package org.apache.http.impl.auth.ntlm;

import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Locale;
import org.apache.http.impl.auth.DebugUtil;
import org.apache.http.impl.auth.ntlm.NTLMEngineImpl;
import org.apache.xpath.axes.WalkerFactory;

/* loaded from: input_file:WEB-INF/lib/httpclient-4.5.3.e3.jar:org/apache/http/impl/auth/ntlm/AuthenticateMessage.class */
public class AuthenticateMessage extends NTLMOutputMessage {
    protected int type2Flags;
    protected byte[] domainBytes;
    protected byte[] hostBytes;
    protected byte[] userBytes;
    protected byte[] lmChallengeResponse;
    protected byte[] ntChallengeResponse;
    protected byte[] encryptedRandomSessionKey;
    protected byte[] exportedSessionKey;
    int micPosition = -1;
    protected boolean computeMic = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AuthenticateMessage(String str, String str2, String str3, String str4, byte[] bArr, int i, String str5, byte[] bArr2, X509Certificate x509Certificate) throws NTLMEngineException {
        byte[] lanManagerSessionKey;
        this.type2Flags = i;
        String convertHost = NTLMEngineImpl.convertHost(str2);
        String convertDomain = NTLMEngineImpl.convertDomain(str);
        NTLMEngineImpl.CipherGen cipherGen = new NTLMEngineImpl.CipherGen(convertDomain, str3, str4, bArr, str5, x509Certificate != null ? addGssMicAvsToTargetInfo(bArr2, x509Certificate) : bArr2);
        try {
            if ((i & 8388608) != 0 && bArr2 != null && str5 != null) {
                if (NTLMEngineImpl.develTrace) {
                    NTLMEngineImpl.log.trace("Generating NTLMv2 responses");
                }
                this.ntChallengeResponse = cipherGen.getNTLMv2Response();
                byte[] targetInfoTimestamp = getTargetInfoTimestamp(bArr2);
                if (NTLMEngineImpl.develTrace) {
                    NTLMEngineImpl.log.trace("targetInfoTimestamp: " + DebugUtil.dump(targetInfoTimestamp));
                }
                if (targetInfoTimestamp == null) {
                    this.lmChallengeResponse = cipherGen.getLMv2Response();
                } else {
                    this.lmChallengeResponse = new byte[24];
                }
                lanManagerSessionKey = (i & 128) != 0 ? cipherGen.getLanManagerSessionKey() : cipherGen.getNTLMv2SessionBaseKey();
            } else if ((i & 524288) != 0) {
                if (NTLMEngineImpl.develTrace) {
                    NTLMEngineImpl.log.trace("Generating NTLMv1 responses with NTLMv2 session");
                }
                this.ntChallengeResponse = cipherGen.getNTLM2SessionResponse();
                this.lmChallengeResponse = cipherGen.getLM2SessionResponse();
                lanManagerSessionKey = (i & 128) != 0 ? cipherGen.getLanManagerSessionKey() : cipherGen.getNTLM2SessionResponseUserSessionKey();
            } else {
                if (NTLMEngineImpl.develTrace) {
                    NTLMEngineImpl.log.trace("Generating NTLMv1 responses");
                }
                this.ntChallengeResponse = cipherGen.getNTLMResponse();
                this.lmChallengeResponse = cipherGen.getLMResponse();
                lanManagerSessionKey = (i & 128) != 0 ? cipherGen.getLanManagerSessionKey() : cipherGen.getNTLMUserSessionKey();
            }
        } catch (NTLMEngineException e) {
            if (NTLMEngineImpl.develTrace) {
                NTLMEngineImpl.log.trace("Got exceptions, failback to LM algorithms", e);
            }
            this.ntChallengeResponse = new byte[0];
            this.lmChallengeResponse = cipherGen.getLMResponse();
            lanManagerSessionKey = (i & 128) != 0 ? cipherGen.getLanManagerSessionKey() : cipherGen.getLMUserSessionKey();
        }
        if (NTLMEngineImpl.develTrace) {
            NTLMEngineImpl.log.trace("LmChallengeResponse:\n" + DebugUtil.dump(this.lmChallengeResponse));
            NTLMEngineImpl.log.trace("NtChallengeResponse:\n" + DebugUtil.dump(this.ntChallengeResponse));
            NTLMEngineImpl.log.trace("sessionBaseKey:" + DebugUtil.dump(lanManagerSessionKey));
        }
        if ((i & 16) != 0) {
            if ((i & 1073741824) != 0) {
                this.exportedSessionKey = cipherGen.getExportedSessionKey();
                this.encryptedRandomSessionKey = NTLMEngineImpl.RC4(this.exportedSessionKey, lanManagerSessionKey);
            } else {
                this.encryptedRandomSessionKey = lanManagerSessionKey;
                this.exportedSessionKey = this.encryptedRandomSessionKey;
            }
            if (NTLMEngineImpl.develTrace) {
                NTLMEngineImpl.log.trace("exportedSessionKey:\n" + DebugUtil.dump(this.exportedSessionKey));
                NTLMEngineImpl.log.trace("encryptedRandomSessionKey:\n" + DebugUtil.dump(this.encryptedRandomSessionKey));
            }
        } else {
            this.encryptedRandomSessionKey = null;
        }
        Charset charset = NTLMEngineImpl.getCharset(Integer.valueOf(i));
        this.hostBytes = convertHost != null ? convertHost.getBytes(charset) : null;
        this.domainBytes = convertDomain != null ? convertDomain.toUpperCase(Locale.ROOT).getBytes(charset) : null;
        this.userBytes = str3.getBytes(charset);
    }

