package com.givemefive.ble.xiaomi;

import android.os.Build;
import android.util.Log;
import com.givemefive.ble.device.BaseSupportDevice;
import com.givemefive.ble.util.GB;
import com.givemefive.mi8wf.util.BaseUtil;
import com.google.protobuf.ByteString;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import nodomain.freeyourgadget.gadgetbridge.proto.xiaomi.XiaomiProto;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.shaded.crypto.CryptoException;
import org.bouncycastle.shaded.crypto.engines.AESEngine;
import org.bouncycastle.shaded.crypto.modes.CCMBlockCipher;
import org.bouncycastle.shaded.crypto.params.AEADParameters;
import org.bouncycastle.shaded.crypto.params.KeyParameter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class XiaomiAuthService extends AbstractXiaomiService {
    public static final int CMD_AUTH = 27;
    public static final int CMD_NONCE = 26;
    public static final int CMD_SEND_USERID = 5;
    public static final int COMMAND_TYPE = 1;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) XiaomiAuthService.class);
    public static final byte[] PAYLOAD_HEADER_AUTH = {0, 0, 2, 2};
    private String akey;
    protected final byte[] decryptionKey;
    protected final byte[] decryptionNonce;
    private boolean encryptionInitialized;
    protected final byte[] encryptionKey;
    protected final byte[] encryptionNonce;
    protected final byte[] nonce;
    protected final byte[] secretKey;

    public XiaomiAuthService(XiaomiSupport xiaomiSupport) {
        super(xiaomiSupport);
        this.encryptionInitialized = false;
        this.secretKey = new byte[16];
        this.nonce = new byte[16];
        this.encryptionKey = new byte[16];
        this.decryptionKey = new byte[16];
        this.encryptionNonce = new byte[4];
        this.decryptionNonce = new byte[4];
        this.akey = "";
    }

    public static XiaomiProto.Command buildNonceCommand(byte[] bArr) {
        XiaomiProto.PhoneNonce.Builder newBuilder = XiaomiProto.PhoneNonce.newBuilder();
        newBuilder.setNonce(ByteString.copyFrom(bArr));
        XiaomiProto.Auth.Builder newBuilder2 = XiaomiProto.Auth.newBuilder();
        newBuilder2.setPhoneNonce(newBuilder.build());
        XiaomiProto.Command.Builder newBuilder3 = XiaomiProto.Command.newBuilder();
        newBuilder3.setType(1);
        newBuilder3.setSubtype(26);
        newBuilder3.setAuth(newBuilder2.build());
        return newBuilder3.build();
    }

    public static byte[] computeAuthStep3Hmac(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        int i;
        byte[] bytes = "miwear-auth".getBytes();
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(ArrayUtils.addAll(bArr2, bArr3), "HmacSHA256"));
            mac.init(new SecretKeySpec(mac.doFinal(bArr), "HmacSHA256"));
            byte[] bArr4 = new byte[64];
            byte b = 1;
            byte[] bArr5 = new byte[0];
            for (int i2 = 0; i2 < bArr4.length; i2 = i) {
                mac.update(bArr5);
                mac.update(bytes);
                mac.update(b);
                bArr5 = mac.doFinal();
                i = i2;
                int i3 = 0;
                while (i3 < bArr5.length && i < bArr4.length) {
                    bArr4[i] = bArr5[i3];
                    i3++;
                    i++;
                }
                b = (byte) (b + 1);
            }
            return bArr4;
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            throw new IllegalStateException("Failed to initialize hmac for auth step 2", e);
        }
    }

    public static CCMBlockCipher createBlockCipher(boolean z, SecretKey secretKey, byte[] bArr) {
        AESEngine aESEngine = new AESEngine();
        aESEngine.init(z, new KeyParameter(secretKey.getEncoded()));
        CCMBlockCipher cCMBlockCipher = new CCMBlockCipher(aESEngine);
        cCMBlockCipher.init(z, new AEADParameters(new KeyParameter(secretKey.getEncoded()), 32, bArr, null));
        return cCMBlockCipher;
    }

