package net.protocol.x224;

import com.toremote.tools.DataUtil;
import java.io.IOException;
import java.net.InetAddress;
import net.protocol.rdp.InvalidCredentialException;
import net.protocol.rdp.RdpException;
import net.protocol.rdp.RdpFastPathLayer;
import net.protocol.rdp.interfaces.HostAddress;
import net.protocol.rdp.interfaces.RdpConfig;
import net.protocol.rdp.interfaces.RedirectInfo;
import net.protocol.rdp.orders.OrderException;
import net.protocol.secure.crypto.CryptoException;
import net.protocol.socket.SocketLayer;
import net.protocol.utils.DataView;

/* loaded from: input_file:net/protocol/x224/X224Layer.class */
public class X224Layer {
    private static final int CONNECTION_REQUEST = 224;
    private static final int CONNECTION_CONFIRM = 208;
    private static final int DISCONNECT_REQUEST = 128;
    private static final int DATA_TRANSFER = 240;
    private static final int PROTOCOL_VERSION = 3;
    private static final int EOT = 128;
    private static final int TYPE_RDP_NEG_RSP = 2;
    private static final int TYPE_RDP_NEG_FAILURE = 3;
    private static final int SSL_REQUIRED_BY_SERVER = 1;
    private static final int SSL_NOT_ALLOWED_BY_SERVER = 2;
    private static final int SSL_CERT_NOT_ON_SERVER = 3;
    private static final int INCONSISTENT_FLAGS = 4;
    private static final int HYBRID_REQUIRED_BY_SERVER = 5;
    private static final int PROTOCOL_RDP = 0;
    private static final int PROTOCOL_SSL = 1;
    private static final int PROTOCOL_HYBRID = 2;
    private static final int PROTOCOL_RDSTLS = 4;
    private static final int PROTOCOL_HYBRID_EX = 8;
    private static final int RDP_PRECONNECTION_PDU_V2 = 2;
    private static final int MSG_RDSTLS_CAPABILITIES = 1;
    private static final int MSG_RDSTLS_AUTH_REQUEST = 2;
    private static final int MSG_RDSTLS_AUTH_RESPONSE = 4;
    private static final int DATA_RDSTLS_CAPABILITIES = 1;
    private static final int DATA_RDSTLS_AUTH_PASSWORD_CREDS = 1;
    private static final int DATA_RDSTLS_AUTH_AUTORECONNECT_COOKIE = 2;
    private static final int DATA_RDSTLS_AUTH_ERROR_CODE = 1;
    private RdpConfig rdpCfg;
    private SocketLayer socket;
    private RdpFastPathLayer fastLayer;
    private boolean connected = false;
    private DataView inBuffer = new DataView(4096);

    public X224Layer(RdpConfig rdpConfig) {
        this.rdpCfg = rdpConfig;
        this.socket = new SocketLayer(rdpConfig.randomIP);
    }

    public final DataView init(int i) {
        DataView dataView = new DataView(i + 7);
        dataView.skipPosition(7);
        return dataView;
    }

