package com.hierynomus.smbj.connection;

import OoOoO0Oo0OoOoOoO.oOo0oOo0Oo0oO0Oo;
import OoOoO0Oo0OoOoOoO.oOoOoOo0O0O0oO0o;
import com.hierynomus.mssmb2.SMB2Dialect;
import com.hierynomus.mssmb2.SMB2Packet;
import com.hierynomus.mssmb2.SMB2PacketHeader;
import com.hierynomus.mssmb2.SMB2TransformHeader;
import com.hierynomus.mssmb2.SMB3EncryptedPacketData;
import com.hierynomus.mssmb2.SMB3EncryptionCipher;
import com.hierynomus.protocol.commons.buffer.Buffer;
import com.hierynomus.security.AEADBlockCipher;
import com.hierynomus.security.Cipher;
import com.hierynomus.security.SecurityException;
import com.hierynomus.security.SecurityProvider;
import com.hierynomus.smb.SMBBuffer;
import com.hierynomus.smbj.common.SMBRuntimeException;
import java.util.Arrays;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;

/* loaded from: classes.dex */
public class PacketEncryptor {
    private static final oOo0oOo0Oo0oO0Oo logger = oOoOoOo0O0O0oO0o.oOo0oOo0Oo0oO0Oo(PacketEncryptor.class);
    private SMB3EncryptionCipher cipher;
    private SMB2Dialect dialect;
    private AtomicInteger nonceCounter = new AtomicInteger(0);
    private SecurityProvider securityProvider;

    /* loaded from: classes.dex */
    public class EncryptedPacketWrapper extends SMB2Packet {
        private final SecretKey encryptionKey;
        private final SMB2Packet packet;

        public EncryptedPacketWrapper(SMB2Packet sMB2Packet, SecretKey secretKey) {
            this.packet = sMB2Packet;
            this.encryptionKey = secretKey;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.hierynomus.smb.SMBPacket
        public SMB2PacketHeader getHeader() {
            return this.packet.getHeader();
        }

        @Override // com.hierynomus.mssmb2.SMB2Packet
        public int getMaxPayloadSize() {
            return this.packet.getMaxPayloadSize();
        }

        @Override // com.hierynomus.mssmb2.SMB2Packet
        public SMB2Packet getPacket() {
            return this.packet.getPacket();
        }

        @Override // com.hierynomus.mssmb2.SMB2Packet
        public long getSequenceNumber() {
            return this.packet.getSequenceNumber();
        }

        @Override // com.hierynomus.mssmb2.SMB2Packet
        public int getStructureSize() {
            return this.packet.getStructureSize();
        }

        @Override // com.hierynomus.mssmb2.SMB2Packet
        public String toString() {
            return "Encrypted[" + this.packet.toString() + "]";
        }

        @Override // com.hierynomus.mssmb2.SMB2Packet, com.hierynomus.protocol.Packet
        public void write(SMBBuffer sMBBuffer) {
            SMBBuffer sMBBuffer2 = new SMBBuffer();
            this.packet.write(sMBBuffer2);
            byte[] compactData = sMBBuffer2.getCompactData();
            byte[] newNonce = PacketEncryptor.this.getNewNonce();
            GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, newNonce);
            SMB2TransformHeader sMB2TransformHeader = new SMB2TransformHeader(newNonce, compactData.length, this.packet.getHeader().getSessionId());
            byte[] createAAD = PacketEncryptor.this.createAAD(sMB2TransformHeader);
            try {
                AEADBlockCipher aEADBlockCipher = PacketEncryptor.this.securityProvider.getAEADBlockCipher(PacketEncryptor.this.cipher.getAlgorithmName());
                aEADBlockCipher.init(Cipher.CryptMode.ENCRYPT, this.encryptionKey.getEncoded(), gCMParameterSpec);
                aEADBlockCipher.updateAAD(createAAD, 0, createAAD.length);
                byte[] doFinal = aEADBlockCipher.doFinal(compactData, 0, compactData.length);
                if (doFinal.length != compactData.length + 16) {
                    throw new IllegalStateException("Invalid length for cipherText after encryption.");
                }
                byte[] bArr = new byte[16];
                System.arraycopy(doFinal, compactData.length, bArr, 0, 16);
                sMB2TransformHeader.setSignature(bArr);
                sMB2TransformHeader.writeTo(sMBBuffer);
                sMBBuffer.putRawBytes(doFinal, 0, compactData.length);
            } catch (SecurityException e) {
                PacketEncryptor.logger.oOoOoO0oOo0oO0O0(this.packet.getHeader(), "Security exception while encrypting packet << {} >>");
                throw new SMBRuntimeException(e);
            }
        }
    }

