package jcifs.spnego;

import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.net.UnknownHostException;
import java.security.Principal;
import java.security.PrivilegedExceptionAction;
import java.util.Arrays;
import java.util.List;
import java.util.Properties;
import jcifs.Config;
import jcifs.UniAddress;
import jcifs.netbios.NbtAddress;
import jcifs.ntlmssp.Type1Message;
import jcifs.ntlmssp.Type2Message;
import jcifs.ntlmssp.Type3Message;
import jcifs.smb.NtlmPasswordAuthentication;
import jcifs.smb.SmbSession;

/* loaded from: input_file:jcifs/spnego/Authentication.class */
public class Authentication {
    private static final byte[] NTLMSSP_SIGNATURE = {78, 84, 76, 77, 83, 83, 80, 0};
    private static final boolean KERBEROS_SUPPORTED = getKerberosSupport();
    private Properties properties;
    private boolean client;
    private byte[] nextToken;
    private Object subject;
    private Principal principal;
    private Object context;
    private static Object kerberosOid;
    private static Method getGssInstance;
    private static Method createName;
    private static Method createCredential;
    private static Method createInitiateContext;
    private static Method createAcceptContext;
    private static Method initSecContext;
    private static Method acceptSecContext;
    private static Method getSrcName;
    private static Method getCredDelegState;
    private static Method getMutualAuthState;
    private static Method getReplayDetState;
    private static Method getSequenceDetState;
    private static Method getAnonymityState;
    private static Method getConfState;
    private static Method getIntegState;
    private static Method isEstablished;
    private static Class callbackHandler;
    private static Constructor newKerberosPrincipal;
    private static Constructor newLoginContext;
    private static Method login;
    private static Method getSubject;
    private static Method doAsPrivileged;
    static Class class$java$lang$String;
    static Class array$B;
    static Class class$java$security$PrivilegedExceptionAction;
    static Class class$java$security$AccessControlContext;
    static Class array$C;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jcifs/spnego/Authentication$ClientAction.class */
    public class ClientAction implements PrivilegedExceptionAction {
        private byte[] token;
        private final Authentication this$0;

        public ClientAction(Authentication authentication, byte[] bArr) {
            this.this$0 = authentication;
            this.token = bArr != null ? bArr : new byte[0];
        }

        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws Exception {
            if (this.this$0.context == null) {
                Object invoke = Authentication.getGssInstance.invoke(null, null);
                Object invoke2 = Authentication.createName.invoke(invoke, this.this$0.getProperty("jcifs.spnego.servicePrincipal"), null);
                Object obj = null;
                String property = this.this$0.getProperty("javax.security.auth.login.name");
                if (property != null) {
                    obj = Authentication.createCredential.invoke(invoke, Authentication.createName.invoke(invoke, property, null), new Integer(0), Authentication.kerberosOid, new Integer(1));
                }
                this.this$0.context = Authentication.createInitiateContext.invoke(invoke, invoke2, Authentication.kerberosOid, obj, new Integer(0));
            }
            return Authentication.initSecContext.invoke(this.this$0.context, this.token, new Integer(0), new Integer(this.token.length));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jcifs/spnego/Authentication$ServerAction.class */
    public class ServerAction implements PrivilegedExceptionAction {
        private byte[] token;
        private final Authentication this$0;

        public ServerAction(Authentication authentication, byte[] bArr) {
            this.this$0 = authentication;
            this.token = bArr != null ? bArr : new byte[0];
        }

        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws Exception {
            if (this.this$0.context == null) {
                Object invoke = Authentication.getGssInstance.invoke(null, null);
                this.this$0.context = Authentication.createAcceptContext.invoke(invoke, Authentication.createCredential.invoke(invoke, Authentication.createName.invoke(invoke, this.this$0.getProperty("jcifs.spnego.servicePrincipal"), null), new Integer(0), Authentication.kerberosOid, new Integer(2)));
            }
            return Authentication.acceptSecContext.invoke(this.this$0.context, this.token, new Integer(0), new Integer(this.token.length));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:jcifs/spnego/Authentication$SpnegoLoginHandler.class */
    public static class SpnegoLoginHandler implements InvocationHandler {
        private final String username;
        private final String password;

        public SpnegoLoginHandler(String str, String str2) {
            this.username = str;
            this.password = str2;
        }

