package com.entrust.identityGuard.mobilesc.sdk;

import android.util.Base64;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class EncryptedLaunchUrlParams extends LaunchUrlParams {
    private String a;
    private String b;

    private String a() {
        String str;
        UnsupportedEncodingException e;
        try {
            str = "action=" + getAction() + "&";
        } catch (UnsupportedEncodingException e2) {
            str = "";
            e = e2;
        }
        try {
            return str + "enc=" + URLEncoder.encode(getEncrypted(), "UTF-8");
        } catch (UnsupportedEncodingException e3) {
            e = e3;
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error encoding string to MAC.", e);
            return str;
        }
    }

    private String a(byte[] bArr, String str) {
        String str2;
        String str3;
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(bArr, "HmacSHA256"));
            return new String(Base64.encode(Arrays.copyOfRange(mac.doFinal(str.getBytes("UTF-8")), 0, 12), 0));
        } catch (UnsupportedEncodingException e) {
            e = e;
            str2 = SmartCredentialSDK.APP_NAME;
            str3 = "Unsupported encoding.";
            SmartCredentialSDK.logError(str2, str3, e);
            return null;
        } catch (InvalidKeyException e2) {
            e = e2;
            str2 = SmartCredentialSDK.APP_NAME;
            str3 = "Invalid HMAC key";
            SmartCredentialSDK.logError(str2, str3, e);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            str2 = SmartCredentialSDK.APP_NAME;
            str3 = "Invalid algorithm";
            SmartCredentialSDK.logError(str2, str3, e);
            return null;
        }
    }

    private JSONObject a(byte[] bArr) {
        String str;
        String str2;
        String str3;
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, 16);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, 16, 48);
        byte[] copyOfRange3 = Arrays.copyOfRange(bArr, 48, 64);
        String a = a(copyOfRange2, a());
        if (a == null) {
            str2 = SmartCredentialSDK.APP_NAME;
            str3 = "Failed to compute MAC based from encrypted URL.";
        } else {
            String trim = a.trim();
            trim.replaceAll("\\p{C}", "");
            if (trim.equals(getMac())) {
                try {
                    try {
                        byte[] decode = Base64.decode(getEncrypted().getBytes("UTF-8"), 0);
                        str = new String(a(copyOfRange, copyOfRange3, Arrays.copyOfRange(decode, 8, decode.length)), "UTF-8");
                        try {
                            SmartCredentialSDK.logInfo(SmartCredentialSDK.APP_NAME, "Decrypted Data = " + str);
                            return new JSONObject(str);
                        } catch (JSONException e) {
                            e = e;
                            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error parsing JSON string:  " + str, e);
                            return null;
                        }
                    } catch (UnsupportedEncodingException e2) {
                        SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Unsupported encoding", e2);
                        return null;
                    }
                } catch (JSONException e3) {
                    e = e3;
                    str = null;
                }
            } else {
                str2 = SmartCredentialSDK.APP_NAME;
                str3 = "Computed MAC does not match the provided MAC.";
            }
        }
        SmartCredentialSDK.logError(str2, str3);
        return null;
    }

    private byte[] a(byte[] bArr, byte[] bArr2) {
        String str;
        try {
            str = new String(bArr, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Unsupported encoding for encoded data.", e);
            str = null;
        }
        if (str == null) {
            return null;
        }
        try {
            return new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(new PBEKeySpec(str.toCharArray(), bArr2, 1000, 512)).getEncoded(), "AES").getEncoded();
        } catch (NoSuchAlgorithmException unused) {
            com.entrust.identityGuard.mobilesc.sdk.crypto.common.e eVar = new com.entrust.identityGuard.mobilesc.sdk.crypto.common.e();
            eVar.a(new com.entrust.identityGuard.mobilesc.sdk.crypto.common.c());
            return eVar.a(bArr, bArr2, 1000, 64);
        } catch (InvalidKeySpecException e2) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Invalid key spec.", e2);
            return null;
        }
    }

    private byte[] a(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        String str;
        String str2;
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr3);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException e) {
            e = e;
            str = SmartCredentialSDK.APP_NAME;
            str2 = "Error initializing cipher.";
            SmartCredentialSDK.logError(str, str2, e);
            return null;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = SmartCredentialSDK.APP_NAME;
            str2 = "Invalid cipher algorithm.";
            SmartCredentialSDK.logError(str, str2, e);
            return null;
        } catch (BadPaddingException | IllegalBlockSizeException e3) {
            e = e3;
            str = SmartCredentialSDK.APP_NAME;
            str2 = "Error decrypting message.";
            SmartCredentialSDK.logError(str, str2, e);
            return null;
        } catch (NoSuchPaddingException e4) {
            e = e4;
            str = SmartCredentialSDK.APP_NAME;
            str2 = "Invalid padding.";
            SmartCredentialSDK.logError(str, str2, e);
            return null;
        }
    }

    private byte[] c(String str) {
        try {
            return a(str.getBytes("UTF-8"), Arrays.copyOfRange(Base64.decode(getEncrypted().getBytes("UTF-8"), 0), 0, 8));
        } catch (UnsupportedEncodingException e) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Unsupported encoding for encoded data.", e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String str) {
        this.a = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b(String str) {
        this.b = str;
    }

    public LaunchUrlParams decryptUsingPassword(String str) {
        JSONObject a = a(c(str));
        if (a == null) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Provided password is incorrect or invalid or the link is corrupt.");
            return null;
        }
        try {
            if (getAction().equalsIgnoreCase("otasecregister")) {
                ActivationLaunchUrlParams activationLaunchUrlParams = new ActivationLaunchUrlParams();
                activationLaunchUrlParams.f("otaregister");
                activationLaunchUrlParams.e(getScheme());
                activationLaunchUrlParams.c(a.getString("name"));
                activationLaunchUrlParams.a(a.getString("regurl"));
                activationLaunchUrlParams.d(a.getString("regpwd"));
                activationLaunchUrlParams.b(a.getString("scid"));
                return activationLaunchUrlParams;
            }
            UpdateLaunchUrlParams updateLaunchUrlParams = new UpdateLaunchUrlParams();
            updateLaunchUrlParams.f("otaupdate");
            updateLaunchUrlParams.e(getScheme());
            updateLaunchUrlParams.c(a.getString("name"));
            updateLaunchUrlParams.a(a.getString("regurl"));
            updateLaunchUrlParams.d(a.getString("regpwd"));
            updateLaunchUrlParams.b(a.getString("scid"));
            updateLaunchUrlParams.g(a.getString("serialnum"));
            return updateLaunchUrlParams;
        } catch (JSONException e) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error decoding secure launch link", e);
            return null;
        }
    }

    public String getEncrypted() {
        return this.a;
    }

    public String getMac() {
        return this.b;
    }
}