    public void connect(String str, int i) throws IOException, RdpException, OrderException, CryptoException, InvalidCredentialException {
        HostAddress[] hostAddressArr;
        this.fastLayer = this.rdpCfg.rdp;
        if (this.rdpCfg.assistance != null) {
            hostAddressArr = this.rdpCfg.assistance.servers;
        } else if (this.rdpCfg.randomIP) {
            InetAddress[] allByName = InetAddress.getAllByName(str);
            int length = allByName.length;
            hostAddressArr = new HostAddress[length];
            for (int i2 = 0; i2 < length; i2++) {
                hostAddressArr[i2] = new HostAddress(allByName[i2].getHostAddress(), i);
            }
        } else {
            hostAddressArr = new HostAddress[]{new HostAddress(str, i)};
        }
        HostAddress connect = this.socket.connect(hostAddressArr);
        this.rdpCfg.server = connect.hostName;
        this.rdpCfg.port = connect.port;
        if (this.rdpCfg.hostname == null || this.rdpCfg.hostname.length() == 0 || "localhost".equals(this.rdpCfg.hostname.toLowerCase()) || "127.0.0.1".equals(this.rdpCfg.hostname)) {
            this.rdpCfg.hostname = this.socket.getLocalAddress().getHostName();
        }
        if (this.rdpCfg.hostaddress == null || this.rdpCfg.hostaddress.length() == 0 || "127.0.0.1".equals(this.rdpCfg.hostaddress)) {
            this.rdpCfg.hostaddress = this.socket.getLocalAddress().getHostAddress();
        }
        if (this.rdpCfg.isHyperV()) {
            preconnect();
        }
        int i3 = 0;
        if (this.rdpCfg.selectedProtocol > -1) {
            i3 = 0 | this.rdpCfg.selectedProtocol;
        } else if (this.rdpCfg.isHyperV() || this.rdpCfg.useCredSSP == 1) {
            i3 = 3;
        }
        sendConnectionRequest(this.rdpCfg.username, i3);
        int receiveConnectionConfirm = receiveConnectionConfirm();
        if (receiveConnectionConfirm > 0) {
            int i4 = i3;
            if (i3 == 0 && this.rdpCfg.useCredSSP == 2) {
                i4 = 3;
            } else if (i3 != 0) {
                i4 = 0;
            }
            if (i4 != i3) {
                this.socket.disconnect();
                this.socket.connect(hostAddressArr);
                sendConnectionRequest(this.rdpCfg.username, i4);
                receiveConnectionConfirm = receiveConnectionConfirm();
            }
        }
        if (receiveConnectionConfirm > 0) {
            throw new RdpException(getFailureReason(receiveConnectionConfirm));
        }
        this.connected = true;
    }

    private final void preconnect() throws IOException, RdpException, OrderException, CryptoException, InvalidCredentialException {
        String str = String.valueOf(this.rdpCfg.vmid) + "��";
        int length = str.length();
        int i = 18 + (length * 2);
        DataView dataView = new DataView(i);
        dataView.setLittleEndian32(i);
        dataView.setLittleEndian32(0);
        dataView.setLittleEndian32(2);
        dataView.setLittleEndian32(0);
        dataView.setLittleEndian16(length);
        dataView.setUnicodeString(str);
        dataView.markEnd();
        this.socket.send(dataView);
        this.rdpCfg.useCredSSP = 1;
        connectSSL();
        this.socket.executeCredSsp(this.rdpCfg.domain, this.rdpCfg.username, this.rdpCfg.password, this.rdpCfg.hostname);
    }

    private void sendMessage(int i) throws IOException, RdpException {
        DataView dataView = new DataView(11);
        setTPKTHeader(dataView, 11);
        dataView.setByte(6);
        dataView.setByte(i);
        dataView.setBigEndian16(0);
        dataView.setBigEndian16(0);
        dataView.setByte(0);
        dataView.markEnd();
        this.socket.send(dataView);
    }

    public void send(DataView dataView) throws IOException {
        int end = dataView.getEnd();
        dataView.setPosition(0);
        setTPKTHeader(dataView, end);
        dataView.setByte(2);
        dataView.setByte(DATA_TRANSFER);
        dataView.setByte(128);
        this.socket.send(dataView);
    }

    private final int receiveConnectionConfirm() throws IOException, RdpException, OrderException, CryptoException, InvalidCredentialException {
        byte[] bArr = new byte[4];
        this.socket.readFully(bArr);
        if (bArr[0] != 3) {
            throw new RdpException("Invalid TPKT Header, version=" + ((int) bArr[0]));
        }
        int bigEndian16 = DataUtil.getBigEndian16(bArr, 2) - 4;
        this.socket.readByte();
        if ((this.socket.readByte() & 255) != 208) {
            throw new RdpException("invalid X.224 Connection Confirm PDU");
        }
        this.socket.skipByte(5);
        int i = bigEndian16 - 7;
        if (i <= 0) {
            return 0;
        }
        byte[] bArr2 = new byte[i];
        this.socket.readFully(bArr2);
        byte b = bArr2[0];
        if (b != 2) {
            if (b == 3) {
                return DataUtil.getLittleEndian32(bArr2, 4);
            }
            return 0;
        }
        this.rdpCfg.selectedProtocol = DataUtil.getLittleEndian32(bArr2, 4);
        if (this.rdpCfg.isHyperV()) {
            return 0;
        }
        if (this.rdpCfg.selectedProtocol == 1 || this.rdpCfg.selectedProtocol == 4) {
            connectSSL();
            if (this.rdpCfg.selectedProtocol != 4) {
                return 0;
            }
            processRDSTLSHandshake();
            return 0;
        }
        if (this.rdpCfg.selectedProtocol != 2) {
            return 0;
        }
        connectSSL();
        this.socket.executeCredSsp(this.rdpCfg.domain, this.rdpCfg.username, this.rdpCfg.password, this.rdpCfg.hostname);
        return 0;
    }

