package com.universaldevices.security.upnp;

import com.universaldevices.common.util.Base64;
import com.universaldevices.device.model.ProductInfo;
import com.universaldevices.resources.errormessages.Errors;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPublicKeySpec;
import javax.crypto.Cipher;

/* loaded from: input_file:com/universaldevices/security/upnp/UPnPSecurity.class */
public class UPnPSecurity {
    public static final short NO_SIGNATURE = 0;
    public static final short SIGN_WITH_PUBLIC_KEY = 1;
    public static final short SIGN_WITH_HMAC_KEY = 2;
    private long sequenceNumber;
    private MessageDigest md;
    public static final String BULK_CIPHER_NAME = "AES";
    public static final String BLOCK_CIPHER_MODE = "CFB";
    public static final String BLOCK_CIPHER_PADDING = "NoPadding";
    public static final String BULK_CIPHER_PARAMETERS = "AES/CFB/NoPadding";
    public static final int BULK_CIPHER_LENGTH = 128;
    public static final String RSA_CIPHER_PARAMETERS = "RSA/ECB/OAEPWithSHA1AndMGF1Padding";
    public static final String DEFAULT_DEVICE_BULK_ALGORITHM = "AES-128-CFB";
    public static final String DEFAULT_DEVICE_HMAC_ALGORITHM_JAVA = "HmacSHA1";
    public static final String DEFAULT_DIGEST_ALGORITHM_JAVA = "SHA-1";
    public static final String DEFAULT_DEVICE_HMAC_ALGORITHM = "SHA1-HMAC";
    public static final String DEFAULT_PUBLIC_KEY_SIGNATURE_METHOD = "SHA1withRSA";
    public static final short NO_SECURITY = 0;
    public static final short SECURITY_LEVEL_1 = 1;
    public static final short SECURITY_LEVEL_2 = 2;
    public static final short SECURITY_LEVEL_3 = 3;
    public static final long START_SEQUENCE_NUMBER = 30;
    public UPnPBulkCipher encryptionToDevice = null;
    public UPnPBulkCipher encryptionFromDevice = null;
    public UPnPHMAC signatureToDevice = null;
    public UPnPHMAC signatureFromDevice = null;
    public String controlURL = null;
    public String lifetimeSequenceBase = null;
    public KeyPair rsaKeyPair = null;
    public PublicKey devRSAPubKey = null;
    public String devSessionId = null;
    public boolean isExpired = true;

    public UPnPSecurity() {
        this.sequenceNumber = 0L;
        this.md = null;
        try {
            this.md = MessageDigest.getInstance(DEFAULT_DIGEST_ALGORITHM_JAVA);
            this.sequenceNumber = 30L;
        } catch (Exception e) {
            Errors.showError(ProductInfo.PID_ISY_26, null);
        }
    }

    public boolean createSecuritySession(short s) {
        try {
            if (this.lifetimeSequenceBase == null || this.controlURL == null) {
                return false;
            }
            if (s == 3 && (this.devRSAPubKey == null || !initRSA())) {
                return false;
            }
            if (s >= 2) {
                this.encryptionFromDevice = new UPnPBulkCipher();
                this.encryptionToDevice = new UPnPBulkCipher();
                this.signatureToDevice = new UPnPHMAC();
                this.signatureFromDevice = new UPnPHMAC();
            }
            this.isExpired = false;
            return true;
        } catch (Exception e) {
            Errors.showError(1011, null);
            return false;
        }
    }

    public boolean refresh() {
        this.encryptionFromDevice.refresh();
        this.encryptionToDevice.refresh();
        this.signatureToDevice.refresh();
        this.signatureFromDevice.refresh();
        return initRSA();
    }

    private boolean initRSA() {
        try {
            this.rsaKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
            return true;
        } catch (Exception e) {
            Errors.showError(1012, null);
            return false;
        }
    }

