package net.protocol.ntlm;

import java.io.UnsupportedEncodingException;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import net.protocol.credssp.MD4;
import net.protocol.rdp.RdpException;
import net.protocol.secure.crypto.RC4;
import net.protocol.utils.DataView;

/* loaded from: input_file:net/protocol/ntlm/NtlmManager.class */
public class NtlmManager {
    private static final String HMAC_MD5 = "HMacMD5";
    private RC4 rc4ClientSealing;
    private byte[] clientSigningKey;
    private String domainName;
    private int incomingSequenceNumber;
    private int outgoingSequenceNumber;
    private String password;
    private final SecureRandom secureRandom;
    private RC4 serverSealingRc4;
    private byte[] serverSigningKey;
    private String user;
    private String workstation;
    private String svrDomain;
    private String svrNbDomain;
    private String svrNbComputer;
    private static final byte[] CLIENT_SEALING_MAGIC_CONSTANT = {115, 101, 115, 115, 105, 111, 110, 32, 107, 101, 121, 32, 116, 111, 32, 99, 108, 105, 101, 110, 116, 45, 116, 111, 45, 115, 101, 114, 118, 101, 114, 32, 115, 101, 97, 108, 105, 110, 103, 32, 107, 101, 121, 32, 109, 97, 103, 105, 99, 32, 99, 111, 110, 115, 116, 97, 110, 116};
    private static final byte[] CLIENT_SIGNING_MAGIC_CONSTANT = {115, 101, 115, 115, 105, 111, 110, 32, 107, 101, 121, 32, 116, 111, 32, 99, 108, 105, 101, 110, 116, 45, 116, 111, 45, 115, 101, 114, 118, 101, 114, 32, 115, 105, 103, 110, 105, 110, 103, 32, 107, 101, 121, 32, 109, 97, 103, 105, 99, 32, 99, 111, 110, 115, 116, 97, 110, 116};
    private static final byte[] SERVER_SEALING_MAGIC = {115, 101, 115, 115, 105, 111, 110, 32, 107, 101, 121, 32, 116, 111, 32, 115, 101, 114, 118, 101, 114, 45, 116, 111, 45, 99, 108, 105, 101, 110, 116, 32, 115, 101, 97, 108, 105, 110, 103, 32, 107, 101, 121, 32, 109, 97, 103, 105, 99, 32, 99, 111, 110, 115, 116, 97, 110, 116};
    private static final byte[] SERVER_SIGNING_MAGIC = {115, 101, 115, 115, 105, 111, 110, 32, 107, 101, 121, 32, 116, 111, 32, 115, 101, 114, 118, 101, 114, 45, 116, 111, 45, 99, 108, 105, 101, 110, 116, 32, 115, 105, 103, 110, 105, 110, 103, 32, 107, 101, 121, 32, 109, 97, 103, 105, 99, 32, 99, 111, 110, 115, 116, 97, 110, 116};

    public NtlmManager(String str, String str2, String str3, String str4) {
        this.password = str3;
        this.user = str2;
        this.domainName = str;
        this.workstation = str4;
        try {
            this.secureRandom = SecureRandom.getInstance("SHA1PRNG");
            this.secureRandom.setSeed(System.currentTimeMillis());
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    private static final String _toUpperCase(String str) {
        StringBuilder sb = new StringBuilder();
        int length = str.length();
        for (int i = 0; i < length; i++) {
            if (str.charAt(i) == 223) {
                sb.append((char) 223);
            } else {
                sb.append(Character.toUpperCase(str.charAt(i)));
            }
        }
        return sb.toString();
    }

    public static byte[] NTOWFv2(String str, String str2, String str3) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException {
        byte[] bytes = str3.getBytes(BaseNtlmPDU.UNICODE_ENCODING);
        return calculateHmacMd5(new MD4().digest(bytes), (String.valueOf(_toUpperCase(str2)) + str).getBytes(BaseNtlmPDU.UNICODE_ENCODING));
    }

    protected static byte[] calculateChecksum(byte[] bArr, RC4 rc4, byte[] bArr2, int i, int i2, int i3) throws NoSuchAlgorithmException, InvalidKeyException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, 0, bArr.length, HMAC_MD5);
        Mac mac = Mac.getInstance(HMAC_MD5);
        mac.init(secretKeySpec);
        mac.update(new byte[]{(byte) (i3 & 255), (byte) ((i3 >>> 8) & 255), (byte) ((i3 >>> 16) & 255), (byte) ((i3 >>> 24) & 255)});
        mac.update(bArr2, i, i2);
        byte[] doFinal = mac.doFinal();
        rc4.transform(doFinal, 0, 8, doFinal, 0);
        byte[] bArr3 = new byte[8];
        System.arraycopy(doFinal, 0, bArr3, 0, bArr3.length);
        return bArr3;
    }