    private void processRDSTLSHandshake() throws IOException, RdpException {
        receiveRDSTLSCap();
        sendRDSTLAuthReq();
        receiveRDSTLAuthResp();
    }

    private void receiveRDSTLSCap() throws IOException, RdpException {
        this.inBuffer.reset(8);
        DataView receive = this.socket.receive(this.inBuffer, 8);
        int littleEndian16 = receive.getLittleEndian16();
        int littleEndian162 = receive.getLittleEndian16();
        int littleEndian163 = receive.getLittleEndian16();
        if (littleEndian16 == 1) {
            if (!((littleEndian162 != 1) | (littleEndian163 != 1))) {
                receive.getLittleEndian16();
                return;
            }
        }
        throw new RdpException("Wrong data received for RDSTLS Cap");
    }

    private void sendRDSTLAuthReq() throws IOException, RdpException {
        RedirectInfo redirectInfo = this.rdpCfg.redirect;
        if (this.rdpCfg.routingToken != null) {
            byte[] bArr = this.rdpCfg.routingToken;
            DataView dataView = new DataView(12 + bArr.length);
            dataView.setLittleEndian16(1);
            dataView.setLittleEndian16(2);
            dataView.setLittleEndian16(2);
            dataView.setLittleEndian32(redirectInfo.sessionId);
            dataView.setLittleEndian16(bArr.length);
            dataView.setBytes(bArr);
            dataView.markEnd();
            this.socket.send(dataView);
            return;
        }
        int length = (redirectInfo.userName.length() + 1) * 2;
        int length2 = (redirectInfo.password.length() + 1) * 2;
        int length3 = redirectInfo.domain != null ? (redirectInfo.domain.length() + 1) * 2 : 0;
        DataView dataView2 = new DataView(6 + 8 + redirectInfo.guid.length + length + length2 + length3);
        dataView2.setLittleEndian16(1);
        dataView2.setLittleEndian16(2);
        dataView2.setLittleEndian16(1);
        dataView2.setLittleEndian16(redirectInfo.guid.length);
        dataView2.setBytes(redirectInfo.guid);
        dataView2.setLittleEndian16(length);
        dataView2.setUnicodeString(String.valueOf(redirectInfo.userName) + "��");
        dataView2.setLittleEndian16(length3);
        if (length3 > 0) {
            dataView2.setUnicodeString(String.valueOf(redirectInfo.domain) + "��");
        }
        dataView2.setLittleEndian16(length2);
        dataView2.setUnicodeString(String.valueOf(redirectInfo.password) + "��");
        dataView2.markEnd();
        this.socket.send(dataView2);
    }

    private void receiveRDSTLAuthResp() throws IOException, RdpException {
        this.inBuffer.reset(10);
        DataView receive = this.socket.receive(this.inBuffer, 10);
        int littleEndian16 = receive.getLittleEndian16();
        int littleEndian162 = receive.getLittleEndian16();
        int littleEndian163 = receive.getLittleEndian16();
        if (littleEndian16 != 1 || littleEndian162 != 4 || littleEndian163 != 1) {
            throw new RdpException("Invalid RDSTL Auth Resoponse");
        }
        int littleEndian32 = receive.getLittleEndian32();
        if (littleEndian32 > 0) {
            throw new RdpException(getRDSTLErroMessage(littleEndian32));
        }
    }

    private String getRDSTLErroMessage(int i) {
        switch (i) {
            case 5:
                return "The user does not have a permission to access the server.";
            case 1326:
                return "Logon failure: unknown user name or bad password.";
            case 1328:
                return "Logon failure: account logon time restriction violation.";
            case 1330:
                return "Logon failure: the specified account password has expired.";
            case 1331:
                return "Logon failure: account currently disabled.";
            case 1907:
                return "The user's password must be changed.";
            case 1909:
                return "The referenced account is currently locked out and may not be logged on to.";
            default:
                return "Unkownn error code:" + i;
        }
    }

