package defpackage;

import android.net.Uri;
import android.os.Build;
import android.text.TextUtils;
import com.fiberlink.maas360.android.control.ControlApplication;
import com.fiberlink.maas360.android.webservices.resources.v10.AbstractWebserviceResource;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.java.crypto.key.AES256KeyLoader;
import com.microsoft.identity.common.java.crypto.key.KeyUtil;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class g65 implements jl2 {
    private static final String j = "g65";

    /* renamed from: a, reason: collision with root package name */
    private final ym2 f5647a;

    /* renamed from: b, reason: collision with root package name */
    private final String f5648b;

    /* renamed from: c, reason: collision with root package name */
    private final String f5649c;
    private final String d;
    private final String e;
    private String f;
    private String g;
    private String h;
    private final qf2 i;

    public g65(ControlApplication controlApplication, String str, String str2, String str3) {
        this.i = controlApplication.M();
        this.f5647a = controlApplication.D().m();
        this.f5648b = str;
        this.f5649c = str2;
        this.d = str3;
        this.e = t() ? "PBKDF2WithHmacSHA256" : "PBKDF2WithHmacSHA1";
    }

    private String e(String str, String str2, String str3) {
        try {
            SecretKey n = n(str, str3);
            Mac mac = Mac.getInstance(KeyUtil.HMAC_ALGORITHM);
            mac.init(n);
            return new String(zy.r(mac.doFinal(str2.getBytes())));
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            ee3.i(j, e, "NoSuchAlgorithm or InvalidKey  for algorithm HmacSHA256");
            return null;
        }
    }

    private void f() {
        this.f5647a.e("AUTH_REQ_NONCE");
        this.f5647a.e("AUTH_REQ_IV");
    }

    private String g(String str) {
        return new String(Arrays.copyOfRange(str.getBytes(), 0, 16), StandardCharsets.UTF_8);
    }

    private String h() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return new String(bArr, StandardCharsets.UTF_8);
    }

    private Key i(KeySpec keySpec) {
        return new SecretKeySpec(SecretKeyFactory.getInstance(this.e).generateSecret(keySpec).getEncoded(), AES256KeyLoader.AES_ALGORITHM);
    }

    private KeySpec j(String str, String str2) {
        return new PBEKeySpec(str.toCharArray(), str2.getBytes(StandardCharsets.UTF_8), AuthenticationConstants.Broker.ACCOUNT_MANAGER_REMOVE_ACCOUNT_TIMEOUT_IN_MILLISECONDS, 256);
    }

    private String k(String str, String str2, String str3, String str4) {
        try {
            byte[] b2 = s72.b(str.toCharArray());
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            Key i = i(j(str2, str3));
            if (str4 == null || str4.isEmpty()) {
                cipher.init(2, i, new IvParameterSpec(new byte[16]));
            } else {
                cipher.init(2, i, new IvParameterSpec(str4.getBytes()));
            }
            return new String(cipher.doFinal(b2), StandardCharsets.UTF_8);
        } catch (Exception e) {
            ee3.i(j, e, "Error decrypting query Params");
            return null;
        }
    }

    private String l(String str, String str2) {
        Charset charset = StandardCharsets.UTF_8;
        return k(new String(zy.q(str.getBytes(charset)), charset), str2, this.f5647a.a("AUTH_REQ_NONCE"), this.f5647a.a("AUTH_REQ_IV"));
    }

    private byte[] m(String str, String str2, String str3, String str4) {
        try {
            byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(1, i(j(str2, str3)), new IvParameterSpec(str4.getBytes()));
            return cipher.doFinal(bytes);
        } catch (Exception e) {
            ee3.i(j, e, "Failed to encrypt params");
            return null;
        }
    }

    private SecretKey n(String str, String str2) {
        try {
            return SecretKeyFactory.getInstance(this.e).generateSecret(new PBEKeySpec(str.toCharArray(), str2.getBytes(StandardCharsets.UTF_8), AuthenticationConstants.Broker.ACCOUNT_MANAGER_REMOVE_ACCOUNT_TIMEOUT_IN_MILLISECONDS, 256));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            ee3.i(j, e, "Algorithm {} not found " + this.e);
            return null;
        }
    }

