package jcifs.smb;

import android.support.v4.media.C0123;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.Cipher;
import jcifs.CIFSContext;
import jcifs.CIFSException;
import jcifs.internal.smb1.C6465;
import jcifs.internal.util.SMBUtil;
import jcifs.ntlmssp.Type1Message;
import jcifs.ntlmssp.Type2Message;
import jcifs.ntlmssp.Type3Message;
import jcifs.util.Crypto;
import jcifs.util.Hexdump;
import p1199.C37785;
import p1200.C37810;
import p1302.C39803;
import p1627.C48557;
import p1890.C55169;
import p2032.C59016;
import p2032.InterfaceC59014;

/* loaded from: classes7.dex */
public class NtlmContext implements SSPContext {
    private static final String C2S_SEAL_CONSTANT = "session key to client-to-server sealing key magic constant";
    private static final String C2S_SIGN_CONSTANT = "session key to client-to-server signing key magic constant";
    public static C48557 NTLMSSP_OID = null;
    private static final String S2C_SEAL_CONSTANT = "session key to server-to-client sealing key magic constant";
    private static final String S2C_SIGN_CONSTANT = "session key to server-to-client signing key magic constant";
    private static final InterfaceC59014 log = C59016.m213182(NtlmContext.class);
    private NtlmPasswordAuthenticator auth;
    private int ntlmsspFlags;
    private final boolean requireKeyExchange;
    private Cipher sealClientHandle;
    private byte[] sealClientKey;
    private Cipher sealServerHandle;
    private byte[] sealServerKey;
    private byte[] signKey;
    private String targetName;
    private CIFSContext transportContext;
    private byte[] type1Bytes;
    private byte[] verifyKey;
    private String workstation;
    private boolean isEstablished = false;
    private byte[] serverChallenge = null;
    private byte[] masterKey = null;
    private String netbiosName = null;
    private final AtomicInteger signSequence = new AtomicInteger(0);
    private final AtomicInteger verifySequence = new AtomicInteger(0);
    private int state = 1;

    static {
        try {
            NTLMSSP_OID = new C48557("1.3.6.1.4.1.311.2.2.10");
        } catch (IllegalArgumentException e) {
            log.mo42919("Failed to parse OID", e);
        }
    }

    public NtlmContext(CIFSContext cIFSContext, NtlmPasswordAuthenticator ntlmPasswordAuthenticator, boolean z) {
        this.transportContext = cIFSContext;
        this.auth = ntlmPasswordAuthenticator;
        this.ntlmsspFlags |= 537395204;
        if (!ntlmPasswordAuthenticator.isAnonymous()) {
            this.ntlmsspFlags |= 1073774608;
        } else if (ntlmPasswordAuthenticator.isGuest()) {
            this.ntlmsspFlags |= 1073741824;
        } else {
            this.ntlmsspFlags |= 2048;
        }
        this.requireKeyExchange = z;
        this.workstation = cIFSContext.getConfig().getNetbiosHostname();
    }

    private static byte[] deriveKey(byte[] bArr, String str) {
        MessageDigest md5 = Crypto.getMD5();
        md5.update(bArr);
        md5.update(str.getBytes(StandardCharsets.US_ASCII));
        md5.update((byte) 0);
        return md5.digest();
    }

