package com.sybase.afaria;

import android.content.Context;
import android.content.pm.ApplicationInfo;
import android.database.Cursor;
import android.net.Uri;
import android.util.Base64;
import android.util.Log;
import android.util.Xml;
import com.Android.Afaria.afariaauth.AfariaAuthentication;
import com.Android.Afaria.ntlm.NTLMSchemeFactory;
import com.Android.Afaria.remote.SharedPrefsContentProvider;
import com.sap.maf.tools.logon.core.LogonCoreListener;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.ByteArrayInputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.security.MessageDigest;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.NTCredentials;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.HttpConnectionParams;
import org.xmlpull.v1.XmlPullParser;

/* loaded from: classes.dex */
public class SeedDataAPI {
    private static Context _context = null;
    private static NTCredentials Credentials = null;

    /* loaded from: classes.dex */
    public static class SeedDataAPIException extends Exception {
        public static final int AFARIA_CLIENT_NOT_INSTALLED = 0;
        public static final int AUTHENTICATION_FAILED = 110;
        public static final int COULD_NOT_CONTACT_SERVER = 2;
        public static final int GENERAL_FAILURE = 100;
        public static final int NO_DATA_AVAILABLE = 1;
        public static final int UNKNOWN = 101;
        public static final int USER_NOT_FOUND = 111;
        private static final long serialVersionUID = -1261972544210264770L;
        private int m_iErrorCode;

        public SeedDataAPIException(String str, int i) {
            super(str);
            this.m_iErrorCode = 101;
            setErrorCode(i);
        }

        private void setErrorCode(int i) {
            this.m_iErrorCode = i;
        }

        public int getErrorCode() {
            return this.m_iErrorCode;
        }
    }

    private static byte[] AESEncrypt(byte[] bArr, SecretKeySpec secretKeySpec, IvParameterSpec ivParameterSpec) throws SeedDataAPIException {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(1, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new SeedDataAPIException(e.getMessage(), 101);
        }
    }

    private static byte[] RSADecrypt(byte[] bArr, RSAPrivateKey rSAPrivateKey) throws SeedDataAPIException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, rSAPrivateKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new SeedDataAPIException(e.getMessage(), 101);
        }
    }

    private static void SetCredentials(SeedDataCredentials seedDataCredentials) {
        Credentials = null;
        if (seedDataCredentials != null) {
            String GetUsername = seedDataCredentials.GetUsername();
            String GetPassword = seedDataCredentials.GetPassword();
            String GetDomain = seedDataCredentials.GetDomain();
            if (GetUsername == null || GetUsername.length() == 0 || GetPassword == null || GetPassword.length() == 0) {
                return;
            }
            if (GetDomain == null) {
                GetDomain = "";
            }
            Credentials = new NTCredentials(GetUsername, GetPassword, "", GetDomain);
        }
    }

    private static void checkStatusCode(int i) throws SeedDataAPIException {
        switch (i) {
            case 200:
                return;
            case 204:
                throw new SeedDataAPIException("No Data received from server: " + i, 1);
            case LogonCoreListener.HTTP_UNAUTHORIZED /* 401 */:
            case LogonCoreListener.HTTP_FORBIDDEN /* 403 */:
                throw new SeedDataAPIException("HTTP request requires Authentication", 110);
            case 412:
                throw new SeedDataAPIException("Information from LDAP could not be retrieved: " + i, 111);
            default:
                throw new SeedDataAPIException("Package Server could not be reached. Response Code: " + i, 2);
        }
    }

    private static String getAppServerIP() throws SeedDataAPIException {
        if (_context == null) {
            throw new SeedDataAPIException("Unknown error", 101);
        }
        Cursor query = _context.getContentResolver().query(Uri.withAppendedPath(SharedPrefsContentProvider.CONTENT_URI, SharedPrefsContentProvider.APP_SERVER_IP_KEY), null, null, null, null);
        if (query == null) {
            throw new SeedDataAPIException("Cursor is null", 0);
        }
        if (!query.moveToFirst()) {
            if (!query.isClosed()) {
                query.close();
            }
            throw new SeedDataAPIException("Query returned no data", 1);
        }
        String string = query.getString(0);
        if (!query.isClosed()) {
            query.close();
        }
        Log.d("SeedDataAPI.getAppServerIP()", "AppServerURL: " + string);
        return string;
    }

