package org.dcache.xrootd.plugins.authn.gsi;

import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.concurrent.TimeUnit;
import javax.crypto.Cipher;

/* loaded from: input_file:org/dcache/xrootd/plugins/authn/gsi/GSIRequestHandler.class */
public abstract class GSIRequestHandler {
    public static final String PROTOCOL = "gsi";
    public static final int PROTO_WITH_DELEGATION = 10400;
    public static final int PROTO_PRE_DELEGATION = 10300;
    public static final int PROTOCOL_VERSION = 10300;
    public static final String CRYPTO_MODE = "ssl";
    public static final String SUPPORTED_CIPHER_ALGORITHMS = "aes-128-cbc";
    public static final String SUPPORTED_DIGESTS = "sha1:md5";
    public static final String SERVER_ASYNC_CIPHER_MODE = "RSA/NONE/PKCS1Padding";
    public static final String SERVER_SYNC_CIPHER_MODE = "AES/CBC/PKCS5Padding";
    public static final String SERVER_SYNC_CIPHER_NAME = "AES";
    public static final int SERVER_SYNC_CIPHER_BLOCKSIZE = 16;
    public static final int CHALLENGE_BYTES = 8;
    public static final long MAX_TIME_SKEW = TimeUnit.SECONDS.toMillis(300);
    protected static final SecureRandom RANDOM = new SecureRandom();
    protected final GSICredentialManager credentialManager;
    protected DHSession dhSession;
    protected DHBufferHandler bufferHandler;
    protected String challenge = "";
    protected Cipher challengeCipher;
    protected long lastRequest;

    public static String generateChallengeString() {
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) RANDOM.nextInt(127);
        }
        return new String(bArr, StandardCharsets.US_ASCII);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public GSIRequestHandler(GSICredentialManager gSICredentialManager) {
        this.credentialManager = gSICredentialManager;
    }

    public abstract int getProtocolVersion();

    /* JADX INFO: Access modifiers changed from: protected */
    public void updateLastRequest() {
        this.lastRequest = System.currentTimeMillis();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isRequestExpired() {
        if (this.lastRequest != 0) {
            return System.currentTimeMillis() - this.lastRequest >= MAX_TIME_SKEW;
        }
        this.lastRequest = System.currentTimeMillis();
        return false;
    }
}
