package org.jenkinsci.remoting.engine;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.remoting.Channel;
import hudson.remoting.ChannelBuilder;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.EOFException;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.net.Socket;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Random;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Future;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import org.jenkinsci.remoting.nio.NioChannelHub;
import org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException;
import org.jenkinsci.remoting.util.Charsets;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/remoting-3.10.jar:org/jenkinsci/remoting/engine/JnlpProtocol3Handler.class
 */
@Deprecated
/* loaded from: input_file:WEB-INF/jenkins-cli.jar:org/jenkinsci/remoting/engine/JnlpProtocol3Handler.class */
public class JnlpProtocol3Handler extends LegacyJnlpProtocolHandler<Jnlp3ConnectionState> {
    private static final Logger LOGGER = Logger.getLogger(JnlpProtocol3Handler.class.getName());
    private static final Random RANDOM = new SecureRandom();
    static final String COOKIE_NAME = "org.jenkinsci.remoting.engine.JnlpProtocol3.cookie";
    public static final String CHALLENGE_KEY = "Challenge";
    static final String NEGOTIATE_LINE = "Negotiate";
    static final String NAME = "JNLP3-connect";

    public JnlpProtocol3Handler(@Nullable JnlpClientDatabase jnlpClientDatabase, @Nonnull ExecutorService executorService, @Nullable NioChannelHub nioChannelHub, boolean z) {
        super(jnlpClientDatabase, executorService, nioChannelHub, z);
    }

    @Override // org.jenkinsci.remoting.engine.JnlpProtocolHandler
    public String getName() {
        return NAME;
    }

    @Override // org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler, org.jenkinsci.remoting.engine.JnlpProtocolHandler
    @Nonnull
    public Jnlp3ConnectionState createConnectionState(@Nonnull Socket socket, @Nonnull List<? extends JnlpConnectionStateListener> list) throws IOException {
        return new Jnlp3ConnectionState(socket, list);
    }

    /* renamed from: sendHandshake, reason: avoid collision after fix types in other method */
    void sendHandshake2(@Nonnull Jnlp3ConnectionState jnlp3ConnectionState, @Nonnull Map<String, String> map) throws IOException {
        String str = map.get(JnlpConnectionState.SECRET_KEY);
        if (str == null) {
            throw new ConnectionRefusalException("Client headers missing Secret-Key");
        }
        String str2 = map.get(JnlpConnectionState.CLIENT_NAME_KEY);
        if (str2 == null) {
            throw new ConnectionRefusalException("Client headers missing Node-Name");
        }
        String str3 = map.get("Cookie");
        HandshakeCiphers create = HandshakeCiphers.create(str2, str);
        String generateChallenge = Jnlp3Util.generateChallenge(RANDOM);
        Properties properties = new Properties();
        properties.put(JnlpConnectionState.CLIENT_NAME_KEY, str2);
        properties.put(CHALLENGE_KEY, create.encrypt(generateChallenge));
        if (str3 != null) {
            properties.put("Cookie", create.encrypt(str3));
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        properties.store(byteArrayOutputStream, (String) null);
        jnlp3ConnectionState.fireBeforeProperties();
        DataOutputStream dataOutputStream = jnlp3ConnectionState.getDataOutputStream();
        dataOutputStream.writeUTF("Protocol:JNLP3-connect");
        dataOutputStream.writeUTF(byteArrayOutputStream.toString("UTF-8"));
        dataOutputStream.flush();
        InputStream socketInputStream = jnlp3ConnectionState.getSocketInputStream();
        String readLine = EngineUtil.readLine(socketInputStream);
        if (!readLine.equals("Negotiate")) {
            throw new ConnectionRefusalException("Server didn't accept the handshake: " + readLine);
        }
        try {
            if (!Jnlp3Util.validateChallengeResponse(generateChallenge, create.decrypt(EngineUtil.readChars(socketInputStream, Integer.parseInt(EngineUtil.readLine(socketInputStream)))))) {
                throw new ConnectionRefusalException("JNLP3-connect: Incorrect challenge response from master");
            }
            dataOutputStream.writeUTF(LegacyJnlpProtocolHandler.GREETING_SUCCESS);
            dataOutputStream.flush();
            dataOutputStream.writeUTF(create.encrypt(Jnlp3Util.createChallengeResponse(create.decrypt(EngineUtil.readChars(socketInputStream, Integer.valueOf(Integer.parseInt(EngineUtil.readLine(socketInputStream))).intValue())))));
            dataOutputStream.flush();
            String readLine2 = EngineUtil.readLine(socketInputStream);
            if (!LegacyJnlpProtocolHandler.GREETING_SUCCESS.equals(readLine2)) {
                throw new ConnectionRefusalException("JNLP3-connect: Master rejected connection: " + readLine2);
            }
            ChannelCiphers create2 = ChannelCiphers.create(RANDOM);
            dataOutputStream.writeUTF(create.encrypt(Jnlp3Util.keyToString(create2.getAesKey())));
            dataOutputStream.writeUTF(create.encrypt(Jnlp3Util.keyToString(create2.getSpecKey())));
            dataOutputStream.flush();
            jnlp3ConnectionState.setChannelCiphers(create2);
            String decrypt = create.decrypt(EngineUtil.readLine(socketInputStream));
            HashMap hashMap = new HashMap();
            hashMap.put("Cookie", decrypt);
            jnlp3ConnectionState.fireAfterProperties(hashMap);
        } catch (NumberFormatException e) {
            throw new ConnectionRefusalException("JNLP3-connect: Incorrect challenge response from master");
        }
    }

