package com.microsoft.sqlserver.jdbc;

import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.text.MessageFormat;
import java.time.Instant;
import java.util.concurrent.ThreadLocalRandom;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import mssql.security.provider.MD4;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BOOT-INF/lib/mssql-jdbc-12.6.4.jre11.jar:com/microsoft/sqlserver/jdbc/NTLMAuthentication.class */
public final class NTLMAuthentication extends SSPIAuthentication {
    private final Logger logger = Logger.getLogger("com.microsoft.sqlserver.jdbc.internals.NTLMAuthentication");
    private static final int NTLM_MESSAGE_TYPE_NEGOTIATE = 1;
    private static final int NTLM_MESSAGE_TYPE_CHALLENGE = 2;
    private static final int NTLM_MESSAGE_TYPE_AUTHENTICATE = 3;
    private static final long NTLMSSP_NEGOTIATE_UNICODE = 1;
    private static final long NTLMSSP_REQUEST_TARGET = 4;
    private static final long NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED = 4096;
    private static final long NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED = 8192;
    private static final long NTLMSSP_NEGOTIATE_TARGET_INFO = 8388608;
    private static final long NTLMSSP_NEGOTIATE_ALWAYS_SIGN = 32768;
    private static final long NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY = 524288;
    private static final short NTLM_AVID_MSVAVEOL = 0;
    private static final short NTLM_AVID_MSVAVNBCOMPUTERNAME = 1;
    private static final short NTLM_AVID_MSVAVNBDOMAINNAME = 2;
    private static final short NTLM_AVID_MSVAVDNSCOMPUTERNAME = 3;
    private static final short NTLM_AVID_MSVAVDNSDOMAINNAME = 4;
    private static final short NTLM_AVID_MSVAVDNSTREENAME = 5;
    private static final short NTLM_AVID_MSVAVFLAGS = 6;
    private static final short NTLM_AVID_MSVAVTIMESTAMP = 7;
    private static final short NTLM_AVID_MSVAVSINGLEHOST = 8;
    private static final short NTLM_AVID_MSVAVTARGETNAME = 9;
    private static final int NTLM_AVID_LENGTH = 2;
    private static final int NTLM_AVLEN_LENGTH = 2;
    private static final int NTLM_AVFLAG_VALUE_MIC = 2;
    private static final int NTLM_MIC_LENGTH = 16;
    private static final int NTLM_AVID_MSVAVFLAGS_LEN = 4;
    private static final int NTLM_NEGOTIATE_PAYLOAD_OFFSET = 32;
    private static final int NTLM_AUTHENTICATE_PAYLOAD_OFFSET = 88;
    private static final int NTLM_CLIENT_NONCE_LENGTH = 8;
    private static final int NTLM_SERVER_CHALLENGE_LENGTH = 8;
    private static final int NTLM_TIMESTAMP_LENGTH = 8;
    private static final long WINDOWS_EPOCH_DIFF = 11644473600L;
    private NTLMContext context;
    private static final byte[] NTLM_HEADER_SIGNATURE = {78, 84, 76, 77, 83, 83, 80, 0};
    private static final byte[] NTLM_CLIENT_CHALLENGE_RESPONSE_TYPE = {1, 1};
    private static final byte[] NTLM_CLIENT_CHALLENGE_RESERVED1 = {0, 0};
    private static final byte[] NTLM_CLIENT_CHALLENGE_RESERVED2 = {0, 0, 0, 0};
    private static final byte[] NTLM_CLIENT_CHALLENGE_RESERVED3 = {0, 0, 0, 0};
    private static final byte[] NTLM_LMCHALLENAGERESPONSE = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
    private static final byte[] NTLMSSP_VERSION = {0, 0, 0, 0, 0, 0, 0, 0};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/mssql-jdbc-12.6.4.jre11.jar:com/microsoft/sqlserver/jdbc/NTLMAuthentication$NTLMContext.class */
    public class NTLMContext {
        private final String domainName;
        private final byte[] domainUbytes;
        private final String upperUserName;
        private final byte[] userNameUbytes;
        private final byte[] passwordHash;
        private String workstation;
        private final byte[] spnUbytes;
        private Mac mac;
        private long negotiateFlags = 0;
        private byte[] sessionBaseKey = null;
        private byte[] timestamp = null;
        private byte[] targetInfo = null;
        private byte[] serverChallenge = new byte[8];
        private byte[] negotiateMsg = null;
        private byte[] challengeMsg = null;

