenticator() {
        setEAPType(21);
    }

    @Override // net.jradius.client.auth.EAPTLSAuthenticator
    public void init() throws RadiusException {
        super.init();
        this.tunnelAuth = RadiusClient.getAuthProtocol(getInnerProtocol());
        if (this.tunnelAuth == null || (this.tunnelAuth instanceof MSCHAPv2Authenticator) || (this.tunnelAuth instanceof MSCHAPv1Authenticator) || (this.tunnelAuth instanceof CHAPAuthenticator)) {
            throw new RadiusException("You can not currently use " + this.tunnelAuth.getAuthName() + " within a TLS Tunnel because of limitations in Java 1.5.");
        }
    }

    @Override // net.jradius.client.auth.EAPTLSAuthenticator
    protected boolean isCertificateRequired() {
        return false;
    }

    @Override // net.jradius.client.auth.EAPTLSAuthenticator
    public String getAuthName() {
        return NAME;
    }

    public void setTunneledAttributes(AttributeList attributeList) {
        this.tunneledAttributes = attributeList;
    }

    @Override // net.jradius.client.auth.EAPTLSAuthenticator
    public void setupRequest(RadiusClient radiusClient, RadiusPacket radiusPacket) throws RadiusException, NoSuchAlgorithmException {
        super.setupRequest(radiusClient, radiusPacket);
        this.tunnelRequest = new AccessRequest(this.tunneledAttributes);
        AttributeList attributes = this.tunnelRequest.getAttributes();
        if (attributes.get(1L) == null) {
            attributes.add(AttributeFactory.copyAttribute(this.username, false));
        }
        if (attributes.get(2L) == null) {
            attributes.add(AttributeFactory.copyAttribute(this.password, false));
        }
        this.tunnelAuth.setupRequest(radiusClient, this.tunnelRequest);
        if (this.tunnelAuth instanceof PAPAuthenticator) {
            return;
        }
        this.tunnelAuth.processRequest(this.tunnelRequest);
    }

    @Override // net.jradius.client.auth.EAPTLSAuthenticator
    protected boolean doTunnelAuthentication(byte b, byte[] bArr) throws RadiusException, SSLException, NoSuchAlgorithmException {
        if (this.tunnelChallenge == null || bArr == null) {
            this.tunnelChallenge = new AccessChallenge();
        } else {
            AttributeList attributes = this.tunnelChallenge.getAttributes();
            attributes.clear();
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            diameterFormat.unpackAttributes(attributes, wrap, wrap.limit(), false);
            if ((this.tunnelAuth instanceof EAPAuthenticator) && this.tunnelChallenge.findAttribute(79L) == null) {
                this.tunnelAuth.setupRequest(this.client, this.tunnelRequest);
            } else {
                this.tunnelAuth.processChallenge(this.tunnelRequest, this.tunnelChallenge);
            }
        }
        ByteBuffer allocate = ByteBuffer.allocate(1500);
        diameterFormat.packAttributeList(this.tunnelRequest.getAttributes(), allocate, true);
        putAppBuffer(allocate.array(), 0, allocate.position());
        RadiusLog.debug("Tunnel Request:\n" + this.tunnelRequest.toString());
        return true;
    }

    public String getInnerProtocol() {
        return this.innerProtocol;
    }

    public void setInnerProtocol(String str) {
        this.innerProtocol = str;
    }
}