    private static X509Certificate getCertificate(SecretKeySpec secretKeySpec, IvParameterSpec ivParameterSpec, RSAPublicKey rSAPublicKey, RSAPrivateKey rSAPrivateKey, String str, String str2, String str3) throws SeedDataAPIException {
        try {
            String appServerIP = getAppServerIP();
            if (appServerIP == null) {
                throw new SeedDataAPIException("Invalid Server Address", 101);
            }
            String str4 = getServerURL(appServerIP) + "package/cert/fileEx";
            String clientID = getClientID(appServerIP);
            String str5 = "-----BEGIN RSA PRIVATE KEY-----\n" + Base64.encodeToString(rSAPrivateKey.getEncoded(), 0) + "-----END RSA PRIVATE KEY-----\n";
            String str6 = "-----BEGIN SUBJECT-----\n" + str + "-----END SUBJECT-----\n";
            String str7 = ("-----BEGIN RSA PUBLIC KEY-----\n" + Base64.encodeToString(rSAPublicKey.getEncoded(), 0) + "-----END RSA PUBLIC KEY-----\n") + str5;
            byte[] AESEncrypt = AESEncrypt((((!str2.equalsIgnoreCase("")) & (str2 != null) ? str7 + "CommonName=" + str2 : str7 + str6) + "\nChallengePassword=" + str3 + "\n").getBytes(), secretKeySpec, ivParameterSpec);
            HttpPost httpPost = new HttpPost(str4);
            DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
            httpPost.setEntity(new StringEntity(new String(Base64.encode(AESEncrypt, 0))));
            HttpConnectionParams.setConnectionTimeout(defaultHttpClient.getParams(), 30000);
            httpPost.addHeader("Requestor", "Android." + _context.getPackageName());
            httpPost.addHeader("ClientID", clientID);
            HttpResponse execute = defaultHttpClient.execute(httpPost);
            int statusCode = execute.getStatusLine().getStatusCode();
            if (Credentials != null && (statusCode == 401 || statusCode == 403)) {
                if (statusCode == 401) {
                    defaultHttpClient.getAuthSchemes().register("ntlm", new NTLMSchemeFactory());
                    BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
                    basicCredentialsProvider.setCredentials(AuthScope.ANY, Credentials);
                    defaultHttpClient.setCredentialsProvider(basicCredentialsProvider);
                } else if (statusCode == 403) {
                    httpPost.addHeader(AfariaAuthentication.AUTH_VERSION_HEADER, "1");
                    httpPost.addHeader(AfariaAuthentication.AUTH_TOKEN_HEADER, AfariaAuthentication.buildAfariaAuthToken(Credentials.getUserName(), Credentials.getPassword(), AfariaAuthentication.GetCurrentTimeString()));
                }
                execute = defaultHttpClient.execute(httpPost);
                statusCode = execute.getStatusLine().getStatusCode();
            }
            checkStatusCode(statusCode);
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(execute.getEntity().getContent()));
            String str8 = "";
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(str8.replace("-----BEGIN CERTIFICATE-----", "").replace("-----END CERTIFICATE-----", "").getBytes(), 0)));
                }
                str8 = str8 + readLine;
            }
        } catch (SeedDataAPIException e) {
            throw e;
        } catch (Exception e2) {
            throw new SeedDataAPIException(e2.getMessage(), 101);
        }
    }

