package org.apache.geronimo.javamail.authentication;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import javax.mail.AuthenticationFailedException;
import javax.mail.MessagingException;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.apache.geronimo.mail.util.Base64;
import org.apache.geronimo.mail.util.Hex;

/* loaded from: input_file:org/apache/geronimo/javamail/authentication/DigestMD5Authenticator.class */
public class DigestMD5Authenticator implements ClientAuthenticator {
    protected static final int AUTHENTICATE_CLIENT = 0;
    protected static final int AUTHENTICATE_SERVER = 1;
    protected static final int AUTHENTICATION_COMPLETE = 2;
    protected String host;
    protected String username;
    protected String password;
    protected String realm;
    MessageDigest digest;
    protected String clientResponse;
    protected ArrayList realms;
    protected String nonce;
    protected String authenticationResponse = null;
    protected int stage = 0;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/apache/geronimo/javamail/authentication/DigestMD5Authenticator$DigestParser.class */
    public class DigestParser {
        String challenge;
        int length;
        int position = 0;

        public DigestParser(String str) {
            this.challenge = str;
            this.length = str.length();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public boolean hasMore() {
            return this.position < this.length;
        }

        private char currentChar() {
            return this.challenge.charAt(this.position);
        }

        private void nextChar() {
            this.position++;
        }

        private void skipSpaces() {
            while (this.position < this.length && Character.isWhitespace(currentChar())) {
                this.position++;
            }
        }

        private String parseQuotedValue() {
            nextChar();
            StringBuffer stringBuffer = new StringBuffer();
            while (hasMore()) {
                char currentChar = currentChar();
                if (currentChar == '\\') {
                    nextChar();
                    if (!hasMore()) {
                        return null;
                    }
                    stringBuffer.append(currentChar());
                } else {
                    if (currentChar == '\"') {
                        nextChar();
                        return stringBuffer.toString();
                    }
                    stringBuffer.append(currentChar);
                }
                nextChar();
            }
            return null;
        }

        private String parseTokenValue() {
            StringBuffer stringBuffer = new StringBuffer();
            while (hasMore()) {
                char currentChar = currentChar();
                switch (currentChar) {
                    case '\t':
                    case ' ':
                    case '\"':
                    case '(':
                    case ')':
                    case ',':
                    case '/':
                    case ':':
                    case ';':
                    case '<':
                    case '=':
                    case '>':
                    case '?':
                    case '@':
                    case '[':
                    case '\\':
                    case ']':
                    case '{':
                    case '}':
                        if (stringBuffer.length() == 0) {
                            return null;
                        }
                        return stringBuffer.toString();
                    default:
                        if (currentChar < ' ' || currentChar > 127) {
                            if (stringBuffer.length() == 0) {
                                return null;
                            }
                            return stringBuffer.toString();
                        }
                        stringBuffer.append(currentChar);
                        nextChar();
                        break;
                }
            }
            if (stringBuffer.length() == 0) {
                return null;
            }
            return stringBuffer.toString();
        }

        private String parseName() {
            skipSpaces();
            return parseTokenValue();
        }

        private String parseValue() {
            skipSpaces();
            return currentChar() == '\"' ? parseQuotedValue() : parseTokenValue();
        }

        public NameValuePair parseNameValuePair() throws MessagingException {
            String parseName = parseName();
            if (parseName == null) {
                throw new MessagingException("Name syntax error");
            }
            if (!hasMore() || currentChar() != '=') {
                throw new MessagingException("Name/value pair syntax error");
            }
            nextChar();
            String parseValue = parseValue();
            if (parseValue == null) {
                throw new MessagingException("Name/value pair syntax error");
            }
            skipSpaces();
            if (hasMore()) {
                if (currentChar() != ',') {
                    throw new MessagingException("Name/value pair syntax error");
                }
                nextChar();
                skipSpaces();
            }
            return new NameValuePair(parseName, parseValue);
        }
    }

    /* loaded from: input_file:org/apache/geronimo/javamail/authentication/DigestMD5Authenticator$NameValuePair.class */
    public class NameValuePair {
        public String name;
        public String value;

        NameValuePair(String str, String str2) {
            this.name = str;
            this.value = str2;
        }
    }

    public DigestMD5Authenticator(String str, String str2, String str3, String str4) {
        this.host = str;
        this.username = str2;
        this.password = str3;
        this.realm = str4;
    }

    @Override // org.apache.geronimo.javamail.authentication.ClientAuthenticator
    public boolean hasInitialResponse() {
        return false;
    }

    @Override // org.apache.geronimo.javamail.authentication.ClientAuthenticator
    public boolean isComplete() {
        return this.stage == 2;
    }

