package com.bigstep.datalake;

import java.io.File;
import java.io.IOException;
import java.util.Arrays;
import java.util.EnumSet;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
import org.apache.directory.server.kerberos.shared.keytab.Keytab;
import org.apache.directory.server.kerberos.shared.keytab.KeytabEntry;
import org.apache.directory.shared.kerberos.KerberosTime;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.apache.directory.shared.kerberos.components.EncryptionKey;

/* loaded from: input_file:com/bigstep/datalake/KeytabUtil.class */
public class KeytabUtil {
    public static void generateKeytab(String str, String str2, String str3) throws IOException {
        if (str2.length() == 0) {
            throw new IllegalArgumentException("password must not have zero length");
        }
        if (!str.contains("@")) {
            throw new IllegalArgumentException("principal name must contain realm: principal@realm");
        }
        Keytab keytab = Keytab.getInstance();
        keytab.setEntries(Arrays.asList(new KeytabEntry(str, 1, new KerberosTime(), (byte) 0, (EncryptionKey) KerberosKeyFactory.getKerberosKeys(str, str2, EnumSet.of(EncryptionType.AES256_CTS_HMAC_SHA1_96)).get(EncryptionType.AES256_CTS_HMAC_SHA1_96))));
        keytab.write(new File(str3));
    }

    public static void main(String[] strArr) throws IllegalArgumentException, IOException {
        if (strArr.length != 3) {
            System.err.println("Syntax: genkeytab <principal@realm> <keytab_file_path>");
            System.exit(-1);
        }
        if (!DLFileSystem.checkJCE()) {
            throw new IOException(DLFileSystem.JCE_ERROR);
        }
        String str = strArr[1];
        String str2 = strArr[2];
        System.out.print("Password (not checked for correctness against KDC):");
        generateKeytab(str, String.valueOf(System.console().readPassword()), str2);
    }
}
