package com.immediasemi.blink.utils.onboarding;

import com.immediasemi.blink.api.retrofit.SyncModuleService;
import com.immediasemi.blink.utils.SMEncryptionData;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import okhttp3.Interceptor;
import okhttp3.MediaType;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import okio.Buffer;
import okio.BufferedSource;
import timber.log.Timber;

/* loaded from: classes2.dex */
public class EncryptionInterceptor implements Interceptor {
    private static final String ALGORITHM = "AES";
    private static final String CIPHER_ALGORITHM_PADDING = "AES/CBC/PKCS5Padding";
    private static final String HTTP_POST = "POST";
    public static final String TAG = "EncryptionInterceptor";
    private final int BLOCK_LENGTH = 16;

    private byte[] calculateHmac(byte[] bArr, byte[] bArr2) {
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(bArr2, "HmacSHA256"));
            return mac.doFinal(bArr);
        } catch (Exception unused) {
            return new byte[0];
        }
    }

    private byte[] concatenateTwoByteArrays(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return bArr3;
    }

    private static String decrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, ALGORITHM);
        Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM_PADDING);
        cipher.init(2, secretKeySpec, ivParameterSpec);
        String str = new String(cipher.doFinal(bArr3), "UTF-8");
        for (int length = str.length() - 1; length > 0; length--) {
            if (str.charAt(length) == '}') {
                return str.substring(0, length + 1);
            }
        }
        return str;
    }

    private static byte[] encrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, ALGORITHM);
        Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM_PADDING);
        cipher.init(1, secretKeySpec, ivParameterSpec);
        return cipher.doFinal(bArr3);
    }

    private static boolean isSecureRequest(String str) {
        return (str.contains(SyncModuleService.KEY) || str.contains(SyncModuleService.GET_FW_VERSION) || str.contains(SyncModuleService.VERSION)) ? false : true;
    }

    private boolean verifyHmac(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        try {
            return Arrays.equals(calculateHmac(bArr, bArr2), bArr3);
        } catch (Exception unused) {
            return false;
        }
    }

    @Override // okhttp3.Interceptor
    public Response intercept(Interceptor.Chain chain) throws IOException {
        Response proceed;
        String decrypt;
        byte[] bArr;
        byte[] bArr2;
        byte[] encrypt;
        Request request = chain.request();
        if (SMEncryptionData.getInstance().encryptData && request.method().equals("POST") && isSecureRequest(request.url().toString())) {
            byte[] bArr3 = new byte[16];
            new SecureRandom().nextBytes(bArr3);
            RequestBody body = request.body();
            Buffer buffer = new Buffer();
            body.writeTo(buffer);
            try {
                encrypt = encrypt(bArr3, SMEncryptionData.getInstance().aesKey, buffer.readUtf8().getBytes());
                bArr = new byte[encrypt.length + 16];
            } catch (Exception e) {
                e = e;
                bArr = null;
            }
            try {
                bArr = concatenateTwoByteArrays(bArr3, encrypt);
                bArr2 = concatenateTwoByteArrays(bArr, calculateHmac(bArr, SMEncryptionData.getInstance().hmacKey));
            } catch (Exception e2) {
                e = e2;
                Timber.e(e);
                bArr2 = bArr;
                request = request.newBuilder().header("Content-Length", String.valueOf(bArr2.length)).method(request.method(), RequestBody.create((MediaType) null, bArr2)).build();
                proceed = chain.proceed(request);
                return !SMEncryptionData.getInstance().decryptData ? proceed : proceed;
            }
            request = request.newBuilder().header("Content-Length", String.valueOf(bArr2.length)).method(request.method(), RequestBody.create((MediaType) null, bArr2)).build();
        }
        proceed = chain.proceed(request);
        if (!SMEncryptionData.getInstance().decryptData && isSecureRequest(request.url().toString())) {
            ResponseBody body2 = proceed.body();
            Objects.requireNonNull(body2);
            BufferedSource source = body2.source();
            source.request(Long.MAX_VALUE);
            byte[] readByteArray = source.buffer().readByteArray();
            if (readByteArray.length == 0) {
                return proceed;
            }
            byte[] bArr4 = SMEncryptionData.getInstance().aesKey;
            byte[] copyOfRange = Arrays.copyOfRange(readByteArray, 0, 16);
            byte[] copyOfRange2 = Arrays.copyOfRange(readByteArray, 16, readByteArray.length - 32);
            byte[] copyOfRange3 = Arrays.copyOfRange(readByteArray, 0, readByteArray.length - 32);
            if (verifyHmac(copyOfRange3, SMEncryptionData.getInstance().hmacKey, Arrays.copyOfRange(readByteArray, copyOfRange3.length, readByteArray.length))) {
                try {
                    decrypt = decrypt(bArr4, copyOfRange, copyOfRange2);
                } catch (Exception e3) {
                    Timber.e(e3);
                }
                return proceed.newBuilder().body(ResponseBody.create(proceed.body().contentType(), decrypt)).build();
            }
            Timber.e("Hmac verification failed", new Object[0]);
            decrypt = "";
            return proceed.newBuilder().body(ResponseBody.create(proceed.body().contentType(), decrypt)).build();
        }
    }
}
