package org.exoplatform.common.http.client;

import java.io.IOException;
import java.util.Vector;
import org.exoplatform.services.jcr.datamodel.QPath;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: DefaultAuthHandler.java */
/* loaded from: input_file:exo-jcr.rar:exo.ws.commons-2.1.7-GA.jar:org/exoplatform/common/http/client/VerifyRspAuth.class */
public class VerifyRspAuth implements HashVerifier, GlobalConstants {
    private String uri;
    private String HA1;
    private String alg;
    private String nonce;
    private String cnonce;
    private String nc;
    private String hdr;
    private RoResponse resp;

    public VerifyRspAuth(String str, String str2, String str3, String str4, String str5, String str6, String str7, RoResponse roResponse) {
        this.uri = str;
        this.HA1 = str2;
        this.alg = str3;
        this.nonce = str4;
        this.cnonce = str5;
        this.nc = str6;
        this.hdr = str7;
        this.resp = roResponse;
    }

    @Override // org.exoplatform.common.http.client.HashVerifier
    public void verifyHash(byte[] bArr, long j) throws IOException {
        String value;
        HttpHeaderElement element;
        String header = this.resp.getHeader(this.hdr);
        if (header == null) {
            header = this.resp.getTrailer(this.hdr);
        }
        if (header == null) {
            return;
        }
        try {
            Vector parseHeader = Util.parseHeader(header);
            HttpHeaderElement element2 = Util.getElement(parseHeader, "qop");
            if (element2 == null || (value = element2.getValue()) == null) {
                return;
            }
            if ((!value.equalsIgnoreCase("auth") && !value.equalsIgnoreCase("auth-int")) || (element = Util.getElement(parseHeader, "rspauth")) == null || element.getValue() == null) {
                return;
            }
            byte[] unHex = DefaultAuthHandler.unHex(element.getValue());
            HttpHeaderElement element3 = Util.getElement(parseHeader, "cnonce");
            if (element3 != null && element3.getValue() != null && !element3.getValue().equals(this.cnonce)) {
                throw new IOException("Digest auth scheme: received wrong client-nonce '" + element3.getValue() + "' - expected '" + this.cnonce + "'");
            }
            HttpHeaderElement element4 = Util.getElement(parseHeader, "nc");
            if (element4 != null && element4.getValue() != null && !element4.getValue().equals(this.nc)) {
                throw new IOException("Digest auth scheme: received wrong nonce-count '" + element4.getValue() + "' - expected '" + this.nc + "'");
            }
            String hexDigest = (this.alg == null || !this.alg.equalsIgnoreCase("MD5-sess")) ? this.HA1 : MD5.hexDigest(this.HA1 + QPath.PREFIX_DELIMITER + this.nonce + QPath.PREFIX_DELIMITER + this.cnonce);
            String str = QPath.PREFIX_DELIMITER + this.uri;
            if (value.equalsIgnoreCase("auth-int")) {
                str = str + QPath.PREFIX_DELIMITER + MD5.toHex(bArr);
            }
            byte[] digest = MD5.digest(hexDigest + QPath.PREFIX_DELIMITER + this.nonce + QPath.PREFIX_DELIMITER + this.nc + QPath.PREFIX_DELIMITER + this.cnonce + QPath.PREFIX_DELIMITER + value + QPath.PREFIX_DELIMITER + MD5.hexDigest(str));
            for (int i = 0; i < digest.length; i++) {
                if (digest[i] != unHex[i]) {
                    throw new IOException("MD5-Digest mismatch: expected " + DefaultAuthHandler.hex(unHex) + " but calculated " + DefaultAuthHandler.hex(digest));
                }
            }
        } catch (ParseException e) {
            throw new IOException(e.toString());
        }
    }
}