        NTLMContext(SQLServerConnection sQLServerConnection, String str, String str2, byte[] bArr, String str3) throws SQLServerException {
            this.mac = null;
            this.domainName = str.toUpperCase();
            this.domainUbytes = NTLMAuthentication.unicode(this.domainName);
            this.userNameUbytes = null != str2 ? NTLMAuthentication.unicode(str2) : null;
            this.upperUserName = null != str2 ? str2.toUpperCase() : null;
            this.passwordHash = bArr;
            this.workstation = str3;
            String spn = null != sQLServerConnection ? NTLMAuthentication.this.getSpn(sQLServerConnection) : null;
            this.spnUbytes = null != spn ? NTLMAuthentication.unicode(spn) : null;
            if (NTLMAuthentication.this.logger.isLoggable(Level.FINEST)) {
                NTLMAuthentication.this.logger.finest(toString() + " SPN detected: " + spn);
            }
            try {
                this.mac = Mac.getInstance("HmacMD5");
            } catch (NoSuchAlgorithmException e) {
                throw new SQLServerException(new MessageFormat(SQLServerException.getErrString("R_ntlmHmacMD5Error")).format(new Object[]{str, e.getMessage()}), e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public NTLMAuthentication(SQLServerConnection sQLServerConnection, String str, String str2, byte[] bArr, String str3) throws SQLServerException {
        this.context = null;
        if (null == this.context) {
            this.context = new NTLMContext(sQLServerConnection, str, str2, bArr, str3);
        }
    }

    @Override // com.microsoft.sqlserver.jdbc.SSPIAuthentication
    byte[] generateClientContext(byte[] bArr, boolean[] zArr) throws SQLServerException {
        return initializeSecurityContext(bArr, zArr);
    }

    @Override // com.microsoft.sqlserver.jdbc.SSPIAuthentication
    void releaseClientContext() {
        this.context = null;
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:20:0x013f. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:27:0x01d7 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:31:0x0113 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void parseNtlmChallenge(byte[] r7) throws com.microsoft.sqlserver.jdbc.SQLServerException {
        /*
            Method dump skipped, instructions count: 574
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.microsoft.sqlserver.jdbc.NTLMAuthentication.parseNtlmChallenge(byte[]):void");
    }

    private byte[] initializeSecurityContext(byte[] bArr, boolean[] zArr) throws SQLServerException {
        if (null == bArr || 0 == bArr.length) {
            return generateNtlmNegotiate();
        }
        parseNtlmChallenge(bArr);
        zArr[0] = true;
        return generateNtlmAuthenticate();
    }