    private static InputStream getCertificateSubject(SecretKeySpec secretKeySpec, IvParameterSpec ivParameterSpec, String str) throws SeedDataAPIException {
        try {
            String appServerIP = getAppServerIP();
            if (appServerIP == null) {
                throw new SeedDataAPIException("Invalid Server Address", 101);
            }
            String str2 = getServerURL(appServerIP) + "package/cert/usersubject";
            String clientID = getClientID(appServerIP);
            HttpPost httpPost = new HttpPost(str2);
            DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
            httpPost.setEntity(new StringEntity("\nChallengePassword=" + str + "\n"));
            HttpConnectionParams.setConnectionTimeout(defaultHttpClient.getParams(), 30000);
            httpPost.addHeader("Requestor", "Android." + _context.getPackageName());
            httpPost.addHeader("ClientID", clientID);
            HttpResponse execute = defaultHttpClient.execute(httpPost);
            int statusCode = execute.getStatusLine().getStatusCode();
            if (Credentials != null && (statusCode == 401 || statusCode == 403)) {
                if (statusCode == 401) {
                    defaultHttpClient.getAuthSchemes().register("ntlm", new NTLMSchemeFactory());
                    BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
                    basicCredentialsProvider.setCredentials(AuthScope.ANY, Credentials);
                    defaultHttpClient.setCredentialsProvider(basicCredentialsProvider);
                } else if (statusCode == 403) {
                    httpPost.addHeader(AfariaAuthentication.AUTH_VERSION_HEADER, "1");
                    httpPost.addHeader(AfariaAuthentication.AUTH_TOKEN_HEADER, AfariaAuthentication.buildAfariaAuthToken(Credentials.getUserName(), Credentials.getPassword(), AfariaAuthentication.GetCurrentTimeString()));
                }
                execute = defaultHttpClient.execute(httpPost);
                statusCode = execute.getStatusLine().getStatusCode();
            }
            checkStatusCode(statusCode);
            return execute.getEntity().getContent();
        } catch (SeedDataAPIException e) {
            throw e;
        } catch (Exception e2) {
            throw new SeedDataAPIException(e2.getMessage(), 101);
        }
    }

    private static String getClientID(String str) {
        return str != null ? str.substring(str.indexOf("{")) : "";
    }

    private static String getResponseBody(HttpResponse httpResponse) throws SeedDataAPIException {
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpResponse.getEntity().getContent()));
            String str = "";
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    return str;
                }
                str = str + readLine + '\n';
            }
        } catch (Exception e) {
            throw new SeedDataAPIException(e.getMessage(), 101);
        }
    }

    private static String getSeedDataURL() throws SeedDataAPIException {
        ApplicationInfo applicationInfo;
        String str;
        try {
            if (_context != null && (applicationInfo = _context.getApplicationInfo()) != null && (str = applicationInfo.packageName) != null) {
                Log.d("SeedDataAPI.retrieveSeedData()", "PackageName: " + str);
                Cursor query = _context.getContentResolver().query(Uri.withAppendedPath(SharedPrefsContentProvider.CONTENT_URI, str), null, null, null, null);
                if (query == null) {
                    throw new SeedDataAPIException("Cursor is null", 0);
                }
                if (!query.moveToFirst()) {
                    if (!query.isClosed()) {
                        query.close();
                    }
                    throw new SeedDataAPIException("Query returned no data", 1);
                }
                String string = query.getString(0);
                if (!query.isClosed()) {
                    query.close();
                }
                if (string == null) {
                    throw new SeedDataAPIException("No data for this package: " + str, 1);
                }
                Log.d("SeedDataAPI.retrieveSeedData()", "seedDataURL: " + string);
                return string;
            }
        } catch (SeedDataAPIException e) {
            throw e;
        } catch (Exception e2) {
            Log.d("SeedDataAPI.retrieveSeedData()", "Exception Thrown :" + e2.getMessage());
        }
        throw new SeedDataAPIException("Unknown error", 101);
    }

