package org.jivesoftware.smack.sasl.core;

import java.security.InvalidKeyException;
import java.security.SecureRandom;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
import org.jivesoftware.smack.SmackException;
import org.jivesoftware.smack.sasl.SASLMechanism;
import org.jivesoftware.smack.util.ByteUtils;
import org.jivesoftware.smack.util.MAC;
import org.jivesoftware.smack.util.SHA1;
import org.jivesoftware.smack.util.stringencoder.Base64;
import org.jxmpp.util.cache.LruCache;
import org.jxmpp.util.cache.a;

/* loaded from: classes2.dex */
public class SCRAMSHA1Mechanism extends SASLMechanism {
    private static final String DEFAULT_GS2_HEADER = "n,,";
    public static final String NAME = "SCRAM-SHA-1";
    private static final int RANDOM_ASCII_BYTE_COUNT = 32;
    private String clientFirstMessageBare;
    private String clientRandomAscii;
    private byte[] serverSignature;
    private State state = State.INITIAL;
    private static final byte[] CLIENT_KEY_BYTES = toBytes("Client Key");
    private static final byte[] SERVER_KEY_BYTES = toBytes("Server Key");
    private static final byte[] ONE = {0, 0, 0, 1};
    private static final SecureRandom RANDOM = new SecureRandom();
    private static final a<String, Keys> CACHE = new LruCache(10);

    /* loaded from: classes2.dex */
    private static class Keys {
        private final byte[] clientKey;
        private final byte[] serverKey;

        public Keys(byte[] bArr, byte[] bArr2) {
            this.clientKey = bArr;
            this.serverKey = bArr2;
        }
    }

    /* loaded from: classes2.dex */
    private enum State {
        INITIAL,
        AUTH_TEXT_SENT,
        RESPONSE_SENT,
        VALID_SERVER_RESPONSE
    }

    private static String escape(String str) {
        StringBuilder sb = new StringBuilder((int) (str.length() * 1.1d));
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case ',':
                    sb.append("=2C");
                    break;
                case '=':
                    sb.append("=3D");
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        return sb.toString();
    }

    private static byte[] hi(String str, byte[] bArr, int i) throws SmackException {
        byte[] bytes = str.getBytes();
        byte[] hmac = hmac(bytes, ByteUtils.concact(bArr, ONE));
        byte[] bArr2 = (byte[]) hmac.clone();
        byte[] bArr3 = hmac;
        int i2 = 1;
        while (i2 < i) {
            byte[] hmac2 = hmac(bytes, bArr3);
            for (int i3 = 0; i3 < hmac2.length; i3++) {
                bArr2[i3] = (byte) (bArr2[i3] ^ hmac2[i3]);
            }
            i2++;
            bArr3 = hmac2;
        }
        return bArr2;
    }

    private static byte[] hmac(byte[] bArr, byte[] bArr2) throws SmackException {
        try {
            return MAC.hmacsha1(bArr, bArr2);
        } catch (InvalidKeyException e) {
            throw new SmackException("SCRAM-SHA-1 HMAC-SHA1 Exception", e);
        }
    }

    private static boolean isPrintableNonCommaAsciiChar(char c) {
        return c != ',' && c >= ' ' && c < 127;
    }