    private void connectSSL() throws RdpException {
        try {
            this.socket.useSSL();
        } catch (Exception e) {
            e.printStackTrace();
            throw new RdpException(e.getMessage());
        }
    }

    private static final String getFailureReason(int i) {
        String str = "Unknown";
        switch (i) {
            case 1:
                str = "The server requires that the client support Enhanced RDP Security with either TLS 1.0 or CredSSP. If only CredSSP was requested then the server only supports TLS.";
                break;
            case 2:
                str = "The server is configured to only use Standard RDP Security mechanisms and does not support any External Security Protocols.";
                break;
            case 3:
                str = "The server does not possess a valid authentication certificate and cannot initialize the External Security Protocol Provider.";
                break;
            case 4:
                str = "The list of requested security protocols is not consistent with the current security protocol in effect. This error is only possible when the Direct Approach is used and an External Security Protocol is already being used.";
                break;
            case 5:
                str = "The server requires that the client support Enhanced RDP Security with CredSSP.";
                break;
        }
        return str;
    }

    public final DataView receive() throws IOException, RdpException, OrderException, CryptoException {
        int i;
        while (true) {
            int readByte = this.socket.readByte();
            int i2 = 4;
            if (readByte == 3) {
                this.socket.skipByte(1);
                i = (this.socket.readByte() << 8) | (this.socket.readByte() & 255);
            } else {
                int readByte2 = this.socket.readByte() & 255;
                if ((readByte2 & 128) != 0) {
                    i = (((readByte2 & (-129)) & 255) << 8) | (this.socket.readByte() & 255);
                    i2 = 3;
                } else {
                    i2 = 2;
                    i = readByte2;
                }
            }
            int i3 = i - i2;
            this.inBuffer.reset(i3);
            DataView receive = this.socket.receive(this.inBuffer, i3);
            if (receive == null) {
                return null;
            }
            if (i2 == 4) {
                receive.getByte();
                if (receive.getByte() != DATA_TRANSFER) {
                    throw new RdpException("invalid X.224 Data Protocol Data Unit (PDU).");
                }
                receive.skipPosition(1);
                return receive;
            }
            this.fastLayer.process(receive, readByte);
        }
    }

    public void disconnect() {
        if (this.connected) {
            if (!this.socket.isClosed()) {
                try {
                    sendMessage(128);
                } catch (Throwable th) {
                }
                if (this.socket != null) {
                    this.socket.disconnect();
                    this.socket = null;
                }
            }
            this.inBuffer = null;
            this.connected = false;
        }
    }

    private final void setTPKTHeader(DataView dataView, int i) {
        dataView.setByte(3);
        dataView.setByte(0);
        dataView.setBigEndian16(i);
    }

    private final byte[] getToken(String str) {
        byte[] bArr = this.rdpCfg.routingToken;
        if (bArr != null && bArr.length != 0) {
            int length = bArr.length;
            if (bArr.length < 2 || (bArr[length - 1] != 10 && bArr[length - 2] != 13)) {
                byte[] bArr2 = new byte[length + 2];
                System.arraycopy(bArr, 0, bArr2, 0, length);
                bArr2[length] = 13;
                bArr2[length + 1] = 10;
                bArr = bArr2;
            }
        } else if (str != null && str.length() > 0) {
            if (str.length() > 9) {
                str = str.substring(0, 9);
            }
            bArr = ("Cookie: mstshash=" + str + "\r\n").getBytes();
        }
        return bArr;
    }

    private final void sendConnectionRequest(String str, int i) throws IOException, RdpException {
        byte[] token = getToken(str);
        int length = token == null ? 0 : token.length;
        int i2 = 19 + length;
        DataView dataView = new DataView(i2);
        setTPKTHeader(dataView, i2);
        dataView.setByte(i2 - 5);
        dataView.setByte(224);
        dataView.setBigEndian16(0);
        dataView.setBigEndian16(0);
        dataView.setByte(0);
        if (length > 0) {
            dataView.setBytes(token);
        }
        dataView.setByte(1);
        dataView.setByte(0);
        dataView.setLittleEndian16(8);
        dataView.setLittleEndian32(i);
        dataView.markEnd();
        this.socket.send(dataView);
    }

    public void sendFastPath(DataView dataView) throws RdpException, IOException {
        this.socket.send(dataView);
    }
}