    /* renamed from: receiveHandshake, reason: avoid collision after fix types in other method */
    void receiveHandshake2(@Nonnull Jnlp3ConnectionState jnlp3ConnectionState, @Nonnull Map<String, String> map) throws IOException {
        PrintWriter printWriter = jnlp3ConnectionState.getPrintWriter();
        printWriter.println("Negotiate");
        Properties properties = new Properties();
        DataInputStream dataInputStream = jnlp3ConnectionState.getDataInputStream();
        properties.load(new ByteArrayInputStream(dataInputStream.readUTF().getBytes(Charsets.UTF_8)));
        String property = properties.getProperty(JnlpConnectionState.CLIENT_NAME_KEY);
        JnlpClientDatabase clientDatabase = getClientDatabase();
        if (clientDatabase == null || !clientDatabase.exists(property)) {
            throw new ConnectionRefusalException("Unknown client name: " + property);
        }
        String secretOf = clientDatabase.getSecretOf(property);
        if (secretOf == null) {
            throw new ConnectionRefusalException("Unknown client name: " + property);
        }
        HandshakeCiphers create = HandshakeCiphers.create(property, secretOf);
        String encrypt = create.encrypt(Jnlp3Util.createChallengeResponse(create.decrypt(properties.getProperty(CHALLENGE_KEY))));
        printWriter.println(encrypt.getBytes(Charsets.UTF_8).length);
        printWriter.print(encrypt);
        printWriter.flush();
        try {
            if (!dataInputStream.readUTF().equals(LegacyJnlpProtocolHandler.GREETING_SUCCESS)) {
                throw new ConnectionRefusalException("Agent did not accept our challenge response");
            }
            jnlp3ConnectionState.fireBeforeProperties();
            Map<String, String> hashMap = new HashMap<>();
            hashMap.putAll(properties);
            if (hashMap.get("Cookie") != null) {
                hashMap.put("Cookie", create.decrypt(hashMap.get("Cookie")));
            }
            String generateChallenge = Jnlp3Util.generateChallenge(RANDOM);
            String encrypt2 = create.encrypt(generateChallenge);
            printWriter.println(encrypt2.getBytes(Charsets.UTF_8).length);
            printWriter.print(encrypt2);
            printWriter.flush();
            if (!Jnlp3Util.validateChallengeResponse(generateChallenge, create.decrypt(dataInputStream.readUTF()))) {
                LOGGER.log(Level.WARNING, "An attempt was made to connect as {0} from {1} with an incorrect secret", new Object[]{property, jnlp3ConnectionState.getSocket().getRemoteSocketAddress()});
                throw new ConnectionRefusalException("Incorrect master challenge response from agent");
            }
            jnlp3ConnectionState.fireAfterProperties(hashMap);
            printWriter.println(LegacyJnlpProtocolHandler.GREETING_SUCCESS);
            String str = null;
            String str2 = null;
            for (int i = 0; i < 110; i++) {
                if (i >= 100) {
                    throw new IOException("JENKINS-37140 got really unlucky with the random number generator");
                }
                str = generateCookie();
                str2 = create.encrypt(str);
                if (str2.indexOf(10) == -1 || Character.isWhitespace(str2.charAt(0)) || Character.isWhitespace(str2.charAt(str2.length() - 1))) {
                    break;
                }
            }
            jnlp3ConnectionState.setNewCookie(str);
            printWriter.println(str2);
            printWriter.flush();
            jnlp3ConnectionState.setChannelCiphers(ChannelCiphers.create(Jnlp3Util.keyFromString(create.decrypt(dataInputStream.readUTF())), Jnlp3Util.keyFromString(create.decrypt(dataInputStream.readUTF()))));
        } catch (EOFException e) {
            throw new ConnectionRefusalException("Agent did not accept our challenge response");
        }
    }

