package com.hierynomus.smbj.connection.packet;

import com.google.crypto.tink.Registry;
import com.hierynomus.asn1.ASN1Parser;
import com.hierynomus.mssmb2.DeadLetterPacketData;
import com.hierynomus.mssmb2.SMB2CompressionTransformHeader;
import com.hierynomus.mssmb2.SMB2PacketData;
import com.hierynomus.mssmb2.SMB2PacketHeader;
import com.hierynomus.mssmb2.SMB2TransformHeader;
import com.hierynomus.mssmb2.SMB3EncryptedPacketData;
import com.hierynomus.protocol.commons.buffer.Buffer;
import com.hierynomus.security.SecurityException;
import com.hierynomus.security.bc.BCAEADCipherFactory$1$1;
import com.hierynomus.smb.SMBBuffer;
import com.hierynomus.smb.SMBHeader;
import com.hierynomus.smb.SMBPacket;
import com.hierynomus.smbj.connection.PacketEncryptor;
import com.hierynomus.smbj.session.Session;
import java.io.IOException;
import java.util.Arrays;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.modes.AEADBlockCipher;
import org.jsoup.helper.UrlBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes2.dex */
public final class SMB3DecryptingPacketHandler extends ASN1Parser {
    public static final Logger logger = LoggerFactory.getLogger((Class<?>) SMB3DecryptingPacketHandler.class);
    public PacketEncryptor encryptor;
    public UrlBuilder sessionTable;

    @Override // com.hierynomus.asn1.ASN1Parser
    public final boolean canHandle(SMBPacket sMBPacket) {
        return sMBPacket instanceof SMB3EncryptedPacketData;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r10v0, types: [com.hierynomus.protocol.commons.buffer.Buffer, com.hierynomus.smb.SMBBuffer] */
    @Override // com.hierynomus.asn1.ASN1Parser
    public final void doHandle(SMBPacket sMBPacket) {
        SMB3EncryptedPacketData sMB3EncryptedPacketData = (SMB3EncryptedPacketData) sMBPacket;
        Logger logger2 = logger;
        logger2.debug("Decrypting packet {}", sMB3EncryptedPacketData);
        PacketEncryptor packetEncryptor = this.encryptor;
        if (packetEncryptor.dialect.isSmb3x() && sMB3EncryptedPacketData.buffer.available() != 0) {
            SMBHeader sMBHeader = sMB3EncryptedPacketData.header;
            SMB2TransformHeader sMB2TransformHeader = (SMB2TransformHeader) sMBHeader;
            if (sMB2TransformHeader.flagsEncryptionAlgorithm == 1) {
                Session find = this.sessionTable.find(Long.valueOf(sMB2TransformHeader.sessionId));
                if (find == null) {
                    ((ASN1Parser) this.decoder).handle$1(new DeadLetterPacketData(sMBPacket.header));
                    return;
                }
                SecretKeySpec secretKeySpec = (SecretKeySpec) find.sessionContext.decryptionKey;
                Logger logger3 = PacketEncryptor.logger;
                byte[] copyOf = Arrays.copyOf(((SMB2TransformHeader) sMBHeader).nonce, packetEncryptor.cipher.nonceLength);
                try {
                    ?? buffer = new Buffer();
                    ((SMB2TransformHeader) sMBHeader).writeTo(buffer);
                    buffer.rpos = 20;
                    byte[] compactData = buffer.getCompactData();
                    SMBBuffer sMBBuffer = sMB3EncryptedPacketData.buffer;
                    int i = ((SMB2TransformHeader) sMBHeader).originalMessageSize;
                    sMBBuffer.getClass();
                    byte[] bArr = new byte[i];
                    sMBBuffer.readRawBytes(i, bArr);
                    byte[] bArr2 = ((SMB2TransformHeader) sMBHeader).signature;
                    Registry.AnonymousClass4 anonymousClass4 = packetEncryptor.securityProvider;
                    String str = packetEncryptor.cipher.algorithmName;
                    anonymousClass4.getClass();
                    BCAEADCipherFactory$1$1 aEADBlockCipher = Registry.AnonymousClass4.getAEADBlockCipher(str);
                    aEADBlockCipher.wrappedCipher.init(false, aEADBlockCipher.createParams(secretKeySpec.getEncoded(), new GCMParameterSpec(128, copyOf)));
                    aEADBlockCipher.wrappedCipher.processAADBytes(compactData, 0, compactData.length);
                    int updateOutputSize = aEADBlockCipher.wrappedCipher.getUpdateOutputSize(i);
