package com.hierynomus.smbj.auth;

import com.hierynomus.ntlm.messages.AvId;
import com.hierynomus.ntlm.messages.NtlmNegotiateFlag;
import com.hierynomus.protocol.commons.buffer.Buffer;
import com.hierynomus.protocol.commons.buffer.a;
import com.hierynomus.smbj.SmbConfig;
import com.hierynomus.smbj.common.SMBRuntimeException;
import com.hierynomus.smbj.session.Session;
import com.hierynomus.spnego.SpnegoException;
import java.io.IOException;
import java.util.Arrays;
import java.util.EnumSet;
import java.util.Random;
import tt.AbstractC1286aN;
import tt.AbstractC2040hb;
import tt.C2138iV;
import tt.C2241jV;
import tt.C2346kV;
import tt.C3288tT;
import tt.C3393uT;
import tt.I;
import tt.InterfaceC1109Vu;
import tt.InterfaceC2809ot;
import tt.Tf0;
import tt.XM;

/* loaded from: classes4.dex */
public class NtlmAuthenticator implements Authenticator {
    private Random random;
    private Tf0 securityProvider;
    private String workStationName;
    private static final XM logger = AbstractC1286aN.k(NtlmAuthenticator.class);
    private static final I NTLMSSP = new I("1.3.6.1.4.1.311.2.2.10");
    private boolean initialized = false;
    private boolean completed = false;

    /* loaded from: classes3.dex */
    public static class Factory implements InterfaceC1109Vu.a {
        @Override // tt.InterfaceC1109Vu
        public NtlmAuthenticator create() {
            return new NtlmAuthenticator();
        }

        @Override // tt.InterfaceC1109Vu.a
        public String getName() {
            return NtlmAuthenticator.NTLMSSP.b();
        }
    }

    private byte[] negTokenInit(C2346kV c2346kV) {
        C3288tT c3288tT = new C3288tT();
        c3288tT.f(NTLMSSP);
        a aVar = a.b;
        Buffer.b bVar = new Buffer.b(aVar);
        c2346kV.a(bVar);
        c3288tT.l(bVar.getCompactData());
        Buffer.b bVar2 = new Buffer.b(aVar);
        c3288tT.m(bVar2);
        return bVar2.getCompactData();
    }

    private byte[] negTokenTarg(C2138iV c2138iV, byte[] bArr) {
        C3393uT c3393uT = new C3393uT();
        c3393uT.m(bArr);
        a aVar = a.b;
        Buffer.b bVar = new Buffer.b(aVar);
        c2138iV.e(bVar);
        c3393uT.m(bVar.getCompactData());
        Buffer.b bVar2 = new Buffer.b(aVar);
        c3393uT.n(bVar2);
        return bVar2.getCompactData();
    }

    @Override // com.hierynomus.smbj.auth.Authenticator
    public AuthenticateResponse authenticate(AuthenticationContext authenticationContext, byte[] bArr, Session session) {
        byte[] bArr2;
        try {
            AuthenticateResponse authenticateResponse = new AuthenticateResponse();
            if (this.completed) {
                return null;
            }
            if (!this.initialized) {
                logger.debug("Initialized Authentication of {} using NTLM", authenticationContext.getUsername());
                C2346kV c2346kV = new C2346kV();
                this.initialized = true;
                authenticateResponse.setNegToken(negTokenInit(c2346kV));
                return authenticateResponse;
            }
            XM xm = logger;
            xm.debug("Received token: {}", AbstractC2040hb.a(bArr));
            C2241jV c2241jV = new C2241jV(this.random, this.securityProvider);
            C3393uT h = new C3393uT().h(bArr);
            h.e();
            com.hierynomus.ntlm.messages.a aVar = new com.hierynomus.ntlm.messages.a();
            try {
                byte[] f = h.f();
                a aVar2 = a.b;
                aVar.h(new Buffer.b(f, aVar2));
                xm.debug("Received NTLM challenge from: {}", aVar.f());
                authenticateResponse.setWindowsVersion(aVar.g());
                authenticateResponse.setNetBiosName(aVar.b(AvId.MsvAvNbComputerName));
                byte[] d = aVar.d();
                byte[] b = c2241jV.b(String.valueOf(authenticationContext.getPassword()), authenticationContext.getUsername(), authenticationContext.getDomain());
                byte[] e = c2241jV.e(b, d, c2241jV.d(aVar.e()));
                byte[] g = c2241jV.g(b, Arrays.copyOfRange(e, 0, 16));
                EnumSet c = aVar.c();
                if (c.contains(NtlmNegotiateFlag.NTLMSSP_NEGOTIATE_KEY_EXCH) && (c.contains(NtlmNegotiateFlag.NTLMSSP_NEGOTIATE_SIGN) || c.contains(NtlmNegotiateFlag.NTLMSSP_NEGOTIATE_SEAL) || c.contains(NtlmNegotiateFlag.NTLMSSP_NEGOTIATE_ALWAYS_SIGN))) {
                    byte[] bArr3 = new byte[16];
                    this.random.nextBytes(bArr3);
                    byte[] c2 = c2241jV.c(g, bArr3);
                    authenticateResponse.setSigningKey(bArr3);
                    bArr2 = c2;
                } else {
                    authenticateResponse.setSigningKey(g);
                    bArr2 = g;
                }
                this.completed = true;
                Object a = aVar.a(AvId.MsvAvFlags);
                if (!(a instanceof Long) || (((Long) a).longValue() & 2) <= 0) {
                    authenticateResponse.setNegToken(negTokenTarg(new C2138iV(new byte[0], e, authenticationContext.getUsername(), authenticationContext.getDomain(), this.workStationName, bArr2, InterfaceC2809ot.a.e(c), false), h.f()));
                    return authenticateResponse;
                }
                C2138iV c2138iV = new C2138iV(new byte[0], e, authenticationContext.getUsername(), authenticationContext.getDomain(), this.workStationName, bArr2, InterfaceC2809ot.a.e(c), true);
                Buffer.b bVar = new Buffer.b(aVar2);
                bVar.putRawBytes(h.f());
                bVar.putRawBytes(aVar.d());
                c2138iV.f(bVar);
                c2138iV.d(c2241jV.g(g, bVar.getCompactData()));
                authenticateResponse.setNegToken(negTokenTarg(c2138iV, h.f()));
                return authenticateResponse;
            } catch (Buffer.BufferException e2) {
                throw new IOException(e2);
            }
        } catch (SpnegoException e3) {
            throw new SMBRuntimeException(e3);
        }
    }

    @Override // com.hierynomus.smbj.auth.Authenticator
    public void init(SmbConfig smbConfig) {
        this.securityProvider = smbConfig.getSecurityProvider();
        this.random = smbConfig.getRandomProvider();
        this.workStationName = smbConfig.getWorkStationName();
    }

    @Override // com.hierynomus.smbj.auth.Authenticator
    public boolean supports(AuthenticationContext authenticationContext) {
        return authenticationContext.getClass().equals(AuthenticationContext.class);
    }
}