        @Override // java.lang.reflect.InvocationHandler
        public Object invoke(Object obj, Method method, Object[] objArr) throws Throwable {
            Class<?> cls;
            Class<?> cls2;
            if (!"handle".equals(method.getName())) {
                throw new UnsupportedOperationException(method.getName());
            }
            Object[] objArr2 = (Object[]) objArr[0];
            Class<?> cls3 = Class.forName("javax.security.auth.callback.NameCallback");
            Class<?>[] clsArr = new Class[1];
            if (Authentication.class$java$lang$String == null) {
                cls = Authentication.class$("java.lang.String");
                Authentication.class$java$lang$String = cls;
            } else {
                cls = Authentication.class$java$lang$String;
            }
            clsArr[0] = cls;
            Method method2 = cls3.getMethod("setName", clsArr);
            Class<?> cls4 = Class.forName("javax.security.auth.callback.PasswordCallback");
            Class<?>[] clsArr2 = new Class[1];
            if (Authentication.array$C == null) {
                cls2 = Authentication.class$("[C");
                Authentication.array$C = cls2;
            } else {
                cls2 = Authentication.array$C;
            }
            clsArr2[0] = cls2;
            Method method3 = cls4.getMethod("setPassword", clsArr2);
            for (Object obj2 : objArr2) {
                if (cls3.isInstance(obj2)) {
                    method2.invoke(obj2, this.username);
                }
                if (cls4.isInstance(obj2)) {
                    Object[] objArr3 = new Object[1];
                    objArr3[0] = this.password != null ? this.password.toCharArray() : null;
                    method3.invoke(obj2, objArr3);
                }
            }
            return null;
        }
    }

    public Authentication() {
        this(null);
    }

    public Authentication(Properties properties) {
        this.properties = new Properties();
        setProperties(properties);
    }

    public byte[] getNextToken() {
        return this.nextToken;
    }

    public Principal getPrincipal() {
        return this.principal;
    }

    public Properties getProperties() {
        return this.properties;
    }

    public void setProperties(Properties properties) {
        this.properties = properties != null ? properties : new Properties();
    }

    public String getProperty(String str) {
        String property = getProperties().getProperty(str);
        if (property == null) {
            property = Config.getProperty(str);
        }
        return property != null ? property : System.getProperty(str);
    }

    public void setProperty(String str, String str2) {
        if (str2 != null) {
            getProperties().setProperty(str, str2);
        } else {
            getProperties().remove(str);
        }
    }

