package com.sap.db.util.security;

import com.sap.db.comunication.protocol.Packet;
import com.sap.db.jdbc.exceptions.SQLExceptionSapDB;
import com.sap.db.jdbc.packet.DataPartAuthentication;
import com.sap.db.util.MessageKey;
import com.sap.db.util.StructuredBytes;
import com.sap.db.util.Tracer;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.sql.SQLException;

/* loaded from: input_file:com/sap/db/util/security/ScrammMD5Authentication.class */
public class ScrammMD5Authentication extends AbstractAuthenticationMethod {
    private byte[] salt1;
    protected byte[] serverchallenge;
    protected static long internalseed = 17;
    protected byte[] clientchallenge = null;
    private int maxpasswordLen = 0;

    public byte[] getClientchallenge() throws SQLException {
        internalseed += System.currentTimeMillis();
        if (this.clientchallenge != null) {
            return this.clientchallenge;
        }
        this.clientchallenge = new byte[64];
        int i = 10;
        do {
            try {
                SecureRandom secureRandom = new SecureRandom();
                secureRandom.setSeed(System.currentTimeMillis());
                secureRandom.setSeed(Runtime.getRuntime().freeMemory());
                secureRandom.setSeed(Runtime.getRuntime().totalMemory());
                secureRandom.setSeed(internalseed);
                secureRandom.nextBytes(this.clientchallenge);
                return this.clientchallenge;
            } catch (Exception e) {
                this.clientchallenge = null;
                i--;
            }
        } while (i > 0);
        throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_CHALLENGERESPONSERANDOMBYTES, e.toString());
    }

    private static byte[] preprocessPassword(String str, boolean z) {
        if (!z) {
            return str.getBytes();
        }
        StructuredBytes structuredBytes = new StructuredBytes(str.length() * 2);
        structuredBytes.putBigUnicode(str.toCharArray(), 0, str.length() * 2);
        return structuredBytes.getBytes(0, structuredBytes.size());
    }

    protected byte[] getClientProof(String str, boolean z) throws SQLException {
        try {
            byte[] preprocessPassword = preprocessPassword(str, z);
            internalseed += System.currentTimeMillis();
            return SCRAMMD5.scrammMD5(this.salt1, preprocessPassword, getClientchallenge(), this.serverchallenge);
        } catch (NoSuchAlgorithmException e) {
            throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_WRONGSERVERCHALLENGERECEIVED, "NoSuchAlgorithmException - algorithm \"MD5\" not supported by the java vm");
        }
    }

    public void parseServerChallenge(byte[] bArr) throws SQLException {
        internalseed += System.currentTimeMillis();
        DataPartAuthentication dataPartAuthentication = new DataPartAuthentication(new StructuredBytes(bArr), 1);
        if (!dataPartAuthentication.nextField()) {
            throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_WRONGSERVERCHALLENGERECEIVED, Tracer.Hex2String(bArr));
        }
        this.salt1 = dataPartAuthentication.getBase().getBytes(dataPartAuthentication.getCurrentOffset(), dataPartAuthentication.getCurrentFieldLen());
        if (!dataPartAuthentication.nextField()) {
            throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_WRONGSERVERCHALLENGERECEIVED, Tracer.Hex2String(bArr));
        }
        this.serverchallenge = dataPartAuthentication.getBase().getBytes(dataPartAuthentication.getCurrentOffset(), dataPartAuthentication.getCurrentFieldLen());
        internalseed += System.currentTimeMillis();
    }