    public static byte[] decrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) throws CryptoException {
        CCMBlockCipher createBlockCipher = createBlockCipher(false, new SecretKeySpec(bArr, "AES"), bArr2);
        byte[] bArr4 = new byte[createBlockCipher.getOutputSize(bArr3.length)];
        createBlockCipher.doFinal(bArr4, createBlockCipher.processBytes(bArr3, 0, bArr3.length, bArr4, 0));
        return bArr4;
    }

    public static byte[] encrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) throws CryptoException {
        CCMBlockCipher createBlockCipher = createBlockCipher(true, new SecretKeySpec(bArr, "AES"), bArr2);
        byte[] bArr4 = new byte[createBlockCipher.getOutputSize(bArr3.length)];
        createBlockCipher.doFinal(bArr4, createBlockCipher.processBytes(bArr3, 0, bArr3.length, bArr4, 0));
        return bArr4;
    }

    private XiaomiProto.Command handleWatchNonce(XiaomiProto.WatchNonce watchNonce) {
        System.out.println("handleWatchNonce");
        byte[] computeAuthStep3Hmac = computeAuthStep3Hmac(this.secretKey, this.nonce, watchNonce.getNonce().toByteArray());
        System.arraycopy(computeAuthStep3Hmac, 0, this.decryptionKey, 0, 16);
        System.arraycopy(computeAuthStep3Hmac, 16, this.encryptionKey, 0, 16);
        System.arraycopy(computeAuthStep3Hmac, 32, this.decryptionNonce, 0, 4);
        System.arraycopy(computeAuthStep3Hmac, 36, this.encryptionNonce, 0, 4);
        Log.d("tag", "decryptionKey: {}" + GB.hexdump(this.decryptionKey));
        Log.d("tag", "encryptionKey: {}" + GB.hexdump(this.encryptionKey));
        Log.d("tag", "decryptionNonce: {}" + GB.hexdump(this.decryptionNonce));
        Log.d("tag", "encryptionNonce: {}" + GB.hexdump(this.encryptionNonce));
        if (!Arrays.equals(hmacSHA256(this.decryptionKey, ArrayUtils.addAll(watchNonce.getNonce().toByteArray(), this.nonce)), watchNonce.getHmac().toByteArray())) {
            LOG.warn("Watch hmac mismatch");
            return null;
        }
        XiaomiProto.AuthStep3 build = XiaomiProto.AuthStep3.newBuilder().setEncryptedNonces(ByteString.copyFrom(hmacSHA256(this.encryptionKey, ArrayUtils.addAll(this.nonce, watchNonce.getNonce().toByteArray())))).setEncryptedDeviceInfo(ByteString.copyFrom(encrypt(XiaomiProto.AuthDeviceInfo.newBuilder().setUnknown1(0).setPhoneApiLevel(Build.VERSION.SDK_INT).setPhoneName(Build.MODEL).setUnknown3(224).setRegion(Locale.getDefault().getLanguage().substring(0, 2).toUpperCase(Locale.ROOT)).build().toByteArray(), (short) 0))).build();
        XiaomiProto.Command.Builder newBuilder = XiaomiProto.Command.newBuilder();
        newBuilder.setType(1);
        newBuilder.setSubtype(27);
        XiaomiProto.Auth.Builder newBuilder2 = XiaomiProto.Auth.newBuilder();
        newBuilder2.setAuthStep3(build);
        return newBuilder.setAuth(newBuilder2.build()).build();
    }

    protected static byte[] hmacSHA256(byte[] bArr, byte[] bArr2) {
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(bArr, "HmacSHA256"));
            return mac.doFinal(bArr2);
        } catch (Exception e) {
            throw new RuntimeException("Failed to hmac", e);
        }
    }