    protected static byte[] calculateHmacMd5(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, 0, bArr.length, HMAC_MD5);
        Mac mac = Mac.getInstance(HMAC_MD5);
        mac.init(secretKeySpec);
        mac.update(bArr2);
        return mac.doFinal();
    }

    public static byte[] calculateNtProofStr(byte[] bArr, byte[] bArr2, byte[] bArr3) throws NoSuchAlgorithmException, InvalidKeyException {
        byte[] bArr4 = new byte[bArr2.length + bArr3.length];
        System.arraycopy(bArr2, 0, bArr4, 0, bArr2.length);
        System.arraycopy(bArr3, 0, bArr4, bArr2.length, bArr3.length);
        return calculateHmacMd5(bArr, bArr4);
    }

    static byte[] calculateSealingKey(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        messageDigest.update(bArr, 0, bArr.length);
        messageDigest.update(bArr2, 0, bArr2.length);
        return messageDigest.digest();
    }

    private byte[] calculateSigningKey(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        messageDigest.update(bArr, 0, bArr.length);
        messageDigest.update(bArr2, 0, bArr2.length);
        return messageDigest.digest();
    }

    static byte[] encryptRandomSessionKey(byte[] bArr, byte[] bArr2) {
        RC4 rc4 = new RC4();
        rc4.updateKey(bArr);
        int length = bArr2.length;
        byte[] bArr3 = new byte[length];
        rc4.transform(bArr2, 0, length, bArr3, 0);
        return bArr3;
    }

    private byte[] generateRandomSessionKey() {
        byte[] bArr = new byte[16];
        this.secureRandom.nextBytes(bArr);
        return bArr;
    }

    public void decrypt(byte[] bArr, int i, byte[] bArr2, int i2, int i3) {
        this.serverSealingRc4.transform(bArr, i, i3, bArr2, i2);
    }

    public void encrypt(byte[] bArr, int i, byte[] bArr2, int i2, int i3) {
        this.rc4ClientSealing.transform(bArr, i, i3, bArr2, i2);
    }

    protected byte[] generateClientChallenge() {
        byte[] bArr = new byte[8];
        this.secureRandom.nextBytes(bArr);
        return bArr;
    }

    protected byte[] getMic() {
        return null;
    }

    protected NtlmV2ClientChallengeBlob getNtlmV2ClientChallengeBlob(ChallengePDU challengePDU) {
        long currentTimeMillis = (System.currentTimeMillis() + 11644473600000L) * 10000;
        NtlmV2ClientChallengeBlob ntlmV2ClientChallengeBlob = new NtlmV2ClientChallengeBlob();
        ntlmV2ClientChallengeBlob.timeStamp = currentTimeMillis;
        ntlmV2ClientChallengeBlob.clientChallenge = generateClientChallenge();
        ntlmV2ClientChallengeBlob.avPairs = challengePDU.avPairs;
        return ntlmV2ClientChallengeBlob;
    }

    public byte[] initialize() throws UnsupportedEncodingException {
        return new NegotiatePDU().encode().copyToByteArray();
    }