    @Override // jcifs.smb.SSPContext
    public byte[] calculateMIC(byte[] bArr) throws CIFSException {
        byte[] bArr2 = this.signKey;
        if (bArr2 == null) {
            throw new CIFSException("Signing is not initialized");
        }
        byte[] bArr3 = new byte[4];
        long andIncrement = this.signSequence.getAndIncrement();
        SMBUtil.writeInt4(andIncrement, bArr3, 0);
        MessageDigest hmact64 = Crypto.getHMACT64(bArr2);
        hmact64.update(bArr3);
        hmact64.update(bArr);
        byte[] digest = hmact64.digest();
        byte[] bArr4 = new byte[8];
        System.arraycopy(digest, 0, bArr4, 0, 8);
        InterfaceC59014 interfaceC59014 = log;
        if (interfaceC59014.isDebugEnabled()) {
            interfaceC59014.mo42921(C55169.f173229 + Hexdump.toHexString(digest));
            interfaceC59014.mo42921("Truncated " + Hexdump.toHexString(bArr4));
        }
        if ((this.ntlmsspFlags & 1073741824) != 0) {
            try {
                bArr4 = this.sealClientHandle.doFinal(bArr4);
                if (interfaceC59014.isDebugEnabled()) {
                    interfaceC59014.mo42921("Encrypted " + Hexdump.toHexString(bArr4));
                }
            } catch (GeneralSecurityException e) {
                throw new CIFSException("Failed to encrypt MIC", e);
            }
        }
        byte[] bArr5 = new byte[16];
        SMBUtil.writeInt4(1L, bArr5, 0);
        System.arraycopy(bArr4, 0, bArr5, 4, 8);
        SMBUtil.writeInt4(andIncrement, bArr5, 12);
        return bArr5;
    }

    public Type3Message createType3Message(Type2Message type2Message) throws GeneralSecurityException, CIFSException {
        if (this.auth instanceof NtlmNtHashAuthenticator) {
            return new Type3Message(this.transportContext, type2Message, this.targetName, this.auth.getNTHash(), this.auth.getUserDomain(), this.auth.getUsername(), this.workstation, this.ntlmsspFlags);
        }
        return new Type3Message(this.transportContext, type2Message, this.targetName, this.auth.isGuest() ? this.transportContext.getConfig().getGuestPassword() : this.auth.getPassword(), this.auth.isGuest() ? null : this.auth.getUserDomain(), this.auth.isGuest() ? this.transportContext.getConfig().getGuestUsername() : this.auth.getUsername(), this.workstation, this.ntlmsspFlags, this.auth.isGuest() || !this.auth.isAnonymous());
    }

    @Override // jcifs.smb.SSPContext
    public void dispose() throws SmbException {
        this.isEstablished = false;
        this.sealClientHandle = null;
        this.sealServerHandle = null;
        this.sealClientKey = null;
        this.sealServerKey = null;
        this.masterKey = null;
        this.signKey = null;
        this.verifyKey = null;
        this.type1Bytes = null;
    }

    @Override // jcifs.smb.SSPContext
    public int getFlags() {
        return 0;
    }

    @Override // jcifs.smb.SSPContext
    public String getNetbiosName() {
        return this.netbiosName;
    }

    public byte[] getServerChallenge() {
        return this.serverChallenge;
    }

    @Override // jcifs.smb.SSPContext
    public byte[] getSigningKey() {
        return this.masterKey;
    }

    @Override // jcifs.smb.SSPContext
    public C48557[] getSupportedMechs() {
        return new C48557[]{NTLMSSP_OID};
    }

    @Override // jcifs.smb.SSPContext
    public byte[] initSecContext(byte[] bArr, int i2, int i3) throws SmbException {
        int i4 = this.state;
        if (i4 == 1) {
            return makeNegotiate(bArr);
        }
        if (i4 == 2) {
            return makeAuthenticate(bArr);
        }
        throw new SmbException("Invalid state");
    }

