package rpc.security.ntlm;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.SecretKeySpec;
import jcifs.ntlmssp.NtlmFlags;
import jcifs.util.Hexdump;
import ndr.NdrBuffer;
import ndr.NetworkDataRepresentation;
import rpc.IntegrityException;
import rpc.Security;

/* loaded from: input_file:rpc/security/ntlm/Ntlm1.class */
public class Ntlm1 implements NtlmFlags, Security {
    private static final Logger LOGGER = Logger.getLogger("org.jinterop");
    private static final byte[] CLIENT_SIGNING_MAGIC_CONSTANT = {115, 101, 115, 115, 105, 111, 110, 32, 107, 101, 121, 32, 116, 111, 32, 99, 108, 105, 101, 110, 116, 45, 116, 111, 45, 115, 101, 114, 118, 101, 114, 32, 115, 105, 103, 110, 105, 110, 103, 32, 107, 101, 121, 32, 109, 97, 103, 105, 99, 32, 99, 111, 110, 115, 116, 97, 110, 116, 0};
    private static final byte[] SERVER_SIGNING_MAGIC_CONSTANT = {115, 101, 115, 115, 105, 111, 110, 32, 107, 101, 121, 32, 116, 111, 32, 115, 101, 114, 118, 101, 114, 45, 116, 111, 45, 99, 108, 105, 101, 110, 116, 32, 115, 105, 103, 110, 105, 110, 103, 32, 107, 101, 121, 32, 109, 97, 103, 105, 99, 32, 99, 111, 110, 115, 116, 97, 110, 116, 0};
    private static final byte[] CLIENT_SEALING_MAGIC_CONSTANT = {115, 101, 115, 115, 105, 111, 110, 32, 107, 101, 121, 32, 116, 111, 32, 99, 108, 105, 101, 110, 116, 45, 116, 111, 45, 115, 101, 114, 118, 101, 114, 32, 115, 101, 97, 108, 105, 110, 103, 32, 107, 101, 121, 32, 109, 97, 103, 105, 99, 32, 99, 111, 110, 115, 116, 97, 110, 116, 0};
    private static final byte[] SERVER_SEALING_MAGIC_CONSTANT = {115, 101, 115, 115, 105, 111, 110, 32, 107, 101, 121, 32, 116, 111, 32, 115, 101, 114, 118, 101, 114, 45, 116, 111, 45, 99, 108, 105, 101, 110, 116, 32, 115, 101, 97, 108, 105, 110, 103, 32, 107, 101, 121, 32, 109, 97, 103, 105, 99, 32, 99, 111, 110, 115, 116, 97, 110, 116, 0};
    private static final byte[] HEX_ARRAY = "0123456789ABCDEF".getBytes(StandardCharsets.US_ASCII);
    private static final int NTLM1_VERIFIER_LENGTH = 16;
    private final Cipher clientCipher;
    private final Cipher serverCipher;
    private final byte[] clientSigningKey;
    private final byte[] serverSigningKey;
    private final boolean isServer;
    private final int protectionLevel;
    private int requestCounter = 0;
    private int responseCounter = 0;