    private byte[] getTargetInfoTimestamp(byte[] bArr) throws NTLMEngineException {
        if (bArr == null) {
            return null;
        }
        return getValueOfAVPair(bArr, 7);
    }

    private byte[] getValueOfAVPair(byte[] bArr, int i) throws NTLMEngineException {
        int i2 = 0;
        while (true) {
            int i3 = i2;
            if (i3 >= bArr.length) {
                return null;
            }
            int readUShort = NTLMEngineImpl.readUShort(bArr, i3);
            int readUShort2 = NTLMEngineImpl.readUShort(bArr, i3 + 2);
            if (readUShort == i) {
                byte[] bArr2 = new byte[readUShort2];
                System.arraycopy(bArr, i3 + 4, bArr2, 0, readUShort2);
                return bArr2;
            }
            i2 = i3 + 4 + readUShort2;
        }
    }

    public byte[] getEncryptedRandomSessionKey() {
        return this.encryptedRandomSessionKey;
    }

    public byte[] getExportedSessionKey() {
        return this.exportedSessionKey;
    }

    @Override // org.apache.http.impl.auth.ntlm.NTLMOutputMessage
    protected void encodeMessage() {
        int length = this.ntChallengeResponse.length;
        int length2 = this.lmChallengeResponse.length;
        int length3 = this.domainBytes != null ? this.domainBytes.length : 0;
        int length4 = this.hostBytes != null ? this.hostBytes.length : 0;
        int length5 = this.userBytes.length;
        int length6 = this.encryptedRandomSessionKey != null ? this.encryptedRandomSessionKey.length : 0;
        int i = 72 + (this.computeMic ? 16 : 0);
        int i2 = i + length3;
        int i3 = i2 + length5;
        int i4 = i3 + length4;
        int i5 = i4 + length2;
        int i6 = i5 + length;
        prepareResponse(i6 + length6, 3);
        addUShort(length2);
        addUShort(length2);
        addULong(i4);
        addUShort(length);
        addUShort(length);
        addULong(i5);
        addUShort(length3);
        addUShort(length3);
        addULong(i);
        addUShort(length5);
        addUShort(length5);
        addULong(i2);
        addUShort(length4);
        addUShort(length4);
        addULong(i3);
        addUShort(length6);
        addUShort(length6);
        addULong(i6);
        addULong(this.type2Flags);
        addUShort(262);
        addUShort(7601);
        addUShort(0);
        addUShort(WalkerFactory.BITS_RESERVED);
        if (this.computeMic) {
            this.micPosition = getCurrentOutputPosition();
            skipBytes(16);
        }
        addBytes(this.domainBytes);
        addBytes(this.userBytes);
        addBytes(this.hostBytes);
        addBytes(this.lmChallengeResponse);
        addBytes(this.ntChallengeResponse);
        if (this.encryptedRandomSessionKey != null) {
            addBytes(this.encryptedRandomSessionKey);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addMic(byte[] bArr, byte[] bArr2) throws NTLMEngineException {
        if (this.computeMic) {
            if (this.micPosition == -1) {
                encodeMessage();
                this.messageEncoded = true;
            }
            if (this.exportedSessionKey == null) {
                throw new NTLMEngineException("Cannot add MIC: no exported session key");
            }
            NTLMEngineImpl.HMACMD5 hmacmd5 = new NTLMEngineImpl.HMACMD5(this.exportedSessionKey);
            hmacmd5.update(bArr);
            hmacmd5.update(bArr2);
            hmacmd5.update(this.messageContents);
            byte[] output = hmacmd5.getOutput();
            System.arraycopy(output, 0, this.messageContents, this.micPosition, output.length);
            if (NTLMEngineImpl.develTrace) {
                NTLMEngineImpl.log.trace("mic:\n" + DebugUtil.dump(output));
            }
        }
    }