    public boolean setDevicePublicKey(String str, String str2) {
        try {
            BigInteger bigInteger = new BigInteger(Base64.decode(str2));
            this.devRSAPubKey = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(Base64.decode(str)), bigInteger));
            return true;
        } catch (Exception e) {
            Errors.showError(1013, null);
            return false;
        }
    }

    public void setFreshness(String str, String str2) {
        this.lifetimeSequenceBase = str;
        this.controlURL = str2;
    }

    public void updateSession(String str, String str2) {
        this.lifetimeSequenceBase = str;
        this.devSessionId = str2;
    }

    public StringBuffer getSecuritySessionBody(short s) {
        byte[] keyAndIV;
        try {
            UPnPBulkCipher uPnPBulkCipher = new UPnPBulkCipher();
            if (s == 3) {
                Cipher cipher = Cipher.getInstance(RSA_CIPHER_PARAMETERS);
                cipher.init(1, this.devRSAPubKey);
                keyAndIV = cipher.doFinal(uPnPBulkCipher.getKeyAndIV());
            } else {
                keyAndIV = s == 2 ? uPnPBulkCipher.getKeyAndIV() : "None".getBytes();
            }
            StringBuffer stringBuffer = new StringBuffer("<EncipheredBulkKey>");
            stringBuffer.append(Base64.encodeBytes(keyAndIV));
            stringBuffer.append("</EncipheredBulkKey><BulkAlgorithm>");
            stringBuffer.append(DEFAULT_DEVICE_BULK_ALGORITHM);
            stringBuffer.append("</BulkAlgorithm><CipherText>");
            if (s >= 2) {
                StringBuffer stringBuffer2 = new StringBuffer("<SessionKeys><Confidentiality><Algorithm>");
                stringBuffer2.append(DEFAULT_DEVICE_BULK_ALGORITHM);
                stringBuffer2.append("</Algorithm>");
                stringBuffer2.append("<KeyToDevice>");
                stringBuffer2.append(Base64.encodeBytes(this.encryptionToDevice.symKey));
                stringBuffer2.append("</KeyToDevice><KeyFromDevice>");
                stringBuffer2.append(Base64.encodeBytes(this.encryptionFromDevice.symKey));
                stringBuffer2.append("</KeyFromDevice></Confidentiality><Signing><Algorithm>");
                stringBuffer2.append(DEFAULT_DEVICE_HMAC_ALGORITHM);
                stringBuffer2.append("</Algorithm><KeyToDevice>");
                stringBuffer2.append(Base64.encodeBytes(this.signatureToDevice.key));
                stringBuffer2.append("</KeyToDevice><KeyFromDevice>");
                stringBuffer2.append(Base64.encodeBytes(this.signatureFromDevice.key));
                stringBuffer2.append("</KeyFromDevice></Signing></SessionKeys>");
                stringBuffer.append(Base64.encodeBytes(uPnPBulkCipher.encrypt(stringBuffer2.toString().getBytes(), true)));
            } else {
                stringBuffer.append("None".getBytes());
            }
            stringBuffer.append("</CipherText><CPKeyID>1</CPKeyID>");
            return stringBuffer;
        } catch (Exception e) {
            Errors.showError(1014, null);
            return null;
        }
    }

