package net.protocol.credssp;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import net.protocol.ntlm.BaseNtlmPDU;
import net.protocol.ntlm.NtlmManager;
import net.protocol.rdp.RdpException;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DLSequence;

/* loaded from: input_file:net/protocol/credssp/CredSsp.class */
public class CredSsp {
    private static final int TS_CREDENTIALS_PASSWORD = 1;
    private NtlmManager manager;
    private TsRequest challenge;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/protocol/credssp/CredSsp$TsRequest.class */
    public class TsRequest {
        public byte[] authInfo;
        public byte[][] negoTokens;
        public byte[] pubKeyAuth;

        private TsRequest() {
        }

        /* synthetic */ TsRequest(CredSsp credSsp, TsRequest tsRequest) {
            this();
        }
    }

    public TsRequest readTsRequest(ASN1InputStream aSN1InputStream) throws IOException {
        DLSequence dLSequence = (DLSequence) aSN1InputStream.readObject();
        ArrayList arrayList = new ArrayList();
        TsRequest tsRequest = new TsRequest(this, null);
        Enumeration objects = dLSequence.getObjects();
        while (objects.hasMoreElements()) {
            ASN1TaggedObject dERTaggedObject = DERTaggedObject.getInstance(objects.nextElement());
            switch (dERTaggedObject.getTagNo()) {
                case 0:
                    int intValue = DERInteger.getInstance(dERTaggedObject, false).getValue().intValue();
                    if (intValue < 2) {
                        System.err.println("Unsupported TSRequest verion: " + intValue);
                        break;
                    } else {
                        break;
                    }
                case 1:
                    Enumeration objects2 = DLSequence.getInstance(dERTaggedObject, false).getObjects();
                    while (objects2.hasMoreElements()) {
                        Enumeration objects3 = DLSequence.getInstance(objects2.nextElement()).getObjects();
                        if (!objects3.hasMoreElements()) {
                            throw new RuntimeException("Negotionation Token data needed");
                        }
                        Enumeration objects4 = DLSequence.getInstance(objects3.nextElement()).getObjects();
                        if (!objects4.hasMoreElements()) {
                            throw new RuntimeException("More negotionation Token data needed");
                        }
                        arrayList.add(DEROctetString.getInstance((ASN1TaggedObject) objects4.nextElement(), false).getOctets());
                    }
                    break;
                case 2:
                    tsRequest.authInfo = DEROctetString.getInstance(dERTaggedObject, false).getOctets();
                    break;
                case 3:
                    tsRequest.pubKeyAuth = DEROctetString.getInstance(dERTaggedObject, false).getOctets();
                    break;
                default:
                    throw new IllegalArgumentException("Invalid tag");
            }
        }
        if (arrayList.size() > 0) {
            tsRequest.negoTokens = (byte[][]) arrayList.toArray((Object[]) new byte[0]);
        }
        return tsRequest;
    }

    protected static void writeTsRequest(TsRequest tsRequest, ASN1OutputStream aSN1OutputStream) throws IOException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new DERTaggedObject(0, new DERInteger(2L)));
        if (tsRequest.negoTokens != null) {
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            for (int i = 0; i < tsRequest.negoTokens.length; i++) {
                ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
                aSN1EncodableVector3.add(new DERTaggedObject(0, new DEROctetString(tsRequest.negoTokens[i])));
                aSN1EncodableVector2.add(new DERSequence(aSN1EncodableVector3));
            }
            aSN1EncodableVector.add(new DERTaggedObject(1, new DERSequence(aSN1EncodableVector2)));
        }
        if (tsRequest.authInfo != null) {
            aSN1EncodableVector.add(new DERTaggedObject(2, new DEROctetString(tsRequest.authInfo)));
        }
        if (tsRequest.pubKeyAuth != null) {
            aSN1EncodableVector.add(new DERTaggedObject(3, new DEROctetString(tsRequest.pubKeyAuth)));
        }
        aSN1OutputStream.writeObject(new DERSequence(aSN1EncodableVector));
    }

    /* JADX WARN: Type inference failed for: r1v3, types: [byte[], byte[][]] */
    public void writeNegociate(String str, String str2, String str3, ASN1OutputStream aSN1OutputStream, String str4) throws UnsupportedEncodingException, IOException {
        this.manager = new NtlmManager(str, str2, str3, str4);
        TsRequest tsRequest = new TsRequest(this, null);
        tsRequest.negoTokens = new byte[1];
        tsRequest.negoTokens[0] = this.manager.initialize();
        tsRequest.authInfo = null;
        tsRequest.pubKeyAuth = null;
        writeTsRequest(tsRequest, aSN1OutputStream);
        aSN1OutputStream.flush();
    }

    public void readChallenge(ASN1InputStream aSN1InputStream) throws IOException {
        this.challenge = readTsRequest(aSN1InputStream);
    }

