package com.hierynomus.smbj.connection;

import com.hierynomus.mserref.NtStatus;
import com.hierynomus.mssmb2.SMB2Dialect;
import com.hierynomus.mssmb2.SMBApiException;
import com.hierynomus.mssmb2.messages.SMB2SessionSetup;
import com.hierynomus.protocol.transport.TransportException;
import com.hierynomus.security.SecurityException;
import com.hierynomus.smbj.common.SMBRuntimeException;
import com.hierynomus.spnego.SpnegoException;
import es.aa;
import es.b0;
import es.b90;
import es.bg2;
import es.bj2;
import es.hf1;
import es.il2;
import es.j71;
import es.pp;
import es.x9;
import es.y9;
import es.yp1;
import es.zt;
import es.zu;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.EnumSet;
import java.util.Iterator;
import java.util.List;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* compiled from: SMBSessionBuilder.java */
/* loaded from: classes3.dex */
public class h {
    static final byte[] g = il2.c("SMBC2SCipherKey");
    static final byte[] h = il2.c("SMBS2CCipherKey");
    static final byte[] i = il2.c("SMB2AESCCM");
    static final byte[] j = il2.c("ServerIn ");
    static final byte[] k = il2.c("ServerOut");
    static final byte[] l = il2.c("SmbSign");
    static final byte[] m = il2.c("SMB2AESCMAC");
    static final byte[] n = il2.c("SMBSigningKey");
    static final byte[] o = il2.c("SmbRpc");
    static final byte[] p = il2.c("SMB2APP");
    static final byte[] q = il2.c("SMBAppKey");
    private static final j71 r = org.slf4j.a.f(h.class);

    /* renamed from: a, reason: collision with root package name */
    private final bj2 f4257a;
    private final com.hierynomus.smbj.connection.b b;
    private final b c;
    private final i d;
    private final i e;
    private final com.hierynomus.smbj.connection.a f;

    /* compiled from: SMBSessionBuilder.java */
    /* loaded from: classes3.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        private aa f4258a;
        private long b;
        private byte[] c;
        private y9 d;
        private byte[] e;
        private SMB2SessionSetup f;
        private SMB2SessionSetup g;
        private hf1 h;
    }

    /* compiled from: SMBSessionBuilder.java */
    /* loaded from: classes3.dex */
    public interface b {
        com.hierynomus.smbj.session.a a(y9 y9Var);
    }

    public h(com.hierynomus.smbj.connection.a aVar, bj2 bj2Var, b bVar) {
        this.f = aVar;
        this.f4257a = bj2Var;
        this.b = aVar.X();
        this.d = aVar.b0();
        this.e = aVar.Z();
        this.c = bVar;
    }

    private SecretKey a(SecretKey secretKey, byte[] bArr, byte[] bArr2, String str) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(25);
        try {
            byteArrayOutputStream.write(bArr);
            byteArrayOutputStream.write(0);
            byteArrayOutputStream.write(bArr2);
            byteArrayOutputStream.write(new byte[]{0, 0, 0, Byte.MIN_VALUE});
            try {
                zt e = this.f4257a.D().e("KDF/Counter/HMACSHA256");
                e.b(new pp(secretKey.getEncoded(), byteArrayOutputStream.toByteArray(), 32));
                byte[] bArr3 = new byte[16];
                e.a(bArr3, 0, 16);
                return new SecretKeySpec(bArr3, str);
            } catch (SecurityException e2) {
                throw new SMBRuntimeException(e2);
            }
        } catch (IOException e3) {
            r.error("Unable to format suffix, error occur : ", (Throwable) e3);
            return null;
        }
    }

    private aa c(y9 y9Var) throws SpnegoException {
        ArrayList arrayList = new ArrayList(this.f4257a.G());
        List<b0> arrayList2 = new ArrayList<>();
        if (this.b.e().length > 0) {
            arrayList2 = new com.hierynomus.spnego.a().i(this.b.e()).g();
        }
        Iterator it = new ArrayList(arrayList).iterator();
        while (it.hasNext()) {
            b90.a aVar = (b90.a) it.next();
            if (arrayList2.isEmpty() || arrayList2.contains(new b0(aVar.getName()))) {
                aa aaVar = (aa) aVar.a();
                if (aaVar.a(y9Var)) {
                    return aaVar;
                }
            }
        }
        throw new SMBRuntimeException("Could not find a configured authenticator for mechtypes: " + arrayList2 + " and authentication context: " + y9Var);
    }

    private a d(a aVar, byte[] bArr) throws TransportException {
        SMB2SessionSetup sMB2SessionSetup = new SMB2SessionSetup(this.b.f().a(), EnumSet.of(this.b.j() ? SMB2SessionSetup.SMB2SecurityMode.SMB2_NEGOTIATE_SIGNING_REQUIRED : SMB2SessionSetup.SMB2SecurityMode.SMB2_NEGOTIATE_SIGNING_ENABLED), this.b.c());
        sMB2SessionSetup.s(bArr);
        sMB2SessionSetup.c().x(aVar.b);
        aVar.f = sMB2SessionSetup;
        aVar.g = (SMB2SessionSetup) this.f.g0(sMB2SessionSetup);
        return aVar;
    }

    private a e(y9 y9Var, aa aaVar) {
        a aVar = new a();
        aVar.f4258a = aaVar;
        aVar.d = y9Var;
        return aVar;
    }

