package progress.message.zclient;

import com.sonicsw.security.pcs.AbstractCipherSuite;
import com.sonicsw.security.pcs.CipherSuiteInfo;
import com.sonicsw.security.pcs.EInvalidCipherSuiteException;
import com.sonicsw.security.pcs.IPluggableCipherSuite;
import com.sonicsw.security.pcs.SonicCipherSuite;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInput;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import progress.message.client.Credentials;
import progress.message.client.EBrokerVersionMismatch;
import progress.message.client.EInauthenticBroker;
import progress.message.client.EInauthenticClient;
import progress.message.msg.IMgram;
import progress.message.msg.MgramFactory;
import progress.message.resources.prMessageFormat;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:progress/message/zclient/ClientConnectHandshaker.class */
public final class ClientConnectHandshaker extends ConnectHandshaker {
    private boolean m_isAuthenticationSPIEnabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ClientConnectHandshaker(BaseConnection baseConnection) {
        super(baseConnection);
    }

    static final boolean isBrokerHello(IMgram iMgram) throws EBrokerVersionMismatch {
        if (!compareSubtype(iMgram, 2)) {
            return false;
        }
        try {
            if (iMgram.getRawBody()[1] != 32) {
                throw new EBrokerVersionMismatch(iMgram.getRawBody()[1], 32);
            }
            return true;
        } catch (ArrayIndexOutOfBoundsException e) {
            throw new EBrokerVersionMismatch(23, 32);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final boolean isConnectSuccessMgram(IMgram iMgram) {
        return compareSubtype(iMgram, 7);
    }

    @Override // progress.message.zclient.ConnectHandshaker
    public final void handleConnectMgram(IMgram iMgram) throws EInauthenticClient, EInauthenticBroker, EUnexpectedMgram, EMgramFormatError, EInvalidCipherSuiteException {
        switch (this.m_state) {
            case 2:
                if (!compareSubtype(iMgram, 10)) {
                    super.handleConnectMgram(iMgram);
                    return;
                } else {
                    this.m_state = 7;
                    this.m_sender.send(buildPasswordPayload());
                    return;
                }
            case 7:
                if (!compareSubtype(iMgram, 12)) {
                    this.m_state = 8;
                    return;
                } else {
                    verifyResponse(iMgram, this.m_transformedPassword);
                    this.m_state = 5;
                    return;
                }
            default:
                super.handleConnectMgram(iMgram);
                return;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final IMgram buildClientHello(byte b) {
        return MgramFactory.getMgramFactory().buildConnectMgram(new byte[]{1, b}, 0);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final IMgram buildClientHello(byte b, boolean z, boolean z2, boolean z3, String str, String str2, String str3, String str4, ClientConnectParms clientConnectParms) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        dataOutputStream.write(1);
        dataOutputStream.write(b);
        short s = 0;
        if (z2) {
            s = (short) (0 | 1);
        }
        if (z) {
            s = (short) (s | 2);
        }
        if (z3) {
            s = (short) (s | 4);
        }
        if (clientConnectParms != null) {
            s = (short) (s | 16);
        }
        if (z2 && str != null) {
            s = (short) (s | 8);
        }
        if (z2 && (str2 != null || str3 != null || str4 != null)) {
            s = (short) (s | 32);
        }
        dataOutputStream.writeShort(s);
        if (z2 && str != null) {
            dataOutputStream.writeUTF(str);
        }
        if (clientConnectParms != null) {
            clientConnectParms.serialize(dataOutputStream);
        }
        if ((s & 32) > 0) {
            try {
                ExtendedClientData extendedClientData = new ExtendedClientData();
                extendedClientData.setJMSClientID(str2);
                extendedClientData.setConnectID(str3);
                extendedClientData.setLocalClientHost(str4);
                extendedClientData.serialize(dataOutputStream);
            } catch (Exception e) {
                SessionConfig.logMessage(e, SessionConfig.getLevelWarning());
            }
        }
        dataOutputStream.flush();
        return MgramFactory.getMgramFactory().buildConnectMgram(byteArrayOutputStream.toByteArray(), 0);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void connectClient(boolean z, boolean z2) throws IOException {
        Connection connection = (Connection) this.m_connection;
        Credentials credentials = connection.getCredentials();
        this.m_uid = credentials.getName();
        this.m_transformedPassword = credentials.getTransformedPassword();
        if (this.m_transformedPassword != null) {
            byte[] bArr = new byte[20 + this.m_transformedPassword.length];
            System.arraycopy(ProgressPasswordUser.doSHA(this.m_transformedPassword), 0, bArr, 0, 20);
            System.arraycopy(this.m_transformedPassword, 0, bArr, 20, this.m_transformedPassword.length);
            this.m_transformedPassword = bArr;
        }
        if (this.m_peerCert != null && this.m_uid.equals(SecurityConfig.AUTHENTICATED_USER)) {
            this.m_user = new ProgressPasswordUser(this.m_uid, "");
        } else if (this.m_transformedPassword == null || this.m_uid == null) {
            this.m_user = new ProgressPasswordUser(this.m_uid, credentials.getPassword(), true);
        } else {
            this.m_user = new ProgressPasswordUser(this.m_uid, this.m_transformedPassword);
        }
        this.m_appid = connection.getApplicationId();
        this.m_active = z;
        this.m_sender = connection.getSender();
        this.m_client = true;
        this.m_securityEnabled = z2;
        this.m_cert = connection.m489getSocket().getCertificate();
        this.m_pwKey = new byte[8];
        this.m_sender.send(buildClientIdMgram());
        if (z) {
            if (this.m_peerCert == null || !this.m_uid.equals(SecurityConfig.AUTHENTICATED_USER)) {
                this.m_state = 2;
                return;
            } else {
                this.m_state = 4;
                return;
            }
        }
        if (z2) {
            this.m_state = 3;
            this.m_sender.send(buildChallenge1());
        } else {
            this.m_state = 5;
            this.m_sender.send(buildSecDisabledMgram());
        }
    }