    public void init(String[] strArr) throws AuthenticationException {
        byte[] bArr;
        reset();
        this.client = true;
        if (strArr == null || strArr.length == 0) {
            String property = getProperty("jcifs.smb.client.useUnicode");
            int i = 512 | (property != null ? Boolean.valueOf(property).booleanValue() : true ? 1 : 2);
            String property2 = getProperty("jcifs.smb.client.domain");
            String str = null;
            try {
                str = NbtAddress.getLocalHost().getHostName();
            } catch (UnknownHostException e) {
            }
            this.nextToken = new Type1Message(i, property2, str).toByteArray();
            return;
        }
        int i2 = 0;
        String str2 = strArr[0];
        if (SpnegoConstants.NTLMSSP_MECHANISM.equals(str2)) {
            String property3 = getProperty("jcifs.smb.client.useUnicode");
            int i3 = 512 | (property3 != null ? Boolean.valueOf(property3).booleanValue() : true ? 1 : 2);
            String property4 = getProperty("jcifs.smb.client.domain");
            String str3 = null;
            try {
                str3 = NbtAddress.getLocalHost().getHostName();
            } catch (UnknownHostException e2) {
            }
            bArr = new Type1Message(i3, property4, str3).toByteArray();
        } else {
            if (!SpnegoConstants.KERBEROS_MECHANISM.equals(str2) && !SpnegoConstants.LEGACY_KERBEROS_MECHANISM.equals(str2)) {
                throw new UnsupportedMechanismException(new StringBuffer().append("Unsupported initial mechanism: ").append(str2).toString());
            }
            ClientAction clientAction = new ClientAction(this, null);
            String property5 = getProperty("javax.security.auth.useSubjectCredsOnly");
            if (property5 == null ? true : Boolean.valueOf(property5).booleanValue()) {
                try {
                    Object newInstance = newLoginContext.newInstance("jcifs.spnego.initiate", createLoginHandler(getProperty("javax.security.auth.login.name"), getProperty("javax.security.auth.login.password")));
                    login.invoke(newInstance, null);
                    this.subject = getSubject.invoke(newInstance, null);
                } catch (Exception e3) {
                    throw new AuthenticationException(new StringBuffer().append("Unable to login: ").append(e3).toString(), e3);
                }
            }
            try {
                bArr = (byte[]) (this.subject != null ? doAsPrivileged.invoke(null, this.subject, clientAction, null) : clientAction.run());
                try {
                    if (((Boolean) getCredDelegState.invoke(this.context, null)).booleanValue()) {
                        i2 = 0 | 64;
                    }
                    if (((Boolean) getMutualAuthState.invoke(this.context, null)).booleanValue()) {
                        i2 |= 32;
                    }
                    if (((Boolean) getReplayDetState.invoke(this.context, null)).booleanValue()) {
                        i2 |= 16;
                    }
                    if (((Boolean) getSequenceDetState.invoke(this.context, null)).booleanValue()) {
                        i2 |= 8;
                    }
                    if (((Boolean) getAnonymityState.invoke(this.context, null)).booleanValue()) {
                        i2 |= 4;
                    }
                    if (((Boolean) getConfState.invoke(this.context, null)).booleanValue()) {
                        i2 |= 2;
                    }
                    if (((Boolean) getIntegState.invoke(this.context, null)).booleanValue()) {
                        i2 |= 1;
                    }
                } catch (Exception e4) {
                    throw new AuthenticationException(e4.getMessage());
                }
            } catch (Exception e5) {
                throw new AuthenticationException(new StringBuffer().append("Error processing token: ").append(e5).toString(), e5);
            }
        }
        this.nextToken = new NegTokenInit(strArr, i2, bArr, null).toByteArray();
    }

    public void reset() {
        this.client = false;
        this.nextToken = null;
        this.subject = null;
        this.principal = null;
        this.context = null;
    }

    public void process(byte[] bArr) throws AuthenticationException {
        if (bArr == null) {
            throw new NullPointerException("Null token.");
        }
        if (getPrincipal() != null) {
            throw new IllegalStateException("Context already completed.");
        }
        if (isNtlm(bArr)) {
            processNtlm(bArr);
        } else {
            processSpnego(bArr);
        }
    }

    private UniAddress getDomainController() throws UnknownHostException {
        boolean z = false;
        String property = getProperty("jcifs.http.domainController");
        if (property == null) {
            property = getProperty("jcifs.smb.client.domain");
            String property2 = getProperty("jcifs.http.loadBalance");
            z = property2 != null ? Boolean.valueOf(property2).booleanValue() : true;
        }
        return z ? new UniAddress(NbtAddress.getByName(property, 28, (String) null)) : UniAddress.getByName(property, true);
    }

