package eu.siacs.conversations.crypto.sasl;

import android.util.Base64;
import android.util.LruCache;
import eu.siacs.conversations.crypto.sasl.SaslMechanism;
import eu.siacs.conversations.entities.Account;
import eu.siacs.conversations.utils.CryptoHelper;
import eu.siacs.conversations.xml.TagWriter;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.SecureRandom;
import java.util.Iterator;
import org.bouncycastle.asn1.eac.EACTags;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.tls.CipherSuite;

/* loaded from: classes.dex */
public class ScramSha1 extends SaslMechanism {
    private static final String GS2_HEADER = "n,,";
    private String clientFirstMessageBare;
    private final String clientNonce;
    private byte[] serverSignature;
    private SaslMechanism.State state;
    private static final byte[] CLIENT_KEY_BYTES = "Client Key".getBytes();
    private static final byte[] SERVER_KEY_BYTES = "Server Key".getBytes();
    private static Digest DIGEST = new SHA1Digest();
    private static HMac HMAC = new HMac(new SHA1Digest());
    private static final LruCache<String, KeyPair> CACHE = new LruCache<String, KeyPair>(10) { // from class: eu.siacs.conversations.crypto.sasl.ScramSha1.1
        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.util.LruCache
        public KeyPair create(String str) {
            String[] split = str.split(",", 4);
            try {
                byte[] hi = ScramSha1.hi(CryptoHelper.hexToString(split[1]).getBytes(), Base64.decode(CryptoHelper.hexToString(split[2]), 0), Integer.valueOf(split[3]).intValue());
                return new KeyPair(ScramSha1.hmac(hi, ScramSha1.CLIENT_KEY_BYTES), ScramSha1.hmac(hi, ScramSha1.SERVER_KEY_BYTES));
            } catch (NumberFormatException | InvalidKeyException e) {
                return null;
            }
        }
    };

    /* loaded from: classes.dex */
    public static class KeyPair {
        public final byte[] clientKey;
        public final byte[] serverKey;

        public KeyPair(byte[] bArr, byte[] bArr2) {
            this.clientKey = bArr;
            this.serverKey = bArr2;
        }
    }

    public ScramSha1(TagWriter tagWriter, Account account, SecureRandom secureRandom) {
        super(tagWriter, account, secureRandom);
        this.serverSignature = null;
        this.state = SaslMechanism.State.INITIAL;
        this.clientNonce = new BigInteger(100, this.rng).toString(32);
        this.clientFirstMessageBare = "";
    }

    public static synchronized byte[] digest(byte[] bArr) {
        byte[] bArr2;
        synchronized (ScramSha1.class) {
            DIGEST.reset();
            DIGEST.update(bArr, 0, bArr.length);
            bArr2 = new byte[DIGEST.getDigestSize()];
            DIGEST.doFinal(bArr2, 0);
        }
        return bArr2;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static synchronized byte[] hi(byte[] bArr, byte[] bArr2, int i) throws InvalidKeyException {
        byte[] bArr3;
        synchronized (ScramSha1.class) {
            byte[] hmac = hmac(bArr, CryptoHelper.concatenateByteArrays(bArr2, CryptoHelper.ONE));
            bArr3 = (byte[]) hmac.clone();
            for (int i2 = 1; i2 < i; i2++) {
                hmac = hmac(bArr, hmac);
                for (int i3 = 0; i3 < hmac.length; i3++) {
                    bArr3[i3] = (byte) (bArr3[i3] ^ hmac[i3]);
                }
            }
        }
        return bArr3;
    }

    public static synchronized byte[] hmac(byte[] bArr, byte[] bArr2) throws InvalidKeyException {
        byte[] bArr3;
        synchronized (ScramSha1.class) {
            HMAC.init(new KeyParameter(bArr));
            HMAC.update(bArr2, 0, bArr2.length);
            bArr3 = new byte[HMAC.getMacSize()];
            HMAC.doFinal(bArr3, 0);
        }
        return bArr3;
    }