    private String o(String str, String str2, String str3) {
        String c2 = this.i.c();
        String a2 = this.f5647a.a("ZeroTouch.Initiation.EnrollmentID");
        Uri.Builder builder = new Uri.Builder();
        String a3 = this.f5647a.a("EmailAddress");
        this.h = a3;
        if (!TextUtils.isEmpty(a3)) {
            builder.appendQueryParameter("email", this.h);
        }
        builder.appendQueryParameter(yu4.RP_MDM_API_VERSION, this.f5648b);
        builder.appendQueryParameter("agentVersion", this.d);
        builder.appendQueryParameter(yu4.RP_WORKFLOW, "Enrollment");
        if (!TextUtils.isEmpty(c2)) {
            builder.appendQueryParameter("p", c2);
        }
        if (!TextUtils.isEmpty(a2)) {
            builder.appendQueryParameter("t", a2);
        }
        builder.appendQueryParameter("RP_IVID", str2);
        return new String(zy.r(m(builder.build().getQuery(), str3, str, "0000000000000000")), StandardCharsets.UTF_8);
    }

    private String p(String str, String str2, String str3, String str4) {
        Uri.Builder builder = new Uri.Builder();
        builder.appendQueryParameter(yu4.RP_CSN, this.f5647a.a("CSN"));
        builder.appendQueryParameter(yu4.RP_MDM_API_VERSION, this.f5648b);
        builder.appendQueryParameter(yu4.RP_AGENT_VER, this.d);
        builder.appendQueryParameter(yu4.RP_WORKFLOW, str3);
        if (!TextUtils.isEmpty(this.f)) {
            builder.appendQueryParameter(yu4.RP_USER_NAME, this.f);
        }
        if (!TextUtils.isEmpty(this.g)) {
            builder.appendQueryParameter(yu4.RP_USER_DOMAIN, this.g);
        }
        if (!TextUtils.isEmpty(this.h)) {
            builder.appendQueryParameter(yu4.RP_USER_EMAIL, this.h);
        }
        builder.appendQueryParameter("RP_IVID", str2);
        return new String(zy.r(m(builder.build().getQuery(), str4, str, "0000000000000000")), StandardCharsets.UTF_8);
    }

    private void s(String str) {
        String g = g(str);
        String h = h();
        this.f5647a.c("AUTH_REQ_IV", g);
        this.f5647a.c("AUTH_REQ_NONCE", h);
    }

    private boolean t() {
        return Build.VERSION.SDK_INT >= 26;
    }

    public static g65 u() {
        return new g65(ControlApplication.w(), x52.g(), AbstractWebserviceResource.APP_PLATFORM_ID, vp0.H());
    }

    @Override // defpackage.jl2
    public String a(String str, String str2) {
        String a2 = this.f5647a.a("AUTH_REQ_NONCE");
        if (TextUtils.isEmpty(a2)) {
            ee3.j(j, "Empty nonce");
            return null;
        }
        if (TextUtils.isEmpty(str)) {
            ee3.j(j, "Empty response");
            return null;
        }
        try {
            Uri parse = Uri.parse(str);
            String queryParameter = parse.getQueryParameter(yu4.UNIFIED_SIGN_IN_PAYLOAD);
            String queryParameter2 = parse.getQueryParameter("RP_HID");
            if (!TextUtils.isEmpty(queryParameter) && !TextUtils.isEmpty(queryParameter2)) {
                String e = e(str2, queryParameter, a2);
                if (e == null) {
                    ee3.j(j, "Error, Validation of received payload failed : Local null");
                    return null;
                }
                if (e.equals(queryParameter2)) {
                    String l = l(queryParameter, str2);
                    if (!TextUtils.isEmpty(l)) {
                        return l;
                    }
                    ee3.j(j, "Error, unable to calculate response payload");
                    return null;
                }
                ee3.j(j, "Error, Validation of received payload failed: Not matchinglocal: " + e + "response: " + queryParameter2);
                return null;
            }
            ee3.j(j, "Error, response payload or h_id is empty");
            return null;
        } catch (Exception e2) {
            ee3.i(j, e2, "Unable to validate Auth URL response");
            return null;
        } finally {
            f();
        }
    }

