package jcifs.smb;

import java.io.IOException;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.Principal;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Objects;
import javax.security.auth.Subject;
import jcifs.CIFSContext;
import jcifs.CIFSException;
import jcifs.Credentials;
import jcifs.RuntimeCIFSException;
import jcifs.spnego.NegTokenInit;
import jcifs.util.Crypto;
import jcifs.util.Strings;
import p658.C18494;
import p658.InterfaceC18493;
import p842.C25642;

/* loaded from: classes5.dex */
public class NtlmPasswordAuthenticator implements Principal, CredentialsInternal, Serializable {
    private static final InterfaceC18493 log = C18494.m65735(NtlmPasswordAuthenticator.class);
    private static final long serialVersionUID = -4090263879887877186L;
    private byte[] clientChallenge;
    private String domain;
    private String password;
    private AuthenticationType type;
    private String username;

    /* loaded from: classes5.dex */
    public enum AuthenticationType {
        NULL,
        GUEST,
        USER
    }

    public NtlmPasswordAuthenticator() {
        this(AuthenticationType.NULL);
    }

    public NtlmPasswordAuthenticator(String str, String str2) {
        this(null, str, str2);
    }

    public NtlmPasswordAuthenticator(String str, String str2, String str3) {
        this(str, str2, str3, AuthenticationType.USER);
    }

    public NtlmPasswordAuthenticator(String str, String str2, String str3, String str4) {
        this(str, str2, str3, str4, null);
    }

    public NtlmPasswordAuthenticator(String str, String str2, String str3, String str4, AuthenticationType authenticationType) {
        String substring;
        String str5;
        String str6 = null;
        this.clientChallenge = null;
        if (str != null) {
            try {
                String unescape = unescape(str);
                int length = unescape.length();
                String str7 = null;
                int i = 0;
                int i2 = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    char charAt = unescape.charAt(i);
                    if (charAt == ';') {
                        str7 = unescape.substring(0, i);
                        i2 = i + 1;
                    } else if (charAt == ':') {
                        str6 = unescape.substring(i + 1);
                        break;
                    }
                    i++;
                }
                substring = unescape.substring(i2, i);
                str5 = str6;
                str6 = str7;
            } catch (UnsupportedEncodingException e) {
                throw new RuntimeCIFSException(e);
            }
        } else {
            substring = null;
            str5 = null;
        }
        if (str6 != null) {
            str2 = str6;
        } else if (str2 == null) {
            str2 = "";
        }
        this.domain = str2;
        if (substring != null) {
            str3 = substring;
        } else if (str3 == null) {
            str3 = "";
        }
        this.username = str3;
        if (str5 != null) {
            str4 = str5;
        } else if (str4 == null) {
            str4 = "";
        }
        this.password = str4;
        if (authenticationType == null) {
            this.type = guessAuthenticationType();
        } else {
            this.type = authenticationType;
        }
    }

    public NtlmPasswordAuthenticator(String str, String str2, String str3, AuthenticationType authenticationType) {
        this.clientChallenge = null;
        if (str2 != null) {
            int indexOf = str2.indexOf(64);
            if (indexOf > 0) {
                str = str2.substring(indexOf + 1);
                str2 = str2.substring(0, indexOf);
            } else {
                int indexOf2 = str2.indexOf(92);
                if (indexOf2 > 0) {
                    str = str2.substring(0, indexOf2);
                    str2 = str2.substring(indexOf2 + 1);
                }
            }
        }
        this.domain = str == null ? "" : str;
        this.username = str2 == null ? "" : str2;
        this.password = str3 == null ? "" : str3;
        if (authenticationType == null) {
            this.type = guessAuthenticationType();
        } else {
            this.type = authenticationType;
        }
    }

    public NtlmPasswordAuthenticator(AuthenticationType authenticationType) {
        this.clientChallenge = null;
        this.domain = "";
        this.username = "";
        this.password = "";
        this.type = authenticationType;
    }

    public static void cloneInternal(NtlmPasswordAuthenticator ntlmPasswordAuthenticator, NtlmPasswordAuthenticator ntlmPasswordAuthenticator2) {
        ntlmPasswordAuthenticator.domain = ntlmPasswordAuthenticator2.domain;
        ntlmPasswordAuthenticator.username = ntlmPasswordAuthenticator2.username;
        ntlmPasswordAuthenticator.password = ntlmPasswordAuthenticator2.password;
        ntlmPasswordAuthenticator.type = ntlmPasswordAuthenticator2.type;
    }

    private static SSPContext setupTargetName(CIFSContext cIFSContext, String str, NtlmContext ntlmContext) {
        if (str != null && cIFSContext.getConfig().isSendNTLMTargetName()) {
            ntlmContext.setTargetName(String.format("cifs/%s", str));
        }
        return ntlmContext;
    }

