package com.google.security.cryptauth.lib.securegcm;

import com.google.common.base.Ascii;
import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import com.google.security.cryptauth.lib.securegcm.DeviceToDeviceMessagesProto;
import com.google.security.cryptauth.lib.securegcm.TransportCryptoOps;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.util.Arrays;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public abstract class D2DConnectionContext {
    private static final int SAVED_SESSION_INFO_LENGTH_37 = 37;
    private static final int SAVED_SESSION_INFO_LENGTH_73 = 73;
    private static final String UTF8 = "UTF-8";
    private final int mProtocolVersion;

    public D2DConnectionContext(int i10) {
        this.mProtocolVersion = i10;
    }

    public static int bytesToSignedInt(byte[] bArr) {
        if (bArr.length == 4) {
            return (bArr[3] & 255) | ((bArr[0] << Ascii.CAN) & (-16777216)) | ((bArr[1] << 16) & 16711680) | ((bArr[2] << 8) & 65280);
        }
        throw new IllegalArgumentException("Expected 4 bytes to encode int, but got: " + bArr.length + " bytes");
    }

    public static DeviceToDeviceMessagesProto.DeviceToDeviceMessage createDeviceToDeviceMessage(byte[] bArr, int i10) {
        DeviceToDeviceMessagesProto.DeviceToDeviceMessage.Builder newBuilder = DeviceToDeviceMessagesProto.DeviceToDeviceMessage.newBuilder();
        newBuilder.setSequenceNumber(i10);
        newBuilder.setMessage(ByteString.copyFrom(bArr));
        return newBuilder.build();
    }

    public static D2DConnectionContext fromSavedSession(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            throw new IllegalArgumentException("savedSessionInfo null or too short");
        }
        int i10 = bArr[0] & 255;
        if (i10 == 0) {
            if (bArr.length == 37) {
                return new D2DConnectionContextV0(new SecretKeySpec(Arrays.copyOfRange(bArr, 5, 37), "AES"), bytesToSignedInt(Arrays.copyOfRange(bArr, 1, 5)));
            }
            throw new IllegalArgumentException("Incorrect data length (" + bArr.length + ") for v0 protocol");
        }
        if (i10 != 1) {
            throw new IllegalArgumentException("Cannot rebuild context, unkown protocol version: " + i10);
        }
        if (bArr.length != SAVED_SESSION_INFO_LENGTH_73) {
            throw new IllegalArgumentException("Incorrect data length for v1 protocol");
        }
        return new D2DConnectionContextV1(new SecretKeySpec(Arrays.copyOfRange(bArr, 9, 41), "AES"), new SecretKeySpec(Arrays.copyOfRange(bArr, 41, SAVED_SESSION_INFO_LENGTH_73), "AES"), bytesToSignedInt(Arrays.copyOfRange(bArr, 1, 5)), bytesToSignedInt(Arrays.copyOfRange(bArr, 5, 9)));
    }

    public static byte[] signedIntToBytes(int i10) {
        return new byte[]{(byte) ((i10 >> 24) & 255), (byte) ((i10 >> 16) & 255), (byte) ((i10 >> 8) & 255), (byte) (i10 & 255)};
    }

    public byte[] decodeMessageFromPeer(byte[] bArr) {
        try {
            TransportCryptoOps.Payload verifydecryptPayload = D2DCryptoOps.verifydecryptPayload(bArr, getDecodeKey());
            if (!TransportCryptoOps.PayloadType.DEVICE_TO_DEVICE_MESSAGE.equals(verifydecryptPayload.getPayloadType())) {
                throw new SignatureException("wrong message type in device-to-device message");
            }
            DeviceToDeviceMessagesProto.DeviceToDeviceMessage parseFrom = DeviceToDeviceMessagesProto.DeviceToDeviceMessage.parseFrom(verifydecryptPayload.getMessage());
            incrementSequenceNumberForDecoding();
            if (parseFrom.getSequenceNumber() == getSequenceNumberForDecoding()) {
                return parseFrom.getMessage().toByteArray();
            }
            throw new SignatureException("Incorrect sequence number");
        } catch (InvalidProtocolBufferException e10) {
            throw new SignatureException(e10);
        } catch (InvalidKeyException e11) {
            throw new SignatureException(e11);
        } catch (NoSuchAlgorithmException e12) {
            throw new RuntimeException(e12);
        }
    }

    public String decodeMessageFromPeerAsString(byte[] bArr) {
        try {
            return new String(decodeMessageFromPeer(bArr), "UTF-8");
        } catch (UnsupportedEncodingException e10) {
            throw new RuntimeException(e10);
        }
    }

    public byte[] encodeMessageToPeer(String str) {
        try {
            return encodeMessageToPeer(str.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e10) {
            throw new RuntimeException(e10);
        }
    }

    public byte[] encodeMessageToPeer(byte[] bArr) {
        incrementSequenceNumberForEncoding();
        try {
            return D2DCryptoOps.signcryptPayload(new TransportCryptoOps.Payload(TransportCryptoOps.PayloadType.DEVICE_TO_DEVICE_MESSAGE, createDeviceToDeviceMessage(bArr, getSequenceNumberForEncoding()).toByteArray()), getEncodeKey());
        } catch (InvalidKeyException e10) {
            throw new RuntimeException(e10);
        } catch (NoSuchAlgorithmException e11) {
            throw new RuntimeException(e11);
        }
    }

    public abstract SecretKey getDecodeKey();

    public abstract SecretKey getEncodeKey();

    public abstract int getSequenceNumberForDecoding();

    public abstract int getSequenceNumberForEncoding();

    public abstract byte[] getSessionUnique();

    public int getmProtocolVersion() {
        return this.mProtocolVersion;
    }

    public abstract void incrementSequenceNumberForDecoding();

    public abstract void incrementSequenceNumberForEncoding();

    public abstract byte[] saveSession();
}