    private static Map<Character, String> parseAttributes(String str) throws SmackException {
        if (str.length() == 0) {
            return Collections.emptyMap();
        }
        String[] split = str.split(",");
        HashMap hashMap = new HashMap(split.length, 1.0f);
        for (String str2 : split) {
            if (str2.length() < 3) {
                throw new SmackException("Invalid Key-Value pair: " + str2);
            }
            char charAt = str2.charAt(0);
            if (str2.charAt(1) != '=') {
                throw new SmackException("Invalid Key-Value pair: " + str2);
            }
            hashMap.put(Character.valueOf(charAt), str2.substring(2));
        }
        return hashMap;
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanism
    protected void authenticateInternal(CallbackHandler callbackHandler) throws SmackException {
        throw new UnsupportedOperationException("CallbackHandler not (yet) supported");
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanism
    public void checkIfSuccessfulOrThrow() throws SmackException {
        if (this.state != State.VALID_SERVER_RESPONSE) {
            throw new SmackException("SCRAM-SHA1 is missing valid server response");
        }
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanism
    protected byte[] evaluateChallenge(byte[] bArr) throws SmackException {
        byte[] bArr2;
        byte[] bArr3;
        String str = new String(bArr);
        switch (this.state) {
            case AUTH_TEXT_SENT:
                Map<Character, String> parseAttributes = parseAttributes(str);
                String str2 = parseAttributes.get('r');
                if (str2 == null) {
                    throw new SmackException("Server random ASCII is null");
                }
                if (str2.length() <= this.clientRandomAscii.length()) {
                    throw new SmackException("Server random ASCII is shorter then client random ASCII");
                }
                if (!str2.substring(0, this.clientRandomAscii.length()).equals(this.clientRandomAscii)) {
                    throw new SmackException("Received client random ASCII does not match client random ASCII");
                }
                String str3 = parseAttributes.get('i');
                if (str3 == null) {
                    throw new SmackException("Iterations attribute not set");
                }
                try {
                    int parseInt = Integer.parseInt(str3);
                    String str4 = parseAttributes.get('s');
                    if (str4 == null) {
                        throw new SmackException("SALT not send");
                    }
                    String str5 = "c=" + Base64.encode(DEFAULT_GS2_HEADER) + ",r=" + str2;
                    byte[] bytes = toBytes(this.clientFirstMessageBare + ',' + str + ',' + str5);
                    String str6 = this.password + ',' + str4;
                    Keys keys = CACHE.get(str6);
                    if (keys == null) {
                        byte[] hi = hi(saslPrep(this.password), Base64.decode(str4), parseInt);
                        bArr2 = hmac(hi, SERVER_KEY_BYTES);
                        bArr3 = hmac(hi, CLIENT_KEY_BYTES);
                        CACHE.put(str6, new Keys(bArr3, bArr2));
                    } else {
                        bArr2 = keys.serverKey;
                        bArr3 = keys.clientKey;
                    }
                    this.serverSignature = hmac(bArr2, bytes);
                    byte[] hmac = hmac(SHA1.bytes(bArr3), bytes);
                    byte[] bArr4 = new byte[bArr3.length];
                    for (int i = 0; i < bArr4.length; i++) {
                        bArr4[i] = (byte) (bArr3[i] ^ hmac[i]);
                    }
                    String str7 = str5 + ",p=" + Base64.encodeToString(bArr4);
                    this.state = State.RESPONSE_SENT;
                    return toBytes(str7);
                } catch (NumberFormatException e) {
                    throw new SmackException("Exception parsing iterations", e);
                }
            case RESPONSE_SENT:
                if (!("v=" + Base64.encodeToString(this.serverSignature)).equals(str)) {
                    throw new SmackException("Server final message does not match calculated one");
                }
                this.state = State.VALID_SERVER_RESPONSE;
                return null;
            default:
                throw new SmackException("Invalid state");
        }
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanism
    protected byte[] getAuthenticationText() throws SmackException {
        this.clientRandomAscii = getRandomAscii();
        this.clientFirstMessageBare = "n=" + escape(saslPrep(this.authenticationId)) + ",r=" + this.clientRandomAscii;
        String str = DEFAULT_GS2_HEADER + this.clientFirstMessageBare;
        this.state = State.AUTH_TEXT_SENT;
        return toBytes(str);
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanism
    public String getName() {
        return NAME;
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanism
    public int getPriority() {
        return 110;
    }

    String getRandomAscii() {
        int i = 0;
        char[] cArr = new char[32];
        while (i < 32) {
            char nextInt = (char) RANDOM.nextInt(128);
            if (isPrintableNonCommaAsciiChar(nextInt)) {
                cArr[i] = nextInt;
                i++;
            }
        }
        return new String(cArr);
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanism
    public SCRAMSHA1Mechanism newInstance() {
        return new SCRAMSHA1Mechanism();
    }
}