    public Ntlm1(int i, byte[] bArr, boolean z) {
        this.protectionLevel = (i & 32) != 0 ? 6 : 5;
        this.isServer = z;
        this.clientSigningKey = generateClientSigningKeyUsingNegotiatedSecondarySessionKey(bArr);
        this.serverSigningKey = generateServerSigningKeyUsingNegotiatedSecondarySessionKey(bArr);
        byte[] generateClientSealingKeyUsingNegotiatedSecondarySessionKey = generateClientSealingKeyUsingNegotiatedSecondarySessionKey(bArr);
        byte[] generateServerSealingKeyUsingNegotiatedSecondarySessionKey = generateServerSealingKeyUsingNegotiatedSecondarySessionKey(bArr);
        try {
            this.clientCipher = Cipher.getInstance("RC4");
            this.clientCipher.init(2, new SecretKeySpec(generateClientSealingKeyUsingNegotiatedSecondarySessionKey, "RC4"));
            this.serverCipher = Cipher.getInstance("RC4");
            this.serverCipher.init(2, new SecretKeySpec(generateServerSealingKeyUsingNegotiatedSecondarySessionKey, "RC4"));
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.log(Level.FINEST, "Client Signing Key derieved from the session key: [{0}]", dumpString(this.clientSigningKey));
                LOGGER.log(Level.FINEST, "Client Sealing Key derieved from the session key: [{0}]", dumpString(generateClientSealingKeyUsingNegotiatedSecondarySessionKey));
                LOGGER.log(Level.FINEST, "Server Signing Key derieved from the session key: [{0}]", dumpString(this.serverSigningKey));
                LOGGER.log(Level.FINEST, "Server Sealing Key derieved from the session key: [{0}]", dumpString(generateServerSealingKeyUsingNegotiatedSecondarySessionKey));
            }
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException("Failed to init decrypt RC4 cipher", e);
        }
    }

    @Override // rpc.Security
    public int getVerifierLength() {
        return 16;
    }

    @Override // rpc.Security
    public int getAuthenticationService() {
        return 10;
    }

    @Override // rpc.Security
    public int getProtectionLevel() {
        return this.protectionLevel;
    }

    @Override // rpc.Security
    public void processIncoming(NetworkDataRepresentation networkDataRepresentation, int i, int i2, int i3, boolean z) throws IOException {
        byte[] bArr;
        Cipher cipher;
        try {
            NdrBuffer buffer = networkDataRepresentation.getBuffer();
            if (this.isServer) {
                bArr = this.clientSigningKey;
                cipher = this.clientCipher;
            } else {
                bArr = this.serverSigningKey;
                cipher = this.serverCipher;
            }
            byte[] bArr2 = new byte[i2];
            System.arraycopy(networkDataRepresentation.getBuffer().getBuffer(), i, bArr2, 0, bArr2.length);
            if (getProtectionLevel() == 6) {
                bArr2 = cipher.update(bArr2);
                System.arraycopy(bArr2, 0, networkDataRepresentation.getBuffer().buf, i, bArr2.length);
            }
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.info("AFTER Decryption");
                LOGGER.log(Level.FINEST, "\n{0}", Hexdump.toHexString(bArr2));
                LOGGER.log(Level.FINEST, "\nLength is: {0}", Integer.valueOf(bArr2.length));
            }
            byte[] signingPt1 = signingPt1(this.responseCounter, bArr, buffer.getBuffer(), i3);
            signingPt2(signingPt1, cipher);
            buffer.setIndex(i3);
            byte[] bArr3 = new byte[16];
            networkDataRepresentation.readOctetArray(bArr3, 0, bArr3.length);
            if (!Arrays.equals(signingPt1, bArr3)) {
                throw new IntegrityException("Message out of sequence. Perhaps the user being used to run this application is different from the one under which the COM server is running !.");
            }
            this.responseCounter++;
        } catch (IOException e) {
            LOGGER.log(Level.SEVERE, "", (Throwable) e);
            throw e;
        } catch (RuntimeException | ShortBufferException e2) {
            LOGGER.log(Level.SEVERE, "", (Throwable) e2);
            throw new IntegrityException("General error: " + e2.getMessage());
        }
    }

