package com.hierynomus.smbj.auth;

import com.hierynomus.ntlm.messages.AvId;
import com.hierynomus.ntlm.messages.NtlmNegotiateFlag;
import com.hierynomus.protocol.commons.buffer.Buffer;
import com.hierynomus.protocol.commons.buffer.a;
import com.hierynomus.security.c;
import com.hierynomus.smbj.SmbConfig;
import com.hierynomus.smbj.common.SMBRuntimeException;
import com.hierynomus.smbj.session.Session;
import com.hierynomus.spnego.SpnegoException;
import java.io.IOException;
import java.util.Arrays;
import java.util.EnumSet;
import java.util.Random;
import org.slf4j.b;
import tt.gh;
import tt.ri;
import tt.ui;
import tt.wi;
import tt.xi;

/* loaded from: classes.dex */
public class NtlmAuthenticator implements Authenticator {
    private Random random;
    private c securityProvider;
    private String workStationName;
    private static final b logger = org.slf4j.c.i(NtlmAuthenticator.class);
    private static final gh NTLMSSP = new gh("1.3.6.1.4.1.311.2.2.10");
    private boolean initialized = false;
    private boolean completed = false;

    /* loaded from: classes.dex */
    public static class Factory implements xi.a<Authenticator> {
        @Override // tt.xi
        public NtlmAuthenticator create() {
            return new NtlmAuthenticator();
        }

        @Override // tt.xi.a
        public String getName() {
            return NtlmAuthenticator.NTLMSSP.b();
        }
    }

    private byte[] negTokenInit(com.hierynomus.ntlm.messages.c cVar) {
        com.hierynomus.spnego.b bVar = new com.hierynomus.spnego.b();
        bVar.f(NTLMSSP);
        Buffer.b bVar2 = new Buffer.b(a.b);
        cVar.write(bVar2);
        bVar.l(bVar2.getCompactData());
        Buffer.b bVar3 = new Buffer.b(a.b);
        bVar.m(bVar3);
        return bVar3.getCompactData();
    }

    private byte[] negTokenTarg(com.hierynomus.ntlm.messages.a aVar, byte[] bArr) {
        com.hierynomus.spnego.c cVar = new com.hierynomus.spnego.c();
        cVar.m(bArr);
        Buffer.b bVar = new Buffer.b(a.b);
        aVar.write(bVar);
        cVar.m(bVar.getCompactData());
        Buffer.b bVar2 = new Buffer.b(a.b);
        cVar.n(bVar2);
        return bVar2.getCompactData();
    }

    @Override // com.hierynomus.smbj.auth.Authenticator
    public AuthenticateResponse authenticate(AuthenticationContext authenticationContext, byte[] bArr, Session session) {
        byte[] bArr2;
        try {
            AuthenticateResponse authenticateResponse = new AuthenticateResponse();
            if (this.completed) {
                return null;
            }
            if (!this.initialized) {
                logger.t("Initialized Authentication of {} using NTLM", authenticationContext.getUsername());
                com.hierynomus.ntlm.messages.c cVar = new com.hierynomus.ntlm.messages.c();
                this.initialized = true;
                authenticateResponse.setNegToken(negTokenInit(cVar));
                return authenticateResponse;
            }
            logger.t("Received token: {}", ui.a(bArr));
            ri riVar = new ri(this.random, this.securityProvider);
            com.hierynomus.spnego.c cVar2 = new com.hierynomus.spnego.c();
            cVar2.h(bArr);
            cVar2.e();
            com.hierynomus.ntlm.messages.b bVar = new com.hierynomus.ntlm.messages.b();
            try {
                bVar.i(new Buffer.b(cVar2.f(), a.b));
                logger.t("Received NTLM challenge from: {}", bVar.g());
                authenticateResponse.setWindowsVersion(bVar.h());
                authenticateResponse.setNetBiosName(bVar.c(AvId.MsvAvNbComputerName));
                byte[] e = bVar.e();
                byte[] b = riVar.b(String.valueOf(authenticationContext.getPassword()), authenticationContext.getUsername(), authenticationContext.getDomain());
                byte[] e2 = riVar.e(b, e, riVar.d(bVar.f()));
                byte[] g = riVar.g(b, Arrays.copyOfRange(e2, 0, 16));
                EnumSet<NtlmNegotiateFlag> d = bVar.d();
                if (d.contains(NtlmNegotiateFlag.NTLMSSP_NEGOTIATE_KEY_EXCH) && (d.contains(NtlmNegotiateFlag.NTLMSSP_NEGOTIATE_SIGN) || d.contains(NtlmNegotiateFlag.NTLMSSP_NEGOTIATE_SEAL) || d.contains(NtlmNegotiateFlag.NTLMSSP_NEGOTIATE_ALWAYS_SIGN))) {
                    byte[] bArr3 = new byte[16];
                    this.random.nextBytes(bArr3);
                    byte[] c = riVar.c(g, bArr3);
                    authenticateResponse.setSigningKey(bArr3);
                    bArr2 = c;
                } else {
                    authenticateResponse.setSigningKey(g);
                    bArr2 = g;
                }
                this.completed = true;
                Object b2 = bVar.b(AvId.MsvAvFlags);
                if (!(b2 instanceof Long) || (((Long) b2).longValue() & 2) <= 0) {
                    authenticateResponse.setNegToken(negTokenTarg(new com.hierynomus.ntlm.messages.a(new byte[0], e2, authenticationContext.getUsername(), authenticationContext.getDomain(), this.workStationName, bArr2, wi.a.e(d), false), cVar2.f()));
                    return authenticateResponse;
                }
                com.hierynomus.ntlm.messages.a aVar = new com.hierynomus.ntlm.messages.a(new byte[0], e2, authenticationContext.getUsername(), authenticationContext.getDomain(), this.workStationName, bArr2, wi.a.e(d), true);
                Buffer.b bVar2 = new Buffer.b(a.b);
                bVar2.putRawBytes(cVar2.f());
                bVar2.putRawBytes(bVar.e());
                aVar.f(bVar2);
                aVar.e(riVar.g(g, bVar2.getCompactData()));
                authenticateResponse.setNegToken(negTokenTarg(aVar, cVar2.f()));
                return authenticateResponse;
            } catch (Buffer.BufferException e3) {
                throw new IOException(e3);
            }
        } catch (SpnegoException e4) {
            throw new SMBRuntimeException(e4);
        }
    }

    @Override // com.hierynomus.smbj.auth.Authenticator
    public void init(SmbConfig smbConfig) {
        this.securityProvider = smbConfig.getSecurityProvider();
        this.random = smbConfig.getRandomProvider();
        this.workStationName = smbConfig.getWorkStationName();
    }

    @Override // com.hierynomus.smbj.auth.Authenticator
    public boolean supports(AuthenticationContext authenticationContext) {
        return authenticationContext.getClass().equals(AuthenticationContext.class);
    }
}