    public byte[] processChallenge(byte[] bArr) throws InvalidKeyException, UnsupportedEncodingException, NoSuchAlgorithmException, RdpException {
        ChallengePDU challengePDU = new ChallengePDU();
        challengePDU.decode(new DataView(bArr));
        this.svrDomain = challengePDU.getDnsDomainName();
        this.svrNbDomain = challengePDU.getNbDomainName();
        this.svrNbComputer = challengePDU.getNbComputerName();
        NtlmV2ClientChallengeBlob ntlmV2ClientChallengeBlob = getNtlmV2ClientChallengeBlob(challengePDU);
        byte[] copyToByteArray = ntlmV2ClientChallengeBlob.encode().copyToByteArray();
        byte[] NTOWFv2 = NTOWFv2(this.domainName, this.user, this.password);
        byte[] calculateNtProofStr = calculateNtProofStr(NTOWFv2, challengePDU.serverChallenge, copyToByteArray);
        byte[] calculateHmacMd5 = calculateHmacMd5(NTOWFv2, calculateNtProofStr);
        byte[] generateRandomSessionKey = generateRandomSessionKey();
        byte[] encryptRandomSessionKey = encryptRandomSessionKey(calculateHmacMd5, generateRandomSessionKey);
        byte[] calculateSealingKey = calculateSealingKey(generateRandomSessionKey, CLIENT_SEALING_MAGIC_CONSTANT);
        this.rc4ClientSealing = new RC4();
        this.rc4ClientSealing.updateKey(calculateSealingKey);
        byte[] calculateSealingKey2 = calculateSealingKey(generateRandomSessionKey, SERVER_SEALING_MAGIC);
        this.serverSealingRc4 = new RC4();
        this.serverSealingRc4.updateKey(calculateSealingKey2);
        this.clientSigningKey = calculateSigningKey(generateRandomSessionKey, CLIENT_SIGNING_MAGIC_CONSTANT);
        this.serverSigningKey = calculateSigningKey(generateRandomSessionKey, SERVER_SIGNING_MAGIC);
        AuthenticatePDU authenticatePDU = new AuthenticatePDU();
        authenticatePDU.lmChallengeResponse = calculateLmV2Response(NTOWFv2, challengePDU.serverChallenge, ntlmV2ClientChallengeBlob.clientChallenge);
        NtChallengeResponse ntChallengeResponse = new NtChallengeResponse();
        ntChallengeResponse.response = calculateNtProofStr;
        ntChallengeResponse.ntlmV2ClientChallengeBlob = copyToByteArray;
        authenticatePDU.mNtChallengeResponse = ntChallengeResponse;
        authenticatePDU.domain = this.domainName;
        authenticatePDU.user = this.user;
        authenticatePDU.workstation = this.workstation;
        authenticatePDU.encryptedRandomSessionKey = encryptRandomSessionKey;
        authenticatePDU.mic = getMic();
        return authenticatePDU.encode().copyToByteArray();
    }

    public static byte[] calculateLmV2Response(byte[] bArr, byte[] bArr2, byte[] bArr3) throws InvalidKeyException, NoSuchAlgorithmException {
        byte[] bArr4 = new byte[16];
        System.arraycopy(bArr2, 0, bArr4, 0, 8);
        System.arraycopy(bArr3, 0, bArr4, 8, 8);
        byte[] calculateHmacMd5 = calculateHmacMd5(bArr, bArr4);
        byte[] bArr5 = new byte[24];
        System.arraycopy(calculateHmacMd5, 0, bArr5, 0, 16);
        System.arraycopy(bArr3, 0, bArr5, 16, 8);
        return bArr5;
    }

    public byte[] sign(byte[] bArr, int i, int i2) throws InvalidKeyException, NoSuchAlgorithmException {
        byte[] calculateChecksum = calculateChecksum(this.clientSigningKey, this.rc4ClientSealing, bArr, i, i2, this.outgoingSequenceNumber);
        byte[] bArr2 = new byte[16];
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.order(ByteOrder.LITTLE_ENDIAN);
        wrap.putInt(1);
        wrap.put(calculateChecksum, 0, 8);
        wrap.putInt(this.outgoingSequenceNumber);
        this.outgoingSequenceNumber++;
        return bArr2;
    }

    public void verifySign(byte[] bArr, int i, int i2, byte[] bArr2, int i3) throws RdpException, InvalidKeyException, NoSuchAlgorithmException {
        ByteBuffer wrap = ByteBuffer.wrap(bArr2, i3, 16);
        wrap.order(ByteOrder.LITTLE_ENDIAN);
        int i4 = wrap.getInt();
        if (i4 != 1) {
            throw new RdpException("Unsupported NTLM signature version:" + i4);
        }
        byte[] bArr3 = new byte[8];
        wrap.get(bArr3, 0, bArr3.length);
        int i5 = wrap.getInt();
        if (i5 != this.incomingSequenceNumber) {
            throw new RdpException("Invalid NTLM sequence number, expected " + this.incomingSequenceNumber + " actual:" + i5);
        }
        this.incomingSequenceNumber++;
        if (!Arrays.equals(calculateChecksum(this.serverSigningKey, this.serverSealingRc4, bArr, i, i2, i5), bArr3)) {
            throw new RdpException("Invalid NTLM signature");
        }
    }

    public String getServerDomain() {
        return this.svrDomain;
    }

    public String getServerNetbiosDomain() {
        return this.svrNbDomain;
    }

    public String getServerNetbiosComputer() {
        return this.svrNbComputer;
    }
}