    public void initSessionSecurity(byte[] bArr) {
        this.signKey = deriveKey(bArr, C2S_SIGN_CONSTANT);
        this.verifyKey = deriveKey(bArr, S2C_SIGN_CONSTANT);
        InterfaceC59014 interfaceC59014 = log;
        if (interfaceC59014.isDebugEnabled()) {
            interfaceC59014.mo42921("Sign key is " + Hexdump.toHexString(this.signKey));
            interfaceC59014.mo42921("Verify key is " + Hexdump.toHexString(this.verifyKey));
        }
        byte[] deriveKey = deriveKey(bArr, C2S_SEAL_CONSTANT);
        this.sealClientKey = deriveKey;
        this.sealClientHandle = Crypto.getArcfour(deriveKey);
        if (interfaceC59014.isDebugEnabled()) {
            interfaceC59014.mo42921("Seal key is " + Hexdump.toHexString(this.sealClientKey));
        }
        byte[] deriveKey2 = deriveKey(bArr, S2C_SEAL_CONSTANT);
        this.sealServerKey = deriveKey2;
        this.sealServerHandle = Crypto.getArcfour(deriveKey2);
        if (interfaceC59014.isDebugEnabled()) {
            interfaceC59014.mo42921("Server seal key is " + Hexdump.toHexString(this.sealServerKey));
        }
    }

    @Override // jcifs.smb.SSPContext
    public boolean isEstablished() {
        return this.isEstablished;
    }

    @Override // jcifs.smb.SSPContext
    public boolean isMICAvailable() {
        return (this.auth.isGuest() || this.signKey == null || this.verifyKey == null) ? false : true;
    }

    @Override // jcifs.smb.SSPContext
    public boolean isPreferredMech(C48557 c48557) {
        return this.auth.isPreferredMech(c48557);
    }

    @Override // jcifs.smb.SSPContext
    public boolean isSupported(C48557 c48557) {
        return NTLMSSP_OID.m182543(c48557);
    }

    public byte[] makeAuthenticate(byte[] bArr) throws SmbException {
        try {
            Type2Message type2Message = new Type2Message(bArr);
            InterfaceC59014 interfaceC59014 = log;
            if (interfaceC59014.isTraceEnabled()) {
                interfaceC59014.mo42937(type2Message.toString());
                interfaceC59014.mo42937(Hexdump.toHexString(bArr));
            }
            this.serverChallenge = type2Message.getChallenge();
            if (this.requireKeyExchange) {
                if (this.transportContext.getConfig().isEnforceSpnegoIntegrity() && (!type2Message.getFlag(1073741824) || !type2Message.getFlag(524288))) {
                    throw new SmbUnsupportedOperationException("Server does not support extended NTLMv2 key exchange");
                }
                if (!type2Message.getFlag(536870912)) {
                    throw new SmbUnsupportedOperationException("Server does not support 128-bit keys");
                }
            }
            this.ntlmsspFlags &= type2Message.getFlags();
            Type3Message createType3Message = createType3Message(type2Message);
            createType3Message.setupMIC(this.type1Bytes, bArr);
            byte[] byteArray = createType3Message.toByteArray();
            if (interfaceC59014.isTraceEnabled()) {
                interfaceC59014.mo42937(createType3Message.toString());
                interfaceC59014.mo42937(Hexdump.toHexString(bArr));
            }
            byte[] masterKey = createType3Message.getMasterKey();
            this.masterKey = masterKey;
            if (masterKey != null && (this.ntlmsspFlags & 524288) != 0) {
                initSessionSecurity(createType3Message.getMasterKey());
            }
            this.isEstablished = true;
            this.state++;
            return byteArray;
        } catch (SmbException e) {
            throw e;
        } catch (Exception e2) {
            throw new SmbException(e2.getMessage(), e2);
        }
    }

    public byte[] makeNegotiate(byte[] bArr) {
        Type1Message type1Message = new Type1Message(this.transportContext, this.ntlmsspFlags, this.auth.getUserDomain(), this.workstation);
        byte[] byteArray = type1Message.toByteArray();
        this.type1Bytes = byteArray;
        InterfaceC59014 interfaceC59014 = log;
        if (interfaceC59014.isTraceEnabled()) {
            interfaceC59014.mo42937(type1Message.toString());
            interfaceC59014.mo42937(Hexdump.toHexString(byteArray));
        }
        this.state++;
        return byteArray;
    }

