package com.samsung.android.oneconnect.manager.e2ee.f;

import android.content.Context;
import android.os.RemoteException;
import android.text.TextUtils;
import com.samsung.android.oneconnect.base.entity.e2ee.DecryptedDek;
import com.samsung.android.oneconnect.base.entity.e2ee.EncryptedDek;
import com.samsung.android.oneconnect.base.rest.db.device.entity.DeviceDomain;
import com.samsung.android.oneconnect.base.rest.repository.DeviceRepository;
import com.samsung.android.oneconnect.base.rest.repository.UserRepository;
import com.samsung.android.oneconnect.manager.e2ee.entity.DecryptError;
import com.samsung.android.oneconnect.serviceinterface.e2ee.ISharedKeyManagerListener;
import com.smartthings.smartclient.SmartClient;
import com.smartthings.smartclient.manager.scheduler.SchedulerManager;
import com.smartthings.smartclient.restclient.model.avplatform.AvpError;
import com.smartthings.smartclient.restclient.model.avplatform.encryption.EncryptionKeyResponse;
import com.smartthings.smartclient.restclient.model.avplatform.source.Source;
import io.reactivex.SingleObserver;
import io.reactivex.disposables.CompositeDisposable;
import io.reactivex.disposables.Disposable;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.StampedLock;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import kotlin.jvm.b.l;

/* loaded from: classes11.dex */
public final class e {
    private Context a;

    /* renamed from: b, reason: collision with root package name */
    private com.samsung.android.oneconnect.manager.e2ee.e.a f10523b;

    /* renamed from: c, reason: collision with root package name */
    private UserRepository f10524c;

    /* renamed from: d, reason: collision with root package name */
    private DeviceRepository f10525d;

    /* renamed from: e, reason: collision with root package name */
    private SmartClient f10526e;

    /* renamed from: f, reason: collision with root package name */
    private SchedulerManager f10527f;

    /* renamed from: g, reason: collision with root package name */
    private com.samsung.android.oneconnect.manager.e2ee.f.c f10528g;

    /* renamed from: h, reason: collision with root package name */
    private StampedLock f10529h = new StampedLock();

    /* renamed from: i, reason: collision with root package name */
    private long f10530i;

    /* loaded from: classes11.dex */
    class a implements f {
        final /* synthetic */ ISharedKeyManagerListener a;

        a(ISharedKeyManagerListener iSharedKeyManagerListener) {
            this.a = iSharedKeyManagerListener;
        }

        @Override // com.samsung.android.oneconnect.manager.e2ee.f.f
        public void onFailure(DecryptError decryptError) {
            try {
                this.a.onFailure(decryptError.getCode());
            } catch (RemoteException e2) {
                com.samsung.android.oneconnect.base.debug.a.l("[E2ee]SharedKeyManager", "SharedKeyManagerListener.onFailure", "RemoteException", e2);
            }
        }

        @Override // com.samsung.android.oneconnect.manager.e2ee.f.f
        public void onSuccess(List<byte[]> list) {
            try {
                this.a.onSuccess(e.this.k(list));
            } catch (RemoteException e2) {
                com.samsung.android.oneconnect.base.debug.a.l("[E2ee]SharedKeyManager", "SharedKeyManagerListener.onSuccess", "RemoteException", e2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes11.dex */
    public class b implements SingleObserver<Source> {
        final /* synthetic */ String a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ List f10532b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ f f10533c;

        b(String str, List list, f fVar) {
            this.a = str;
            this.f10532b = list;
            this.f10533c = fVar;
        }

        @Override // io.reactivex.SingleObserver
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onSuccess(Source source) {
            if (!source.getOnline()) {
                com.samsung.android.oneconnect.manager.e2ee.c.e("[E2ee]SharedKeyManager", "getSourceById.onOffline", "");
                e.this.v(DecryptError.DEVICE_OFFLINE, this.f10533c);
            } else {
                com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "getSourceById.onOnline", "");
                e.this.q(this.a, com.samsung.android.oneconnect.base.settings.d.f(e.this.a), this.f10532b, this.f10533c);
            }
        }

        @Override // io.reactivex.SingleObserver
        public void onError(Throwable th) {
            com.samsung.android.oneconnect.manager.e2ee.c.b("[E2ee]SharedKeyManager", "getSourceById.onFailure", "", th);
            e.this.v(DecryptError.NETWORK_ERROR, this.f10533c);
        }

