package org.jivesoftware.smack.sasl;

import com.google.android.exoplayer2.C;
import java.io.UnsupportedEncodingException;
import java.util.Arrays;
import java.util.UUID;
import javax.crypto.Mac;
import org.apache.harmony.javax.security.auth.callback.CallbackHandler;
import org.jivesoftware.smack.XMPPException;
import org.jivesoftware.smack.sasl.SASLMechanismType;
import org.jivesoftware.smack.util.Base64;
import org.jivesoftware.smack.util.StringPrep;

/* loaded from: classes2.dex */
public class SASLScramSHA1Mechanism extends SASLMechanismType {
    private CallbackHandler callbackHandler;
    private String clientFirstMessageBare;
    private String clientNonce;
    private final String gs2_header;
    private byte[] serverSignature;

    /* loaded from: classes2.dex */
    public static class Factory extends SASLMechanismType.Factory {
        public Factory() {
            super("SCRAM-SHA-1");
        }

        @Override // org.jivesoftware.smack.sasl.SASLMechanismType.Factory
        public SASLMechanismType create() {
            return new SASLScramSHA1Mechanism();
        }
    }

    /* loaded from: classes2.dex */
    public static class Tokenizer {
        public int index = 0;
        public String originalString;
        public String[] parts;

        public Tokenizer(String str) {
            this.originalString = str;
            this.parts = str.split(",");
        }

        public String getNext() throws XMPPException {
            int i = this.index;
            String[] strArr = this.parts;
            if (i < strArr.length) {
                this.index = i + 1;
                return strArr[i];
            }
            throw new XMPPException("Unexpected end of challenge string: " + this.originalString);
        }
    }

    public SASLScramSHA1Mechanism() {
        super("SCRAM-SHA-1");
        this.gs2_header = "n,,";
    }

    private static String byteToStringAscii(byte[] bArr) {
        try {
            return new String(bArr, "ASCII");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private static byte[] calculateSaltedPassword(byte[] bArr, byte[] bArr2, int i) throws XMPPException {
        Mac createMac = SASLHelpers.createMac(bArr);
        createMac.update(bArr2);
        createMac.update("\u0000\u0000\u0000\u0001".getBytes());
        byte[] doFinal = createMac.doFinal();
        byte[] bArr3 = null;
        for (int i2 = 1; i2 < i; i2++) {
            if (bArr3 == null) {
                bArr3 = doFinal;
            }
            createMac.update(bArr3);
            bArr3 = createMac.doFinal();
            doFinal = xorBytes(doFinal, bArr3);
        }
        return doFinal;
    }

    private static byte[] stringToBytesUTF8(String str) {
        try {
            return str.getBytes(C.UTF8_NAME);
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private static byte[] xorBytes(byte[] bArr, byte[] bArr2) {
        if (bArr.length == bArr2.length) {
            byte[] bArr3 = new byte[bArr.length];
            for (int i = 0; i < bArr.length; i++) {
                bArr3[i] = (byte) (bArr[i] ^ bArr2[i]);
            }
            return bArr3;
        }
        throw new RuntimeException("Mismatched buffer sizes: " + bArr.length + ", " + bArr2.length);
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanismType
    public byte[] authenticate(String str, String str2, CallbackHandler callbackHandler) throws XMPPException {
        this.callbackHandler = callbackHandler;
        this.clientNonce = UUID.randomUUID().toString();
        try {
            this.clientFirstMessageBare = "n=" + StringPrep.prepAsQueryString(str).replace("=", "=3D").replace(",", "=2C") + ",r=" + this.clientNonce;
            return stringToBytesUTF8("n,," + this.clientFirstMessageBare);
        } catch (StringPrep.StringPrepError e) {
            throw new XMPPException("Invalid username", e);
        }
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanismType
    public byte[] challengeReceived(byte[] bArr) throws XMPPException {
        String byteToStringAscii = byteToStringAscii(bArr);
        Tokenizer tokenizer = new Tokenizer(byteToStringAscii);
        String next = tokenizer.getNext();
        String next2 = tokenizer.getNext();
        String next3 = tokenizer.getNext();
        if (next.startsWith("m")) {
            throw new XMPPException("Unexpected SCRAM extension: " + byteToStringAscii);
        }
        if (!next.startsWith("r=")) {
            throw new XMPPException("Unexpected SCRAM string: " + byteToStringAscii);
        }
        String substring = next.substring(2);
        if (!substring.startsWith(this.clientNonce)) {
            throw new XMPPException("Server nonce didn't begin with client nonce: " + byteToStringAscii);
        }
        if (!next2.startsWith("s=")) {
            throw new XMPPException("Unexpected SCRAM string: " + byteToStringAscii);
        }
        byte[] decodeBase64 = SASLHelpers.decodeBase64(next2.substring(2));
        if (!next3.startsWith("i=")) {
            throw new XMPPException("Unexpected SCRAM string: " + byteToStringAscii);
        }
        try {
            int parseInt = Integer.parseInt(next3.substring(2));
            if (parseInt > 65536) {
                throw new XMPPException("Unreasonably large SCRAM iteration count received");
            }
            try {
                String prepAsStoredString = StringPrep.prepAsStoredString(SASLHelpers.requestPassword(this.callbackHandler));
                String str = "c=" + Base64.encodeBytes("n,,".getBytes()) + ",r=" + substring;
                byte[] calculateSaltedPassword = calculateSaltedPassword(stringToBytesUTF8(prepAsStoredString), decodeBase64, parseInt);
                byte[] computeHMACSHA1 = SASLHelpers.computeHMACSHA1(calculateSaltedPassword, "Client Key".getBytes());
                byte[] computeSHA1 = SASLHelpers.computeSHA1(computeHMACSHA1);
                String str2 = this.clientFirstMessageBare + "," + byteToStringAscii + "," + str;
                byte[] xorBytes = xorBytes(computeHMACSHA1, SASLHelpers.computeHMACSHA1(computeSHA1, str2.getBytes()));
                this.serverSignature = SASLHelpers.computeHMACSHA1(SASLHelpers.computeHMACSHA1(calculateSaltedPassword, "Server Key".getBytes()), str2.getBytes());
                return (str + ",p=" + Base64.encodeBytes(xorBytes)).getBytes();
            } catch (StringPrep.StringPrepError e) {
                throw new XMPPException("Invalid password", e);
            }
        } catch (NumberFormatException unused) {
            throw new XMPPException("Couldn't parse iteration count in challenge: " + byteToStringAscii);
        }
    }

    @Override // org.jivesoftware.smack.sasl.SASLMechanismType
    public void successReceived(byte[] bArr) throws XMPPException {
        String byteToStringAscii = byteToStringAscii(bArr);
        String next = new Tokenizer(byteToStringAscii).getNext();
        if (!next.startsWith("v=")) {
            throw new XMPPException("Unexpected SCRAM response: " + byteToStringAscii);
        }
        if (Arrays.equals(this.serverSignature, SASLHelpers.decodeBase64(next.substring(2)))) {
            return;
        }
        throw new XMPPException("Received invalid SCRAM server verifier: " + byteToStringAscii);
    }
}