    private void processNtlm(byte[] bArr) throws AuthenticationException {
        try {
            switch (bArr[8]) {
                case 1:
                    if (!this.client) {
                        this.nextToken = new Type2Message(new Type1Message(bArr), SmbSession.getChallenge(getDomainController()), (String) null).toByteArray();
                        break;
                    } else {
                        throw new AuthenticationException("NTLM Type 1 message received by client.");
                    }
                case 2:
                    if (!this.client) {
                        throw new AuthenticationException("NTLM Type 2 message received by server.");
                    }
                    String str = null;
                    try {
                        str = NbtAddress.getLocalHost().getHostName();
                    } catch (UnknownHostException e) {
                    }
                    this.nextToken = new Type3Message(new Type2Message(bArr), getProperty("jcifs.smb.client.password"), getProperty("jcifs.smb.client.domain"), getProperty("jcifs.smb.client.username"), str).toByteArray();
                    break;
                case 3:
                    if (!this.client) {
                        Type3Message type3Message = new Type3Message(bArr);
                        byte[] lMResponse = type3Message.getLMResponse();
                        if (lMResponse == null) {
                            lMResponse = new byte[0];
                        }
                        byte[] nTResponse = type3Message.getNTResponse();
                        if (nTResponse == null) {
                            nTResponse = new byte[0];
                        }
                        this.nextToken = null;
                        NtlmPasswordAuthentication ntlmPasswordAuthentication = new NtlmPasswordAuthentication(type3Message.getDomain(), type3Message.getUser(), SmbSession.getChallenge(getDomainController()), lMResponse, nTResponse);
                        SmbSession.logon(getDomainController(), ntlmPasswordAuthentication);
                        this.principal = ntlmPasswordAuthentication;
                        break;
                    } else {
                        throw new AuthenticationException("NTLM Type 3 message received by client.");
                    }
                default:
                    throw new AuthenticationException(new StringBuffer().append("Unrecognized NTLM Token Type: ").append((int) bArr[8]).toString());
            }
        } catch (AuthenticationException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new AuthenticationException(new StringBuffer().append("Error performing NTLM authentication: ").append(e3).toString(), e3);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void processSpnego(byte[] bArr) throws AuthenticationException {
        NegTokenTarg negTokenTarg;
        byte[] mechanismToken;
        String mechanism;
        try {
            switch (bArr[0]) {
                case -95:
                    NegTokenTarg negTokenTarg2 = new NegTokenTarg(bArr);
                    negTokenTarg = negTokenTarg2;
                    mechanismToken = negTokenTarg2.getMechanismToken();
                    mechanism = negTokenTarg2.getMechanism();
                    break;
                case 96:
                    NegTokenInit negTokenInit = new NegTokenInit(bArr);
                    negTokenTarg = negTokenInit;
                    mechanismToken = negTokenInit.getMechanismToken();
                    mechanism = mechanismToken != null ? negTokenInit.getMechanisms()[0] : null;
                    break;
                default:
                    throw new AuthenticationException("Unrecognized SPNEGO Token.");
            }
            if (isNtlm(mechanismToken)) {
                processNtlm(mechanismToken);
                if (this.nextToken == null) {
                } else {
                    this.nextToken = new NegTokenTarg(getPrincipal() == null ? 1 : 0, SpnegoConstants.NTLMSSP_MECHANISM, this.nextToken, null).toByteArray();
                }
            } else if (mechanism != null && KERBEROS_SUPPORTED) {
                processKerberos(mechanism, mechanismToken);
            } else {
                if (!(negTokenTarg instanceof NegTokenInit)) {
                    this.nextToken = new NegTokenTarg(2, null, null, null).toByteArray();
                    return;
                }
                String[] mechanisms = ((NegTokenInit) negTokenTarg).getMechanisms();
                if (mechanisms == null) {
                    this.nextToken = new NegTokenTarg(2, null, null, null).toByteArray();
                    return;
                }
                List asList = Arrays.asList(mechanisms);
                String str = KERBEROS_SUPPORTED ? asList.contains(SpnegoConstants.KERBEROS_MECHANISM) ? SpnegoConstants.KERBEROS_MECHANISM : asList.contains(SpnegoConstants.LEGACY_KERBEROS_MECHANISM) ? SpnegoConstants.LEGACY_KERBEROS_MECHANISM : SpnegoConstants.NTLMSSP_MECHANISM : SpnegoConstants.NTLMSSP_MECHANISM;
                if (asList.contains(str)) {
                    this.nextToken = new NegTokenTarg(1, str, null, null).toByteArray();
                } else {
                    this.nextToken = new NegTokenTarg(2, null, null, null).toByteArray();
                }
            }
        } catch (AuthenticationException e) {
            e.printStackTrace();
            throw e;
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new AuthenticationException(new StringBuffer().append("Error performing SPNEGO negotiation: ").append(e2).toString(), e2);
        }
    }

