package org.mortbay.jetty.security;

import java.security.MessageDigest;
import java.security.Principal;
import org.mortbay.c.a;
import org.mortbay.f.k;
import org.mortbay.f.n;
import org.mortbay.f.o;
import org.mortbay.jetty.HttpHeaders;
import org.mortbay.jetty.HttpStatus;
import org.mortbay.jetty.HttpTokens;
import org.mortbay.jetty.HttpVersions;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Response;
import org.mortbay.jetty.security.Credential;

/* loaded from: classes.dex */
public class DigestAuthenticator implements Authenticator {
    protected long maxNonceAge = 0;
    protected long nonceSecret = hashCode() ^ System.currentTimeMillis();
    protected boolean useStale = false;

    /* loaded from: classes.dex */
    private static class Digest extends Credential {
        String method;
        String username = null;
        String realm = null;
        String nonce = null;
        String nc = null;
        String cnonce = null;
        String qop = null;
        String uri = null;
        String response = null;

        Digest(String str) {
            this.method = null;
            this.method = str;
        }

        @Override // org.mortbay.jetty.security.Credential
        public boolean check(Object obj) {
            byte[] digest;
            String obj2 = obj instanceof String ? (String) obj : obj.toString();
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                if (obj instanceof Credential.MD5) {
                    digest = ((Credential.MD5) obj).getDigest();
                } else {
                    messageDigest.update(this.username.getBytes(n.f12609b));
                    messageDigest.update(HttpTokens.COLON);
                    messageDigest.update(this.realm.getBytes(n.f12609b));
                    messageDigest.update(HttpTokens.COLON);
                    messageDigest.update(obj2.getBytes(n.f12609b));
                    digest = messageDigest.digest();
                }
                messageDigest.reset();
                messageDigest.update(this.method.getBytes(n.f12609b));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.uri.getBytes(n.f12609b));
                byte[] digest2 = messageDigest.digest();
                messageDigest.update(o.a(digest, 16).getBytes(n.f12609b));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.nonce.getBytes(n.f12609b));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.nc.getBytes(n.f12609b));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.cnonce.getBytes(n.f12609b));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(this.qop.getBytes(n.f12609b));
                messageDigest.update(HttpTokens.COLON);
                messageDigest.update(o.a(digest2, 16).getBytes(n.f12609b));
                return o.a(messageDigest.digest(), 16).equalsIgnoreCase(this.response);
            } catch (Exception e2) {
                a.c(e2);
                return false;
            }
        }

        public String toString() {
            return String.valueOf(this.username) + "," + this.response;
        }
    }

    @Override // org.mortbay.jetty.security.Authenticator
    public Principal authenticate(UserRealm userRealm, String str, Request request, Response response) {
        boolean z;
        Principal principal = null;
        String header = request.getHeader(HttpHeaders.AUTHORIZATION);
        if (header != null) {
            if (a.a()) {
                a.a("Credentials: " + header);
            }
            k kVar = new k(header, "=, ", true, false);
            Digest digest = new Digest(request.getMethod());
            String str2 = null;
            String str3 = null;
            while (kVar.hasMoreTokens()) {
                String nextToken = kVar.nextToken();
                switch (nextToken.length() == 1 ? nextToken.charAt(0) : (char) 0) {
                    case ' ':
                        break;
                    case ',':
                        str2 = null;
                        break;
                    case '=':
                        str2 = str3;
                        str3 = nextToken;
                        break;
                    default:
                        if (str2 != null) {
                            if ("username".equalsIgnoreCase(str2)) {
                                digest.username = nextToken;
                                str3 = nextToken;
                                break;
                            } else if ("realm".equalsIgnoreCase(str2)) {
                                digest.realm = nextToken;
                                str3 = nextToken;
                                break;
                            } else if ("nonce".equalsIgnoreCase(str2)) {
                                digest.nonce = nextToken;
                                str3 = nextToken;
                                break;
                            } else if ("nc".equalsIgnoreCase(str2)) {
                                digest.nc = nextToken;
                                str3 = nextToken;
                                break;
                            } else if ("cnonce".equalsIgnoreCase(str2)) {
                                digest.cnonce = nextToken;
                                str3 = nextToken;
                                break;
                            } else if ("qop".equalsIgnoreCase(str2)) {
                                digest.qop = nextToken;
                                str3 = nextToken;
                                break;
                            } else if ("uri".equalsIgnoreCase(str2)) {
                                digest.uri = nextToken;
                                str3 = nextToken;
                                break;
                            } else if ("response".equalsIgnoreCase(str2)) {
                                digest.response = nextToken;
                            }
                        }
                        str3 = nextToken;
                        break;
                }
            }
            int checkNonce = checkNonce(digest.nonce, request);
            if (checkNonce > 0) {
                principal = userRealm.authenticate(digest.username, digest, request);
                z = false;
            } else {
                z = checkNonce == 0;
            }
            if (principal == null) {
                a.c("AUTH FAILURE: user " + n.c(digest.username));
            } else {
                request.setAuthType(Constraint.__DIGEST_AUTH);
                request.setUserPrincipal(principal);
            }
        } else {
            z = false;
        }
        if (principal == null && response != null) {
            sendChallenge(userRealm, request, response, z);
        }
        return principal;
    }