    @Override // eu.siacs.conversations.crypto.sasl.SaslMechanism
    public String getClientFirstMessage() {
        if (this.clientFirstMessageBare.isEmpty() && this.state == SaslMechanism.State.INITIAL) {
            this.clientFirstMessageBare = "n=" + CryptoHelper.saslEscape(CryptoHelper.saslPrep(this.account.getUsername())) + ",r=" + this.clientNonce;
            this.state = SaslMechanism.State.AUTH_TEXT_SENT;
        }
        return Base64.encodeToString((GS2_HEADER + this.clientFirstMessageBare).getBytes(Charset.defaultCharset()), 2);
    }

    @Override // eu.siacs.conversations.crypto.sasl.SaslMechanism
    public String getMechanism() {
        return "SCRAM-SHA-1";
    }

    @Override // eu.siacs.conversations.crypto.sasl.SaslMechanism
    public int getPriority() {
        return 20;
    }

    @Override // eu.siacs.conversations.crypto.sasl.SaslMechanism
    public String getResponse(String str) throws SaslMechanism.AuthenticationException {
        switch (this.state) {
            case AUTH_TEXT_SENT:
                if (str == null) {
                    throw new SaslMechanism.AuthenticationException("challenge can not be null");
                }
                byte[] decode = Base64.decode(str, 0);
                String str2 = "";
                int i = -1;
                String str3 = "";
                Iterator<String> it = new Tokenizer(decode).iterator();
                while (it.hasNext()) {
                    String next = it.next();
                    if (next.charAt(1) == '=') {
                        switch (next.charAt(0)) {
                            case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256 /* 105 */:
                                try {
                                    i = Integer.parseInt(next.substring(2));
                                    break;
                                } catch (NumberFormatException e) {
                                    throw new SaslMechanism.AuthenticationException(e);
                                }
                            case 'm':
                                throw new SaslMechanism.AuthenticationException("Server sent reserved token: `m'");
                            case 'r':
                                str2 = next.substring(2);
                                break;
                            case EACTags.DISCRETIONARY_DATA_OBJECTS /* 115 */:
                                str3 = next.substring(2);
                                break;
                        }
                    }
                }
                if (i < 0) {
                    throw new SaslMechanism.AuthenticationException("Server did not send iteration count");
                }
                if (str2.isEmpty() || !str2.startsWith(this.clientNonce)) {
                    throw new SaslMechanism.AuthenticationException("Server nonce does not contain client nonce: " + str2);
                }
                if (str3.isEmpty()) {
                    throw new SaslMechanism.AuthenticationException("Server sent empty salt");
                }
                String str4 = "c=" + Base64.encodeToString(GS2_HEADER.getBytes(), 2) + ",r=" + str2;
                byte[] bytes = (this.clientFirstMessageBare + ',' + new String(decode) + ',' + str4).getBytes();
                KeyPair keyPair = CACHE.get(CryptoHelper.bytesToHex(this.account.getJid().toBareJid().toString().getBytes()) + "," + CryptoHelper.bytesToHex(this.account.getPassword().getBytes()) + "," + CryptoHelper.bytesToHex(str3.getBytes()) + "," + String.valueOf(i));
                if (keyPair == null) {
                    throw new SaslMechanism.AuthenticationException("Invalid keys generated");
                }
                try {
                    this.serverSignature = hmac(keyPair.serverKey, bytes);
                    byte[] hmac = hmac(digest(keyPair.clientKey), bytes);
                    byte[] bArr = new byte[keyPair.clientKey.length];
                    for (int i2 = 0; i2 < bArr.length; i2++) {
                        bArr[i2] = (byte) (keyPair.clientKey[i2] ^ hmac[i2]);
                    }
                    String str5 = str4 + ",p=" + Base64.encodeToString(bArr, 2);
                    this.state = SaslMechanism.State.RESPONSE_SENT;
                    return Base64.encodeToString(str5.getBytes(), 2);
                } catch (InvalidKeyException e2) {
                    throw new SaslMechanism.AuthenticationException(e2);
                }
            case RESPONSE_SENT:
                try {
                    if (!("v=" + Base64.encodeToString(this.serverSignature, 2)).equals(new String(Base64.decode(str, 0)))) {
                        throw new Exception();
                    }
                    this.state = SaslMechanism.State.VALID_SERVER_RESPONSE;
                    return "";
                } catch (Exception e3) {
                    throw new SaslMechanism.AuthenticationException("Server final message does not match calculated final message");
                }
            default:
                throw new SaslMechanism.InvalidStateException(this.state);
        }
    }
}