    public static String unescape(String str) throws NumberFormatException, UnsupportedEncodingException {
        byte[] bArr = new byte[1];
        if (str == null) {
            return null;
        }
        int length = str.length();
        char[] cArr = new char[length];
        int i = 0;
        int i2 = 0;
        boolean z = false;
        while (i < length) {
            if (!z) {
                char charAt = str.charAt(i);
                if (charAt == '%') {
                    z = true;
                } else {
                    cArr[i2] = charAt;
                    i2++;
                }
            } else if (z) {
                bArr[0] = (byte) (Integer.parseInt(str.substring(i, i + 2), 16) & 255);
                cArr[i2] = new String(bArr, 0, 1, "ASCII").charAt(0);
                i++;
                i2++;
                z = false;
            }
            i++;
        }
        return new String(cArr, 0, i2);
    }

    @Override // jcifs.smb.CredentialsInternal
    public NtlmPasswordAuthenticator clone() {
        NtlmPasswordAuthenticator ntlmPasswordAuthenticator = new NtlmPasswordAuthenticator();
        cloneInternal(ntlmPasswordAuthenticator, this);
        return ntlmPasswordAuthenticator;
    }

    public SSPContext createContext(CIFSContext cIFSContext, String str, String str2, byte[] bArr, boolean z) throws SmbException {
        if (cIFSContext.getConfig().isUseRawNTLM()) {
            return setupTargetName(cIFSContext, str2, new NtlmContext(cIFSContext, this, z));
        }
        if (bArr != null) {
            try {
                if (bArr.length > 0) {
                    NegTokenInit negTokenInit = new NegTokenInit(bArr);
                    InterfaceC18493 interfaceC18493 = log;
                    if (interfaceC18493.isDebugEnabled()) {
                        interfaceC18493.mo62738("Have initial token " + negTokenInit);
                    }
                    if (negTokenInit.getMechanisms() != null && !new HashSet(Arrays.asList(negTokenInit.getMechanisms())).contains(NtlmContext.NTLMSSP_OID)) {
                        throw new SmbUnsupportedOperationException("Server does not support NTLM authentication");
                    }
                }
            } catch (SmbException e) {
                throw e;
            } catch (IOException e2) {
                log.mo62740("Ignoring invalid initial token", e2);
            }
        }
        return new SpnegoContext(cIFSContext.getConfig(), setupTargetName(cIFSContext, str2, new NtlmContext(cIFSContext, this, z)));
    }

    @Override // java.security.Principal
    public boolean equals(Object obj) {
        if (!(obj instanceof NtlmPasswordAuthenticator)) {
            return false;
        }
        NtlmPasswordAuthenticator ntlmPasswordAuthenticator = (NtlmPasswordAuthenticator) obj;
        return ntlmPasswordAuthenticator.type == this.type && Objects.equals(ntlmPasswordAuthenticator.getUserDomain() != null ? ntlmPasswordAuthenticator.getUserDomain().toUpperCase() : null, getUserDomain() != null ? getUserDomain().toUpperCase() : null) && ntlmPasswordAuthenticator.getUsername().equalsIgnoreCase(getUsername()) && Objects.equals(getPassword(), ntlmPasswordAuthenticator.getPassword());
    }

    public byte[] getAnsiHash(CIFSContext cIFSContext, byte[] bArr) throws GeneralSecurityException {
        int lanManCompatibility = cIFSContext.getConfig().getLanManCompatibility();
        if (lanManCompatibility == 0 || lanManCompatibility == 1) {
            return NtlmUtil.getPreNTLMResponse(cIFSContext, this.password, bArr);
        }
        if (lanManCompatibility == 2) {
            return NtlmUtil.getNTLMResponse(this.password, bArr);
        }
        if (lanManCompatibility != 3 && lanManCompatibility != 4 && lanManCompatibility != 5) {
            return NtlmUtil.getPreNTLMResponse(cIFSContext, this.password, bArr);
        }
        if (this.clientChallenge == null) {
            this.clientChallenge = new byte[8];
            cIFSContext.getConfig().getRandom().nextBytes(this.clientChallenge);
        }
        return NtlmUtil.getLMv2Response(this.domain, this.username, this.password, bArr, this.clientChallenge);
    }

    public byte[] getNTHash() {
        MessageDigest md4 = Crypto.getMD4();
        md4.update(Strings.getUNIBytes(this.password));
        return md4.digest();
    }