    private static IvParameterSpec getServerIV(RSAPublicKey rSAPublicKey, RSAPrivateKey rSAPrivateKey) throws SeedDataAPIException {
        byte[] decode;
        try {
            String appServerIP = getAppServerIP();
            if (appServerIP == null) {
                throw new SeedDataAPIException("Invalid Server Address", 101);
            }
            String str = getServerURL(appServerIP) + "package/cert/generateKey";
            String clientID = getClientID(appServerIP);
            String str2 = "-----BEGIN RSA PUBLIC KEY-----\n" + Base64.encodeToString(rSAPublicKey.getEncoded(), 0) + "-----END RSA PUBLIC KEY-----\n";
            HttpPost httpPost = new HttpPost(str);
            DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
            httpPost.setEntity(new StringEntity(str2));
            HttpConnectionParams.setConnectionTimeout(defaultHttpClient.getParams(), 30000);
            httpPost.addHeader("Requestor", "Android." + _context.getPackageName());
            httpPost.addHeader("ClientID", clientID);
            httpPost.addHeader("KeySize", "128");
            defaultHttpClient.execute(httpPost);
            HttpResponse execute = defaultHttpClient.execute(httpPost);
            int statusCode = execute.getStatusLine().getStatusCode();
            if (Credentials != null && (statusCode == 401 || statusCode == 403)) {
                if (statusCode == 401) {
                    defaultHttpClient.getAuthSchemes().register("ntlm", new NTLMSchemeFactory());
                    BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
                    basicCredentialsProvider.setCredentials(AuthScope.ANY, Credentials);
                    defaultHttpClient.setCredentialsProvider(basicCredentialsProvider);
                } else if (statusCode == 403) {
                    httpPost.addHeader(AfariaAuthentication.AUTH_VERSION_HEADER, "1");
                    httpPost.addHeader(AfariaAuthentication.AUTH_TOKEN_HEADER, AfariaAuthentication.buildAfariaAuthToken(Credentials.getUserName(), Credentials.getPassword(), AfariaAuthentication.GetCurrentTimeString()));
                }
                execute = defaultHttpClient.execute(httpPost);
                statusCode = execute.getStatusLine().getStatusCode();
            }
            checkStatusCode(statusCode);
            String value = execute.getFirstHeader("KeyType").getValue();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(execute.getEntity().getContent()));
            String str3 = "";
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                str3 = str3 + readLine;
            }
            if (value.equalsIgnoreCase("P")) {
                decode = Base64.decode(str3.getBytes(), 0);
            } else {
                if (value.equalsIgnoreCase("B")) {
                    str3 = str3.substring(str3.indexOf("::") + 2);
                }
                decode = Base64.decode(RSADecrypt(Base64.decode(str3.getBytes(), 0), rSAPrivateKey), 0);
            }
            return new IvParameterSpec(decode);
        } catch (SeedDataAPIException e) {
            throw e;
        } catch (Exception e2) {
            throw new SeedDataAPIException(e2.getMessage(), 101);
        }
    }

    private static String getServerURL(String str) {
        return str != null ? str.substring(0, str.indexOf("{")) : "";
    }

    public static void initialize(Context context) {
        _context = context;
    }

    public static X509Certificate retrieveCertificate(RSAPublicKey rSAPublicKey, RSAPrivateKey rSAPrivateKey, String str, String str2, SeedDataCredentials seedDataCredentials) throws SeedDataAPIException {
        SetCredentials(seedDataCredentials);
        try {
            return getCertificate(new SecretKeySpec(MessageDigest.getInstance("MD5").digest("AfariaSLL.AES.PassW0rd".getBytes()), "AES"), getServerIV(rSAPublicKey, rSAPrivateKey), rSAPublicKey, rSAPrivateKey, "", str, str2);
        } catch (SeedDataAPIException e) {
            throw e;
        } catch (Exception e2) {
            throw new SeedDataAPIException(e2.getMessage(), 101);
        }
    }