    public byte[] decrypt(byte[] bArr) {
        ByteBuffer order = ByteBuffer.allocate(12).order(ByteOrder.LITTLE_ENDIAN);
        order.put(this.decryptionNonce);
        order.putInt(0);
        order.putInt(0);
        try {
            return decrypt(this.decryptionKey, order.array(), bArr);
        } catch (CryptoException e) {
            throw new RuntimeException("failed to decrypt", e);
        }
    }

    public byte[] decryptV2(byte[] bArr) {
        try {
            byte[] bArr2 = this.decryptionKey;
            byte[] bArr3 = this.decryptionKey;
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr3);
            Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new RuntimeException("failed to encrypt", e);
        }
    }

    public void doStartEncryptedHandshake(TransactionBuilder transactionBuilder) {
        this.encryptionInitialized = false;
        System.arraycopy(getSecretKey(), 0, this.secretKey, 0, 16);
        new SecureRandom().nextBytes(this.nonce);
        getSupport().sendCommand(transactionBuilder, buildNonceCommand(this.nonce));
        System.out.println("startEncryptedHandshake");
    }

    public byte[] encrypt(byte[] bArr, short s) {
        try {
            return encrypt(this.encryptionKey, ByteBuffer.allocate(12).order(ByteOrder.LITTLE_ENDIAN).put(this.encryptionNonce).putInt(0).putShort(s).putShort((short) 0).array(), bArr);
        } catch (CryptoException e) {
            throw new RuntimeException("failed to encrypt", e);
        }
    }

    public byte[] encryptV2(byte[] bArr) {
        try {
            byte[] bArr2 = this.encryptionKey;
            byte[] bArr3 = this.encryptionKey;
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr3);
            Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
            cipher.init(1, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new RuntimeException("failed to encrypt", e);
        }
    }

    protected byte[] getSecretKey() {
        byte[] bArr = new byte[16];
        String userId = getUserId();
        if (StringUtils.isNotBlank(userId)) {
            byte[] hexStringToByteArray = (userId.length() == 34 && userId.startsWith("0x")) ? GB.hexStringToByteArray(userId.trim().substring(2)) : GB.hexStringToByteArray(userId.trim());
            System.arraycopy(hexStringToByteArray, 0, bArr, 0, Math.min(hexStringToByteArray.length, 16));
        }
        return bArr;
    }

    protected String getUserId() {
        return this.akey;
    }

    @Override // com.givemefive.ble.xiaomi.AbstractXiaomiService
    public void handleCommand(XiaomiProto.Command command) {
        if (command.getType() != 1) {
            throw new IllegalArgumentException("Not an auth command");
        }
        int subtype = command.getSubtype();
        if (subtype != 5) {
            if (subtype == 26) {
                Log.d("tag", "Got watch nonce");
                XiaomiProto.Command handleWatchNonce = handleWatchNonce(command.getAuth().getWatchNonce());
                if (handleWatchNonce == null) {
                    return;
                }
                if (getSupport().sppSupportFlag) {
                    getSupport().sendCommand("auth step 2", handleWatchNonce);
                    return;
                } else {
                    getSupport().builder.write(getSupport().characteristicCommandWrite.getCharacteristicUUID(), ArrayUtils.addAll(PAYLOAD_HEADER_AUTH, handleWatchNonce.toByteArray()));
                    return;
                }
            }
            if (subtype != 27) {
                Log.d("tag", "Unknown auth payload subtype {}" + command.getSubtype());
                return;
            }
        }
        if (command.getSubtype() != 27 && command.getAuth().getStatus() != 1) {
            Log.d("tag", "could not authenticate");
            return;
        }
        Log.d("tag", "Authenticated!");
        this.encryptionInitialized = command.getSubtype() == 27;
        getSupport().activityMi8BleNew.onDeviceInited();
    }

    public boolean isEncryptionInitialized() {
        return this.encryptionInitialized;
    }