    @Override // java.security.Principal
    public String getName() {
        String str = this.domain;
        if (str == null || str.length() <= 0) {
            return this.username;
        }
        return this.domain + "\\" + this.username;
    }

    public String getPassword() {
        return this.password;
    }

    public byte[] getSigningKey(CIFSContext cIFSContext, byte[] bArr) throws SmbException, GeneralSecurityException {
        int lanManCompatibility = cIFSContext.getConfig().getLanManCompatibility();
        if (lanManCompatibility == 0 || lanManCompatibility == 1 || lanManCompatibility == 2) {
            byte[] bArr2 = new byte[40];
            getUserSessionKey(cIFSContext, bArr, bArr2, 0);
            System.arraycopy(getUnicodeHash(cIFSContext, bArr), 0, bArr2, 16, 24);
            return bArr2;
        }
        if (lanManCompatibility == 3 || lanManCompatibility == 4 || lanManCompatibility == 5) {
            throw new SmbException("NTLMv2 requires extended security (jcifs.smb.client.useExtendedSecurity must be true if jcifs.smb.lmCompatibility >= 3)");
        }
        return null;
    }

    public String getSpecifiedUserDomain() {
        return this.domain;
    }

    public Subject getSubject() {
        return null;
    }

    public byte[] getUnicodeHash(CIFSContext cIFSContext, byte[] bArr) throws GeneralSecurityException {
        int lanManCompatibility = cIFSContext.getConfig().getLanManCompatibility();
        return (lanManCompatibility == 0 || lanManCompatibility == 1 || lanManCompatibility == 2) ? NtlmUtil.getNTLMResponse(this.password, bArr) : (lanManCompatibility == 3 || lanManCompatibility == 4 || lanManCompatibility == 5) ? new byte[0] : NtlmUtil.getNTLMResponse(this.password, bArr);
    }

    public String getUserDomain() {
        return this.domain;
    }

    public void getUserSessionKey(CIFSContext cIFSContext, byte[] bArr, byte[] bArr2, int i) throws SmbException {
        try {
            MessageDigest md4 = Crypto.getMD4();
            byte[] nTHash = getNTHash();
            int lanManCompatibility = cIFSContext.getConfig().getLanManCompatibility();
            if (lanManCompatibility == 0 || lanManCompatibility == 1 || lanManCompatibility == 2) {
                md4.update(nTHash);
                md4.digest(bArr2, i, 16);
                return;
            }
            if (lanManCompatibility != 3 && lanManCompatibility != 4 && lanManCompatibility != 5) {
                md4.update(nTHash);
                md4.digest(bArr2, i, 16);
                return;
            }
            synchronized (this) {
                try {
                    if (this.clientChallenge == null) {
                        this.clientChallenge = new byte[8];
                        cIFSContext.getConfig().getRandom().nextBytes(this.clientChallenge);
                    }
                } finally {
                }
            }
            MessageDigest hmact64 = Crypto.getHMACT64(nTHash);
            hmact64.update(Strings.getUNIBytes(this.username.toUpperCase()));
            hmact64.update(Strings.getUNIBytes(this.domain.toUpperCase()));
            byte[] digest = hmact64.digest();
            MessageDigest hmact642 = Crypto.getHMACT64(digest);
            hmact642.update(bArr);
            hmact642.update(this.clientChallenge);
            MessageDigest hmact643 = Crypto.getHMACT64(digest);
            hmact643.update(hmact642.digest());
            hmact643.digest(bArr2, i, 16);
        } catch (Exception e) {
            throw new SmbException("", e);
        }
    }

    public byte[] getUserSessionKey(CIFSContext cIFSContext, byte[] bArr) {
        byte[] bArr2 = new byte[16];
        try {
            getUserSessionKey(cIFSContext, bArr, bArr2, 0);
        } catch (Exception e) {
            log.mo62737("Failed to get session key", e);
        }
        return bArr2;
    }

    public String getUsername() {
        return this.username;
    }

    public AuthenticationType guessAuthenticationType() {
        AuthenticationType authenticationType = AuthenticationType.USER;
        return "guest".equalsIgnoreCase(this.username) ? AuthenticationType.GUEST : ((getUserDomain() == null || getUserDomain().isEmpty()) && getUsername().isEmpty() && getPassword().isEmpty()) ? AuthenticationType.NULL : authenticationType;
    }

    @Override // java.security.Principal
    public int hashCode() {
        return getName().toUpperCase().hashCode();
    }

    public boolean isAnonymous() {
        return this.type == AuthenticationType.NULL;
    }

    public boolean isGuest() {
        return this.type == AuthenticationType.GUEST;
    }

    public boolean isPreferredMech(C25642 c25642) {
        return NtlmContext.NTLMSSP_OID.m91931(c25642);
    }

    public void refresh() throws CIFSException {
    }

    @Override // java.security.Principal
    public String toString() {
        return getName();
    }

    @Override // jcifs.Credentials
    public <T extends Credentials> T unwrap(Class<T> cls) {
        if (cls.isAssignableFrom(getClass())) {
            return this;
        }
        return null;
    }
}