    @Override // org.apache.geronimo.javamail.authentication.ClientAuthenticator
    public String getMechanismName() {
        return AuthenticatorFactory.AUTHENTICATION_DIGESTMD5;
    }

    @Override // org.apache.geronimo.javamail.authentication.ClientAuthenticator
    public byte[] evaluateChallenge(byte[] bArr) throws MessagingException {
        switch (this.stage) {
            case 0:
                byte[] authenticateClient = authenticateClient(bArr);
                this.stage = 1;
                return authenticateClient;
            case 1:
                byte[] authenticateServer = authenticateServer(bArr);
                this.stage = 2;
                return authenticateServer;
            default:
                throw new MessagingException("Invalid LOGIN challenge");
        }
    }

    public byte[] authenticateServer(byte[] bArr) throws MessagingException {
        if (!parseChallenge(bArr)) {
            return null;
        }
        try {
            this.digest.update((":smtp/" + this.host).getBytes("US-ASCII"));
            this.digest.update((this.clientResponse + new String(Hex.encode(this.digest.digest()), "US-ASCII")).getBytes("US-ASCII"));
            if (new String(Hex.encode(this.digest.digest()), "US-ASCII").equals(this.authenticationResponse)) {
                return new byte[0];
            }
            throw new AuthenticationFailedException("Invalid DIGEST-MD5 response from server");
        } catch (UnsupportedEncodingException e) {
            throw new MessagingException("Invalid character encodings");
        }
    }

    public byte[] authenticateClient(byte[] bArr) throws MessagingException {
        if (!parseChallenge(bArr)) {
            return null;
        }
        try {
            SecureRandom secureRandom = new SecureRandom();
            this.digest = MessageDigest.getInstance(MessageDigestAlgorithms.MD5);
            if (this.realm == null) {
                if (this.realms.isEmpty()) {
                    this.realm = this.host;
                } else {
                    this.realm = (String) this.realms.get(0);
                }
            }
            byte[] bArr2 = new byte[32];
            secureRandom.nextBytes(bArr2);
            try {
                String str = new String(Base64.encode(bArr2), "US-ASCII");
                this.digest.update(this.digest.digest((this.username + ":" + this.realm + ":" + this.password).getBytes("US-ASCII")));
                this.digest.update((":" + this.nonce + ":" + str).getBytes("US-ASCII"));
                this.clientResponse = new String(Hex.encode(this.digest.digest()), "US-ASCII") + ":" + this.nonce + ":00000001:" + str + ":auth:";
                this.digest.update(("AUTHENTICATE:smtp/" + this.host).getBytes("US-ASCII"));
                this.digest.update((this.clientResponse + new String(Hex.encode(this.digest.digest()), "US_ASCII")).getBytes("US-ASCII"));
                String str2 = new String(Hex.encode(this.digest.digest()), "US-ASCII");
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("username=\"");
                stringBuffer.append(this.username);
                stringBuffer.append("\"");
                stringBuffer.append(",realm=\"");
                stringBuffer.append(this.realm);
                stringBuffer.append("\"");
                stringBuffer.append(",qop=auth");
                stringBuffer.append(",nc=00000001");
                stringBuffer.append(",nonce=\"");
                stringBuffer.append(this.nonce);
                stringBuffer.append("\"");
                stringBuffer.append(",cnonce=\"");
                stringBuffer.append(str);
                stringBuffer.append("\"");
                stringBuffer.append(",digest-uri=\"smtp/");
                stringBuffer.append(this.host);
                stringBuffer.append("\"");
                stringBuffer.append(",response=");
                stringBuffer.append(str2);
                return stringBuffer.toString().getBytes("US-ASCII");
            } catch (UnsupportedEncodingException e) {
                throw new MessagingException("Invalid character encodings");
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new MessagingException("Unable to access cryptography libraries");
        }
    }

    protected boolean parseChallenge(byte[] bArr) throws MessagingException {
        this.realms = new ArrayList();
        DigestParser digestParser = null;
        try {
            digestParser = new DigestParser(new String(bArr, "US-ASCII"));
        } catch (UnsupportedEncodingException e) {
        }
        while (digestParser.hasMore()) {
            NameValuePair parseNameValuePair = digestParser.parseNameValuePair();
            String str = parseNameValuePair.name;
            if (str.equalsIgnoreCase("realm")) {
                this.realms.add(parseNameValuePair.value);
            } else if (str.equalsIgnoreCase("nonce")) {
                this.nonce = parseNameValuePair.value;
            } else if (str.equalsIgnoreCase("rspauth")) {
                this.authenticationResponse = parseNameValuePair.value;
            }
        }
        return true;
    }
}