    public void setKey(String str) {
        this.akey = str;
        System.out.println("AuthKey = " + str);
    }

    public void startEncryptedHandshake(TransactionBuilder transactionBuilder) {
        startEncryptedHandshake(transactionBuilder, null);
    }

    public void startEncryptedHandshake(final TransactionBuilder transactionBuilder, BaseSupportDevice baseSupportDevice) {
        if (baseSupportDevice == null || !baseSupportDevice.sppN66Flag()) {
            doStartEncryptedHandshake(transactionBuilder);
            return;
        }
        System.out.println("start N66 Init");
        getSupport().sendBytes("N66 Init", BaseUtil.hexToByteArray("030001000002020000fc03020020000402001027"));
        new Thread(new Runnable() { // from class: com.givemefive.ble.xiaomi.XiaomiAuthService.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    Thread.sleep(100L);
                    XiaomiAuthService.this.doStartEncryptedHandshake(transactionBuilder);
                } catch (InterruptedException e) {
                    e.printStackTrace();
                }
            }
        }).start();
    }

    public void test1(byte[] bArr) {
        System.arraycopy(getSecretKey(), 0, this.secretKey, 0, 16);
        for (int i = 0; i < bArr.length; i++) {
            this.nonce[i] = bArr[i];
        }
    }

    public XiaomiProto.Command test2handleNonce(XiaomiProto.Command command) {
        XiaomiProto.WatchNonce watchNonce = command.getAuth().getWatchNonce();
        byte[] computeAuthStep3Hmac = computeAuthStep3Hmac(this.secretKey, this.nonce, watchNonce.getNonce().toByteArray());
        System.arraycopy(computeAuthStep3Hmac, 0, this.decryptionKey, 0, 16);
        System.arraycopy(computeAuthStep3Hmac, 16, this.encryptionKey, 0, 16);
        System.arraycopy(computeAuthStep3Hmac, 32, this.decryptionNonce, 0, 4);
        System.arraycopy(computeAuthStep3Hmac, 36, this.encryptionNonce, 0, 4);
        System.out.println("decryptionKey: {}" + GB.hexdump(this.decryptionKey));
        System.out.println("encryptionKey: {}" + GB.hexdump(this.encryptionKey));
        System.out.println("decryptionNonce: {}" + GB.hexdump(this.decryptionNonce));
        System.out.println("encryptionNonce: {}" + GB.hexdump(this.encryptionNonce));
        if (!Arrays.equals(hmacSHA256(this.decryptionKey, ArrayUtils.addAll(watchNonce.getNonce().toByteArray(), this.nonce)), watchNonce.getHmac().toByteArray())) {
            System.out.println("Watch hmac mismatch");
            return null;
        }
        XiaomiProto.AuthStep3 build = XiaomiProto.AuthStep3.newBuilder().setEncryptedNonces(ByteString.copyFrom(hmacSHA256(this.encryptionKey, ArrayUtils.addAll(this.nonce, watchNonce.getNonce().toByteArray())))).setEncryptedDeviceInfo(ByteString.copyFrom(encrypt(XiaomiProto.AuthDeviceInfo.newBuilder().setUnknown1(0).setPhoneApiLevel(Build.VERSION.SDK_INT).setPhoneName("XiaoMi").setUnknown3(224).setRegion(Locale.getDefault().getLanguage().substring(0, 2).toUpperCase(Locale.ROOT)).build().toByteArray(), (short) 0))).build();
        XiaomiProto.Command.Builder newBuilder = XiaomiProto.Command.newBuilder();
        newBuilder.setType(1);
        newBuilder.setSubtype(27);
        XiaomiProto.Auth.Builder newBuilder2 = XiaomiProto.Auth.newBuilder();
        newBuilder2.setAuthStep3(build);
        return newBuilder.setAuth(newBuilder2.build()).build();
    }
}