    /* JADX WARN: Code restructure failed: missing block: B:32:0x006f, code lost:
    
        if (r2 > r12.maxNonceAge) goto L23;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public int checkNonce(java.lang.String r13, org.mortbay.jetty.Request r14) {
        /*
            r12 = this;
            char[] r0 = r13.toCharArray()     // Catch: java.lang.Exception -> L93
            byte[] r6 = org.mortbay.jetty.security.B64Code.decode(r0)     // Catch: java.lang.Exception -> L93
            int r0 = r6.length     // Catch: java.lang.Exception -> L93
            r1 = 24
            if (r0 == r1) goto Lf
            r0 = -1
        Le:
            return r0
        Lf:
            r4 = 0
            long r2 = r12.nonceSecret     // Catch: java.lang.Exception -> L93
            r0 = 16
            byte[] r1 = new byte[r0]     // Catch: java.lang.Exception -> L93
            r0 = 0
            r7 = 0
            r8 = 8
            java.lang.System.arraycopy(r6, r0, r1, r7, r8)     // Catch: java.lang.Exception -> L93
            r0 = 0
        L1f:
            r7 = 8
            if (r0 < r7) goto L73
            long r2 = r14.getTimeStamp()     // Catch: java.lang.Exception -> L93
            long r2 = r2 - r4
            boolean r0 = org.mortbay.c.a.a()     // Catch: java.lang.Exception -> L93
            if (r0 == 0) goto L41
            java.lang.StringBuilder r0 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L93
            java.lang.String r4 = "age="
            r0.<init>(r4)     // Catch: java.lang.Exception -> L93
            java.lang.StringBuilder r0 = r0.append(r2)     // Catch: java.lang.Exception -> L93
            java.lang.String r0 = r0.toString()     // Catch: java.lang.Exception -> L93
            org.mortbay.c.a.a(r0)     // Catch: java.lang.Exception -> L93
        L41:
            r0 = 0
            byte[] r0 = (byte[]) r0     // Catch: java.lang.Exception -> L93
            java.lang.String r4 = "MD5"
            java.security.MessageDigest r4 = java.security.MessageDigest.getInstance(r4)     // Catch: java.lang.Exception -> L8e
            r4.reset()     // Catch: java.lang.Exception -> L8e
            r5 = 0
            r7 = 16
            r4.update(r1, r5, r7)     // Catch: java.lang.Exception -> L8e
            byte[] r0 = r4.digest()     // Catch: java.lang.Exception -> L8e
        L58:
            r1 = 0
        L59:
            r4 = 16
            if (r1 < r4) goto L9a
            long r0 = r12.maxNonceAge     // Catch: java.lang.Exception -> L93
            r4 = 0
            int r0 = (r0 > r4 ? 1 : (r0 == r4 ? 0 : -1))
            if (r0 <= 0) goto La8
            r0 = 0
            int r0 = (r2 > r0 ? 1 : (r2 == r0 ? 0 : -1))
            if (r0 < 0) goto L71
            long r0 = r12.maxNonceAge     // Catch: java.lang.Exception -> L93
            int r0 = (r2 > r0 ? 1 : (r2 == r0 ? 0 : -1))
            if (r0 <= 0) goto La8
        L71:
            r0 = 0
            goto Le
        L73:
            int r7 = r0 + 8
            r8 = 255(0xff, double:1.26E-321)
            long r8 = r8 & r2
            int r8 = (int) r8     // Catch: java.lang.Exception -> L93
            byte r8 = (byte) r8     // Catch: java.lang.Exception -> L93
            r1[r7] = r8     // Catch: java.lang.Exception -> L93
            r7 = 8
            long r2 = r2 >> r7
            r7 = 8
            long r4 = r4 << r7
            r8 = 255(0xff, double:1.26E-321)
            int r7 = 7 - r0
            r7 = r6[r7]     // Catch: java.lang.Exception -> L93
            long r10 = (long) r7     // Catch: java.lang.Exception -> L93
            long r8 = r8 & r10
            long r4 = r4 + r8
            int r0 = r0 + 1
            goto L1f
        L8e:
            r1 = move-exception
            org.mortbay.c.a.c(r1)     // Catch: java.lang.Exception -> L93
            goto L58
        L93:
            r0 = move-exception
            org.mortbay.c.a.b(r0)
            r0 = -1
            goto Le
        L9a:
            int r4 = r1 + 8
            r4 = r6[r4]     // Catch: java.lang.Exception -> L93
            r5 = r0[r1]     // Catch: java.lang.Exception -> L93
            if (r4 == r5) goto La5
            r0 = -1
            goto Le
        La5:
            int r1 = r1 + 1
            goto L59
        La8:
            r0 = 1
            goto Le
        */
        throw new UnsupportedOperationException("Method not decompiled: org.mortbay.jetty.security.DigestAuthenticator.checkNonce(java.lang.String, org.mortbay.jetty.Request):int");
    }