    private String generateCookie() {
        byte[] bArr = new byte[32];
        RANDOM.nextBytes(bArr);
        return toHexString(bArr);
    }

    @Nonnull
    private static String toHexString(@Nonnull byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append(Character.forDigit((b >> 4) & 15, 16));
            sb.append(Character.forDigit(b & 15, 16));
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler
    @Nonnull
    public Channel buildChannel(@Nonnull Jnlp3ConnectionState jnlp3ConnectionState) throws IOException {
        ChannelBuilder channelBuilder = jnlp3ConnectionState.getChannelBuilder();
        String newCookie = jnlp3ConnectionState.getNewCookie();
        if (newCookie != null) {
            channelBuilder.withProperty(COOKIE_NAME, newCookie);
        }
        return channelBuilder.build(new CipherInputStream(jnlp3ConnectionState.getSocketInputStream(), jnlp3ConnectionState.getChannelCiphers().getDecryptCipher()), new CipherOutputStream(jnlp3ConnectionState.getSocketOutputStream(), jnlp3ConnectionState.getChannelCiphers().getEncryptCipher()));
    }

    @Override // org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler
    /* bridge */ /* synthetic */ void receiveHandshake(@Nonnull Jnlp3ConnectionState jnlp3ConnectionState, @Nonnull Map map) throws IOException {
        receiveHandshake2(jnlp3ConnectionState, (Map<String, String>) map);
    }

    @Override // org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler
    /* bridge */ /* synthetic */ void sendHandshake(@Nonnull Jnlp3ConnectionState jnlp3ConnectionState, @Nonnull Map map) throws IOException {
        sendHandshake2(jnlp3ConnectionState, (Map<String, String>) map);
    }

    @Override // org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler, org.jenkinsci.remoting.engine.JnlpProtocolHandler
    @Nonnull
    @SuppressFBWarnings(value = {"BC_UNCONFIRMED_CAST_OF_RETURN_VALUE"}, justification = "Generics will ensure the implementation returns the correct type.")
    public /* bridge */ /* synthetic */ Future connect(@Nonnull Socket socket, @Nonnull Map map, @Nonnull List list) throws IOException {
        return super.connect(socket, (Map<String, String>) map, (List<? extends JnlpConnectionStateListener>) list);
    }

    @Override // org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler, org.jenkinsci.remoting.engine.JnlpProtocolHandler
    @Nonnull
    @SuppressFBWarnings(value = {"BC_UNCONFIRMED_CAST_OF_RETURN_VALUE"}, justification = "Generics will ensure the implementation returns the correct type.")
    public /* bridge */ /* synthetic */ Future handle(@Nonnull Socket socket, @Nonnull Map map, @Nonnull List list) throws IOException {
        return super.handle(socket, (Map<String, String>) map, (List<? extends JnlpConnectionStateListener>) list);
    }

    @Override // org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler, org.jenkinsci.remoting.engine.JnlpProtocolHandler
    @Nonnull
    public /* bridge */ /* synthetic */ LegacyJnlpConnectionState createConnectionState(@Nonnull Socket socket, @Nonnull List list) throws IOException {
        return createConnectionState(socket, (List<? extends JnlpConnectionStateListener>) list);
    }

    @Override // org.jenkinsci.remoting.engine.LegacyJnlpProtocolHandler, org.jenkinsci.remoting.engine.JnlpProtocolHandler
    @Nonnull
    public /* bridge */ /* synthetic */ JnlpConnectionState createConnectionState(@Nonnull Socket socket, @Nonnull List list) throws IOException {
        return createConnectionState(socket, (List<? extends JnlpConnectionStateListener>) list);
    }
}