    @Override // rpc.Security
    public void processOutgoing(NetworkDataRepresentation networkDataRepresentation, int i, int i2, int i3, boolean z) throws IOException {
        byte[] bArr;
        Cipher cipher;
        try {
            NdrBuffer buffer = networkDataRepresentation.getBuffer();
            if (this.isServer) {
                bArr = this.serverSigningKey;
                cipher = this.serverCipher;
            } else {
                bArr = this.clientSigningKey;
                cipher = this.clientCipher;
            }
            byte[] signingPt1 = signingPt1(this.requestCounter, bArr, buffer.getBuffer(), i3);
            byte[] bArr2 = new byte[i2];
            System.arraycopy(networkDataRepresentation.getBuffer().getBuffer(), i, bArr2, 0, bArr2.length);
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.info("BEFORE Encryption");
                LOGGER.log(Level.FINEST, "\n{0}", Hexdump.toHexString(bArr2));
                LOGGER.log(Level.INFO, "Length is: {0}", Integer.valueOf(bArr2.length));
            }
            if (getProtectionLevel() == 6) {
                byte[] update = cipher.update(bArr2);
                System.arraycopy(update, 0, networkDataRepresentation.getBuffer().buf, i, update.length);
            }
            signingPt2(signingPt1, cipher);
            buffer.setIndex(i3);
            buffer.writeOctetArray(signingPt1, 0, signingPt1.length);
            this.requestCounter++;
        } catch (RuntimeException | ShortBufferException e) {
            throw new IntegrityException("General error: " + e.getMessage());
        }
    }

    private static String dumpString(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length * 2];
        for (int i = 0; i < bArr.length; i++) {
            int i2 = bArr[i] & 255;
            bArr2[i * 2] = HEX_ARRAY[i2 >>> 4];
            bArr2[(i * 2) + 1] = HEX_ARRAY[i2 & 15];
        }
        return new String(bArr2, StandardCharsets.UTF_8);
    }

    private static byte[] generateClientSigningKeyUsingNegotiatedSecondarySessionKey(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length + CLIENT_SIGNING_MAGIC_CONSTANT.length];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        System.arraycopy(CLIENT_SIGNING_MAGIC_CONSTANT, 0, bArr2, bArr.length, CLIENT_SIGNING_MAGIC_CONSTANT.length);
        return DigestHelper.md5(bArr2);
    }

    private static byte[] generateClientSealingKeyUsingNegotiatedSecondarySessionKey(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length + CLIENT_SEALING_MAGIC_CONSTANT.length];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        System.arraycopy(CLIENT_SEALING_MAGIC_CONSTANT, 0, bArr2, bArr.length, CLIENT_SEALING_MAGIC_CONSTANT.length);
        return DigestHelper.md5(bArr2);
    }

    private static byte[] generateServerSigningKeyUsingNegotiatedSecondarySessionKey(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length + SERVER_SIGNING_MAGIC_CONSTANT.length];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        System.arraycopy(SERVER_SIGNING_MAGIC_CONSTANT, 0, bArr2, bArr.length, SERVER_SIGNING_MAGIC_CONSTANT.length);
        return DigestHelper.md5(bArr2);
    }

    private static byte[] generateServerSealingKeyUsingNegotiatedSecondarySessionKey(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length + SERVER_SEALING_MAGIC_CONSTANT.length];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        System.arraycopy(SERVER_SEALING_MAGIC_CONSTANT, 0, bArr2, bArr.length, SERVER_SEALING_MAGIC_CONSTANT.length);
        return DigestHelper.md5(bArr2);
    }

    private static byte[] signingPt1(int i, byte[] bArr, byte[] bArr2, int i2) {
        byte[] bArr3 = new byte[4 + i2];
        bArr3[0] = (byte) (i & 255);
        bArr3[1] = (byte) ((i >> 8) & 255);
        bArr3[2] = (byte) ((i >> 16) & 255);
        bArr3[3] = (byte) ((i >> 24) & 255);
        System.arraycopy(bArr2, 0, bArr3, 4, i2);
        byte[] bArr4 = new byte[16];
        bArr4[0] = 1;
        System.arraycopy(Responses.hmacMD5(bArr3, bArr), 0, bArr4, 4, 8);
        bArr4[12] = (byte) (i & 255);
        bArr4[13] = (byte) ((i >> 8) & 255);
        bArr4[14] = (byte) ((i >> 16) & 255);
        bArr4[15] = (byte) ((i >> 24) & 255);
        return bArr4;
    }

    private static void signingPt2(byte[] bArr, Cipher cipher) throws ShortBufferException {
        cipher.update(bArr, 4, 8, bArr, 4);
    }
}