    private com.hierynomus.smbj.session.a f(a aVar) {
        com.hierynomus.smbj.session.a a2 = this.c.a(aVar.d);
        a2.G(aVar.b);
        a2.A().l(this.b.h());
        return a2;
    }

    private void g(a aVar, byte[] bArr) throws IOException {
        x9 b2 = aVar.f4258a.b(aVar.d, bArr, this.b);
        if (b2 == null) {
            return;
        }
        this.b.m(b2.d());
        this.b.l(b2.b());
        aVar.c = b2.c();
        aVar.e = b2.a();
    }

    private com.hierynomus.smbj.session.a h(a aVar) throws IOException {
        d(aVar, aVar.e);
        SMB2SessionSetup sMB2SessionSetup = aVar.g;
        aVar.b = sMB2SessionSetup.c().k();
        SMB2Dialect a2 = this.b.f().a();
        if (sMB2SessionSetup.c().m() == NtStatus.STATUS_MORE_PROCESSING_REQUIRED.getValue()) {
            if (a2 == SMB2Dialect.SMB_3_1_1) {
                com.hierynomus.smbj.session.a b2 = this.e.b(Long.valueOf(aVar.b));
                if (b2 == null) {
                    b2 = f(aVar);
                    this.e.c(Long.valueOf(aVar.b), b2);
                }
                i(aVar, b2.A(), aVar.f);
                i(aVar, b2.A(), aVar.g);
            }
            r.debug("More processing required for authentication of {} using {}", aVar.d.c(), aVar.f4258a);
            g(aVar, sMB2SessionSetup.o());
            return h(aVar);
        }
        if (sMB2SessionSetup.c().m() != NtStatus.STATUS_SUCCESS.getValue()) {
            throw new SMBApiException(sMB2SessionSetup.c(), String.format("Authentication failed for '%s' using %s", aVar.d.c(), aVar.f4258a));
        }
        com.hierynomus.smbj.session.a b3 = this.e.b(Long.valueOf(aVar.b));
        SMB2Dialect sMB2Dialect = SMB2Dialect.SMB_3_1_1;
        if (a2 != sMB2Dialect || b3 == null) {
            b3 = f(aVar);
        } else {
            this.e.d(Long.valueOf(b3.B()));
        }
        bg2 A = b3.A();
        g(aVar, sMB2SessionSetup.o());
        A.m(new SecretKeySpec(aVar.c, "HmacSHA256"));
        if (a2 == sMB2Dialect) {
            i(aVar, A, aVar.f);
        }
        j(aVar, A);
        if (a2.isSmb3x() && !sMB2SessionSetup.p().contains(SMB2SessionSetup.SMB2SessionFlags.SMB2_SESSION_FLAG_IS_NULL) && !sMB2SessionSetup.p().contains(SMB2SessionSetup.SMB2SessionFlags.SMB2_SESSION_FLAG_IS_GUEST) && this.b.o()) {
            String algorithmName = this.b.b().getAlgorithmName();
            if (a2 == sMB2Dialect) {
                A.k(a(A.d(), g, A.c(), algorithmName));
                A.i(a(A.d(), h, A.c(), algorithmName));
                A.n(a(A.d(), n, A.c(), "AesCmac"));
                A.h(a(A.d(), q, A.c(), algorithmName));
            } else {
                SecretKey d = A.d();
                byte[] bArr = i;
                A.k(a(d, bArr, j, algorithmName));
                A.i(a(A.d(), bArr, k, algorithmName));
                A.n(a(A.d(), m, l, "AesCmac"));
                A.h(a(A.d(), p, o, algorithmName));
            }
        }
        return b3;
    }

    private void i(a aVar, bg2 bg2Var, com.hierynomus.mssmb2.f fVar) {
        if (aVar.h == null) {
            String algorithmName = this.f.X().g().getAlgorithmName();
            try {
                aVar.h = this.f4257a.D().d(algorithmName);
            } catch (SecurityException e) {
                throw new SMBRuntimeException("Cannot get the message digest for " + algorithmName, e);
            }
        }
        bg2Var.l(zu.a(aVar.h, bg2Var.c(), yp1.a(fVar)));
    }

    private void j(a aVar, bg2 bg2Var) {
        bg2Var.o(false);
        if (aVar.g.p().contains(SMB2SessionSetup.SMB2SessionFlags.SMB2_SESSION_FLAG_IS_NULL)) {
            bg2Var.o(false);
        }
        aVar.g.p().contains(SMB2SessionSetup.SMB2SessionFlags.SMB2_SESSION_FLAG_IS_GUEST);
        bg2Var.o(false);
        if (this.f.Y().a().isSmb3x() && this.f.X().o() && aVar.g.p().contains(SMB2SessionSetup.SMB2SessionFlags.SMB2_SESSION_FLAG_ENCRYPT_DATA)) {
            bg2Var.j(true);
            bg2Var.o(false);
        }
    }

    public com.hierynomus.smbj.session.a b(y9 y9Var) {
        try {
            aa c = c(y9Var);
            a e = e(y9Var, c);
            c.c(this.f4257a);
            g(e, this.b.e());
            com.hierynomus.smbj.session.a h2 = h(e);
            r.info("Successfully authenticated {} on {}, session is {}", y9Var.c(), this.f.a0(), Long.valueOf(h2.B()));
            this.d.c(Long.valueOf(h2.B()), h2);
            return h2;
        } catch (SpnegoException | IOException e2) {
            throw new SMBRuntimeException(e2);
        }
    }
}
