package com.sec.enterprise.knox.cloudmdm.smdms.server.gslb;

import android.util.Base64;
import com.sec.enterprise.knox.cloudmdm.smdms.utilities.Log;
import com.sec.enterprise.knox.express.ExpressApp;
import java.nio.ByteBuffer;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.util.Collections;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.UUID;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class SecureDataGenerator {
    public static final String ELM_SERVICE_NAME = "ELM";
    public static final String GSLB_SERVICE_NAME = "GSLB";
    public static final String KNOX_SERVICE_NAME = "KNOX";
    private static String NAME_TAG = SecureDataGenerator.class.getSimpleName();
    private static final int NUMCIPHERS = 4;
    private static final int NUMDATAFORMATS = 4;
    public static final String SEG_SERVICE_NAME = "SEGD-API";
    private static final Map<Byte, String> cipherSuites;

    static {
        HashMap hashMap = new HashMap();
        hashMap.put((byte) 0, "AES/CBC/PKCS5Padding");
        hashMap.put((byte) 1, "AES/ECB/PKCS5Padding");
        hashMap.put((byte) 2, "DESede/CBC/PKCS5Padding");
        hashMap.put((byte) 3, "DESede/ECB/PKCS5Padding");
        cipherSuites = Collections.unmodifiableMap(hashMap);
    }

    private String compriseSignatureData(String str, byte b, long j) {
        if (str == null || str.length() < 24) {
            return null;
        }
        return String.format(Locale.US, "%s%02d%s%s", str.substring(0, 5), Byte.valueOf(b), xor(Long.valueOf(j)), str.substring(5));
    }

    private byte getCiphersuite(String str, String str2) {
        if (str == null) {
            ELMLog.d("getCiphersuite : serviceName is null");
            return (byte) -1;
        }
        if (getDataFormatID(str) == -1) {
            ELMLog.d("getCiphersuite : dataFormatId is null");
            return (byte) -1;
        }
        if (str2 == null) {
            ELMLog.d("getCiphersuite : deviceId is null");
            return (byte) -1;
        }
        byte hashCode = (byte) ((str2.hashCode() + str.hashCode()) % 4);
        return hashCode < 0 ? (byte) (hashCode * (-1)) : hashCode;
    }

    private byte getDataFormatID(String str) {
        DeviceInfoCollector deviceInfoCollector = new DeviceInfoCollector(ExpressApp.getInstance());
        byte b = -1;
        if (str == null) {
            ELMLog.d("getDataFormatID : serviceName is null");
            return (byte) -1;
        }
        String imei = deviceInfoCollector.getIMEI();
        if (str.equals("ELM")) {
            b = imei != null ? (byte) 0 : (byte) 1;
        } else if (str.equals(KNOX_SERVICE_NAME) || str.equals(GSLB_SERVICE_NAME) || str.equals(SEG_SERVICE_NAME)) {
            b = imei != null ? (byte) 2 : (byte) 3;
        }
        return b;
    }

    private String getDeviceID(byte b) {
        DeviceInfoCollector deviceInfoCollector = new DeviceInfoCollector(ExpressApp.getInstance());
        switch (b) {
            case 0:
            case 2:
                return deviceInfoCollector.getIMEI();
            case 1:
            case 3:
                return deviceInfoCollector.getMAC();
            default:
                return null;
        }
    }

    private String getDeviceID(String str, String str2) {
        String str3 = null;
        if (str == null || str2 == null) {
            ELMLog.d("getDeviceID : serviceName or baseData is null");
            return null;
        }
        try {
            if (str.equalsIgnoreCase(GSLB_SERVICE_NAME)) {
                str3 = new JSONObject(str2).getString("deviceid");
            } else if (str.equalsIgnoreCase(KNOX_SERVICE_NAME)) {
                str3 = new JSONObject(str2).getString("deviceid");
            } else if (str.equalsIgnoreCase(SEG_SERVICE_NAME)) {
                str3 = new JSONObject(str2).getString("deviceid");
            }
        } catch (Exception e) {
            Log.e(NAME_TAG, "getDeviceID exception: " + Log.getStackTraceString(e));
        }
        return str3;
    }

    private String getEnc1Data(byte[] bArr, String str, byte[] bArr2) {
        SecretKeySpec secretKeySpec;
        IvParameterSpec ivParameterSpec;
        if (!cipherSuites.containsValue(str)) {
            return null;
        }
        if (bArr == null || bArr2 == null) {
            ELMLog.d("getEnc1Data : data or F2Value is null");
            return null;
        }
        if (str.startsWith("AES")) {
            secretKeySpec = new SecretKeySpec(ByteBuffer.allocate(16).put(bArr2, 5, 16).array(), "AES");
            ivParameterSpec = new IvParameterSpec(ByteBuffer.allocate(16).put(bArr2, 0, 16).array());
        } else {
            secretKeySpec = new SecretKeySpec(ByteBuffer.allocate(24).put(bArr2, 0, 24).array(), "DESede");
            ivParameterSpec = new IvParameterSpec(ByteBuffer.allocate(8).put(bArr2, 0, 8).array());
        }
        try {
            Cipher cipher = Cipher.getInstance(str);
            if (str.contains("CBC")) {
                cipher.init(1, secretKeySpec, ivParameterSpec);
            } else {
                cipher.init(1, secretKeySpec);
            }
            return new String(Base64.encode(cipher.doFinal(bArr), 2));
        } catch (Exception e) {
            Log.e(NAME_TAG, "getEnc1Data exception: " + Log.getStackTraceString(e));
            return null;
        }
    }