        @Override // io.reactivex.SingleObserver
        public void onSubscribe(Disposable disposable) {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes11.dex */
    public class c implements SingleObserver<EncryptionKeyResponse> {
        final /* synthetic */ CompositeDisposable a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ f f10535b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ List f10536c;

        /* renamed from: d, reason: collision with root package name */
        final /* synthetic */ String f10537d;

        c(CompositeDisposable compositeDisposable, f fVar, List list, String str) {
            this.a = compositeDisposable;
            this.f10535b = fVar;
            this.f10536c = list;
            this.f10537d = str;
        }

        @Override // io.reactivex.SingleObserver
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onSuccess(EncryptionKeyResponse encryptionKeyResponse) {
            List p;
            com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "recoverEncryptionKey.onSuccess", "encryptionKeyResponse = " + encryptionKeyResponse);
            this.a.dispose();
            if (!(encryptionKeyResponse instanceof EncryptionKeyResponse.Success)) {
                if (!(encryptionKeyResponse instanceof EncryptionKeyResponse.Error)) {
                    com.samsung.android.oneconnect.manager.e2ee.c.a("[E2ee]SharedKeyManager", "recoverEncryptionKey.onSuccess", "Unknown");
                    e.this.v(DecryptError.NETWORK_ERROR, this.f10535b);
                    return;
                }
                com.samsung.android.oneconnect.manager.e2ee.c.a("[E2ee]SharedKeyManager", "recoverEncryptionKey.onSuccess", "Error");
                AvpError.Type type = ((EncryptionKeyResponse.Error) encryptionKeyResponse).getAvpError().getType();
                if (type == AvpError.Type.DEVICE_NOT_VERIFIED) {
                    e.this.v(DecryptError.NOT_VERIFIED_DEVICE, this.f10535b);
                    return;
                } else if (type == AvpError.Type.PERMISSION_DENIED) {
                    e.this.v(DecryptError.PERMISSION_DENIED, this.f10535b);
                    return;
                } else {
                    e.this.v(DecryptError.NETWORK_ERROR, this.f10535b);
                    return;
                }
            }
            com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "recoverEncryptionKey.onSuccess", "Success");
            byte[] encryptionKey = ((EncryptionKeyResponse.Success) encryptionKeyResponse).getEncryptionKey();
            byte[] a = e.this.f10523b.a(encryptionKey);
            if (a == null) {
                com.samsung.android.oneconnect.manager.e2ee.c.a("[E2ee]SharedKeyManager", "recoverEncryptionKey.onSuccess", "Failed to decrypt shared key(KEK)");
                e.this.v(DecryptError.DECRYPT_SHARED_KEY_FAILED, this.f10535b);
                return;
            }
            com.samsung.android.oneconnect.manager.e2ee.c.d("[E2ee]SharedKeyManager", "recoverEncryptionKey.onSuccess", "decryptedKek(hex) = ", com.samsung.android.oneconnect.manager.e2ee.d.a(encryptionKey));
            com.samsung.android.oneconnect.manager.e2ee.c.d("[E2ee]SharedKeyManager", "recoverEncryptionKey.onSuccess", "decryptedKek(base64) = ", com.samsung.android.oneconnect.manager.e2ee.d.c(encryptionKey));
            if (e.this.r(this.f10536c)) {
                com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "AvpGetSharedKeyListener.onSuccess", "request checking e2ee on/off. skip decrypting dek");
                p = new ArrayList();
                p.add("".getBytes(Charset.defaultCharset()));
            } else {
                p = e.this.p(new SecretKeySpec(a, 0, a.length, "AES"), this.f10536c);
                if (p == null) {
                    e.this.v(DecryptError.DECRYPT_DEK_FAILED, this.f10535b);
                    return;
                }
            }
            if (e.this.f10528g.c(this.f10537d, a)) {
                e.this.w(p, this.f10535b);
            } else {
                e.this.v(DecryptError.INTERNAL_ERROR, this.f10535b);
            }
        }

        @Override // io.reactivex.SingleObserver
        public void onError(Throwable th) {
            com.samsung.android.oneconnect.manager.e2ee.c.b("[E2ee]SharedKeyManager", "recoverEncryptionKey.onError", "", th);
            this.a.dispose();
            e.this.v(DecryptError.NETWORK_ERROR, this.f10535b);
        }