    /* JADX WARN: Type inference failed for: r1v3, types: [byte[], byte[][]] */
    public void writeAuthenticatoin(byte[] bArr, ASN1OutputStream aSN1OutputStream) throws InvalidKeyException, UnsupportedEncodingException, NoSuchAlgorithmException, RdpException, IOException {
        if (this.challenge.negoTokens.length != 1) {
            throw new RuntimeException("Unexpected number of negotokens in CredSSP TSRequest: " + this.challenge.negoTokens.length);
        }
        TsRequest tsRequest = new TsRequest(this, null);
        tsRequest.negoTokens = new byte[1];
        tsRequest.negoTokens[0] = this.manager.processChallenge(this.challenge.negoTokens[0]);
        tsRequest.authInfo = null;
        tsRequest.pubKeyAuth = new byte[bArr.length + 16];
        this.manager.encrypt(bArr, 0, tsRequest.pubKeyAuth, 16, bArr.length);
        System.arraycopy(this.manager.sign(bArr, 0, bArr.length), 0, tsRequest.pubKeyAuth, 0, 16);
        writeTsRequest(tsRequest, aSN1OutputStream);
        aSN1OutputStream.flush();
    }

    public void execute(String str, String str2, String str3, byte[] bArr, ASN1OutputStream aSN1OutputStream, ASN1InputStream aSN1InputStream, String str4) throws IOException, GeneralSecurityException, RdpException {
        writeNegociate(str, str2, str3, aSN1OutputStream, str4);
        readChallenge(aSN1InputStream);
        writeAuthenticatoin(bArr, aSN1OutputStream);
        try {
            TsRequest readTsRequest = readTsRequest(aSN1InputStream);
            if (readTsRequest.pubKeyAuth == null) {
                throw new RuntimeException("PubKeyAuth expected in TsRequest.");
            }
            this.manager.decrypt(readTsRequest.pubKeyAuth, 16, readTsRequest.pubKeyAuth, 16, readTsRequest.pubKeyAuth.length - 16);
            this.manager.verifySign(readTsRequest.pubKeyAuth, 16, readTsRequest.pubKeyAuth.length - 16, readTsRequest.pubKeyAuth, 0);
            byte[] bArr2 = new byte[readTsRequest.pubKeyAuth.length - 16];
            System.arraycopy(readTsRequest.pubKeyAuth, 16, bArr2, 0, bArr2.length);
            bArr2[0] = (byte) (bArr2[0] - 1);
            if (!Arrays.equals(bArr, bArr2)) {
                throw new RdpException("Invalid public key from the server");
            }
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new DERTaggedObject(0, new DEROctetString(getUnicodeBytes(str))));
            aSN1EncodableVector.add(new DERTaggedObject(1, new DEROctetString(getUnicodeBytes(str2))));
            aSN1EncodableVector.add(new DERTaggedObject(2, new DEROctetString(getUnicodeBytes(str3))));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ASN1OutputStream aSN1OutputStream2 = new ASN1OutputStream(byteArrayOutputStream);
            aSN1OutputStream2.writeObject(new DERSequence(aSN1EncodableVector));
            aSN1OutputStream2.flush();
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.add(new DERTaggedObject(0, new DERInteger(1L)));
            aSN1EncodableVector2.add(new DERTaggedObject(1, new DEROctetString(byteArray)));
            byteArrayOutputStream.reset();
            aSN1OutputStream2.writeObject(new DERSequence(aSN1EncodableVector2));
            aSN1OutputStream2.flush();
            byte[] byteArray2 = byteArrayOutputStream.toByteArray();
            TsRequest tsRequest = new TsRequest(this, null);
            tsRequest.authInfo = new byte[byteArray2.length + 16];
            this.manager.encrypt(byteArray2, 0, tsRequest.authInfo, 16, byteArray2.length);
            System.arraycopy(this.manager.sign(byteArray2, 0, byteArray2.length), 0, tsRequest.authInfo, 0, 16);
            writeTsRequest(tsRequest, aSN1OutputStream);
            aSN1OutputStream.flush();
        } catch (IOException e) {
            throw new RdpException(String.valueOf(e.getMessage()) + "\nWrong credentials for NLA");
        }
    }

    private static final byte[] getUnicodeBytes(String str) throws UnsupportedEncodingException {
        return (str == null) | (str.length() < 1) ? new byte[0] : str.getBytes(BaseNtlmPDU.UNICODE_ENCODING);
    }

    public String getServerDomain() {
        return this.manager.getServerDomain();
    }

    public String getServerNbDomain() {
        return this.manager.getServerNetbiosDomain();
    }

    public String getServerNbComputer() {
        return this.manager.getServerNetbiosComputer();
    }
}