    private byte[] generateClientChallengeBlob(byte[] bArr) {
        ByteBuffer order = ByteBuffer.allocate(8).order(ByteOrder.LITTLE_ENDIAN);
        order.putLong(TimeUnit.SECONDS.toNanos(Instant.now().getEpochSecond() + WINDOWS_EPOCH_DIFF) / 100);
        byte[] array = order.array();
        ByteBuffer order2 = ByteBuffer.allocate(NTLM_CLIENT_CHALLENGE_RESPONSE_TYPE.length + NTLM_CLIENT_CHALLENGE_RESERVED1.length + NTLM_CLIENT_CHALLENGE_RESERVED2.length + array.length + 8 + NTLM_CLIENT_CHALLENGE_RESERVED3.length + this.context.targetInfo.length + 2 + 2 + 4 + 2 + 2 + this.context.spnUbytes.length).order(ByteOrder.LITTLE_ENDIAN);
        order2.put(NTLM_CLIENT_CHALLENGE_RESPONSE_TYPE);
        order2.put(NTLM_CLIENT_CHALLENGE_RESERVED1);
        order2.put(NTLM_CLIENT_CHALLENGE_RESERVED2);
        order2.put(array, 0, 8);
        order2.put(bArr, 0, 8);
        order2.put(NTLM_CLIENT_CHALLENGE_RESERVED3);
        if (null == this.context.timestamp || 0 >= this.context.timestamp.length) {
            order2.put(this.context.targetInfo, 0, this.context.targetInfo.length);
            if (this.logger.isLoggable(Level.WARNING)) {
                this.logger.warning(toString() + " MsvAvTimestamp not recieved from SQL Server in Challenge Message. MIC field will not be set.");
            }
        } else {
            order2.put(this.context.targetInfo, 0, (this.context.targetInfo.length - 2) - 2);
            order2.putShort((short) 6);
            order2.putShort((short) 4);
            order2.putInt(2);
        }
        order2.putShort((short) 9);
        order2.putShort((short) this.context.spnUbytes.length);
        order2.put(this.context.spnUbytes, 0, this.context.spnUbytes.length);
        order2.putShort((short) 0);
        order2.putShort((short) 0);
        return order2.array();
    }

    private byte[] hmacMD5(byte[] bArr, byte[] bArr2) throws InvalidKeyException {
        this.context.mac.init(new SecretKeySpec(bArr, "HmacMD5"));
        return this.context.mac.doFinal(bArr2);
    }

    private static byte[] md4(byte[] bArr) {
        MD4 md4 = new MD4();
        md4.reset();
        md4.update(bArr, 0, bArr.length);
        byte[] bArr2 = new byte[md4.getDigestSize()];
        md4.doFinal(bArr2, 0);
        return bArr2;
    }

    private static byte[] unicode(String str) {
        if (null != str) {
            return str.getBytes(StandardCharsets.UTF_16LE);
        }
        return null;
    }

    private byte[] concat(byte[] bArr, byte[] bArr2) {
        if (null == bArr || null == bArr2) {
            return null;
        }
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return bArr3;
    }

    private int getByteArrayLength(byte[] bArr) {
        if (null == bArr) {
            return 0;
        }
        return bArr.length;
    }

    private byte[] ntowfv2() throws InvalidKeyException {
        return hmacMD5(this.context.passwordHash, null != this.context.upperUserName ? unicode(this.context.upperUserName + this.context.domainName) : unicode(this.context.domainName));
    }

    private byte[] computeResponse(byte[] bArr) throws InvalidKeyException {
        byte[] bArr2 = new byte[8];
        ThreadLocalRandom.current().nextBytes(bArr2);
        byte[] generateClientChallengeBlob = generateClientChallengeBlob(bArr2);
        byte[] hmacMD5 = hmacMD5(bArr, concat(this.context.serverChallenge, generateClientChallengeBlob));
        this.context.sessionBaseKey = hmacMD5(bArr, hmacMD5);
        return concat(hmacMD5, generateClientChallengeBlob);
    }

    private byte[] getNtChallengeResp() throws InvalidKeyException {
        return computeResponse(ntowfv2());
    }

