package com.elluminate.net.httpCommon;

import com.elluminate.net.NetDebug;
import com.elluminate.net.ProxyAuthData;
import com.elluminate.net.ProxyAuthDataStore;
import com.elluminate.util.Base64;
import com.elluminate.util.Debug;
import com.elluminate.util.EncodingException;
import com.elluminate.util.I18n;
import com.elluminate.util.crypto.DES;
import com.elluminate.util.crypto.MD4;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.HashMap;

/* loaded from: input_file:eNet.jar:com/elluminate/net/httpCommon/NtlmProxyAuthScheme.class */
public class NtlmProxyAuthScheme implements ProxyAuthScheme, AuthenticateHandler {
    private static final int FAILED = 0;
    private static final int TYPE1SENT = 1;
    private static final int TYPE2RECV = 2;
    private static final int TYPE3SENT = 3;
    private static final int AUTHENTICATED = 4;
    private static final long EPOCH_MSEC = 11644473600000L;
    private static final byte[] NTLMSSP_SIG = {78, 84, 76, 77, 83, 83, 80, 0};
    private static final byte[] TYPE1_MSG = {1, 0, 0, 0};
    private static final byte[] TYPE2_MSG = {2, 0, 0, 0};
    private static final byte[] TYPE3_MSG = {3, 0, 0, 0};
    private static final byte[] BLOB_SIG = {1, 1, 0, 0, 0, 0, 0, 0};
    private static final int NEGOTIATE_UNICODE = 1;
    private static final int NEGOTIATE_OEM = 2;
    private static final int REQUEST_TARGET = 4;
    private static final int NEGOTIATE_NTLM = 512;
    private static final int NEGOTIATE_DOMAIN_SUPPLIED = 4096;
    private static final int NEGOTIATE_WORKSTATION_SUPPLIED = 8192;
    private static final int TARGET_TYPE_DOMAIN = 65536;
    private static final int TARGET_TYPE_SERVER = 131072;
    private static final int TARGET_TYPE_SHARE = 262144;
    private static final int NEGOTIATE_TARGET_INFO = 8388608;
    private static final int TYPE1_FLAGS = 517;
    private static I18n i18n;
    private int stage = 0;
    private ProxyAuthData authData = null;
    private byte[] msg = null;
    private String target = null;
    private byte[] challenge = null;
    private byte[] clientChallenge = null;
    private byte[] targetInfo = null;
    private boolean useNTLMv2 = true;
    private SecureRandom rnd = new SecureRandom();
    private MessageDigest md5 = null;
    static Class class$com$elluminate$net$httpCommon$NtlmProxyAuthScheme;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:eNet.jar:com/elluminate/net/httpCommon/NtlmProxyAuthScheme$SecurityBuffer.class */
    public class SecurityBuffer {
        public short length;
        public short alloc;
        public int offset;
        private final NtlmProxyAuthScheme this$0;

        public SecurityBuffer(NtlmProxyAuthScheme ntlmProxyAuthScheme, int i, int i2) throws IOException {
            this.this$0 = ntlmProxyAuthScheme;
            this.length = ntlmProxyAuthScheme.readShort(i);
            this.alloc = ntlmProxyAuthScheme.readShort(i + 2);
            this.offset = ntlmProxyAuthScheme.readInt(i + 4);
            if (this.offset + this.alloc > ntlmProxyAuthScheme.msg.length) {
                throw new IOException();
            }
            if (this.offset < i2) {
                throw new IOException();
            }
            if (this.length < 0 || this.alloc < 0) {
                throw new IOException();
            }
        }

        public String readString() throws IOException {
            if (this.length % 2 != 0) {
                throw new IOException(NtlmProxyAuthScheme.i18n.getString("NtlmProxyAuthScheme.invalidResponse"));
            }
            if (this.offset + this.length > this.this$0.msg.length) {
                throw new IOException(NtlmProxyAuthScheme.i18n.getString("NtlmProxyAuthScheme.shortResponse"));
            }
            char[] cArr = new char[this.length / 2];
            int i = this.offset;
            for (int i2 = 0; i2 < cArr.length; i2++) {
                cArr[i2] = (char) (this.this$0.msg[i] | (this.this$0.msg[i + 1] << 8));
                i += 2;
            }
            return new String(cArr);
        }

        public byte[] readBytes() throws IOException {
            byte[] bArr = new byte[this.length];
            if (this.offset + this.length > this.this$0.msg.length) {
                throw new IOException(NtlmProxyAuthScheme.i18n.getString("NtlmProxyAuthScheme.shortResponse"));
            }
            System.arraycopy(this.this$0.msg, this.offset, bArr, 0, this.length);
            return bArr;
        }
    }