    @Override // com.sap.db.util.security.AbstractAuthenticationMethod
    public int getMaxPasswordLength() {
        return this.maxpasswordLen;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sap.db.util.security.AbstractAuthenticationMethod
    public String getMethodName() {
        return "SCRAMMD5";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sap.db.util.security.AbstractAuthenticationMethod
    public byte[] getInitialData(byte[] bArr) throws SQLException {
        return getClientchallenge();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.sap.db.util.security.AbstractAuthenticationMethod
    public byte[] evaluateAuthReply(DataPartAuthentication dataPartAuthentication, Tracer tracer) throws SQLException {
        internalseed += System.currentTimeMillis();
        if (dataPartAuthentication.getCurrentFieldLen() == 40) {
            this.salt1 = dataPartAuthentication.getBase().getBytes(dataPartAuthentication.getCurrentOffset(), 8);
            this.serverchallenge = dataPartAuthentication.getBase().getBytes(dataPartAuthentication.getCurrentOffset() + 8, dataPartAuthentication.getCurrentFieldLen() - 8);
        } else {
            DataPartAuthentication dataPartAuthentication2 = new DataPartAuthentication(new StructuredBytes(dataPartAuthentication.getBase().getBytes(dataPartAuthentication.getCurrentOffset(), dataPartAuthentication.getCurrentFieldLen())), 1);
            if (!dataPartAuthentication2.nextField()) {
                throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_WRONGSERVERCHALLENGERECEIVED, Tracer.Hex2String(dataPartAuthentication.getBase().getBytes(0, dataPartAuthentication.size())));
            }
            this.salt1 = dataPartAuthentication2.getBase().getBytes(dataPartAuthentication2.getCurrentOffset(), dataPartAuthentication2.getCurrentFieldLen());
            if (!dataPartAuthentication2.nextField()) {
                throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_WRONGSERVERCHALLENGERECEIVED, Tracer.Hex2String(dataPartAuthentication.getBase().getBytes(0, dataPartAuthentication.size())));
            }
            this.serverchallenge = dataPartAuthentication2.getBase().getBytes(dataPartAuthentication2.getCurrentOffset(), dataPartAuthentication2.getCurrentFieldLen());
            if (dataPartAuthentication.nextField()) {
                DataPartAuthentication dataPartAuthentication3 = new DataPartAuthentication(new StructuredBytes(dataPartAuthentication.getBase().getBytes(dataPartAuthentication.getCurrentOffset(), dataPartAuthentication.getCurrentFieldLen())), 1);
                if (!dataPartAuthentication3.nextField()) {
                    throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_WRONGSERVERCHALLENGERECEIVED, Tracer.Hex2String(dataPartAuthentication.getBase().getBytes(0, dataPartAuthentication.size())));
                }
                do {
                    if (dataPartAuthentication3.getBase().getString(dataPartAuthentication3.getCurrentOffset(), dataPartAuthentication3.getCurrentFieldLen()).equals(Packet.csp1_maxpasswordlen_tag_C)) {
                        if (!dataPartAuthentication3.nextField()) {
                            throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_WRONGSERVERCHALLENGERECEIVED, Tracer.Hex2String(dataPartAuthentication.getBase().getBytes(0, dataPartAuthentication.size())));
                        }
                        try {
                            this.maxpasswordLen = Integer.parseInt(dataPartAuthentication3.getBase().getString(dataPartAuthentication3.getCurrentOffset(), dataPartAuthentication3.getCurrentFieldLen()));
                        } catch (NumberFormatException e) {
                            throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_WRONGSERVERCHALLENGERECEIVED, Tracer.Hex2String(dataPartAuthentication.getBase().getBytes(0, dataPartAuthentication.size())));
                        }
                    } else if (!dataPartAuthentication3.nextField()) {
                        throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_CONNECTION_WRONGSERVERCHALLENGERECEIVED, Tracer.Hex2String(dataPartAuthentication.getBase().getBytes(0, dataPartAuthentication.size())));
                    }
                } while (dataPartAuthentication3.nextField());
            }
        }
        internalseed += System.currentTimeMillis();
        return null;
    }

    @Override // com.sap.db.util.security.AbstractAuthenticationMethod
    public byte[] getFinalData(String str, boolean z) throws SQLException {
        if (str == null) {
            throw SQLExceptionSapDB.generateSQLException(MessageKey.ERROR_NOPASSWORD);
        }
        internalseed += System.currentTimeMillis();
        return getClientProof(str, z);
    }

    @Override // com.sap.db.util.security.AbstractAuthenticationMethod
    public boolean supportsReconnect() {
        return true;
    }
}
