package net.sf.jradius.client;

import gnu.crypto.jce.GnuCrypto;
import java.beans.Introspector;
import java.beans.PropertyDescriptor;
import java.io.IOException;
import java.lang.reflect.Method;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
import java.net.InetAddress;
import java.net.SocketTimeoutException;
import java.security.MessageDigest;
import java.security.Security;
import java.util.Arrays;
import java.util.HashMap;
import java.util.LinkedHashMap;
import net.sf.jradius.client.auth.CHAPAuthenticator;
import net.sf.jradius.client.auth.EAPMD5Authenticator;
import net.sf.jradius.client.auth.EAPMSCHAPv2Authenticator;
import net.sf.jradius.client.auth.EAPTLSAuthenticator;
import net.sf.jradius.client.auth.EAPTTLSAuthenticator;
import net.sf.jradius.client.auth.MSCHAPv1Authenticator;
import net.sf.jradius.client.auth.MSCHAPv2Authenticator;
import net.sf.jradius.client.auth.PAPAuthenticator;
import net.sf.jradius.client.auth.RadiusAuthenticator;
import net.sf.jradius.exception.RadiusException;
import net.sf.jradius.exception.RadiusSecurityException;
import net.sf.jradius.exception.TimeoutException;
import net.sf.jradius.exception.UnknownAttributeException;
import net.sf.jradius.log.RadiusLog;
import net.sf.jradius.packet.AccessChallenge;
import net.sf.jradius.packet.AccessRequest;
import net.sf.jradius.packet.AccountingRequest;
import net.sf.jradius.packet.AccountingResponse;
import net.sf.jradius.packet.PacketFactory;
import net.sf.jradius.packet.RadiusFormat;
import net.sf.jradius.packet.RadiusPacket;
import net.sf.jradius.packet.RadiusRequest;
import net.sf.jradius.packet.RadiusResponse;
import net.sf.jradius.packet.attribute.AttributeFactory;
import net.sf.jradius.packet.attribute.RadiusAttribute;
import net.sf.jradius.session.JRadiusSession;
import net.sf.jradius.util.MD5;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: input_file:net/sf/jradius/client/RadiusClient.class */
public class RadiusClient {
    private static final int d = 1812;
    private static final int c = 1813;
    private static final int b = 60;
    protected InetAddress remoteInetAddress;
    protected String sharedSecret;
    protected int authPort;
    protected int acctPort;
    protected int socketTimeout;
    protected DatagramSocket socket;
    private MessageDigest e;
    protected JRadiusSession session;
    private static final RadiusFormat f = new RadiusFormat();
    protected static final LinkedHashMap authenticators = new LinkedHashMap();

    public RadiusClient() {
        this.authPort = d;
        this.acctPort = c;
        this.socketTimeout = 60000;
        try {
            this.socket = new DatagramSocket();
            this.e = MessageDigest.getInstance(MessageDigestAlgorithms.MD5);
        } catch (Exception e) {
            RadiusLog.error(e.getMessage());
            e.printStackTrace();
        }
    }

    public RadiusClient(InetAddress inetAddress, String str) {
        this();
        setRemoteInetAddress(inetAddress);
        setSharedSecret(str);
    }

    public RadiusClient(InetAddress inetAddress, String str, int i, int i2, int i3) {
        this();
        setRemoteInetAddress(inetAddress);
        setSharedSecret(str);
        setAuthPort(i);
        setAcctPort(i2);
        setSocketTimeout(i3);
    }

    public static void registerAuthenticator(String str, Class cls) {
        authenticators.put(str, cls);
    }

    public static void registerAuthenticator(String str, String str2) throws ClassNotFoundException {
        authenticators.put(str, Class.forName(str2));
    }

