package com.nike.corerf.bigfoot;

import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: classes10.dex */
public class Authentication {
    private static final String ALGORITHM = "AES";
    private static final int INITALIZATION_VECTOR_LENGTH = 4;
    private static final String MODE = "AES/ECB/NoPadding";
    public static final int NONCE_LENGTH = 16;
    public static final int TOKEN_LENGTH = 16;
    private DHParameterSpec currentSpec;
    byte[] generatedSecret;
    private boolean hasReceivedOtherPubKey;
    private final KeyAgreement keyAgreement;
    private final KeyFactory keyFactory;
    private final KeyPair keyPair;
    private final MessageDigest md5;
    private PublicKey other;
    private Key sharedKey;
    public static final DHParameterSpec MODP_GROUP1 = new DHParameterSpec(new BigInteger("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF", 16), BigInteger.valueOf(2));
    public static final DHParameterSpec MODP_GROUP2 = new DHParameterSpec(new BigInteger("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF", 16), BigInteger.valueOf(2));
    public static final DHParameterSpec MODP_GROUP5 = new DHParameterSpec(new BigInteger("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF", 16), BigInteger.valueOf(2));
    public static final DHParameterSpec MODP_GROUP14 = new DHParameterSpec(new BigInteger("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16), BigInteger.valueOf(2));
    public static final byte[] DEFAULT_KEY = {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1};

    public Authentication(DHParameterSpec dHParameterSpec) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH");
        KeyAgreement keyAgreement = KeyAgreement.getInstance("DH");
        this.keyAgreement = keyAgreement;
        this.keyFactory = KeyFactory.getInstance("DH");
        this.md5 = MessageDigest.getInstance(MessageDigestAlgorithms.MD5);
        this.currentSpec = dHParameterSpec;
        keyPairGenerator.initialize(dHParameterSpec);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        this.keyPair = generateKeyPair;
        keyAgreement.init(generateKeyPair.getPrivate());
    }

    static byte[] decrypt(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        if (bArr == null || bArr2 == null) {
            return null;
        }
        Cipher cipher = Cipher.getInstance(MODE);
        cipher.init(2, new SecretKeySpec(bArr2, ALGORITHM));
        return cipher.doFinal(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] encrypt(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        if (bArr == null || bArr2 == null) {
            return null;
        }
        Cipher cipher = Cipher.getInstance(MODE);
        cipher.init(1, new SecretKeySpec(bArr2, ALGORITHM));
        return cipher.doFinal(bArr);
    }

    public static byte[] generateChallengeFromNonce(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        int i;
        if (bArr == null || bArr.length != 16 || bArr2 == null || bArr2.length != 16) {
            throw new IllegalArgumentException("Nonce or authToken are not proper length");
        }
        byte[] bArr3 = new byte[16];
        Random random = new Random();
        int i2 = 0;
        while (true) {
            if (i2 >= 4) {
                break;
            }
            bArr3[i2] = (byte) random.nextInt();
            i2++;
        }
        for (i = 4; i < bArr.length; i++) {
            bArr3[i] = bArr[i];
        }
        return encrypt(bArr3, bArr2);
    }

    public static byte[] generateNonce() {
        byte[] bArr = new byte[16];
        new Random().nextBytes(bArr);
        return bArr;
    }

    public static DHParameterSpec getModPGroup(int i) {
        if (i == 0) {
            return MODP_GROUP1;
        }
        if (i == 1) {
            return MODP_GROUP2;
        }
        if (i == 2) {
            return MODP_GROUP5;
        }
        if (i != 3) {
            return null;
        }
        return MODP_GROUP14;
    }

    public static boolean isChallengeValidForNonceAndToken(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        if (bArr != null && bArr.length == 16 && bArr2 != null && bArr2.length == 16 && bArr3 != null && bArr3.length == 16) {
            try {
                byte[] decrypt = decrypt(bArr, bArr3);
                return Arrays.equals(Arrays.copyOfRange(decrypt, 4, decrypt.length), Arrays.copyOfRange(bArr2, 4, bArr2.length));
            } catch (GeneralSecurityException unused) {
            }
        }
        return false;
    }

    public byte[] getPublicKey() {
        byte[] byteArray = ((DHPublicKey) this.keyPair.getPublic()).getY().toByteArray();
        return byteArray[0] == 0 ? Arrays.copyOfRange(byteArray, 1, byteArray.length) : byteArray;
    }

    public byte[] getPublicKeyEncoded() {
        return this.keyPair.getPublic().getEncoded();
    }

    public byte[] getSharedSecret() throws InvalidKeyException {
        if (!this.hasReceivedOtherPubKey) {
            throw new InvalidKeyException();
        }
        this.sharedKey = this.keyAgreement.doPhase(this.other, true);
        byte[] generateSecret = this.keyAgreement.generateSecret();
        this.generatedSecret = generateSecret;
        this.md5.update(generateSecret);
        return this.md5.digest();
    }

    public void receiveOtherEncodedPublicKey(byte[] bArr) throws InvalidKeySpecException {
        this.other = this.keyFactory.generatePublic(new X509EncodedKeySpec(bArr));
        this.hasReceivedOtherPubKey = true;
    }

    public void receiveOtherPublicKey(byte[] bArr) throws InvalidKeySpecException {
        this.other = this.keyFactory.generatePublic(new DHPublicKeySpec(new BigInteger(1, bArr), this.currentSpec.getP(), this.currentSpec.getG()));
        this.hasReceivedOtherPubKey = true;
    }
}