    @Override // defpackage.jl2
    public String b(String str) {
        s(str);
        return q(str);
    }

    @Override // defpackage.jl2
    public String c(String str, String str2) {
        String a2 = this.f5647a.a("AUTH_REQ_NONCE");
        if (TextUtils.isEmpty(a2)) {
            ee3.j(j, "Empty nonce");
            return null;
        }
        if (TextUtils.isEmpty(str)) {
            ee3.j(j, "Empty response");
            return null;
        }
        try {
            Uri parse = Uri.parse(str);
            String queryParameter = parse.getQueryParameter("RP_AUTH_PARAM");
            String queryParameter2 = parse.getQueryParameter("RP_HID");
            if (!TextUtils.isEmpty(queryParameter) && !TextUtils.isEmpty(queryParameter2)) {
                String e = e(str2, queryParameter, a2);
                if (e == null) {
                    ee3.j(j, "Error, Validation of received auth param failed : Local null");
                    return null;
                }
                if (e.equals(queryParameter2)) {
                    String l = l(queryParameter, str2);
                    if (!TextUtils.isEmpty(l)) {
                        return l.substring(l.indexOf("=") + 1);
                    }
                    ee3.j(j, "Error, unable to calculate response authParam");
                    return null;
                }
                ee3.j(j, "Error, Validation of received auth param failed: Not matchinglocal: " + e + "response: " + queryParameter2);
                return null;
            }
            ee3.j(j, "Error, response payload or h_id is empty");
            return null;
        } catch (Exception e2) {
            ee3.i(j, e2, "Unable to validate Auth URL response");
            return null;
        } finally {
            f();
        }
    }

    @Override // defpackage.jl2
    public String d(String str, String str2, String str3, String str4, String str5) {
        try {
            this.f = str3;
            this.h = str4;
            this.g = str5;
            s(str2);
            return r(str, str2);
        } catch (Exception e) {
            ee3.i(j, e, "Exception in getting request params");
            return "";
        }
    }

    public String q(String str) {
        String a2 = this.f5647a.a("AUTH_REQ_NONCE");
        String a3 = this.f5647a.a("AUTH_REQ_IV");
        if (TextUtils.isEmpty(a2) || TextUtils.isEmpty(a3)) {
            throw new IllegalStateException("Nonce or IV should be initialised");
        }
        Uri.Builder builder = new Uri.Builder();
        builder.appendQueryParameter(yu4.RP_BILLING_ID, nk1.r(this.f5647a.a("CorporateId")));
        builder.appendQueryParameter("RP_AUTH_PARAM", o(a2, a3, str));
        Charset charset = StandardCharsets.UTF_8;
        builder.appendQueryParameter("RP_NID", new String(zy.r(a2.getBytes(charset)), charset));
        builder.appendQueryParameter(yu4.RP_PLATFORM_ID, this.f5649c);
        if (!t()) {
            builder.appendQueryParameter("RP_LOW_OS_V", "true");
        }
        builder.appendQueryParameter("RP_HID", e(str, builder.build().getQuery(), a2));
        return builder.build().getEncodedQuery();
    }

    public String r(String str, String str2) {
        String a2 = this.f5647a.a("AUTH_REQ_NONCE");
        String a3 = this.f5647a.a("AUTH_REQ_IV");
        if (TextUtils.isEmpty(a2) || TextUtils.isEmpty(a3)) {
            throw new IllegalStateException("Nonce or IV should be initialised");
        }
        Uri.Builder builder = new Uri.Builder();
        builder.appendQueryParameter(yu4.RP_BILLING_ID, this.f5647a.a("BILLING_ID"));
        builder.appendQueryParameter("RP_AUTH_PARAM", p(a2, a3, str, str2));
        Charset charset = StandardCharsets.UTF_8;
        builder.appendQueryParameter("RP_NID", new String(zy.r(a2.getBytes(charset)), charset));
        builder.appendQueryParameter(yu4.RP_PLATFORM_ID, this.f5649c);
        if (!t()) {
            builder.appendQueryParameter("RP_LOW_OS_V", "true");
        }
        builder.appendQueryParameter("RP_HID", e(str2, builder.build().getQuery(), a2));
        return builder.build().getEncodedQuery();
    }
}
