package jcifs.pac.kerberos;

import androidx.collection.ArraySetKt$$ExternalSyntheticOutline0;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.kerberos.KerberosKey;
import jcifs.pac.ASN1Util;
import jcifs.pac.PACDecodingException;
import jcifs.util.Encdec;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERGeneralString;
import org.bouncycastle.asn1.DEROctetString;

/* loaded from: classes7.dex */
public class KerberosEncData {
    private ArrayList<InetAddress> userAddresses;
    private List<KerberosAuthData> userAuthorizations;
    private String userPrincipalName;
    private String userRealm;

    public KerberosEncData(byte[] bArr, Map<Integer, KerberosKey> map) throws PACDecodingException {
        InetAddress inetAddress;
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
        try {
            ASN1TaggedObject aSN1TaggedObject = (ASN1TaggedObject) ASN1Util.as(ASN1TaggedObject.class, aSN1InputStream);
            if (aSN1TaggedObject.getTagClass() != 64) {
                throw new PACDecodingException("Malformed kerberos ticket");
            }
            aSN1InputStream.close();
            try {
                Enumeration objects = ((ASN1Sequence) ASN1Util.as(ASN1Sequence.class, aSN1TaggedObject.getBaseObject())).getObjects();
                while (objects.hasMoreElements()) {
                    ASN1TaggedObject aSN1TaggedObject2 = (ASN1TaggedObject) ASN1Util.as(ASN1TaggedObject.class, (Enumeration<?>) objects);
                    switch (aSN1TaggedObject2.getTagNo()) {
                        case 0:
                        case 1:
                        case 4:
                        case 5:
                        case 6:
                        case 7:
                        case 8:
                            break;
                        case 2:
                            this.userRealm = ((DERGeneralString) ASN1Util.as(DERGeneralString.class, aSN1TaggedObject2)).getString();
                            break;
                        case 3:
                            ASN1Sequence aSN1Sequence = (ASN1Sequence) ASN1Util.as(ASN1Sequence.class, (ASN1TaggedObject) ASN1Util.as(ASN1TaggedObject.class, (ASN1Sequence) ASN1Util.as(ASN1Sequence.class, aSN1TaggedObject2), 1));
                            StringBuilder sb = new StringBuilder();
                            Enumeration objects2 = aSN1Sequence.getObjects();
                            while (objects2.hasMoreElements()) {
                                sb.append(((DERGeneralString) ASN1Util.as(DERGeneralString.class, objects2.nextElement())).getString());
                                if (objects2.hasMoreElements()) {
                                    sb.append(IOUtils.DIR_SEPARATOR_UNIX);
                                }
                            }
                            this.userPrincipalName = sb.toString();
                            break;
                        case 9:
                            Enumeration objects3 = ((ASN1Sequence) ASN1Util.as(ASN1Sequence.class, aSN1TaggedObject2)).getObjects();
                            while (objects3.hasMoreElements()) {
                                ASN1Sequence aSN1Sequence2 = (ASN1Sequence) ASN1Util.as(ASN1Sequence.class, (Enumeration<?>) objects3);
                                ASN1Integer aSN1Integer = (ASN1Integer) ASN1Util.as(ASN1Integer.class, aSN1Sequence2, 0);
                                DEROctetString dEROctetString = (DEROctetString) ASN1Util.as(DEROctetString.class, aSN1Sequence2, 1);
                                this.userAddresses = new ArrayList<>();
                                if (aSN1Integer.getValue().intValue() == 2) {
                                    try {
                                        inetAddress = InetAddress.getByAddress(dEROctetString.getOctets());
                                    } catch (UnknownHostException unused) {
                                        inetAddress = null;
                                    }
                                    this.userAddresses.add(inetAddress);
                                }
                            }
                            break;
                        case 10:
                            ASN1Sequence aSN1Sequence3 = (ASN1Sequence) ASN1Util.as(ASN1Sequence.class, aSN1TaggedObject2);
                            this.userAuthorizations = new ArrayList();
                            Enumeration objects4 = aSN1Sequence3.getObjects();
                            while (objects4.hasMoreElements()) {
                                ASN1Sequence aSN1Sequence4 = (ASN1Sequence) ASN1Util.as(ASN1Sequence.class, (Enumeration<?>) objects4);
                                this.userAuthorizations.addAll(KerberosAuthData.parse(((ASN1Integer) ASN1Util.as(ASN1Integer.class, (ASN1TaggedObject) ASN1Util.as(ASN1TaggedObject.class, aSN1Sequence4, 0))).getValue().intValue(), ((DEROctetString) ASN1Util.as(DEROctetString.class, (ASN1TaggedObject) ASN1Util.as(ASN1TaggedObject.class, aSN1Sequence4, 1))).getOctets(), map));
                            }
                            break;
                        default:
                            throw new PACDecodingException("Unknown field " + aSN1TaggedObject2.getTagNo());
                    }
                }
            } catch (IOException e) {
                throw new PACDecodingException("Malformed kerberos ticket", e);
            }
        } catch (IOException e2) {
            throw new PACDecodingException("Malformed kerberos ticket", e2);
        }
    }