    @Override // com.elluminate.net.httpCommon.ProxyAuthScheme
    public boolean setArgs(HashMap hashMap) {
        try {
            this.md5 = MessageDigest.getInstance("MD5");
            try {
                "test".getBytes("US-ASCII");
                "test".getBytes("UnicodeLittleUnmarked");
                return true;
            } catch (UnsupportedEncodingException e) {
                return false;
            }
        } catch (NoSuchAlgorithmException e2) {
            return false;
        }
    }

    @Override // com.elluminate.net.httpCommon.ProxyAuthScheme
    public int getStrength() {
        return 25;
    }

    @Override // com.elluminate.net.httpCommon.ProxyAuthScheme
    public boolean checkResponse(NetHttpResponse netHttpResponse) throws IOException {
        int code = netHttpResponse.getCode();
        if (NetDebug.NTLM.show()) {
            Debug.message(this, "checkResponse", new StringBuffer().append("STAGE=").append(this.stage).toString());
        }
        switch (this.stage) {
            case 1:
                processType2(netHttpResponse);
                this.stage = 2;
                break;
            case 2:
            default:
                throw new IOException("Invalid authentication state.");
            case 3:
                if (netHttpResponse.getCodeType() == 200) {
                    this.stage = 4;
                    break;
                } else {
                    if (code != 407) {
                        throw new IOException(i18n.getString("NtlmProxyAuthScheme.refused", new Integer(code), netHttpResponse.getMessage()));
                    }
                    if (this.useNTLMv2) {
                        this.useNTLMv2 = false;
                    } else if (this.authData != null) {
                        ProxyAuthDataStore.voidAuthData(this.authData);
                        this.authData = null;
                        this.useNTLMv2 = true;
                    }
                    this.stage = 0;
                    break;
                }
            case 4:
                break;
        }
        return this.stage != 4;
    }

    @Override // com.elluminate.net.httpCommon.ProxyAuthScheme
    public void authenticate(NetHttpRequest netHttpRequest) throws IOException {
        if (NetDebug.NTLM.show()) {
            Debug.message(this, "authenticate", new StringBuffer().append("STAGE=").append(this.stage).toString());
        }
        switch (this.stage) {
            case 0:
                sendType1(netHttpRequest);
                this.stage = 1;
                return;
            case 1:
            case 3:
            default:
                throw new IOException("Invalid authentication state.");
            case 2:
                sendType3(netHttpRequest);
                this.stage = 3;
                return;
            case 4:
                return;
        }
    }

    @Override // com.elluminate.net.httpCommon.ProxyAuthScheme
    public boolean disconnectRequired() {
        return this.stage == 0;
    }

    private void sendType1(NetHttpRequest netHttpRequest) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(16);
        byteArrayOutputStream.write(NTLMSSP_SIG);
        byteArrayOutputStream.write(TYPE1_MSG);
        byteArrayOutputStream.write(encodeInt(517));
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        StringBuffer stringBuffer = new StringBuffer("NTLM ");
        Base64.encode(byteArray, stringBuffer);
        netHttpRequest.setHeader("Proxy-Authorization", stringBuffer.toString());
    }

    private void processType2(NetHttpResponse netHttpResponse) throws IOException {
        netHttpResponse.getHeader("Proxy-Authenticate");
        this.msg = null;
        this.target = null;
        this.targetInfo = null;
        this.challenge = null;
        HttpHeaderParser.parseAuth(netHttpResponse, this);
        if (this.msg == null) {
            throw new IOException(i18n.getString("NtlmProxyAuthScheme.invalidResponse"));
        }
        if (!checkSig(0, NTLMSSP_SIG)) {
            throw new IOException(i18n.getString("NtlmProxyAuthScheme.missingSignature"));
        }
        int length = 0 + NTLMSSP_SIG.length;
        if (!checkSig(length, TYPE2_MSG)) {
            throw new IOException(i18n.getString("NtlmProxyAuthScheme.invalidResponse"));
        }
        int length2 = length + TYPE2_MSG.length;
        int readInt = readInt(20);
        if ((readInt & 1) == 0) {
            throw new IOException();
        }
        if ((readInt & 65536) == 0 && (readInt & 131072) == 0 && (readInt & 262144) == 0) {
            throw new IOException();
        }
        this.challenge = new byte[8];
        System.arraycopy(this.msg, 24, this.challenge, 0, 8);
        SecurityBuffer securityBuffer = null;
        try {
            SecurityBuffer securityBuffer2 = new SecurityBuffer(this, 12, 32);
            this.target = securityBuffer2.readString();
            if (this.useNTLMv2) {
                if ((readInt & NEGOTIATE_TARGET_INFO) == 0) {
                    this.useNTLMv2 = false;
                } else if (securityBuffer2.offset == 48) {
                    securityBuffer = new SecurityBuffer(this, 40, securityBuffer2.offset + securityBuffer2.alloc);
                } else if (securityBuffer2.offset == 40) {
                    securityBuffer = new SecurityBuffer(this, 32, securityBuffer2.offset + securityBuffer2.alloc);
                } else {
                    try {
                        securityBuffer = new SecurityBuffer(this, 32, 40);
                    } catch (IOException e) {
                        try {
                            securityBuffer = new SecurityBuffer(this, 40, 48);
                        } catch (IOException e2) {
                            this.useNTLMv2 = false;
                        }
                    }
                }
            }
            if (!this.useNTLMv2 || securityBuffer == null) {
                return;
            }
            this.targetInfo = securityBuffer.readBytes();
        } catch (IOException e3) {
            throw new IOException(i18n.getString("NtlmProxyAuthScheme.noTarget"));
        }
    }

