package com.perimeterx.internals.cookie;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.perimeterx.models.PXContext;
import com.perimeterx.models.configuration.PXConfiguration;
import com.perimeterx.models.exceptions.PXCookieDecryptionException;
import com.perimeterx.models.exceptions.PXException;
import com.perimeterx.utils.Base64;
import com.perimeterx.utils.Constants;
import com.perimeterx.utils.PBKDF2Engine;
import com.perimeterx.utils.PBKDF2Parameters;
import com.perimeterx.utils.PXLogger;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/perimeterx/internals/cookie/AbstractPXCookie.class */
public abstract class AbstractPXCookie implements PXCookie {
    private static final PXLogger logger = PXLogger.getLogger(AbstractPXCookie.class);
    private static final int KEY_LEN = 32;
    private static final String HMAC_SHA_256 = "HmacSHA256";
    protected ObjectMapper mapper = new ObjectMapper();
    protected PXConfiguration pxConfiguration;
    protected PXContext pxContext;
    protected String pxCookie;
    protected JsonNode decodedCookie;
    protected String cookieKey;

    public AbstractPXCookie(PXConfiguration pXConfiguration, PXContext pXContext) {
        this.pxConfiguration = pXConfiguration;
        this.pxContext = pXContext;
        this.pxCookie = pXContext.shouldDeserializeFromOriginalToken() ? pXContext.getPxOriginalTokenCookie() : pXContext.getPxCookie();
        this.cookieKey = pXConfiguration.getCookieKey();
    }

    public String getPxCookie() {
        return this.pxCookie;
    }

    public void setPxCookie(String str) {
        this.pxCookie = str;
    }

    public JsonNode getDecodedCookie() {
        return this.decodedCookie;
    }

    public void setDecodedCookie(JsonNode jsonNode) {
        this.decodedCookie = jsonNode;
    }

    public boolean deserialize() throws PXCookieDecryptionException {
        if (this.decodedCookie != null) {
            return true;
        }
        JsonNode decrypt = this.pxConfiguration.isEncryptionEnabled() ? decrypt() : decode();
        if (!isCookieFormatValid(decrypt)) {
            return false;
        }
        this.decodedCookie = decrypt;
        return true;
    }

    private JsonNode decrypt() throws PXCookieDecryptionException {
        String[] split = this.pxCookie.split(Constants.COOKIE_EXTRACT_DELIMITER_MOBILE);
        if (split.length != 3) {
            throw new PXCookieDecryptionException("Part length invalid");
        }
        byte[] decode = Base64.decode(split[0]);
        if (decode == null) {
            throw new PXCookieDecryptionException("Salt is empty");
        }
        int parseInt = Integer.parseInt(split[1]);
        if (parseInt < 0 || parseInt > 10000) {
            throw new PXCookieDecryptionException("Iterations not in range");
        }
        byte[] decode2 = Base64.decode(split[2]);
        if (decode2 == null) {
            throw new PXCookieDecryptionException("No payload");
        }
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            byte[] deriveKey = new PBKDF2Engine(new PBKDF2Parameters(HMAC_SHA_256, "UTF-8", decode, parseInt)).deriveKey(this.cookieKey, KEY_LEN + cipher.getBlockSize());
            cipher.init(2, new SecretKeySpec(Arrays.copyOf(deriveKey, KEY_LEN), "AES"), new IvParameterSpec(Arrays.copyOfRange(deriveKey, KEY_LEN, deriveKey.length)));
            return this.mapper.readTree(new String(cipher.doFinal(decode2, 0, decode2.length), StandardCharsets.UTF_8));
        } catch (Exception e) {
            throw new PXCookieDecryptionException("Cookie decryption failed in reason => ".concat(e.getMessage()));
        }
    }

    private JsonNode decode() throws PXCookieDecryptionException {
        try {
            return this.mapper.readTree(new String(Base64.decode(this.pxCookie)));
        } catch (IOException e) {
            throw new PXCookieDecryptionException("Cookie decode failed in reason => ".concat(e.getMessage()));
        }
    }

    public boolean isHighScore() {
        return getScore() >= this.pxConfiguration.getBlockingScore();
    }

    public boolean isExpired() {
        return getTimestamp() < System.currentTimeMillis();
    }

    public boolean isHmacValid(String str, String str2) throws PXException {
        boolean z = false;
        try {
            try {
                Mac mac = Mac.getInstance(HMAC_SHA_256);
                mac.init(new SecretKeySpec(this.cookieKey.getBytes(), HMAC_SHA_256));
                z = Arrays.equals(mac.doFinal(str.getBytes(StandardCharsets.UTF_8)), hexStringToByteArray(str2));
                if (!z) {
                    logger.debug(PXLogger.LogReason.DEBUG_COOKIE_DECRYPTION_HMAC_FAILED, this.pxCookie, this.pxContext.getUserAgent());
                }
                return z;
            } catch (Exception e) {
                throw new PXException("Failed to validate HMAC => ".concat(e.getMessage()));
            }
        } catch (Throwable th) {
            if (!z) {
                logger.debug(PXLogger.LogReason.DEBUG_COOKIE_DECRYPTION_HMAC_FAILED, this.pxCookie, this.pxContext.getUserAgent());
            }
            throw th;
        }
    }

    private static byte[] hexStringToByteArray(String str) {
        int length = str.length();
        byte[] bArr = new byte[length / 2];
        for (int i = 0; i < length; i += 2) {
            if (str.charAt(i) != KEY_LEN) {
                bArr[i / 2] = (byte) ((Character.digit(str.charAt(i), 16) << 4) + Character.digit(str.charAt(i + 1), 16));
            }
        }
        return bArr;
    }

    public boolean isValid() throws PXCookieDecryptionException, PXException {
        return deserialize() && !isExpired() && isSecured();
    }

    @Override // com.perimeterx.internals.cookie.PXCookie
    public long getTimestamp() {
        return this.decodedCookie.get("t").asLong();
    }

    @Override // com.perimeterx.internals.cookie.PXCookie
    public String getUUID() {
        return this.decodedCookie.get("u").asText();
    }

    @Override // com.perimeterx.internals.cookie.PXCookie
    public String getVID() {
        return this.decodedCookie.get("v").asText();
    }

    public static String getMobileCookieVersion(String str) {
        return "1".equals(str) ? Constants.COOKIE_V1_KEY : Constants.COOKIE_V3_KEY;
    }
}