    public PacketEncryptor(SecurityProvider securityProvider) {
        this.securityProvider = securityProvider;
    }

    public boolean canDecrypt(SMB3EncryptedPacketData sMB3EncryptedPacketData) {
        return this.dialect.isSmb3x() && sMB3EncryptedPacketData.getDataBuffer().available() != 0 && sMB3EncryptedPacketData.getHeader().getFlagsEncryptionAlgorithm() == 1;
    }

    public byte[] createAAD(SMB2TransformHeader sMB2TransformHeader) {
        SMBBuffer sMBBuffer = new SMBBuffer();
        sMB2TransformHeader.writeTo(sMBBuffer);
        sMBBuffer.rpos(20);
        return sMBBuffer.getCompactData();
    }

    public byte[] decrypt(SMB3EncryptedPacketData sMB3EncryptedPacketData, SecretKey secretKey) {
        byte[] copyOf = Arrays.copyOf(sMB3EncryptedPacketData.getHeader().getNonce(), this.cipher.getNonceLength());
        try {
            byte[] createAAD = createAAD(sMB3EncryptedPacketData.getHeader());
            byte[] cipherText = sMB3EncryptedPacketData.getCipherText();
            byte[] signature = sMB3EncryptedPacketData.getHeader().getSignature();
            AEADBlockCipher aEADBlockCipher = this.securityProvider.getAEADBlockCipher(this.cipher.getAlgorithmName());
            aEADBlockCipher.init(Cipher.CryptMode.DECRYPT, secretKey.getEncoded(), new GCMParameterSpec(128, copyOf));
            aEADBlockCipher.updateAAD(createAAD, 0, createAAD.length);
            byte[] update = aEADBlockCipher.update(cipherText, 0, cipherText.length);
            byte[] doFinal = aEADBlockCipher.doFinal(signature, 0, signature.length);
            if (update == null || update.length == 0) {
                return doFinal;
            }
            byte[] bArr = new byte[update.length + doFinal.length];
            System.arraycopy(update, 0, bArr, 0, update.length);
            System.arraycopy(doFinal, 0, bArr, update.length, doFinal.length);
            return bArr;
        } catch (Buffer.BufferException e) {
            logger.oOoOoO0oOo0oO0O0(sMB3EncryptedPacketData, "Could not read cipherText from packet << {} >>");
            throw new SMBRuntimeException("Could not read cipherText from packet", e);
        } catch (SecurityException e2) {
            logger.oOoOoO0oOo0oO0O0(sMB3EncryptedPacketData, "Security exception while decrypting packet << {} >>");
            throw new SMBRuntimeException(e2);
        }
    }

    public SMB2Packet encrypt(SMB2Packet sMB2Packet, SecretKey secretKey) {
        if (secretKey != null) {
            return new EncryptedPacketWrapper(sMB2Packet, secretKey);
        }
        logger.OoOo0o0Oo0oO0o0o(sMB2Packet.getHeader().getMessage(), "Not wrapping {} as encrypted, as no key is set.");
        return sMB2Packet;
    }

    public byte[] getNewNonce() {
        long nanoTime = System.nanoTime();
        SMBBuffer sMBBuffer = new SMBBuffer();
        sMBBuffer.putUInt64(nanoTime);
        sMBBuffer.putReserved(this.cipher.getNonceLength() - 8);
        return sMBBuffer.getCompactData();
    }

    public void init(ConnectionContext connectionContext) {
        this.dialect = connectionContext.getNegotiatedProtocol().getDialect();
        if (connectionContext.getNegotiatedProtocol().getDialect().equals(SMB2Dialect.SMB_3_1_1)) {
            this.cipher = connectionContext.getCipherId();
        } else {
            this.cipher = SMB3EncryptionCipher.AES_128_CCM;
        }
        logger.oOoOoOoOoOoOoO0o(this.cipher, "Initialized PacketEncryptor with Cipher << {} >>");
    }

    public void setCipher(SMB3EncryptionCipher sMB3EncryptionCipher) {
        this.cipher = sMB3EncryptionCipher;
    }
}