    private void sendType3(NetHttpRequest netHttpRequest) throws IOException {
        String str;
        byte[] lMResponse;
        byte[] nTLMResponse;
        if (this.authData == null) {
            this.authData = ProxyAuthDataStore.getAuthData("NTLM", this.target);
        }
        try {
            str = InetAddress.getLocalHost().getHostName();
        } catch (UnknownHostException e) {
            str = "localhost";
        }
        if (this.useNTLMv2 && makeBlob() == null) {
            this.useNTLMv2 = false;
        }
        if (this.useNTLMv2) {
            lMResponse = getLMv2Response(this.authData);
            nTLMResponse = getNTLMv2Response(this.authData);
        } else {
            lMResponse = getLMResponse(this.authData);
            nTLMResponse = getNTLMResponse(this.authData);
        }
        byte[] bArr = new byte[60 + lMResponse.length + nTLMResponse.length + (this.target.length() * 2) + (this.authData.getUser().length() * 2) + (str.length() * 2)];
        System.arraycopy(NTLMSSP_SIG, 0, bArr, 0, NTLMSSP_SIG.length);
        System.arraycopy(TYPE3_MSG, 0, bArr, 8, TYPE3_MSG.length);
        writeSecurityBuf(bArr, 52, writeSecurityBuf(bArr, 44, writeSecurityBuf(bArr, 36, writeSecurityBuf(bArr, 28, writeSecurityBuf(bArr, 20, writeSecurityBuf(bArr, 12, 60, lMResponse), nTLMResponse), this.target), this.authData.getUser()), str), new byte[0]);
        netHttpRequest.setHeader("Proxy-Authorization", new StringBuffer().append("NTLM ").append(Base64.encode(bArr)).toString());
    }

    private byte[] getLMResponse(ProxyAuthData proxyAuthData) throws IOException {
        return lmResponse(lmHash(proxyAuthData.getPass()), this.challenge);
    }

    private byte[] getNTLMResponse(ProxyAuthData proxyAuthData) throws IOException {
        return lmResponse(ntlmHash(proxyAuthData.getPass()), this.challenge);
    }

    private byte[] getLMv2Response(ProxyAuthData proxyAuthData) throws IOException {
        return lmv2Response(ntlmv2Hash(proxyAuthData), this.clientChallenge, this.challenge);
    }

    private byte[] getNTLMv2Response(ProxyAuthData proxyAuthData) throws IOException {
        return lmv2Response(ntlmv2Hash(proxyAuthData), makeBlob(), this.challenge);
    }

    private byte[] lmHash(String str) {
        try {
            byte[] bytes = str.toUpperCase().getBytes("US-ASCII");
            byte[] bytes2 = "KGS!@#$%".getBytes("US-ASCII");
            int min = Math.min(bytes.length, 14);
            byte[] bArr = new byte[14];
            System.arraycopy(bytes, 0, bArr, 0, min);
            byte[] createDESKey = createDESKey(bArr, 0);
            byte[] createDESKey2 = createDESKey(bArr, 7);
            DES des = new DES();
            byte[] bArr2 = new byte[16];
            des.init(createDESKey, true);
            des.processBlock(bytes2, 0, bArr2, 0);
            des.init(createDESKey2, true);
            des.processBlock(bytes2, 0, bArr2, 8);
            return bArr2;
        } catch (UnsupportedEncodingException e) {
            throw new IllegalStateException("Unable to get US-ASCII character encoding");
        }
    }