    public void setTargetName(String str) {
        this.targetName = str;
    }

    @Override // jcifs.smb.SSPContext
    public boolean supportsIntegrity() {
        return true;
    }

    public String toString() {
        String sb;
        String sb2;
        StringBuilder sb3 = new StringBuilder("NtlmContext[auth=");
        sb3.append(this.auth);
        sb3.append(",ntlmsspFlags=0x");
        C6465.m32163(this.ntlmsspFlags, 8, sb3, ",workstation=");
        sb3.append(this.workstation);
        sb3.append(",isEstablished=");
        sb3.append(this.isEstablished);
        sb3.append(",state=");
        String m576 = C0123.m576(sb3, this.state, ",serverChallenge=");
        if (this.serverChallenge == null) {
            sb = C37785.m152890(m576, "null");
        } else {
            StringBuilder m152934 = C37810.m152934(m576);
            m152934.append(Hexdump.toHexString(this.serverChallenge));
            sb = m152934.toString();
        }
        String m152890 = C37785.m152890(sb, ",signingKey=");
        if (this.masterKey == null) {
            sb2 = C37785.m152890(m152890, "null");
        } else {
            StringBuilder m1529342 = C37810.m152934(m152890);
            m1529342.append(Hexdump.toHexString(this.masterKey));
            sb2 = m1529342.toString();
        }
        return C37785.m152890(sb2, "]");
    }

    @Override // jcifs.smb.SSPContext
    public void verifyMIC(byte[] bArr, byte[] bArr2) throws CIFSException {
        byte[] bArr3 = this.verifyKey;
        if (bArr3 == null) {
            throw new CIFSException("Signing is not initialized");
        }
        int readInt4 = SMBUtil.readInt4(bArr2, 0);
        if (readInt4 != 1) {
            throw new SmbUnsupportedOperationException("Invalid signature version");
        }
        MessageDigest hmact64 = Crypto.getHMACT64(bArr3);
        int readInt42 = SMBUtil.readInt4(bArr2, 12);
        hmact64.update(bArr2, 12, 4);
        byte[] digest = hmact64.digest(bArr);
        byte[] m160524 = C39803.m160524(digest, 8);
        InterfaceC59014 interfaceC59014 = log;
        if (interfaceC59014.isDebugEnabled()) {
            interfaceC59014.mo42921(C55169.f173229 + Hexdump.toHexString(digest));
            interfaceC59014.mo42921("Truncated " + Hexdump.toHexString(m160524));
        }
        boolean z = (this.ntlmsspFlags & 1073741824) != 0;
        if (z) {
            try {
                m160524 = this.sealServerHandle.doFinal(m160524);
                if (interfaceC59014.isDebugEnabled()) {
                    interfaceC59014.mo42921("Decrypted " + Hexdump.toHexString(m160524));
                }
            } catch (GeneralSecurityException e) {
                throw new CIFSException("Failed to decrypt MIC", e);
            }
        }
        int andIncrement = this.verifySequence.getAndIncrement();
        if (andIncrement != readInt42) {
            throw new CIFSException(String.format("Invalid MIC sequence, expect %d have %d", Integer.valueOf(andIncrement), Integer.valueOf(readInt42)));
        }
        byte[] bArr4 = new byte[8];
        System.arraycopy(bArr2, 4, bArr4, 0, 8);
        if (MessageDigest.isEqual(m160524, bArr4)) {
            return;
        }
        if (interfaceC59014.isDebugEnabled()) {
            interfaceC59014.mo42921(String.format("Seq = %d ver = %d encrypted = %s", Integer.valueOf(readInt42), Integer.valueOf(readInt4), Boolean.valueOf(z)));
            interfaceC59014.mo42921(String.format("Expected MIC %s != %s", Hexdump.toHexString(m160524), Hexdump.toHexString(bArr4)));
        }
        throw new CIFSException("Invalid MIC");
    }
}
