package org.jboss.security.negotiation.cipher;

import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.jboss.security.negotiation.NegotiationException;
import org.jboss.security.otp.TimeBasedOTP;

/* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/jboss/security/negotiation/main/jboss-negotiation-common-3.0.6.Final.jar:org/jboss/security/negotiation/cipher/Des3CbcHmacSha1KdDecoder.class */
public class Des3CbcHmacSha1KdDecoder extends Decoder {
    private static final byte[] ZERO_IV = {0, 0, 0, 0, 0, 0, 0, 0};
    private static final byte[] PARITY_BIT_MASK = {Byte.MIN_VALUE, 64, 32, 16, 8, 4, 2};

    @Override // org.jboss.security.negotiation.cipher.Decoder
    public int blockSize() {
        return 8;
    }

    @Override // org.jboss.security.negotiation.cipher.Decoder
    public int checksumSize() {
        return 20;
    }

    @Override // org.jboss.security.negotiation.cipher.Decoder
    public int confounderSize() {
        return blockSize();
    }

    @Override // org.jboss.security.negotiation.cipher.Decoder
    public int keySize() {
        return 24;
    }

    @Override // org.jboss.security.negotiation.cipher.Decoder
    public byte[] decrypt(byte[] bArr, byte[] bArr2, int i) throws NegotiationException {
        return decrypt(bArr, bArr2, new byte[blockSize()], i);
    }

    public byte[] decrypt(byte[] bArr, byte[] bArr2, byte[] bArr3, int i) throws NegotiationException {
        try {
            return decrypt(bArr2, i, bArr3, bArr, 0, bArr.length);
        } catch (GeneralSecurityException e) {
            NegotiationException negotiationException = new NegotiationException(e.getMessage());
            negotiationException.initCause(e);
            throw negotiationException;
        }
    }

    private byte[] decrypt(byte[] bArr, int i, byte[] bArr2, byte[] bArr3, int i2, int i3) throws GeneralSecurityException {
        Object[] objArr = null;
        Object[] objArr2 = null;
        try {
            byte[] bArr4 = {(byte) ((i >> 24) & 255), (byte) ((i >> 16) & 255), (byte) ((i >> 8) & 255), (byte) (i & 255), -86};
            byte[] dk = dk(bArr, bArr4);
            Cipher cipher = getCipher(dk, bArr2, 2);
            int blockSize = cipher.getBlockSize();
            int checksumSize = checksumSize();
            int i4 = i3 - checksumSize;
            byte[] doFinal = cipher.doFinal(bArr3, i2, i4);
            bArr4[4] = 85;
            byte[] dk2 = dk(bArr, bArr4);
            byte[] hmac = getHmac(dk2, doFinal);
            boolean z = false;
            if (hmac.length >= checksumSize) {
                int i5 = 0;
                while (true) {
                    if (i5 >= checksumSize) {
                        break;
                    }
                    if (hmac[i5] != bArr3[i4 + i5]) {
                        z = true;
                        break;
                    }
                    i5++;
                }
            }
            if (z) {
                throw new GeneralSecurityException("Checksum failed");
            }
            if (bArr2 != null && bArr2.length == blockSize) {
                System.arraycopy(bArr3, (i2 + i4) - blockSize, bArr2, 0, blockSize);
            }
            byte[] bArr5 = new byte[doFinal.length - blockSize];
            System.arraycopy(doFinal, blockSize, bArr5, 0, bArr5.length);
            if (dk != null) {
                Arrays.fill(dk, 0, dk.length, (byte) 0);
            }
            if (dk2 != null) {
                Arrays.fill(dk2, 0, dk2.length, (byte) 0);
            }
            return bArr5;
        } catch (Throwable th) {
            if (0 != 0) {
                Arrays.fill((byte[]) null, 0, objArr.length, (byte) 0);
            }
            if (0 != 0) {
                Arrays.fill((byte[]) null, 0, objArr2.length, (byte) 0);
            }
            throw th;
        }
    }

    protected Cipher getCipher(byte[] bArr, byte[] bArr2, int i) throws GeneralSecurityException {
        SecretKey generateSecret = SecretKeyFactory.getInstance("desede").generateSecret(new DESedeKeySpec(bArr, 0));
        if (bArr2 == null) {
            bArr2 = ZERO_IV;
        }
        Cipher cipher = Cipher.getInstance("DESede/CBC/NoPadding");
        cipher.init(i, generateSecret, new IvParameterSpec(bArr2, 0, bArr2.length));
        return cipher;
    }

    protected byte[] getHmac(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, TimeBasedOTP.HMAC_SHA1);
        Mac mac = Mac.getInstance(TimeBasedOTP.HMAC_SHA1);
        mac.init(secretKeySpec);
        return mac.doFinal(bArr2);
    }