    private byte[] ntlmHash(String str) {
        try {
            byte[] bytes = str.getBytes("UnicodeLittleUnmarked");
            MD4 md4 = new MD4();
            md4.process(bytes);
            return md4.hash();
        } catch (UnsupportedEncodingException e) {
            throw new IllegalStateException("Unable to get UnicodeLittleUnmarked encoding");
        }
    }

    private byte[] ntlmv2Hash(ProxyAuthData proxyAuthData) {
        try {
            return hmacMD5(new StringBuffer().append(proxyAuthData.getUser().toUpperCase()).append(proxyAuthData.getRealm().toUpperCase()).toString().getBytes("UnicodeLittleUnmarked"), ntlmHash(proxyAuthData.getPass()));
        } catch (UnsupportedEncodingException e) {
            throw new IllegalStateException("Unable to get UnicodeLittleUnmarked encoding");
        }
    }

    private byte[] lmResponse(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[21];
        System.arraycopy(bArr, 0, bArr3, 0, 16);
        byte[] createDESKey = createDESKey(bArr3, 0);
        byte[] createDESKey2 = createDESKey(bArr3, 7);
        byte[] createDESKey3 = createDESKey(bArr3, 14);
        DES des = new DES();
        byte[] bArr4 = new byte[24];
        des.init(createDESKey, true);
        des.processBlock(bArr2, 0, bArr4, 0);
        des.init(createDESKey2, true);
        des.processBlock(bArr2, 0, bArr4, 8);
        des.init(createDESKey3, true);
        des.processBlock(bArr2, 0, bArr4, 16);
        return bArr4;
    }

    private byte[] lmv2Response(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        byte[] bArr4 = new byte[bArr3.length + bArr2.length];
        System.arraycopy(bArr3, 0, bArr4, 0, bArr3.length);
        System.arraycopy(bArr2, 0, bArr4, bArr3.length, bArr2.length);
        byte[] hmacMD5 = hmacMD5(bArr4, bArr);
        byte[] bArr5 = new byte[hmacMD5.length + bArr2.length];
        System.arraycopy(hmacMD5, 0, bArr5, 0, hmacMD5.length);
        System.arraycopy(bArr2, 0, bArr5, hmacMD5.length, bArr2.length);
        return bArr5;
    }

    private byte[] createDESKey(byte[] bArr, int i) {
        byte[] bArr2 = new byte[7];
        System.arraycopy(bArr, i, bArr2, 0, 7);
        byte[] bArr3 = {bArr2[0], (byte) ((bArr2[0] << 7) | ((bArr2[1] & 255) >>> 1)), (byte) ((bArr2[1] << 6) | ((bArr2[2] & 255) >>> 2)), (byte) ((bArr2[2] << 5) | ((bArr2[3] & 255) >>> 3)), (byte) ((bArr2[3] << 4) | ((bArr2[4] & 255) >>> 4)), (byte) ((bArr2[4] << 3) | ((bArr2[5] & 255) >>> 5)), (byte) ((bArr2[5] << 2) | ((bArr2[6] & 255) >>> 6)), (byte) (bArr2[6] << 1)};
        oddParity(bArr3);
        return bArr3;
    }

    private void oddParity(byte[] bArr) {
        for (int i = 0; i < bArr.length; i++) {
            byte b = bArr[i];
            if (((((((((b >>> 7) ^ (b >>> 6)) ^ (b >>> 5)) ^ (b >>> 4)) ^ (b >>> 3)) ^ (b >>> 2)) ^ (b >>> 1)) & 1) == 0) {
                int i2 = i;
                bArr[i2] = (byte) (bArr[i2] | 1);
            } else {
                int i3 = i;
                bArr[i3] = (byte) (bArr[i3] & (-2));
            }
        }
    }

    private byte[] hmacMD5(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[64];
        byte[] bArr4 = new byte[64];
        for (int i = 0; i < 64; i++) {
            bArr3[i] = 54;
            bArr4[i] = 92;
        }
        for (int length = bArr2.length - 1; length >= 0; length--) {
            int i2 = length;
            bArr3[i2] = (byte) (bArr3[i2] ^ bArr2[length]);
            int i3 = length;
            bArr4[i3] = (byte) (bArr4[i3] ^ bArr2[length]);
        }
        byte[] bArr5 = new byte[bArr.length + 64];
        System.arraycopy(bArr3, 0, bArr5, 0, 64);
        System.arraycopy(bArr, 0, bArr5, 64, bArr.length);
        byte[] digest = this.md5.digest(bArr5);
        byte[] bArr6 = new byte[digest.length + 64];
        System.arraycopy(bArr4, 0, bArr6, 0, 64);
        System.arraycopy(digest, 0, bArr6, 64, digest.length);
        return this.md5.digest(bArr6);
    }