    public static RadiusAuthenticator getAuthProtocol(String str) {
        int indexOf = str.indexOf(58);
        if (indexOf > 0) {
            r9 = indexOf < str.length() ? str.substring(indexOf + 1).split(":") : null;
            str = str.substring(0, indexOf);
        }
        String lowerCase = str.toLowerCase();
        Class cls = (Class) authenticators.get(lowerCase);
        if (cls == null) {
            return null;
        }
        try {
            RadiusAuthenticator radiusAuthenticator = (RadiusAuthenticator) cls.newInstance();
            if (r9 != null) {
                HashMap hashMap = new HashMap();
                try {
                    for (PropertyDescriptor propertyDescriptor : Introspector.getBeanInfo(radiusAuthenticator.getClass()).getPropertyDescriptors()) {
                        if (propertyDescriptor.getWriteMethod() != null) {
                            hashMap.put(propertyDescriptor.getName(), propertyDescriptor);
                        }
                    }
                    for (int i = 0; i < r9.length; i++) {
                        int indexOf2 = r9[i].indexOf("=");
                        if (indexOf2 > 0) {
                            String substring = r9[i].substring(0, indexOf2);
                            String substring2 = r9[i].substring(indexOf2 + 1);
                            PropertyDescriptor propertyDescriptor2 = (PropertyDescriptor) hashMap.get(substring);
                            Method writeMethod = propertyDescriptor2.getWriteMethod();
                            if (writeMethod == null) {
                                RadiusLog.error("Authenticator " + lowerCase + " does not have a writable attribute " + substring);
                            } else {
                                Object obj = substring2;
                                Class propertyType = propertyDescriptor2.getPropertyType();
                                if (propertyType == Boolean.class) {
                                    obj = new Boolean(substring2);
                                } else if (propertyType == Integer.class) {
                                    obj = new Integer(substring2);
                                }
                                try {
                                    writeMethod.invoke(radiusAuthenticator, obj);
                                } catch (Exception e) {
                                    RadiusLog.error("Error setting attribute " + substring + " for authenticator " + lowerCase + ": " + e.getMessage());
                                }
                            }
                        }
                    }
                } catch (Exception e2) {
                    RadiusLog.error("Could not instanciate authenticator " + lowerCase);
                    return radiusAuthenticator;
                }
            }
            return radiusAuthenticator;
        } catch (Exception e3) {
            e3.printStackTrace();
            return null;
        }
    }

    public RadiusResponse authenticate(AccessRequest accessRequest, RadiusAuthenticator radiusAuthenticator, int i) throws RadiusException, UnknownAttributeException {
        if (radiusAuthenticator == null) {
            radiusAuthenticator = new PAPAuthenticator();
        }
        radiusAuthenticator.setupRequest(this, accessRequest);
        radiusAuthenticator.processRequest(accessRequest);
        while (true) {
            RadiusResponse sendReceive = sendReceive(accessRequest, this.remoteInetAddress, this.authPort, i);
            if (!(sendReceive instanceof AccessChallenge)) {
                return sendReceive;
            }
            radiusAuthenticator.processChallenge(accessRequest, sendReceive);
        }
    }

    private void b(RadiusPacket radiusPacket) {
        byte[] bArr = new byte[16];
        radiusPacket.overwriteAttribute(AttributeFactory.newAttribute(80, bArr));
        System.arraycopy(MD5.hmac_md5(f.packPacket(radiusPacket), this.sharedSecret.getBytes()), 0, bArr, 0, 16);
    }

    private boolean b(RadiusRequest radiusRequest, RadiusResponse radiusResponse, boolean z) {
        byte[] authenticator = radiusRequest.getAuthenticator();
        byte[] authenticator2 = radiusResponse.getAuthenticator();
        byte[] bArr = new byte[16];
        RadiusAttribute findAttribute = radiusResponse.findAttribute(80);
        if (findAttribute == null) {
            return !z;
        }
        byte[] bytes = findAttribute.getValue().getBytes();
        findAttribute.setValue(bArr);
        radiusResponse.setAuthenticator(authenticator);
        System.arraycopy(MD5.hmac_md5(f.packPacket(radiusResponse), this.sharedSecret.getBytes()), 0, bArr, 0, 16);
        radiusResponse.setAuthenticator(authenticator2);
        return Arrays.equals(bytes, bArr);
    }

    private boolean b(RadiusRequest radiusRequest, RadiusResponse radiusResponse) {
        return radiusResponse.verifyAuthenticator(this, radiusRequest.getAuthenticator());
    }

    public AccountingResponse accounting(AccountingRequest accountingRequest, int i) throws RadiusException {
        RadiusResponse sendReceive = sendReceive(accountingRequest, this.remoteInetAddress, this.acctPort, i);
        if (sendReceive instanceof AccountingResponse) {
            return (AccountingResponse) sendReceive;
        }
        throw new RadiusException("Received something other than AccountingResponse to a AccountingRequest");
    }