    private void processKerberos(String str, byte[] bArr) throws AuthenticationException {
        int i;
        int i2;
        try {
            if (this.client) {
                ClientAction clientAction = new ClientAction(this, bArr);
                byte[] bArr2 = (byte[]) (this.subject != null ? doAsPrivileged.invoke(null, this.subject, clientAction, null) : clientAction.run());
                if (((Boolean) isEstablished.invoke(this.context, null)).booleanValue()) {
                    i2 = 0;
                    this.principal = (Principal) newKerberosPrincipal.newInstance(getSrcName.invoke(this.context, null).toString());
                } else {
                    i2 = 1;
                }
                this.nextToken = new NegTokenTarg(i2, str, bArr2, null).toByteArray();
            } else {
                ServerAction serverAction = new ServerAction(this, bArr);
                if (this.subject == null) {
                    String property = getProperty("javax.security.auth.useSubjectCredsOnly");
                    if (property == null ? true : Boolean.valueOf(property).booleanValue()) {
                        Object newInstance = newLoginContext.newInstance("jcifs.spnego.accept", createLoginHandler(getProperty("jcifs.spnego.servicePrincipal"), getProperty("jcifs.spnego.servicePassword")));
                        login.invoke(newInstance, null);
                        this.subject = getSubject.invoke(newInstance, null);
                    }
                }
                byte[] bArr3 = (byte[]) (this.subject != null ? doAsPrivileged.invoke(null, this.subject, serverAction, null) : serverAction.run());
                if (((Boolean) isEstablished.invoke(this.context, null)).booleanValue()) {
                    i = 0;
                    this.principal = (Principal) newKerberosPrincipal.newInstance(getSrcName.invoke(this.context, null).toString());
                } else {
                    i = 1;
                }
                this.nextToken = new NegTokenTarg(i, str, bArr3, null).toByteArray();
            }
        } catch (Exception e) {
            throw new AuthenticationException(new StringBuffer().append("Error performing Kerberos authentication: ").append(e).toString(), e);
        }
    }

    private static boolean isNtlm(byte[] bArr) {
        if (bArr == null || bArr.length < 8) {
            return false;
        }
        for (int i = 0; i < 8; i++) {
            if (NTLMSSP_SIGNATURE[i] != bArr[i]) {
                return false;
            }
        }
        return true;
    }

    private static Object createLoginHandler(String str, String str2) {
        return Proxy.newProxyInstance(callbackHandler.getClassLoader(), new Class[]{callbackHandler}, new SpnegoLoginHandler(str, str2));
    }