    @Override // com.elluminate.net.httpCommon.AuthenticateHandler
    public boolean scheme(String str, HashMap hashMap) {
        if (!str.equalsIgnoreCase("ntlm") || !hashMap.containsKey("")) {
            return true;
        }
        try {
            this.msg = Base64.decode((String) hashMap.get(""));
            return false;
        } catch (EncodingException e) {
            return true;
        }
    }

    private byte[] encodeInt(int i) {
        return new byte[]{(byte) (i & 255), (byte) ((i >> 8) & 255), (byte) ((i >> 16) & 255), (byte) ((i >> 24) & 255)};
    }

    protected boolean checkSig(int i, byte[] bArr) {
        if (i + bArr.length > this.msg.length) {
            return false;
        }
        for (int i2 = 0; i2 < bArr.length; i2++) {
            if (this.msg[i + i2] != bArr[i2]) {
                return false;
            }
        }
        return true;
    }

    protected short readShort(int i) throws IOException {
        if (this.msg.length < i + 2) {
            throw new IOException(i18n.getString("NtlmProxyAuthScheme.shortResponse"));
        }
        return (short) ((this.msg[i] & 255) | ((this.msg[i + 1] & 255) << 8));
    }

    protected int readInt(int i) throws IOException {
        if (this.msg.length < i + 4) {
            throw new IOException(i18n.getString("NtlmProxyAuthScheme.shortResponse"));
        }
        return (this.msg[i] & 255) | ((this.msg[i + 1] & 255) << 8) | ((this.msg[i + 2] & 255) << 16) | ((this.msg[i + 3] & 255) << 24);
    }

    protected int writeSecurityBuf(byte[] bArr, int i, int i2, byte[] bArr2) {
        int length = bArr2.length;
        byte b = (byte) (length & 255);
        bArr[i + 2] = b;
        bArr[i] = b;
        int i3 = i + 1;
        byte b2 = (byte) ((length >> 8) & 255);
        bArr[i3 + 2] = b2;
        bArr[i3] = b2;
        int i4 = i3 + 3;
        int i5 = i4 + 1;
        bArr[i4] = (byte) (i2 & 255);
        int i6 = i5 + 1;
        bArr[i5] = (byte) ((i2 >> 8) & 255);
        int i7 = i6 + 1;
        bArr[i6] = (byte) ((i2 >> 16) & 255);
        int i8 = i7 + 1;
        bArr[i7] = (byte) ((i2 >> 24) & 255);
        System.arraycopy(bArr2, 0, bArr, i2, length);
        return i2 + length;
    }

    protected int writeSecurityBuf(byte[] bArr, int i, int i2, String str) {
        byte[] bArr2 = new byte[str.length() * 2];
        for (int i3 = 0; i3 < str.length(); i3++) {
            char charAt = str.charAt(i3);
            int i4 = i3 * 2;
            bArr2[i4] = (byte) (charAt & 255);
            bArr2[i4 + 1] = (byte) ((charAt >> '\b') & 255);
        }
        return writeSecurityBuf(bArr, i, i2, bArr2);
    }

    private byte[] makeBlob() {
        if (this.targetInfo == null) {
            return null;
        }
        byte[] bArr = new byte[28 + this.targetInfo.length];
        this.clientChallenge = new BigInteger(64, this.rnd).toByteArray();
        System.arraycopy(BLOB_SIG, 0, bArr, 0, BLOB_SIG.length);
        System.arraycopy(getTimeStamp(), 0, bArr, 8, 8);
        System.arraycopy(this.clientChallenge, 0, bArr, 16, this.clientChallenge.length);
        System.arraycopy(this.targetInfo, 0, bArr, 28, this.targetInfo.length);
        return bArr;
    }

    private byte[] getTimeStamp() {
        long currentTimeMillis = (System.currentTimeMillis() + EPOCH_MSEC) * 10000;
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) ((currentTimeMillis >> (8 * i)) & 255);
        }
        return bArr;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$elluminate$net$httpCommon$NtlmProxyAuthScheme == null) {
            cls = class$("com.elluminate.net.httpCommon.NtlmProxyAuthScheme");
            class$com$elluminate$net$httpCommon$NtlmProxyAuthScheme = cls;
        } else {
            cls = class$com$elluminate$net$httpCommon$NtlmProxyAuthScheme;
        }
        i18n = new I18n(cls);
    }
}