    public RadiusResponse sendReceive(RadiusRequest radiusRequest, InetAddress inetAddress, int i, int i2) throws RadiusException {
        RadiusResponse radiusResponse = null;
        int i3 = 0;
        if (radiusRequest instanceof AccessRequest) {
            b(radiusRequest);
        }
        if (i2 < 0) {
            i2 = 0;
        }
        int i4 = i2 + 1;
        while (i3 < i4) {
            try {
                if (this.socketTimeout > 0) {
                    this.socket.setSoTimeout(this.socketTimeout);
                }
                send(radiusRequest, inetAddress, i, i3);
                radiusResponse = receive();
                break;
            } catch (SocketTimeoutException e) {
                i3++;
            } catch (IOException e2) {
                e2.printStackTrace();
                i3++;
            }
        }
        if (i3 == i4) {
            throw new TimeoutException("Timeout: No Response from RADIUS Server");
        }
        if (!b(radiusRequest, radiusResponse)) {
            throw new RadiusSecurityException("Invalid RADIUS Authenticator");
        }
        if (b(radiusRequest, radiusResponse, radiusResponse.findAttribute(79) != null)) {
            return radiusResponse;
        }
        throw new RadiusSecurityException("Invalid RADIUS Message-Authenticator");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void send(RadiusPacket radiusPacket, InetAddress inetAddress, int i, int i2) throws IOException {
        if (i2 > 1) {
            RadiusLog.warn("RadiusClient retrying request (attempt " + i2 + ")...");
        }
        byte[] packPacket = f.packPacket(radiusPacket);
        this.socket.send(new DatagramPacket(packPacket, packPacket.length, inetAddress, i));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RadiusResponse receive() throws IOException, RadiusException {
        byte[] bArr = new byte[RadiusPacket.MAX_PACKET_LENGTH];
        DatagramPacket datagramPacket = new DatagramPacket(bArr, bArr.length);
        this.socket.receive(datagramPacket);
        RadiusPacket parse = PacketFactory.parse(datagramPacket);
        if (parse instanceof RadiusResponse) {
            return (RadiusResponse) parse;
        }
        throw new RadiusException("Received something other than a RADIUS Response to a Request");
    }

    public MessageDigest getMD() {
        return this.e;
    }

    public int getAcctPort() {
        return this.acctPort;
    }

    public void setAcctPort(int i) {
        this.acctPort = i;
    }

    public int getAuthPort() {
        return this.authPort;
    }

    public void setAuthPort(int i) {
        this.authPort = i;
    }

    public int getSocketTimeout() {
        return this.socketTimeout / 1000;
    }

    public void setSocketTimeout(int i) {
        this.socketTimeout = i * 1000;
    }

    public InetAddress getRemoteInetAddress() {
        return this.remoteInetAddress;
    }

    public void setRemoteInetAddress(InetAddress inetAddress) {
        this.remoteInetAddress = inetAddress;
    }

    public InetAddress getLocalInetAddress() {
        return this.socket.getLocalAddress();
    }

    public void setLocalInetAddress(InetAddress inetAddress) {
    }

    public String getSharedSecret() {
        return this.sharedSecret;
    }

    public void setSharedSecret(String str) {
        this.sharedSecret = str;
    }

    static {
        registerAuthenticator(PAPAuthenticator.NAME, PAPAuthenticator.class);
        registerAuthenticator(CHAPAuthenticator.NAME, CHAPAuthenticator.class);
        registerAuthenticator(MSCHAPv1Authenticator.NAME, MSCHAPv1Authenticator.class);
        registerAuthenticator(MSCHAPv2Authenticator.NAME, MSCHAPv2Authenticator.class);
        registerAuthenticator("mschap", MSCHAPv2Authenticator.class);
        registerAuthenticator(EAPMD5Authenticator.NAME, EAPMD5Authenticator.class);
        registerAuthenticator(EAPMSCHAPv2Authenticator.NAME, EAPMSCHAPv2Authenticator.class);
        try {
            registerAuthenticator(EAPTLSAuthenticator.NAME, "net.sf.jradius.client.auth.EAPTLSAuthenticator");
            registerAuthenticator(EAPTTLSAuthenticator.NAME, "net.sf.jradius.client.auth.EAPTTLSAuthenticator");
        } catch (ClassNotFoundException e) {
            RadiusLog.warn("EAP-TLS and EAP-TTLS are only available with Java 1.5");
        }
        Security.addProvider(new GnuCrypto());
    }
}