    public synchronized StringBuffer sign(StringBuffer stringBuffer, boolean z, short s) {
        StringBuffer stringBuffer2 = new StringBuffer("<Freshness>");
        String str = z ? "LifetimeSequenceBase" : "SequenceBase";
        stringBuffer2.append('<');
        stringBuffer2.append(str);
        stringBuffer2.append('>');
        stringBuffer2.append(this.lifetimeSequenceBase);
        stringBuffer2.append("</");
        stringBuffer2.append(str);
        stringBuffer2.append('>');
        stringBuffer2.append("<SequenceNumber>");
        long j = this.sequenceNumber + 1;
        this.sequenceNumber = j;
        stringBuffer2.append(j);
        stringBuffer2.append("</SequenceNumber>");
        stringBuffer2.append("<controlURL>");
        stringBuffer2.append(this.controlURL);
        stringBuffer2.append("</controlURL></Freshness>");
        StringBuffer stringBuffer3 = new StringBuffer("<s:Header><us:SecurityInfo>");
        stringBuffer3.append(stringBuffer2);
        stringBuffer3.append("<ds:Signature>");
        StringBuffer stringBuffer4 = new StringBuffer("<ds:SignedInfo><ds:Reference URI=\"#Body\">");
        stringBuffer4.append("<ds:DigestValue>");
        stringBuffer4.append(Base64.encodeBytes(this.md.digest(stringBuffer.toString().getBytes())));
        stringBuffer4.append("</ds:DigestValue></ds:Reference><ds:Reference URI=\"#Freshness\"><ds:DigestValue>");
        stringBuffer4.append(Base64.encodeBytes(this.md.digest(stringBuffer2.toString().getBytes())));
        stringBuffer4.append("</ds:DigestValue></ds:Reference></ds:SignedInfo>");
        stringBuffer3.append(stringBuffer4);
        stringBuffer3.append("<ds:SignatureValue>");
        stringBuffer3.append(Base64.encodeBytes(getSignature(stringBuffer4, z, s)));
        stringBuffer3.append("</ds:SignatureValue><ds:KeyInfo>");
        if (z) {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) this.rsaKeyPair.getPublic();
            stringBuffer3.append("<KeyValue><RSAKeyValue><Modulus>");
            stringBuffer3.append(Base64.encodeBytes(rSAPublicKey.getModulus().toByteArray()));
            stringBuffer3.append("</Modulus><Exponent>");
            stringBuffer3.append(Base64.encodeBytes(rSAPublicKey.getPublicExponent().toByteArray()));
            stringBuffer3.append("</Exponent></RSAKeyValue></KeyValue>");
        } else {
            stringBuffer3.append("<KeyName>" + this.devSessionId + "</KeyName>");
        }
        stringBuffer3.append("</ds:KeyInfo></ds:Signature></us:SecurityInfo></s:Header>");
        return stringBuffer3;
    }

    private byte[] getSignature(StringBuffer stringBuffer, boolean z, short s) {
        if (!z) {
            return s == 1 ? "unsigned".getBytes() : this.signatureToDevice.sign(stringBuffer.toString().getBytes());
        }
        try {
            Signature signature = Signature.getInstance(DEFAULT_PUBLIC_KEY_SIGNATURE_METHOD);
            signature.initSign(this.rsaKeyPair.getPrivate());
            signature.update(stringBuffer.toString().getBytes());
            return signature.sign();
        } catch (Exception e) {
            Errors.showError(1015, null);
            return null;
        }
    }

    public boolean expire() {
        this.encryptionToDevice = null;
        this.encryptionFromDevice = null;
        this.signatureToDevice = null;
        this.signatureFromDevice = null;
        this.lifetimeSequenceBase = null;
        this.rsaKeyPair = null;
        this.devRSAPubKey = null;
        this.devSessionId = null;
        this.sequenceNumber = 30L;
        this.isExpired = true;
        return true;
    }

    public StringBuffer encrypt(StringBuffer stringBuffer) {
        StringBuffer stringBuffer2 = new StringBuffer("<DeviceKeyID>");
        stringBuffer2.append(this.devSessionId);
        stringBuffer2.append("</DeviceKeyID><Request>");
        stringBuffer2.append(Base64.encodeBytes(this.encryptionToDevice.encrypt(stringBuffer.toString().getBytes(), false)));
        stringBuffer2.append("</Request><InIV>");
        stringBuffer2.append(Base64.encodeBytes(this.encryptionToDevice.symIV));
        stringBuffer2.append("</InIV>");
        return stringBuffer2;
    }

    public byte[] decrypt(String str, byte[] bArr) {
        try {
            return Base64.decode(new String(this.encryptionFromDevice.decrypt(str.getBytes(), bArr)));
        } catch (Exception e) {
            Errors.showError(1016, null);
            return null;
        }
    }
}