    private String getEnc2Data(KeyInfo keyInfo, PublicKey publicKey) {
        byte[] bytes = UUID.randomUUID().toString().substring(0, 16).getBytes();
        if (publicKey == null || keyInfo == null) {
            return null;
        }
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bytes, "AES");
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(1, secretKeySpec);
            String packKeyInfo = packKeyInfo(keyInfo);
            if (packKeyInfo == null) {
                return null;
            }
            byte[] doFinal = cipher.doFinal(packKeyInfo.getBytes());
            Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher2.init(1, publicKey);
            byte[] doFinal2 = cipher2.doFinal(bytes);
            ByteBuffer allocate = ByteBuffer.allocate(doFinal.length + doFinal2.length + 4);
            allocate.putInt(doFinal2.length).put(doFinal2).put(doFinal);
            return new String(Base64.encode(allocate.array(), 2));
        } catch (Exception e) {
            Log.e(NAME_TAG, "getEnc2Data exception: " + Log.getStackTraceString(e));
            return null;
        }
    }

    private byte[] getF2(byte b, String str, String str2, long j) {
        if (str2 == null || b > 3 || str == null || j < 0) {
            return null;
        }
        return md5bytes(b, str.getBytes(), str2.getBytes(), null, j);
    }

    private byte[] getF2(byte b, String str, String str2, String str3, long j) {
        if (str2 == null || b > 3 || str == null || str3 == null || j < 0) {
            return null;
        }
        return md5bytes(b, str.getBytes(), str2.getBytes(), str3.getBytes(), j);
    }

    private String makeBody(JSONObject jSONObject, String str) {
        if (jSONObject == null || str == null) {
            ELMLog.d("makeBody : origData or signatureData is null");
            return null;
        }
        JSONObject jSONObject2 = new JSONObject();
        try {
            jSONObject2.put("data", jSONObject);
            jSONObject2.put("signature", str);
            return jSONObject2.toString();
        } catch (JSONException e) {
            Log.e(NAME_TAG, "makeBody exception: " + Log.getStackTraceString(e));
            return null;
        }
    }

    private String makeHTTPEncData(String str, String str2) {
        if (str == null || str2 == null) {
            return null;
        }
        return String.format("%s%s%s%s", UUID.randomUUID().toString().substring(0, 5), Long.toHexString(((r1.length() + str.length()) + 4) ^ 18968), str, str2);
    }

    private KeyInfo makeKeyInfo(byte b, String str, long j, String str2) {
        KeyInfo keyInfo = new KeyInfo();
        keyInfo.setDataFormatId(b);
        keyInfo.setIMEIorMAC(str);
        keyInfo.setPackageName(str2);
        keyInfo.setTimestamp(j);
        return keyInfo;
    }

    private byte[] md5bytes(byte b, byte[] bArr, byte[] bArr2, byte[] bArr3, long j) {
        if (bArr == null || bArr2 == null) {
            return null;
        }
        int length = bArr.length + bArr2.length + 9;
        if (bArr3 != null) {
            length += bArr3.length;
        }
        ByteBuffer allocate = ByteBuffer.allocate(length);
        allocate.put(b);
        allocate.put(bArr);
        allocate.put(bArr2);
        if (bArr3 != null) {
            allocate.put(bArr3);
        }
        allocate.putLong(j);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256);
            messageDigest.update(allocate.array());
            return messageDigest.digest();
        } catch (NoSuchAlgorithmException e) {
            Log.e(NAME_TAG, "md5bytes exception: " + Log.getStackTraceString(e));
            return null;
        }
    }

    private String packKeyInfo(KeyInfo keyInfo) {
        if (keyInfo.getDataFormatId() < 0 || keyInfo.getDataFormatId() >= 4) {
            return null;
        }
        if (keyInfo.getDataFormatId() >= 2 || keyInfo.getPackageName() != null) {
            return keyInfo.getDataFormatId() < 2 ? String.format("%02d,%s,%s,%d", Byte.valueOf(keyInfo.getDataFormatId()), keyInfo.getPackageName(), keyInfo.getIMEIorMAC(), Long.valueOf(keyInfo.getTimestamp())) : String.format("%02d,%s,%d", Byte.valueOf(keyInfo.getDataFormatId()), keyInfo.getIMEIorMAC(), Long.valueOf(keyInfo.getTimestamp()));
        }
        return null;
    }

    private String xor(Long l) {
        return Long.toHexString(l.longValue() ^ (-292997680073989574L));
    }