        @Override // io.reactivex.SingleObserver
        public void onSubscribe(Disposable disposable) {
            com.samsung.android.oneconnect.base.debug.a.x("[E2ee]SharedKeyManager", "recoverEncryptionKey.onSubscribe", "");
            this.a.add(disposable);
        }
    }

    e() {
    }

    public e(Context context, com.samsung.android.oneconnect.manager.e2ee.e.a aVar, UserRepository userRepository, DeviceRepository deviceRepository, SmartClient smartClient, SchedulerManager schedulerManager, com.samsung.android.oneconnect.manager.e2ee.f.c cVar) {
        this.a = context;
        this.f10523b = aVar;
        this.f10524c = userRepository;
        this.f10525d = deviceRepository;
        this.f10526e = smartClient;
        this.f10527f = schedulerManager;
        this.f10528g = cVar;
    }

    private void j(String str, List<EncryptedDek> list, f fVar) {
        com.samsung.android.oneconnect.base.debug.a.x("[E2ee]SharedKeyManager", "checkDeviceOnline", "");
        this.f10526e.getRestClient().getSourceById(str).compose(this.f10527f.getIoSingleTransformer()).subscribe(new b(str, list, fVar));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ArrayList<DecryptedDek> k(List<byte[]> list) {
        ArrayList<DecryptedDek> arrayList = new ArrayList<>();
        Iterator<byte[]> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(new DecryptedDek(it.next()));
        }
        return arrayList;
    }

    private byte[] o(SecretKey secretKey, EncryptedDek encryptedDek) {
        com.samsung.android.oneconnect.manager.e2ee.c.d("[E2ee]SharedKeyManager", "decryptDek", "Encrypted DEK(hex) : ", com.samsung.android.oneconnect.manager.e2ee.d.a(encryptedDek.c()));
        com.samsung.android.oneconnect.manager.e2ee.c.d("[E2ee]SharedKeyManager", "decryptDek", "Encrypted DEK(base64) : ", com.samsung.android.oneconnect.manager.e2ee.d.c(encryptedDek.c()));
        com.samsung.android.oneconnect.manager.e2ee.c.d("[E2ee]SharedKeyManager", "decryptDek", "IV(hex) : ", com.samsung.android.oneconnect.manager.e2ee.d.a(encryptedDek.b()));
        com.samsung.android.oneconnect.manager.e2ee.c.d("[E2ee]SharedKeyManager", "decryptDek", "IV(base64) : ", com.samsung.android.oneconnect.manager.e2ee.d.c(encryptedDek.b()));
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, secretKey, new GCMParameterSpec(128, encryptedDek.b()));
            return cipher.doFinal(encryptedDek.c());
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e2) {
            com.samsung.android.oneconnect.manager.e2ee.c.b("[E2ee]SharedKeyManager", "decryptDek", "", e2);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<byte[]> p(SecretKey secretKey, List<EncryptedDek> list) {
        com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "decryptDekList", "");
        LinkedList linkedList = new LinkedList();
        Iterator<EncryptedDek> it = list.iterator();
        while (it.hasNext()) {
            byte[] o = o(secretKey, it.next());
            if (o == null) {
                return null;
            }
            linkedList.add(o);
        }
        return linkedList;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void q(String str, final String str2, List<EncryptedDek> list, final f fVar) {
        com.samsung.android.oneconnect.base.debug.a.x("[E2ee]SharedKeyManager", "getSharedKeyFromAVPlatform", "");
        final CompositeDisposable compositeDisposable = new CompositeDisposable();
        this.f10526e.getAvpManager().recoverEncryptionKey(str, str2, new l() { // from class: com.samsung.android.oneconnect.manager.e2ee.f.b
            @Override // kotlin.jvm.b.l
            public final Object invoke(Object obj) {
                return e.this.t(compositeDisposable, fVar, (byte[]) obj);
            }
        }, new l() { // from class: com.samsung.android.oneconnect.manager.e2ee.f.a
            @Override // kotlin.jvm.b.l
            public final Object invoke(Object obj) {
                return e.this.u(str2, compositeDisposable, fVar, (byte[]) obj);
            }
        }).compose(this.f10527f.getIoSingleTransformer()).subscribe(new c(compositeDisposable, fVar, list, str));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean r(List<EncryptedDek> list) {
        return list.size() == 1 && list.get(0).c().length == 0 && list.get(0).b().length == 0;
    }

