package com.netflix.msl.entityauth;

import com.netflix.msl.MslCryptoException;
import com.netflix.msl.MslEncodingException;
import com.netflix.msl.MslEntityAuthException;
import com.netflix.msl.MslError;
import com.netflix.msl.MslException;
import com.netflix.msl.MslMasterTokenException;
import com.netflix.msl.crypto.ICryptoContext;
import com.netflix.msl.crypto.SessionCryptoContext;
import com.netflix.msl.io.MslEncoderException;
import com.netflix.msl.io.MslEncoderFactory;
import com.netflix.msl.io.MslEncoderFormat;
import com.netflix.msl.io.MslObject;
import com.netflix.msl.tokens.MasterToken;
import com.netflix.msl.util.MslContext;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:WEB-INF/lib/msl-core-1.2226.0.jar:com/netflix/msl/entityauth/MasterTokenProtectedAuthenticationData.class */
public class MasterTokenProtectedAuthenticationData extends EntityAuthenticationData {
    protected static final String KEY_MASTER_TOKEN = "mastertoken";
    protected static final String KEY_AUTHENTICATION_DATA = "authdata";
    protected static final String KEY_SIGNATURE = "signature";
    private final MslContext ctx;
    private final MasterToken masterToken;
    private final EntityAuthenticationData authdata;
    private final Map<MslEncoderFormat, MslObject> objects;

    public MasterTokenProtectedAuthenticationData(MslContext mslContext, MasterToken masterToken, EntityAuthenticationData entityAuthenticationData) throws MslCryptoException, MslEntityAuthException {
        super(EntityAuthenticationScheme.MT_PROTECTED);
        this.objects = new HashMap();
        this.ctx = mslContext;
        this.masterToken = masterToken;
        this.authdata = entityAuthenticationData;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MasterTokenProtectedAuthenticationData(MslContext mslContext, MslObject mslObject) throws MslEncodingException, MslCryptoException, MslEntityAuthException {
        super(EntityAuthenticationScheme.MT_PROTECTED);
        this.objects = new HashMap();
        this.ctx = mslContext;
        try {
            byte[] bytes = mslObject.getBytes(KEY_AUTHENTICATION_DATA);
            byte[] bytes2 = mslObject.getBytes("signature");
            try {
                this.masterToken = new MasterToken(mslContext, mslObject.getMslObject("mastertoken", mslContext.getMslEncoderFactory()));
                try {
                    ICryptoContext cryptoContext = mslContext.getMslStore().getCryptoContext(this.masterToken);
                    ICryptoContext sessionCryptoContext = cryptoContext != null ? cryptoContext : new SessionCryptoContext(mslContext, this.masterToken);
                    try {
                        MslEncoderFactory mslEncoderFactory = mslContext.getMslEncoderFactory();
                        if (!sessionCryptoContext.verify(bytes, bytes2, mslEncoderFactory)) {
                            throw new MslEntityAuthException(MslError.ENTITYAUTH_VERIFICATION_FAILED, "master token protected authdata " + mslObject);
                        }
                        this.authdata = EntityAuthenticationData.create(mslContext, mslEncoderFactory.parseObject(sessionCryptoContext.decrypt(bytes, mslEncoderFactory)));
                    } catch (MslEncoderException e) {
                        throw new MslEncodingException(MslError.MSL_PARSE_ERROR, "master token protected authdata " + mslObject, e);
                    }
                } catch (MslMasterTokenException e2) {
                    throw new MslEntityAuthException(MslError.ENTITYAUTH_MASTERTOKEN_NOT_DECRYPTED, e2);
                }
            } catch (MslException e3) {
                throw new MslEntityAuthException(MslError.ENTITYAUTH_MASTERTOKEN_INVALID, "master token protected authdata " + mslObject, e3);
            }
        } catch (MslEncoderException e4) {
            throw new MslEncodingException(MslError.MSL_PARSE_ERROR, "master token protected authdata " + mslObject, e4);
        }
    }

    @Override // com.netflix.msl.entityauth.EntityAuthenticationData
    public String getIdentity() throws MslCryptoException {
        return this.authdata.getIdentity();
    }

    public EntityAuthenticationData getEncapsulatedAuthdata() {
        return this.authdata;
    }

    @Override // com.netflix.msl.entityauth.EntityAuthenticationData
    public MslObject getAuthData(MslEncoderFactory mslEncoderFactory, MslEncoderFormat mslEncoderFormat) throws MslEncoderException {
        if (this.objects.containsKey(mslEncoderFormat)) {
            return this.objects.get(mslEncoderFormat);
        }
        try {
            ICryptoContext cryptoContext = this.ctx.getMslStore().getCryptoContext(this.masterToken);
            ICryptoContext sessionCryptoContext = cryptoContext != null ? cryptoContext : new SessionCryptoContext(this.ctx, this.masterToken);
            try {
                byte[] encrypt = sessionCryptoContext.encrypt(this.authdata.toMslEncoding(mslEncoderFactory, mslEncoderFormat), mslEncoderFactory, mslEncoderFormat);
                Object sign = sessionCryptoContext.sign(encrypt, mslEncoderFactory, mslEncoderFormat);
                MslObject createObject = mslEncoderFactory.createObject();
                createObject.put("mastertoken", this.masterToken);
                createObject.put(KEY_AUTHENTICATION_DATA, encrypt);
                createObject.put("signature", sign);
                MslObject parseObject = mslEncoderFactory.parseObject(mslEncoderFactory.encodeObject(createObject, mslEncoderFormat));
                this.objects.put(mslEncoderFormat, parseObject);
                return parseObject;
            } catch (MslCryptoException e) {
                throw new MslEncoderException("Error encrypting and signing the authentication data.", e);
            }
        } catch (MslMasterTokenException e2) {
            throw new MslEncoderException("Master token is not trusted; cannot create session crypto context.", e2);
        }
    }

    @Override // com.netflix.msl.entityauth.EntityAuthenticationData
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof MasterTokenProtectedAuthenticationData)) {
            return false;
        }
        MasterTokenProtectedAuthenticationData masterTokenProtectedAuthenticationData = (MasterTokenProtectedAuthenticationData) obj;
        return super.equals(obj) && this.masterToken.equals(masterTokenProtectedAuthenticationData.masterToken) && this.authdata.equals(masterTokenProtectedAuthenticationData.authdata);
    }

    @Override // com.netflix.msl.entityauth.EntityAuthenticationData
    public int hashCode() {
        return (super.hashCode() ^ this.masterToken.hashCode()) ^ this.authdata.hashCode();
    }
}