    private IMgram buildClientIdMgram() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        dataOutputStream.writeByte(3);
        dataOutputStream.writeUTF(this.m_user.getName());
        dataOutputStream.writeUTF(this.m_appid);
        return MgramFactory.getMgramFactory().buildConnectMgram(byteArrayOutputStream.toByteArray(), 0);
    }

    private final IMgram buildPasswordPayload() throws EInauthenticClient {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (this.m_isAuthenticationSPIEnabled || this.m_transformedPassword != null) {
            try {
                byteArrayOutputStream.write(11);
                DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
                dataOutputStream.writeInt(this.m_transformedPassword.length);
                dataOutputStream.write(this.m_transformedPassword);
                dataOutputStream.flush();
                dataOutputStream.close();
            } catch (IOException e) {
                SessionConfig.logMessage(e, SessionConfig.getLevelWarning());
            }
        } else {
            String string = !this.m_isAuthenticationSPIEnabled ? prAccessor.getString("STR121") : prAccessor.getString("STR122");
            try {
                byteArrayOutputStream.write(13);
                DataOutputStream dataOutputStream2 = new DataOutputStream(byteArrayOutputStream);
                dataOutputStream2.writeUTF(string);
                dataOutputStream2.flush();
                dataOutputStream2.close();
            } catch (IOException e2) {
                SessionConfig.logMessage(e2, SessionConfig.getLevelWarning());
            }
        }
        return MgramFactory.getMgramFactory().buildConnectMgram(byteArrayOutputStream.toByteArray(), 0);
    }

