package org.ntlmv2.liferay;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import jcifs.dcerpc.DcerpcHandle;
import jcifs.smb.NtlmPasswordAuthentication;
import jcifs.util.DES;
import jcifs.util.Encdec;
import jcifs.util.HMACT64;
import jcifs.util.MD4;
import org.ntlmv2.liferay.ntlm.msrpc.NetlogonAuthenticator;
import org.ntlmv2.liferay.ntlm.msrpc.NetrServerAuthenticate3;
import org.ntlmv2.liferay.ntlm.msrpc.NetrServerReqChallenge;

/* loaded from: input_file:org/ntlmv2/liferay/NetlogonConnection.class */
public class NetlogonConnection {
    private static int _negotiateFlags;
    private byte[] _clientCredential;
    private DcerpcHandle _dcerpcHandle;
    private byte[] _sessionKey;

    public NetlogonConnection() {
        if (_negotiateFlags == 0) {
            if ("0x600FFFFF".startsWith("0x")) {
                _negotiateFlags = Integer.valueOf("0x600FFFFF".substring(2), 16).intValue();
            } else {
                _negotiateFlags = 1611661311;
            }
        }
    }

    public NetlogonAuthenticator computeNetlogonAuthenticator() {
        int currentTimeMillis = (int) System.currentTimeMillis();
        Encdec.enc_uint32le(Encdec.dec_uint32le(this._clientCredential, 0) + currentTimeMillis, this._clientCredential, 0);
        return new NetlogonAuthenticator(computeNetlogonCredential(this._clientCredential, this._sessionKey), currentTimeMillis);
    }

    public void connect(String str, String str2, NtlmServiceAccount ntlmServiceAccount, SecureRandom secureRandom) throws IOException, NtlmLogonException, NoSuchAlgorithmException {
        DcerpcHandle handle = DcerpcHandle.getHandle("ncacn_np:" + str + "[\\PIPE\\NETLOGON]", new NtlmPasswordAuthentication((String) null, ntlmServiceAccount.getAccount(), ntlmServiceAccount.getPassword()));
        setDcerpcHandle(handle);
        handle.bind();
        byte[] bArr = new byte[8];
        secureRandom.nextBytes(bArr);
        NetrServerReqChallenge netrServerReqChallenge = new NetrServerReqChallenge(str2, ntlmServiceAccount.getComputerName(), bArr, new byte[8]);
        handle.sendrecv(netrServerReqChallenge);
        MD4 md4 = new MD4();
        md4.update(ntlmServiceAccount.getPassword().getBytes("UTF-16LE"));
        byte[] computeSessionKey = computeSessionKey(md4.digest(), bArr, netrServerReqChallenge.getServerChallenge());
        byte[] computeNetlogonCredential = computeNetlogonCredential(bArr, computeSessionKey);
        NetrServerAuthenticate3 netrServerAuthenticate3 = new NetrServerAuthenticate3(str2, ntlmServiceAccount.getAccountName(), 2, ntlmServiceAccount.getComputerName(), computeNetlogonCredential, new byte[8], _negotiateFlags);
        handle.sendrecv(netrServerAuthenticate3);
        if (!Arrays.equals(computeNetlogonCredential(netrServerReqChallenge.getServerChallenge(), computeSessionKey), netrServerAuthenticate3.getServerCredential())) {
            throw new NtlmLogonException("Session key negotiation failed");
        }
        this._clientCredential = computeNetlogonCredential;
        this._sessionKey = computeSessionKey;
    }

    public void disconnect() throws IOException {
        if (this._dcerpcHandle != null) {
            this._dcerpcHandle.close();
        }
    }

    public byte[] getClientCredential() {
        return this._clientCredential;
    }

    public DcerpcHandle getDcerpcHandle() {
        return this._dcerpcHandle;
    }

    public byte[] getSessionKey() {
        return this._sessionKey;
    }

    public void setDcerpcHandle(DcerpcHandle dcerpcHandle) {
        this._dcerpcHandle = dcerpcHandle;
    }

    protected byte[] computeNetlogonCredential(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[7];
        byte[] bArr4 = new byte[7];
        System.arraycopy(bArr2, 0, bArr3, 0, 7);
        System.arraycopy(bArr2, 7, bArr4, 0, 7);
        DES des = new DES(bArr3);
        DES des2 = new DES(bArr4);
        byte[] bArr5 = new byte[8];
        byte[] bArr6 = new byte[8];
        des.encrypt(bArr, bArr5);
        des2.encrypt(bArr5, bArr6);
        return bArr6;
    }

    protected byte[] computeSessionKey(byte[] bArr, byte[] bArr2, byte[] bArr3) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        messageDigest.update(new byte[]{0, 0, 0, 0}, 0, 4);
        messageDigest.update(bArr2, 0, 8);
        messageDigest.update(bArr3, 0, 8);
        HMACT64 hmact64 = new HMACT64(bArr);
        hmact64.update(messageDigest.digest());
        return hmact64.digest();
    }
}