    private byte[] generateNtlmAuthenticate() throws SQLServerException {
        int byteArrayLength = getByteArrayLength(this.context.domainUbytes);
        int byteArrayLength2 = getByteArrayLength(this.context.userNameUbytes);
        byte[] unicode = unicode(this.context.workstation);
        int byteArrayLength3 = getByteArrayLength(unicode);
        try {
            byte[] ntChallengeResp = getNtChallengeResp();
            int byteArrayLength4 = getByteArrayLength(ntChallengeResp);
            ByteBuffer order = ByteBuffer.allocate(88 + NTLM_LMCHALLENAGERESPONSE.length + byteArrayLength4 + byteArrayLength + byteArrayLength2 + byteArrayLength3).order(ByteOrder.LITTLE_ENDIAN);
            order.put(NTLM_HEADER_SIGNATURE, 0, NTLM_HEADER_SIGNATURE.length);
            order.putInt(3);
            order.putShort((short) 0);
            order.putShort((short) 0);
            order.putInt(88);
            int length = 88 + NTLM_LMCHALLENAGERESPONSE.length;
            order.putShort((short) byteArrayLength4);
            order.putShort((short) byteArrayLength4);
            order.putInt(length);
            int i = length + byteArrayLength4;
            order.putShort((short) byteArrayLength);
            order.putShort((short) byteArrayLength);
            order.putInt(i);
            int i2 = i + byteArrayLength;
            order.putShort((short) byteArrayLength2);
            order.putShort((short) byteArrayLength2);
            order.putInt(i2);
            int i3 = i2 + byteArrayLength2;
            order.putShort((short) byteArrayLength3);
            order.putShort((short) byteArrayLength3);
            order.putInt(i3);
            order.putShort((short) 0);
            order.putShort((short) 0);
            order.putInt(i3 + byteArrayLength3);
            order.putInt((int) this.context.negotiateFlags);
            order.put(NTLMSSP_VERSION, 0, NTLMSSP_VERSION.length);
            int position = order.position();
            order.put(new byte[16], 0, 16);
            order.put(NTLM_LMCHALLENAGERESPONSE, 0, NTLM_LMCHALLENAGERESPONSE.length);
            order.put(ntChallengeResp, 0, byteArrayLength4);
            order.put(this.context.domainUbytes, 0, byteArrayLength);
            order.put(this.context.userNameUbytes, 0, byteArrayLength2);
            order.put(unicode, 0, byteArrayLength3);
            byte[] array = order.array();
            if (null != this.context.timestamp && 0 < this.context.timestamp.length) {
                this.context.mac.init(new SecretKeySpec(this.context.sessionBaseKey, "HmacMD5"));
                this.context.mac.update(this.context.negotiateMsg);
                this.context.mac.update(this.context.challengeMsg);
                System.arraycopy(this.context.mac.doFinal(array), 0, array, position, 16);
            }
            return array;
        } catch (InvalidKeyException e) {
            throw new SQLServerException(new MessageFormat(SQLServerException.getErrString("R_ntlmAuthenticateError")).format(new Object[]{e.getMessage()}), e);
        }
    }

    private byte[] generateNtlmNegotiate() {
        int byteArrayLength = getByteArrayLength(this.context.domainUbytes);
        int byteArrayLength2 = getByteArrayLength(this.context.workstation.getBytes());
        ByteBuffer order = ByteBuffer.allocate(32 + byteArrayLength + byteArrayLength2).order(ByteOrder.LITTLE_ENDIAN);
        order.put(NTLM_HEADER_SIGNATURE, 0, NTLM_HEADER_SIGNATURE.length);
        order.putInt(1);
        this.context.negotiateFlags = 8957957L;
        order.putInt((int) this.context.negotiateFlags);
        order.putShort((short) byteArrayLength);
        order.putShort((short) byteArrayLength);
        order.putInt(32);
        order.putShort((short) byteArrayLength2);
        order.putShort((short) byteArrayLength2);
        order.putInt(32 + byteArrayLength);
        order.put(this.context.domainUbytes, 0, byteArrayLength);
        order.put(this.context.workstation.getBytes(), 0, byteArrayLength2);
        byte[] array = order.array();
        this.context.negotiateMsg = new byte[array.length];
        System.arraycopy(array, 0, this.context.negotiateMsg, 0, array.length);
        return array;
    }

    public static byte[] getNtlmPasswordHash(String str) throws SQLServerException {
        if (null == str) {
            throw new SQLServerException(SQLServerException.getErrString("R_NtlmNoUserPasswordDomain"), null);
        }
        return md4(unicode(str));
    }
}