    public static byte[] decrypt(byte[] bArr, Key key, int i) throws GeneralSecurityException {
        if (i == 3) {
            return decryptDES(bArr, key, null);
        }
        if (i == 23) {
            return decryptRC4(bArr, key);
        }
        throw new GeneralSecurityException(ArraySetKt$$ExternalSyntheticOutline0.m("Unsupported encryption type ", i));
    }

    private static byte[] decryptDES(byte[] bArr, Key key, Cipher cipher) throws GeneralSecurityException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        try {
            Cipher cipher2 = Cipher.getInstance("DES/CBC/NoPadding");
            cipher2.init(2, new SecretKeySpec(key.getEncoded(), "DES"), new IvParameterSpec(new byte[8]));
            byte[] doFinal = cipher2.doFinal(bArr);
            int length = doFinal.length;
            byte[] bArr2 = new byte[length];
            System.arraycopy(doFinal, 0, bArr2, 0, doFinal.length);
            int i = length - 24;
            byte[] bArr3 = new byte[i];
            System.arraycopy(bArr2, 24, bArr3, 0, i);
            return bArr3;
        } catch (GeneralSecurityException unused) {
            throw new GeneralSecurityException("Checksum failed while decrypting.");
        }
    }

    private static byte[] decryptRC4(byte[] bArr, Key key) throws GeneralSecurityException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        byte[] bArr2 = new byte[4];
        Encdec.enc_uint32le(2, bArr2, 0);
        byte[] hmac = getHmac(bArr2, key.getEncoded());
        byte[] bArr3 = new byte[16];
        System.arraycopy(bArr, 0, bArr3, 0, 16);
        SecretKeySpec secretKeySpec = new SecretKeySpec(getHmac(bArr3, hmac), KerberosConstants.RC4_ALGORITHM);
        Cipher cipher = Cipher.getInstance(KerberosConstants.RC4_ALGORITHM);
        cipher.init(2, secretKeySpec);
        byte[] doFinal = cipher.doFinal(bArr, 16, bArr.length - 16);
        byte[] hmac2 = getHmac(doFinal, hmac);
        if (hmac2.length >= 16) {
            for (int i = 0; i < 16; i++) {
                if (hmac2[i] != bArr[i]) {
                    throw new GeneralSecurityException("Checksum failed while decrypting.");
                }
            }
        }
        int length = doFinal.length - 8;
        byte[] bArr4 = new byte[length];
        System.arraycopy(doFinal, 8, bArr4, 0, length);
        return bArr4;
    }

    private static byte[] getHmac(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        SecretKeySpec secretKeySpec = new SecretKeySpec((byte[]) bArr2.clone(), KerberosConstants.HMAC_ALGORITHM);
        Mac mac = Mac.getInstance(KerberosConstants.HMAC_ALGORITHM);
        mac.init(secretKeySpec);
        return mac.doFinal(bArr);
    }

    public ArrayList<InetAddress> getUserAddresses() {
        return this.userAddresses;
    }

    public List<KerberosAuthData> getUserAuthorizations() {
        return this.userAuthorizations;
    }

    public String getUserPrincipalName() {
        return this.userPrincipalName;
    }

    public String getUserRealm() {
        return this.userRealm;
    }
}
