package com.shinyhut.vernacular.protocol.auth;

import com.shinyhut.vernacular.client.VncSession;
import com.shinyhut.vernacular.client.exceptions.AuthenticationRequiredException;
import com.shinyhut.vernacular.client.exceptions.UnexpectedVncException;
import com.shinyhut.vernacular.client.exceptions.VncException;
import com.shinyhut.vernacular.protocol.messages.SecurityResult;
import com.shinyhut.vernacular.protocol.messages.SecurityType;
import com.shinyhut.vernacular.utils.ByteUtils;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Random;
import java.util.function.Supplier;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:BOOT-INF/core/vernacular-vnc-1.17.jar:com/shinyhut/vernacular/protocol/auth/MsLogon2AuthenticationHandler.class */
public class MsLogon2AuthenticationHandler implements SecurityHandler {
    private static final long DH_KEY_MAX_BITS = 31;
    private static final long MAX_DH_KEY_VALUE = 2147483648L;
    private final Random random;

    public MsLogon2AuthenticationHandler() throws VncException {
        try {
            this.random = SecureRandom.getInstanceStrong();
        } catch (NoSuchAlgorithmException e) {
            throw new UnexpectedVncException(e);
        }
    }

    MsLogon2AuthenticationHandler(Random random) {
        this.random = random;
    }

    @Override // com.shinyhut.vernacular.protocol.auth.SecurityHandler
    public SecurityResult authenticate(VncSession vncSession) throws VncException, IOException {
        Supplier<String> usernameSupplier = vncSession.getConfig().getUsernameSupplier();
        Supplier<String> passwordSupplier = vncSession.getConfig().getPasswordSupplier();
        if (usernameSupplier == null || passwordSupplier == null) {
            throw new AuthenticationRequiredException();
        }
        InputStream inputStream = vncSession.getInputStream();
        OutputStream outputStream = vncSession.getOutputStream();
        if (!vncSession.getProtocolVersion().equals(3, 3)) {
            requestMsLogon2Authentication(outputStream);
        }
        try {
            byte[] dhKeyExchange = dhKeyExchange(inputStream, outputStream);
            sendEncrypted(outputStream, usernameSupplier.get(), 256, dhKeyExchange);
            sendEncrypted(outputStream, passwordSupplier.get(), 64, dhKeyExchange);
            return SecurityResult.decode(inputStream, vncSession.getProtocolVersion());
        } catch (GeneralSecurityException e) {
            throw new UnexpectedVncException(e);
        }
    }

    private void requestMsLogon2Authentication(OutputStream outputStream) throws IOException {
        outputStream.write(SecurityType.MS_LOGON_2.getCode());
    }

    private byte[] dhKeyExchange(InputStream inputStream, OutputStream outputStream) throws IOException {
        byte[] bArr = new byte[8];
        byte[] bArr2 = new byte[8];
        byte[] bArr3 = new byte[8];
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        dataInputStream.readFully(bArr);
        dataInputStream.readFully(bArr2);
        dataInputStream.readFully(bArr3);
        BigInteger bigInteger = new BigInteger(1, bArr);
        BigInteger bigInteger2 = new BigInteger(1, bArr2);
        BigInteger bigInteger3 = new BigInteger(1, bArr3);
        BigInteger valueOf = BigInteger.valueOf(this.random.nextLong() % 2147483648L);
        BigInteger modPow = bigInteger.modPow(valueOf, bigInteger2);
        BigInteger modPow2 = bigInteger3.modPow(valueOf, bigInteger2);
        outputStream.write(ByteUtils.padLeft(modPow.toByteArray(), 8));
        return ByteUtils.padLeft(modPow2.toByteArray(), 8);
    }

    public void sendEncrypted(OutputStream outputStream, String str, int i, byte[] bArr) throws GeneralSecurityException, IOException {
        outputStream.write(des(ByteUtils.padRight(str.getBytes(StandardCharsets.ISO_8859_1), i), bArr));
    }

    public byte[] des(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance("DES/CBC/NoPadding");
        cipher.init(1, new SecretKeySpec(ByteUtils.reverseBits(bArr2), 0, bArr2.length, "DES"), new IvParameterSpec(bArr2));
        return cipher.doFinal(bArr);
    }
}