    @Override // org.mortbay.jetty.security.Authenticator
    public String getAuthMethod() {
        return Constraint.__DIGEST_AUTH;
    }

    public long getMaxNonceAge() {
        return this.maxNonceAge;
    }

    public long getNonceSecret() {
        return this.nonceSecret;
    }

    public boolean getUseStale() {
        return this.useStale;
    }

    public String newNonce(Request request) {
        long timeStamp = request.getTimeStamp();
        long j = this.nonceSecret;
        byte[] bArr = new byte[24];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) (timeStamp & 255);
            timeStamp >>= 8;
            bArr[i + 8] = (byte) (j & 255);
            j >>= 8;
        }
        byte[] bArr2 = (byte[]) null;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.reset();
            messageDigest.update(bArr, 0, 16);
            bArr2 = messageDigest.digest();
        } catch (Exception e2) {
            a.c(e2);
        }
        for (int i2 = 0; i2 < bArr2.length; i2++) {
            bArr[i2 + 8] = bArr2[i2];
            if (i2 == 23) {
                break;
            }
        }
        return new String(B64Code.encode(bArr));
    }

    public void sendChallenge(UserRealm userRealm, Request request, Response response, boolean z) {
        String contextPath = request.getContextPath();
        if (contextPath == null) {
            contextPath = "/";
        }
        response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "Digest realm=\"" + userRealm.getName() + "\", domain=\"" + contextPath + "\", nonce=\"" + newNonce(request) + "\", algorithm=MD5, qop=\"auth\"" + (this.useStale ? " stale=" + z : HttpVersions.HTTP_0_9));
        response.sendError(HttpStatus.ORDINAL_401_Unauthorized);
    }

    public void setMaxNonceAge(long j) {
        this.maxNonceAge = j;
    }

    public void setNonceSecret(long j) {
        this.nonceSecret = j;
    }

    public void setUseStale(boolean z) {
        this.useStale = z;
    }
}
