package com.entrust.identityGuard.mobilesc.sdk;

import android.util.Base64;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class EncryptedLaunchUrlParams extends LaunchUrlParams {

    /* renamed from: a, reason: collision with root package name */
    private String f1088a;
    private String b;

    private String a() {
        String str = "";
        try {
            str = "action=" + getAction() + "&";
            return str + "enc=" + URLEncoder.encode(getEncrypted(), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            String str2 = str;
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error encoding string to MAC.", e);
            return str2;
        }
    }

    private String a(byte[] bArr, String str) {
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(bArr, "HmacSHA256"));
            return new String(Base64.encode(Arrays.copyOfRange(mac.doFinal(str.getBytes("UTF-8")), 0, 12), 0));
        } catch (UnsupportedEncodingException e) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Unsupported encoding.", e);
            return null;
        } catch (InvalidKeyException e2) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Invalid HMAC key", e2);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Invalid algorithm", e3);
            return null;
        }
    }

    private JSONObject a(byte[] bArr) {
        JSONObject jSONObject;
        String str;
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, 16);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, 16, 48);
        byte[] copyOfRange3 = Arrays.copyOfRange(bArr, 48, 64);
        String a2 = a(copyOfRange2, a());
        if (a2 == null) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Failed to compute MAC based from encrypted URL.");
            return null;
        }
        String trim = a2.trim();
        trim.replaceAll("\\p{C}", "");
        if (!trim.equals(getMac())) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Computed MAC does not match the provided MAC.");
            return null;
        }
        try {
            try {
                byte[] decode = Base64.decode(getEncrypted().getBytes("UTF-8"), 0);
                str = new String(a(copyOfRange, copyOfRange3, Arrays.copyOfRange(decode, 8, decode.length)), "UTF-8");
                try {
                    SmartCredentialSDK.logInfo(SmartCredentialSDK.APP_NAME, "Decrypted Data = " + str);
                    jSONObject = new JSONObject(str);
                } catch (JSONException e) {
                    e = e;
                    SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error parsing JSON string:  " + str, e);
                    jSONObject = null;
                    return jSONObject;
                }
            } catch (JSONException e2) {
                e = e2;
                str = null;
            }
        } catch (UnsupportedEncodingException e3) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Unsupported encoding", e3);
            jSONObject = null;
        }
        return jSONObject;
    }

    private byte[] a(byte[] bArr, byte[] bArr2) {
        String str;
        try {
            str = new String(bArr, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Unsupported encoding for encoded data.", e);
            str = null;
        }
        if (str == null) {
            return null;
        }
        try {
            return new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(new PBEKeySpec(str.toCharArray(), bArr2, 1000, 512)).getEncoded(), "AES").getEncoded();
        } catch (NoSuchAlgorithmException e2) {
            com.entrust.identityGuard.mobilesc.sdk.crypto.common.e eVar = new com.entrust.identityGuard.mobilesc.sdk.crypto.common.e();
            eVar.a(new com.entrust.identityGuard.mobilesc.sdk.crypto.common.c());
            return eVar.a(bArr, bArr2, 1000, 64);
        } catch (InvalidKeySpecException e3) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Invalid key spec.", e3);
            return null;
        }
    }

    private byte[] a(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr3);
        } catch (InvalidAlgorithmParameterException e) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error initializing cipher.", e);
            return null;
        } catch (InvalidKeyException e2) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error initializing cipher.", e2);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Invalid cipher algorithm.", e3);
            return null;
        } catch (BadPaddingException e4) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error decrypting message.", e4);
            return null;
        } catch (IllegalBlockSizeException e5) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error decrypting message.", e5);
            return null;
        } catch (NoSuchPaddingException e6) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Invalid padding.", e6);
            return null;
        }
    }

    private byte[] c(String str) {
        try {
            return a(str.getBytes("UTF-8"), Arrays.copyOfRange(Base64.decode(getEncrypted().getBytes("UTF-8"), 0), 0, 8));
        } catch (UnsupportedEncodingException e) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Unsupported encoding for encoded data.", e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String str) {
        this.f1088a = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b(String str) {
        this.b = str;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public LaunchUrlParams decryptUsingPassword(String str) {
        UpdateLaunchUrlParams updateLaunchUrlParams = null;
        JSONObject a2 = a(c(str));
        if (a2 == null) {
            SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Provided password is incorrect or invalid or the link is corrupt.");
        } else {
            try {
                if (getAction().equalsIgnoreCase("otasecregister")) {
                    ActivationLaunchUrlParams activationLaunchUrlParams = new ActivationLaunchUrlParams();
                    activationLaunchUrlParams.f("otaregister");
                    activationLaunchUrlParams.e(getScheme());
                    activationLaunchUrlParams.c(a2.getString("name"));
                    activationLaunchUrlParams.a(a2.getString("regurl"));
                    activationLaunchUrlParams.d(a2.getString("regpwd"));
                    activationLaunchUrlParams.b(a2.getString("scid"));
                    updateLaunchUrlParams = activationLaunchUrlParams;
                } else {
                    UpdateLaunchUrlParams updateLaunchUrlParams2 = new UpdateLaunchUrlParams();
                    updateLaunchUrlParams2.f("otaupdate");
                    updateLaunchUrlParams2.e(getScheme());
                    updateLaunchUrlParams2.c(a2.getString("name"));
                    updateLaunchUrlParams2.a(a2.getString("regurl"));
                    updateLaunchUrlParams2.d(a2.getString("regpwd"));
                    updateLaunchUrlParams2.b(a2.getString("scid"));
                    updateLaunchUrlParams2.g(a2.getString("serialnum"));
                    updateLaunchUrlParams = updateLaunchUrlParams2;
                }
            } catch (JSONException e) {
                SmartCredentialSDK.logError(SmartCredentialSDK.APP_NAME, "Error decoding secure launch link", e);
            }
        }
        return updateLaunchUrlParams;
    }

    public String getEncrypted() {
        return this.f1088a;
    }

    public String getMac() {
        return this.b;
    }
}