                    byte[] bArr3 = new byte[updateOutputSize];
                    aEADBlockCipher.wrappedCipher.processBytes(bArr, 0, i, bArr3, 0);
                    int length = bArr2.length;
                    AEADBlockCipher aEADBlockCipher2 = aEADBlockCipher.wrappedCipher;
                    int outputSize = aEADBlockCipher2.getOutputSize(length);
                    byte[] bArr4 = new byte[outputSize];
                    try {
                        aEADBlockCipher2.doFinal(bArr4, aEADBlockCipher.wrappedCipher.processBytes(bArr2, 0, length, bArr4, 0));
                        if (updateOutputSize != 0) {
                            byte[] bArr5 = new byte[updateOutputSize + outputSize];
                            System.arraycopy(bArr3, 0, bArr5, 0, updateOutputSize);
                            System.arraycopy(bArr4, 0, bArr5, updateOutputSize, outputSize);
                            bArr4 = bArr5;
                        }
                        byte[] copyOf2 = Arrays.copyOf(bArr4, 4);
                        if (Arrays.equals(copyOf2, SMB2TransformHeader.ENCRYPTED_PROTOCOL_ID)) {
                            logger2.error("Encountered a nested encrypted packet in packet {}, disconnecting the transport", sMBPacket);
                            throw new IOException("Cannot nest an encrypted packet in encrypted packet " + sMBPacket);
                        }
                        if (Arrays.equals(copyOf2, SMB2CompressionTransformHeader.COMPRESSED_PROTOCOL_ID)) {
                            logger2.debug("Packet {} is compressed.", sMBPacket);
                            try {
                                ((ASN1Parser) this.decoder).handle$1(new DeadLetterPacketData(bArr4));
                                return;
                            } catch (Buffer.BufferException e) {
                                throw new RuntimeException("Could not load compression header", e);
                            }
                        }
                        if (!Arrays.equals(copyOf2, SMB2PacketHeader.PROTOCOL_ID)) {
                            logger2.error("Could not determine the encrypted packet contents of packet {}", sMBPacket);
                            throw new IOException("Could not determine the encrypted packet data, disconnecting");
                        }
                        try {
                            SMB2PacketData sMB2PacketData = new SMB2PacketData(bArr4);
                            logger2.debug("Decrypted packet {} is packet {}.", sMB3EncryptedPacketData, sMB2PacketData);
                            if (((SMB2PacketHeader) sMB2PacketData.header).sessionId == ((SMB2TransformHeader) sMBHeader).sessionId) {
                                ((ASN1Parser) this.decoder).handle$1(sMB2PacketData);
                                return;
                            } else {
                                logger2.error("Mismatched sessionId between encrypted packet {} and decrypted contents {}", sMB3EncryptedPacketData, sMB2PacketData);
                                ((ASN1Parser) this.decoder).handle$1(new DeadLetterPacketData(sMB2PacketData.header));
                                return;
                            }
                        } catch (Buffer.BufferException e2) {
                            throw new RuntimeException("Could not load SMB2 Packet", e2);
                        }
                    } catch (InvalidCipherTextException e3) {
                        throw new Exception(e3);
                    }
                } catch (Buffer.BufferException e4) {
                    logger3.error("Could not read cipherText from packet << {} >>", sMB3EncryptedPacketData);
                    throw new RuntimeException("Could not read cipherText from packet", e4);
                } catch (SecurityException e5) {
                    logger3.error("Security exception while decrypting packet << {} >>", sMB3EncryptedPacketData);
                    throw new RuntimeException(e5);
                }
            }
        }
        ((ASN1Parser) this.decoder).handle$1(new DeadLetterPacketData(sMBPacket.header));
    }
}