    public static String retrieveSeedData(SeedDataCredentials seedDataCredentials) throws SeedDataAPIException {
        SetCredentials(seedDataCredentials);
        String seedDataURL = getSeedDataURL();
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
        HttpConnectionParams.setConnectionTimeout(defaultHttpClient.getParams(), 30000);
        try {
            HttpGet httpGet = new HttpGet(seedDataURL);
            HttpResponse execute = defaultHttpClient.execute(httpGet);
            int statusCode = execute.getStatusLine().getStatusCode();
            if (Credentials != null && (statusCode == 401 || statusCode == 403)) {
                if (statusCode == 401) {
                    defaultHttpClient.getAuthSchemes().register("ntlm", new NTLMSchemeFactory());
                    BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
                    basicCredentialsProvider.setCredentials(AuthScope.ANY, Credentials);
                    defaultHttpClient.setCredentialsProvider(basicCredentialsProvider);
                } else if (statusCode == 403) {
                    httpGet.addHeader(AfariaAuthentication.AUTH_VERSION_HEADER, "1");
                    httpGet.addHeader(AfariaAuthentication.AUTH_TOKEN_HEADER, AfariaAuthentication.buildAfariaAuthToken(Credentials.getUserName(), Credentials.getPassword(), AfariaAuthentication.GetCurrentTimeString()));
                }
                execute = defaultHttpClient.execute(httpGet);
                statusCode = execute.getStatusLine().getStatusCode();
            }
            checkStatusCode(statusCode);
            String responseBody = getResponseBody(execute);
            File file = new File(_context.getFilesDir(), "seedData");
            file.mkdirs();
            File file2 = new File(file, "SUPOnboardingSeedData.txt");
            FileOutputStream fileOutputStream = new FileOutputStream(file2);
            DataOutputStream dataOutputStream = new DataOutputStream(fileOutputStream);
            BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(dataOutputStream));
            bufferedWriter.write(responseBody);
            bufferedWriter.flush();
            String absolutePath = file2.getAbsolutePath();
            bufferedWriter.close();
            dataOutputStream.close();
            fileOutputStream.close();
            return absolutePath;
        } catch (SeedDataAPIException e) {
            throw e;
        } catch (ClientProtocolException e2) {
            throw new SeedDataAPIException(e2.getMessage(), 2);
        } catch (IOException e3) {
            throw new SeedDataAPIException(e3.getMessage(), 2);
        } catch (Exception e4) {
            throw new SeedDataAPIException(e4.getMessage(), 101);
        }
    }

    public static X509Certificate retrieveUserCertificate(RSAPublicKey rSAPublicKey, RSAPrivateKey rSAPrivateKey, SeedDataCredentials seedDataCredentials, String str) throws SeedDataAPIException {
        SetCredentials(seedDataCredentials);
        String str2 = "";
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(MessageDigest.getInstance("MD5").digest("AfariaSLL.AES.PassW0rd".getBytes()), "AES");
            IvParameterSpec serverIV = getServerIV(rSAPublicKey, rSAPrivateKey);
            InputStream certificateSubject = getCertificateSubject(secretKeySpec, serverIV, str);
            XmlPullParser newPullParser = Xml.newPullParser();
            newPullParser.setFeature("http://xmlpull.org/v1/doc/features.html#process-namespaces", false);
            newPullParser.setInput(certificateSubject, null);
            while (newPullParser.getEventType() != 1) {
                if (newPullParser.getEventType() == 2) {
                    String name = newPullParser.getName();
                    if (name == null) {
                        newPullParser.next();
                    } else if (newPullParser.next() == 4) {
                        if (name.equals("challengePassword")) {
                            str = newPullParser.getText();
                        } else if (name.equals("subject")) {
                            str2 = newPullParser.getText();
                        }
                    }
                } else {
                    newPullParser.next();
                }
            }
            return getCertificate(secretKeySpec, serverIV, rSAPublicKey, rSAPrivateKey, str2, "", str);
        } catch (SeedDataAPIException e) {
            throw e;
        } catch (Exception e2) {
            throw new SeedDataAPIException(e2.getMessage(), 101);
        }
    }
}