    private void verifyResponse(IMgram iMgram, byte[] bArr) throws EInauthenticClient, EInauthenticBroker, EMgramFormatError, EInvalidCipherSuiteException {
        if (this.m_user == null) {
            throw new EInauthenticClient();
        }
        byte[] bArr2 = new byte[bArr.length + computePad(bArr.length)];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        try {
            this.m_responseData = new byte[iMgram.getBodyLength() - 1];
            if (this.m_responseData.length % 8 != 0) {
                throw new EMgramFormatError(prAccessor.getString("STR016"));
            }
            DESDecrypt(iMgram.getRawBody(), 1, this.m_responseData, 0, this.m_responseData.length, bArr2);
            byte[] bArr3 = new byte[bArr.length + computePad(bArr.length)];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            this.m_masterSecret = new byte[48];
            System.arraycopy(this.m_responseData, 0, this.m_masterSecret, 0, 48);
            byte[] bArr4 = new byte[20];
            try {
                ISHA isha = (ISHA) Class.forName("progress.message.crypto.SHA").newInstance();
                isha.add(this.m_masterSecret);
                isha.add(bArr3);
                bArr4 = isha.digest();
            } catch (Exception e) {
                SessionConfig.logMessage(e, SessionConfig.getLevelWarning());
            }
            if (!arrayCompare(bArr4, 0, this.m_responseData, 48, bArr4.length)) {
                throw new EInauthenticBroker();
            }
            CipherSuiteInfo cipherSuiteInfo = null;
            try {
                try {
                    if (this.m_responseData.length > 48 + PADDED_HASH_LENGTH) {
                        cipherSuiteInfo = new CipherSuiteInfo();
                        int i = 48 + PADDED_HASH_LENGTH;
                        int length = this.m_responseData.length - i;
                        byte[] bArr5 = new byte[length];
                        System.arraycopy(this.m_responseData, i, bArr5, 0, length);
                        cipherSuiteInfo.readBytes(bArr5);
                    }
                    if (cipherSuiteInfo == null) {
                        this.m_clientCipherSuite = SonicCipherSuite.getInstance();
                    } else {
                        String[] transformation = cipherSuiteInfo.getTransformation(0);
                        if (transformation == null || transformation.length < 3 || transformation[2] == null || transformation[2].trim().length() == 0) {
                            throw new EInvalidCipherSuiteException("Invalid cipher transformation. Default not found");
                        }
                        String[] transformationAndKeySize = AbstractCipherSuite.getTransformationAndKeySize(transformation[2]);
                        if (transformationAndKeySize == null || transformationAndKeySize.length == 0 || transformationAndKeySize[0] == null) {
                            throw new EInvalidCipherSuiteException("Invalid transformation " + transformation[2]);
                        }
                        String str = transformationAndKeySize[0];
                        String str2 = transformationAndKeySize[1];
                        int i2 = 0;
                        if (str2 != null) {
                            i2 = Integer.parseInt(str2);
                        }
                        String[] digest = cipherSuiteInfo.getDigest(0);
                        if (digest == null || digest.length < 3 || digest[2] == null || digest[2].trim().length() == 0) {
                            throw new EInvalidCipherSuiteException("Invalid digest. Default not found");
                        }
                        this.m_clientCipherSuite = AbstractCipherSuite.getCipherSuiteInstance(transformation[0], transformation[1], str, i2, digest[0], digest[1], digest[2]);
                        if (i2 > 0) {
                            AbstractCipherSuite.m_isKeySizeSupplied = true;
                        } else {
                            AbstractCipherSuite.m_isKeySizeSupplied = false;
                        }
                    }
                } catch (IOException e2) {
                    SessionConfig.logMessage(e2, SessionConfig.getLevelWarning());
                    throw new EInvalidCipherSuiteException("Unable to read cipher suite information received. " + e2.getMessage());
                }
            } catch (IndexOutOfBoundsException e3) {
                SessionConfig.logMessage(e3, SessionConfig.getLevelWarning());
                throw new EInvalidCipherSuiteException("Unable to read cipher suite information received. " + e3.getMessage());
            }
        } catch (IndexOutOfBoundsException e4) {
            throw new EMgramFormatError(prAccessor.getString("STR016"));
        }
    }

    public IPluggableCipherSuite getClientSideCipherSuiteInfo() {
        return this.m_clientCipherSuite;
    }

    public BrokerConnectParms getBrokerConnectParms() {
        return this.m_brokerParameters;
    }

    public void setClientConnectParms(ClientConnectParms clientConnectParms) {
        this.m_clientParameters = clientConnectParms;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void setAuthenticationSPIEnabled(boolean z) {
        this.m_isAuthenticationSPIEnabled = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final ConnectData decodeSuccessMgram(IMgram iMgram, byte b) throws EMgramFormatError {
        try {
            DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(iMgram.getRawBody(), 1, iMgram.getBodyLength() - 1));
            this.m_keyBits = dataInputStream.readInt();
            ConnectData connectData = ConnectData.getConnectData(dataInputStream, (short) -1);
            if (b >= 27) {
                this.m_brokerParameters = BrokerConnectParms.unserialize((DataInput) dataInputStream);
            }
            return connectData;
        } catch (Exception e) {
            throw new EMgramFormatError(prMessageFormat.format(prAccessor.getString("STR008"), new Object[]{e.toString()}));
        }
    }

    private final void DESDecrypt(byte[] bArr, int i, byte[] bArr2, int i2, int i3, byte[] bArr3) throws EInauthenticClient {
        IDES ides = (IDES) newInstance("progress.message.crypto.DES");
        ides.init(2, bArr3);
        ides.doFinal(bArr, i, i3, bArr2, i2);
    }
}
