package com.aylanetworks.aylasdk.lan;

import android.text.TextUtils;
import android.util.Base64;
import com.aylanetworks.aylasdk.AylaDevice;
import com.aylanetworks.aylasdk.error.AuthError;
import com.aylanetworks.aylasdk.error.AylaError;
import com.aylanetworks.aylasdk.error.InvalidArgumentError;
import com.aylanetworks.aylasdk.util.DateUtils;
import io.fabric.sdk.android.services.network.HttpRequest;
import java.io.UnsupportedEncodingException;
import java.lang.ref.WeakReference;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class AylaEncryption {
    protected static String TYPE_SETUP_RSA = "wifi_setup_rsa";
    private static int __sequenceNumber = 0;
    private static int nextSessionID = 1;
    private WeakReference<AylaDevice> _device;
    private String sLanKey;
    protected String sRnd_1;
    protected String sRnd_2;
    protected int version;
    protected int proto_1 = -1;
    protected int key_id_1 = -1;
    protected Number nTime_1 = -1;
    protected Number nTime_2 = -1L;
    protected String sTime_1 = null;
    protected String sTime_2 = null;
    private String createdAt = null;
    private int sessionId = -1;
    private byte[] bLanKey = null;
    private byte[] lastByte = new byte[1];
    private byte[] appSignKey = null;
    private byte[] appCryptoKey = null;
    private byte[] appIvSeed = null;
    protected byte[] devSignKey = null;
    private byte[] devCryptoKey = null;
    private byte[] devIvSeed = null;
    private Cipher eCipher = null;
    private Cipher dCipher = null;
    private Key eSkey = null;
    private Key dSkey = null;

    /* JADX INFO: Access modifiers changed from: protected */
    public AylaEncryption(AylaDevice aylaDevice) {
        this._device = new WeakReference<>(aylaDevice);
    }