    private byte[] addGssMicAvsToTargetInfo(byte[] bArr, X509Certificate x509Certificate) throws NTLMEngineException {
        byte[] bArr2 = new byte[bArr.length + 8 + 20];
        int length = bArr.length - 4;
        System.arraycopy(bArr, 0, bArr2, 0, length);
        NTLMEngineImpl.writeUShort(bArr2, 6, length);
        NTLMEngineImpl.writeUShort(bArr2, 4, length + 2);
        NTLMEngineImpl.writeULong(bArr2, 2, length + 4);
        this.computeMic = true;
        NTLMEngineImpl.writeUShort(bArr2, 10, length + 8);
        NTLMEngineImpl.writeUShort(bArr2, 16, length + 10);
        try {
            byte[] digest = MessageDigest.getInstance("SHA-256").digest(x509Certificate.getEncoded());
            byte[] bArr3 = new byte[20 + NTLMEngineImpl.MAGIC_TLS_SERVER_ENDPOINT.length + digest.length];
            NTLMEngineImpl.writeULong(bArr3, 53, 16);
            System.arraycopy(NTLMEngineImpl.MAGIC_TLS_SERVER_ENDPOINT, 0, bArr3, 20, NTLMEngineImpl.MAGIC_TLS_SERVER_ENDPOINT.length);
            System.arraycopy(digest, 0, bArr3, 20 + NTLMEngineImpl.MAGIC_TLS_SERVER_ENDPOINT.length, digest.length);
            System.arraycopy(MessageDigest.getInstance("MD5").digest(bArr3), 0, bArr2, length + 12, 16);
            return bArr2;
        } catch (NoSuchAlgorithmException e) {
            throw new NTLMEngineException(e.getMessage(), e);
        } catch (CertificateEncodingException e2) {
            throw new NTLMEngineException(e2.getMessage(), e2);
        }
    }

    public String debugDump() {
        StringBuilder sb = new StringBuilder("AuthenticationMessage\n");
        sb.append("  flags:\n    ").append(NTLMEngineImpl.dumpFlags(this.type2Flags)).append("\n");
        sb.append("  domainBytes:\n    ").append(DebugUtil.dump(this.domainBytes)).append("\n");
        sb.append("  hostBytes:\n    ").append(DebugUtil.dump(this.hostBytes)).append("\n");
        sb.append("  userBytes:\n    ").append(DebugUtil.dump(this.userBytes)).append("\n");
        sb.append("  lmResp:\n    ").append(DebugUtil.dump(this.lmChallengeResponse)).append("\n");
        sb.append("  ntResp:\n    ").append(DebugUtil.dump(this.ntChallengeResponse)).append("\n");
        sb.append("  encryptedRandomSessionKey:\n    ").append(DebugUtil.dump(this.encryptedRandomSessionKey)).append("\n");
        sb.append("  exportedSessionKey:\n    ").append(DebugUtil.dump(this.exportedSessionKey));
        return sb.toString();
    }

    @Override // org.apache.http.impl.auth.ntlm.NTLMOutputMessage, org.apache.http.impl.auth.ntlm.NTLMMessage
    public /* bridge */ /* synthetic */ byte[] getBytes() {
        return super.getBytes();
    }

    @Override // org.apache.http.impl.auth.ntlm.NTLMOutputMessage
    public /* bridge */ /* synthetic */ String getResponse() {
        return super.getResponse();
    }
}