    public String getHTTPEncryptedData(JSONObject jSONObject, String str, String str2) {
        String str3 = null;
        if (jSONObject == null || str == null) {
            return null;
        }
        long currentTimeMillis = System.currentTimeMillis();
        String signatureData = getSignatureData(jSONObject.toString(), str, str2, currentTimeMillis);
        if (signatureData == null) {
            ELMLog.d("getHTTPEncryptedData : signatureData is null");
            return null;
        }
        String makeBody = makeBody(jSONObject, signatureData);
        if (makeBody == null) {
            ELMLog.d("getHTTPEncryptedData : bodyData is null");
            return null;
        }
        byte dataFormatID = getDataFormatID(str);
        if (dataFormatID == -1) {
            return null;
        }
        if (str.equalsIgnoreCase("ELM")) {
            str3 = getDeviceID(dataFormatID);
        } else if (str.equalsIgnoreCase(GSLB_SERVICE_NAME) || str.equalsIgnoreCase(KNOX_SERVICE_NAME) || str.equalsIgnoreCase(SEG_SERVICE_NAME)) {
            str3 = getDeviceID(str, jSONObject.toString());
        }
        if (str3 == null) {
            ELMLog.d("getHTTPEncryptedData : deviceId is null");
            return null;
        }
        byte[] f2 = str2 != null ? getF2(dataFormatID, str3, str, str2, currentTimeMillis) : getF2(dataFormatID, str3, str, currentTimeMillis);
        if (f2 == null) {
            ELMLog.d("getHTTPEncryptedData : F2Value is null");
            return null;
        }
        byte ciphersuite = getCiphersuite(str, str3);
        if (ciphersuite < 0 || ciphersuite >= 4) {
            ELMLog.d("getHTTPEncryptedData : ciphersuite(" + ((int) ciphersuite) + ") is invalid.");
            return null;
        }
        String enc1Data = getEnc1Data(makeBody.getBytes(), cipherSuites.get(Byte.valueOf(ciphersuite)), f2);
        if (enc1Data == null) {
            ELMLog.d("getHTTPEncryptedData : enc1Data is null");
            return null;
        }
        KeyInfo makeKeyInfo = makeKeyInfo(dataFormatID, str3, currentTimeMillis, str2);
        if (makeKeyInfo == null) {
            ELMLog.d("getHTTPEncryptedData : keyInfo is null");
            return null;
        }
        PublicKey elmKeyDecryptPubllicKey = ELMCertificateUtil.getELMCertificateUtil(ExpressApp.getInstance()).getElmKeyDecryptPubllicKey();
        if (elmKeyDecryptPubllicKey == null) {
            ELMLog.d("getHTTPEncryptedData : publicKey is null");
            return null;
        }
        String enc2Data = getEnc2Data(makeKeyInfo, elmKeyDecryptPubllicKey);
        if (enc2Data != null) {
            return makeHTTPEncData(enc1Data, enc2Data);
        }
        ELMLog.d("getHTTPEncryptedData : enc2Data is null");
        return null;
    }

    public String getSignatureData(String str, String str2, String str3, long j) {
        String str4 = null;
        if (str == null || str2 == null) {
            return null;
        }
        byte dataFormatID = getDataFormatID(str2);
        Log.d("SecureDataGenerator", "dataformatid: " + ((int) dataFormatID));
        if (dataFormatID == -1) {
            ELMLog.d("getSignatureData : dataFormatId is null");
            return null;
        }
        if (str2.equalsIgnoreCase("ELM")) {
            str4 = getDeviceID(dataFormatID);
        } else if (str2.equalsIgnoreCase(GSLB_SERVICE_NAME) || str2.equalsIgnoreCase(KNOX_SERVICE_NAME) || str2.equalsIgnoreCase(SEG_SERVICE_NAME)) {
            str4 = getDeviceID(str2, str);
        }
        Log.s("SecureDataGenerator", "deviceId:" + str4);
        if (str4 == null) {
            ELMLog.d("getSignatureData : deviceId is null");
            return null;
        }
        long currentTimeMillis = j == 0 ? System.currentTimeMillis() : j;
        byte[] f2 = str3 != null ? getF2(dataFormatID, str4, str2, str3, currentTimeMillis) : getF2(dataFormatID, str4, str2, currentTimeMillis);
        if (f2 == null) {
            ELMLog.d("getSignatureData : F2Value is null");
            return null;
        }
        byte ciphersuite = getCiphersuite(str2, str4);
        if (ciphersuite < 0 || ciphersuite >= 4) {
            return null;
        }
        String str5 = cipherSuites.get(Byte.valueOf(ciphersuite));
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256);
            messageDigest.update(str.getBytes());
            String enc1Data = getEnc1Data(messageDigest.digest(), str5, f2);
            if (enc1Data != null) {
                return compriseSignatureData(enc1Data, dataFormatID, currentTimeMillis);
            }
            ELMLog.d("getSignatureData : enc1Data is null");
            return null;
        } catch (NoSuchAlgorithmException e) {
            Log.e(NAME_TAG, "getSignatureData exception: " + Log.getStackTraceString(e));
            return null;
        }
    }
}