    protected static byte[] concat(byte[]... bArr) {
        int i = 0;
        for (byte[] bArr2 : bArr) {
            i += bArr2.length;
        }
        byte[] bArr3 = new byte[i];
        int i2 = 0;
        for (byte[] bArr4 : bArr) {
            System.arraycopy(bArr4, 0, bArr3, i2, bArr4.length);
            i2 += bArr4.length;
        }
        return bArr3;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static byte[] decodeBase64(String str) {
        return Base64.decode(str, 2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static byte[] hmacForKeyAndData(byte[] bArr, byte[] bArr2) {
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            try {
                mac.init(new SecretKeySpec(bArr, "HmacSHA256"));
                return mac.doFinal(bArr2);
            } catch (InvalidKeyException e) {
                e.printStackTrace();
                return null;
            }
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String randomToken(int i) {
        String str = "";
        for (int i2 = 0; i2 < i; i2++) {
            double random = Math.random();
            double d = 62;
            Double.isNaN(d);
            str = str + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".charAt((int) (random * d));
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String encryptEncapsulateSign(String str) {
        StringBuilder sb = new StringBuilder();
        sb.append("");
        sb.append("{\"seq_no\":");
        int i = __sequenceNumber;
        __sequenceNumber = i + 1;
        sb.append(i);
        String str2 = sb.toString() + ",\"data\":";
        if (str != null) {
            str2 = str2 + str;
        }
        String str3 = str2 + "}";
        try {
            byte[] bytes = str3.getBytes(HttpRequest.CHARSET_UTF8);
            String str4 = ("\"sign\":\"" + Base64.encodeToString(hmacForKeyAndData(this.appSignKey, bytes), 2) + "\"") + "}";
            int length = str3.length() + 1;
            int i2 = length % 16;
            if (i2 > 0) {
                i2 = 16 - i2;
            }
            return String.format("%s%s%s", "{\"enc\":\"", Base64.encodeToString(this.eCipher.update(Arrays.copyOfRange(bytes, 0, length + i2)), 2) + "\",", str4);
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AylaError generateSessionKeys(String str, byte[] bArr) {
        this.createdAt = DateUtils.getISO8601DateFormat().format(new Date());
        int i = nextSessionID;
        nextSessionID = i + 1;
        this.sessionId = i;
        AylaDevice aylaDevice = this._device.get();
        if (aylaDevice == null) {
            return new AylaError(AylaError.ErrorType.InvalidArgument, "No device associated with encryption");
        }
        try {
            byte[] bytes = this.sRnd_1.getBytes(HttpRequest.CHARSET_UTF8);
            byte[] bytes2 = this.sRnd_2.getBytes(HttpRequest.CHARSET_UTF8);
            if (str != null) {
                if (!TextUtils.equals(str, TYPE_SETUP_RSA)) {
                    return new InvalidArgumentError("Unsupported sessionType " + str);
                }
                this.bLanKey = bArr;
            } else {
                if (aylaDevice.getLanConfig() == null || aylaDevice.getLanConfig().lanipKey == null) {
                    return new InvalidArgumentError("No LAN config found on device");
                }
                this.sLanKey = aylaDevice.getLanConfig().lanipKey;
                this.bLanKey = this.sLanKey.getBytes(HttpRequest.CHARSET_UTF8);
            }
            this.sTime_1 = this.nTime_1.toString();
            this.sTime_2 = this.nTime_2.toString();
            try {
                byte[] bytes3 = this.sTime_1.getBytes(HttpRequest.CHARSET_UTF8);
                byte[] bytes4 = this.sTime_2.getBytes(HttpRequest.CHARSET_UTF8);
                byte[] bArr2 = this.lastByte;
                bArr2[0] = 48;
                byte[] concat = concat(bytes, bytes2, bytes3, bytes4, bArr2);
                byte[] bArr3 = this.bLanKey;
                this.appSignKey = hmacForKeyAndData(bArr3, concat(hmacForKeyAndData(bArr3, concat), concat));
                byte[] bArr4 = this.lastByte;
                bArr4[0] = 49;
                byte[] concat2 = concat(bytes, bytes2, bytes3, bytes4, bArr4);
                byte[] bArr5 = this.bLanKey;
                this.appCryptoKey = hmacForKeyAndData(bArr5, concat(hmacForKeyAndData(bArr5, concat2), concat2));
                byte[] bArr6 = this.lastByte;
                bArr6[0] = 50;
                byte[] concat3 = concat(bytes, bytes2, bytes3, bytes4, bArr6);
                byte[] bArr7 = this.bLanKey;
                byte[] hmacForKeyAndData = hmacForKeyAndData(bArr7, concat(hmacForKeyAndData(bArr7, concat3), concat3));
                if (hmacForKeyAndData == null) {
                    return new AuthError("Failed to generate app seed", null);
                }
                this.appIvSeed = Arrays.copyOfRange(hmacForKeyAndData, 0, 16);
                byte[] bArr8 = this.lastByte;
                bArr8[0] = 48;
                byte[] concat4 = concat(bytes2, bytes, bytes4, bytes3, bArr8);
                byte[] bArr9 = this.bLanKey;
                this.devSignKey = hmacForKeyAndData(bArr9, concat(hmacForKeyAndData(bArr9, concat4), concat4));
                byte[] bArr10 = this.lastByte;
                bArr10[0] = 49;
                byte[] concat5 = concat(bytes2, bytes, bytes4, bytes3, bArr10);
                byte[] bArr11 = this.bLanKey;
                this.devCryptoKey = hmacForKeyAndData(bArr11, concat(hmacForKeyAndData(bArr11, concat5), concat5));
                byte[] bArr12 = this.lastByte;
                bArr12[0] = 50;
                byte[] concat6 = concat(bytes2, bytes, bytes4, bytes3, bArr12);
                byte[] bArr13 = this.bLanKey;
                byte[] hmacForKeyAndData2 = hmacForKeyAndData(bArr13, concat(hmacForKeyAndData(bArr13, concat6), concat6));
                if (hmacForKeyAndData2 == null) {
                    return new AuthError("Failed to generate device seed", null);
                }
                this.devIvSeed = Arrays.copyOfRange(hmacForKeyAndData2, 0, 16);
                try {
                    this.eCipher = Cipher.getInstance("AES/CBC/NoPadding");
                    this.eSkey = new SecretKeySpec(this.appCryptoKey, "AES");
                    this.eCipher.init(1, this.eSkey, new IvParameterSpec(this.appIvSeed));
                    this.dCipher = Cipher.getInstance("AES/CBC/NoPadding");
                    this.dSkey = new SecretKeySpec(this.devCryptoKey, "AES");
                    this.dCipher.init(2, this.dSkey, new IvParameterSpec(this.devIvSeed));
                    return null;
                } catch (InvalidAlgorithmParameterException e) {
                    return new AuthError("Invalid algorithm parameter while initializing ciphers", e);
                } catch (InvalidKeyException e2) {
                    return new AuthError("Invalid key", e2);
                } catch (NoSuchAlgorithmException e3) {
                    return new AuthError("No such algorithm", e3);
                } catch (NoSuchPaddingException e4) {
                    return new AuthError("Padding error while initializing ciphers", e4);
                }
            } catch (UnsupportedEncodingException e5) {
                return new InvalidArgumentError("Unsupported string encoding", e5);
            }
        } catch (UnsupportedEncodingException e6) {
            return new InvalidArgumentError("Unsupported string encoding", e6);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String unencodeDecrypt(String str) throws UnsupportedEncodingException {
        if (str == null) {
            return null;
        }
        byte[] update = this.dCipher.update(Base64.decode(str, 2));
        int length = update.length;
        do {
            length--;
            if (update[length] != 0) {
                break;
            }
        } while (length >= 0);
        int i = length + 1;
        return new String(Arrays.copyOfRange(update, 0, i), 0, i, HttpRequest.CHARSET_UTF8);
    }
}