    protected byte[] randomToKey(byte[] bArr) {
        if (bArr.length != 21) {
            throw new IllegalArgumentException("input must be 168 bits");
        }
        byte[] keyCorrection = keyCorrection(des3Expand(bArr, 0, 7));
        byte[] keyCorrection2 = keyCorrection(des3Expand(bArr, 7, 14));
        byte[] keyCorrection3 = keyCorrection(des3Expand(bArr, 14, 21));
        byte[] bArr2 = new byte[24];
        System.arraycopy(keyCorrection, 0, bArr2, 0, 8);
        System.arraycopy(keyCorrection2, 0, bArr2, 8, 8);
        System.arraycopy(keyCorrection3, 0, bArr2, 16, 8);
        return bArr2;
    }

    byte[] dk(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        return randomToKey(dr(bArr, bArr2));
    }

    private byte[] dr(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        Cipher cipher = getCipher(bArr, null, 1);
        int blockSize = cipher.getBlockSize();
        if (bArr2.length != blockSize) {
            bArr2 = nfold(bArr2, blockSize * 8);
        }
        byte[] bArr3 = bArr2;
        int keySeedLength = getKeySeedLength() >> 3;
        byte[] bArr4 = new byte[keySeedLength];
        int i = 0;
        while (i < keySeedLength) {
            byte[] doFinal = cipher.doFinal(bArr3);
            int length = keySeedLength - i <= doFinal.length ? keySeedLength - i : doFinal.length;
            System.arraycopy(doFinal, 0, bArr4, i, length);
            i += length;
            bArr3 = doFinal;
        }
        return bArr4;
    }

    protected int getKeySeedLength() {
        return 168;
    }

    static byte[] nfold(byte[] bArr, int i) {
        int length = bArr.length;
        int i2 = i >> 3;
        int i3 = i2;
        int i4 = length;
        while (i4 != 0) {
            int i5 = i4;
            i4 = i3 % i4;
            i3 = i5;
        }
        int i6 = (i2 * length) / i3;
        byte[] bArr2 = new byte[i2];
        Arrays.fill(bArr2, (byte) 0);
        int i7 = 0;
        for (int i8 = i6 - 1; i8 >= 0; i8--) {
            int i9 = ((((length << 3) - 1) + (((length << 3) + 13) * (i8 / length))) + ((length - (i8 % length)) << 3)) % (length << 3);
            int i10 = i7 + (((((bArr[((length - 1) - (i9 >>> 3)) % length] & 255) << 8) | (bArr[(length - (i9 >>> 3)) % length] & 255)) >>> ((i9 & 7) + 1)) & 255) + (bArr2[i8 % i2] & 255);
            bArr2[i8 % i2] = (byte) (i10 & 255);
            i7 = i10 >>> 8;
        }
        if (i7 != 0) {
            for (int i11 = i2 - 1; i11 >= 0; i11--) {
                int i12 = i7 + (bArr2[i11] & 255);
                bArr2[i11] = (byte) (i12 & 255);
                i7 = i12 >>> 8;
            }
        }
        return bArr2;
    }

    private static byte[] des3Expand(byte[] bArr, int i, int i2) {
        if (i2 - i != 7) {
            throw new IllegalArgumentException("Invalid length of DES Key Value:" + i + "," + i2);
        }
        byte[] bArr2 = new byte[8];
        byte b = 0;
        System.arraycopy(bArr, i, bArr2, 0, 7);
        byte b2 = 0;
        for (int i3 = i; i3 < i2; i3++) {
            byte b3 = (byte) (bArr[i3] & 1);
            b2 = (byte) (b2 + 1);
            if (b3 != 0) {
                b = (byte) (b | (b3 << b2));
            }
        }
        bArr2[7] = b;
        setParityBit(bArr2);
        return bArr2;
    }

    private static void setParityBit(byte[] bArr) {
        for (int i = 0; i < bArr.length; i++) {
            int i2 = 0;
            for (int i3 = 0; i3 < PARITY_BIT_MASK.length; i3++) {
                if ((bArr[i] & PARITY_BIT_MASK[i3]) == PARITY_BIT_MASK[i3]) {
                    i2++;
                }
            }
            if ((i2 & 1) == 1) {
                bArr[i] = (byte) (bArr[i] & (-2));
            } else {
                bArr[i] = (byte) (bArr[i] | 1);
            }
        }
    }

    private static byte[] keyCorrection(byte[] bArr) {
        try {
            if (DESKeySpec.isWeak(bArr, 0)) {
                bArr[7] = (byte) (bArr[7] ^ 240);
            }
        } catch (InvalidKeyException e) {
        }
        return bArr;
    }

    @Override // org.jboss.security.negotiation.cipher.Decoder
    public byte[] decryptedData(byte[] bArr) {
        return bArr;
    }
}