    private static boolean getKerberosSupport() {
        Class<?> cls;
        Class<?> cls2;
        Class<?> cls3;
        Class<?> cls4;
        Class<?> cls5;
        Class<?> cls6;
        Class<?> cls7;
        try {
            Class<?> cls8 = Class.forName("org.ietf.jgss.GSSManager");
            getGssInstance = cls8.getMethod("getInstance", null);
            Object[] objArr = (Object[]) cls8.getMethod("getMechs", null).invoke(getGssInstance.invoke(null, null), null);
            if (objArr == null) {
                return false;
            }
            for (int length = objArr.length - 1; length >= 0; length--) {
                if (SpnegoConstants.KERBEROS_MECHANISM.equals(objArr[length].toString())) {
                    kerberosOid = objArr[length];
                    Class<?> cls9 = Class.forName("org.ietf.jgss.Oid");
                    Class<?>[] clsArr = new Class[2];
                    if (class$java$lang$String == null) {
                        cls = class$("java.lang.String");
                        class$java$lang$String = cls;
                    } else {
                        cls = class$java$lang$String;
                    }
                    clsArr[0] = cls;
                    clsArr[1] = cls9;
                    createName = cls8.getMethod("createName", clsArr);
                    Class<?> cls10 = Class.forName("org.ietf.jgss.GSSName");
                    createCredential = cls8.getMethod("createCredential", cls10, Integer.TYPE, cls9, Integer.TYPE);
                    Class<?> cls11 = Class.forName("org.ietf.jgss.GSSCredential");
                    createInitiateContext = cls8.getMethod("createContext", cls10, cls9, cls11, Integer.TYPE);
                    createAcceptContext = cls8.getMethod("createContext", cls11);
                    Class<?> cls12 = Class.forName("org.ietf.jgss.GSSContext");
                    Class<?>[] clsArr2 = new Class[3];
                    if (array$B == null) {
                        cls2 = class$("[B");
                        array$B = cls2;
                    } else {
                        cls2 = array$B;
                    }
                    clsArr2[0] = cls2;
                    clsArr2[1] = Integer.TYPE;
                    clsArr2[2] = Integer.TYPE;
                    initSecContext = cls12.getMethod("initSecContext", clsArr2);
                    Class<?>[] clsArr3 = new Class[3];
                    if (array$B == null) {
                        cls3 = class$("[B");
                        array$B = cls3;
                    } else {
                        cls3 = array$B;
                    }
                    clsArr3[0] = cls3;
                    clsArr3[1] = Integer.TYPE;
                    clsArr3[2] = Integer.TYPE;
                    acceptSecContext = cls12.getMethod("acceptSecContext", clsArr3);
                    getSrcName = cls12.getMethod("getSrcName", null);
                    getCredDelegState = cls12.getMethod("getCredDelegState", null);
                    getMutualAuthState = cls12.getMethod("getMutualAuthState", null);
                    getReplayDetState = cls12.getMethod("getReplayDetState", null);
                    getSequenceDetState = cls12.getMethod("getSequenceDetState", null);
                    getAnonymityState = cls12.getMethod("getAnonymityState", null);
                    getConfState = cls12.getMethod("getConfState", null);
                    getIntegState = cls12.getMethod("getIntegState", null);
                    isEstablished = cls12.getMethod("isEstablished", null);
                    Class<?> cls13 = Class.forName("javax.security.auth.login.LoginContext");
                    callbackHandler = Class.forName("javax.security.auth.callback.CallbackHandler");
                    Class<?>[] clsArr4 = new Class[2];
                    if (class$java$lang$String == null) {
                        cls4 = class$("java.lang.String");
                        class$java$lang$String = cls4;
                    } else {
                        cls4 = class$java$lang$String;
                    }
                    clsArr4[0] = cls4;
                    clsArr4[1] = callbackHandler;
                    newLoginContext = cls13.getConstructor(clsArr4);
                    Class<?> cls14 = Class.forName("javax.security.auth.kerberos.KerberosPrincipal");
                    Class<?>[] clsArr5 = new Class[1];
                    if (class$java$lang$String == null) {
                        cls5 = class$("java.lang.String");
                        class$java$lang$String = cls5;
                    } else {
                        cls5 = class$java$lang$String;
                    }
                    clsArr5[0] = cls5;
                    newKerberosPrincipal = cls14.getConstructor(clsArr5);
                    login = cls13.getMethod("login", null);
                    getSubject = cls13.getMethod("getSubject", null);
                    Class<?> cls15 = Class.forName("javax.security.auth.Subject");
                    Class<?>[] clsArr6 = new Class[3];
                    clsArr6[0] = cls15;
                    if (class$java$security$PrivilegedExceptionAction == null) {
                        cls6 = class$("java.security.PrivilegedExceptionAction");
                        class$java$security$PrivilegedExceptionAction = cls6;
                    } else {
                        cls6 = class$java$security$PrivilegedExceptionAction;
                    }
                    clsArr6[1] = cls6;
                    if (class$java$security$AccessControlContext == null) {
                        cls7 = class$("java.security.AccessControlContext");
                        class$java$security$AccessControlContext = cls7;
                    } else {
                        cls7 = class$java$security$AccessControlContext;
                    }
                    clsArr6[2] = cls7;
                    doAsPrivileged = cls15.getMethod("doAsPrivileged", clsArr6);
                    return true;
                }
            }
            return false;
        } catch (Throwable th) {
            return false;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