    private boolean s(String str) {
        String f2 = this.f10524c.f();
        DeviceDomain z = this.f10525d.z(str);
        String ownerId = z == null ? null : z.getOwnerId();
        if (TextUtils.equals(f2, ownerId)) {
            return true;
        }
        com.samsung.android.oneconnect.manager.e2ee.c.d("[E2ee]SharedKeyManager", "decryptBySharedKey", "current user id : ", f2);
        com.samsung.android.oneconnect.manager.e2ee.c.d("[E2ee]SharedKeyManager", "decryptBySharedKey", "source owner user id : ", ownerId);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void v(DecryptError decryptError, f fVar) {
        com.samsung.android.oneconnect.manager.e2ee.c.a("[E2ee]SharedKeyManager", "returnFailure", decryptError.toString());
        if (decryptError == DecryptError.NOT_VERIFIED_DEVICE) {
            this.f10528g.a();
        }
        com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "returnFailure", "unlock");
        x();
        fVar.onFailure(decryptError);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void w(List<byte[]> list, f fVar) {
        com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "returnSuccess", "unlock");
        x();
        fVar.onSuccess(list);
    }

    private void x() {
        try {
            this.f10529h.unlockWrite(this.f10530i);
        } catch (IllegalMonitorStateException e2) {
            com.samsung.android.oneconnect.manager.e2ee.c.e("[E2ee]SharedKeyManager", "unlock", "already unlocked");
            com.samsung.android.oneconnect.manager.e2ee.c.e("[E2ee]SharedKeyManager", "unlock", e2.getMessage());
        }
    }

    public void l(String str, List<EncryptedDek> list, f fVar) {
        List<byte[]> p;
        com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "decryptBySharedKey", "");
        if (!this.f10523b.i()) {
            com.samsung.android.oneconnect.base.debug.a.b0("[E2ee]SharedKeyManager", "decryptBySharedKey", "SAK is not supported");
            fVar.onFailure(DecryptError.NOT_SUPPORTED);
            return;
        }
        if (!s(str)) {
            com.samsung.android.oneconnect.base.debug.a.b0("[E2ee]SharedKeyManager", "decryptBySharedKey", "Not my owned source id");
            fVar.onFailure(DecryptError.PERMISSION_DENIED);
            return;
        }
        com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "decryptBySharedKey", "lock");
        try {
            this.f10530i = this.f10529h.tryWriteLock(60L, TimeUnit.SECONDS);
            com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "decryptBySharedKey", "lock released");
            SecretKey b2 = this.f10528g.b(str);
            if (b2 == null) {
                com.samsung.android.oneconnect.manager.e2ee.c.e("[E2ee]SharedKeyManager", "decryptBySharedKey", "no shared key in key store");
                j(str, list, fVar);
                return;
            }
            if (r(list)) {
                com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "decryptBySharedKey", "request checking e2ee on/off. skip decrypting dek");
                p = new ArrayList<>();
                p.add("".getBytes(Charset.defaultCharset()));
            } else {
                p = p(b2, list);
                if (p == null) {
                    v(DecryptError.DECRYPT_DEK_FAILED, fVar);
                    return;
                }
            }
            w(p, fVar);
        } catch (InterruptedException e2) {
            com.samsung.android.oneconnect.manager.e2ee.c.a("[E2ee]SharedKeyManager", "decryptBySharedKey", "InterruptedException : " + e2);
            fVar.onFailure(DecryptError.INTERNAL_ERROR);
        }
    }

    public void m(String str, List<EncryptedDek> list, ISharedKeyManagerListener iSharedKeyManagerListener) {
        com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "decryptBySharedKeyFromUI", "");
        l(str, list, new a(iSharedKeyManagerListener));
    }

    public List<DecryptedDek> n(String str, List<EncryptedDek> list) {
        com.samsung.android.oneconnect.manager.e2ee.c.c("[E2ee]SharedKeyManager", "decryptBySharedKeySyncFromUI", "");
        if (!this.f10523b.i()) {
            com.samsung.android.oneconnect.base.debug.a.b0("[E2ee]SharedKeyManager", "decryptBySharedKeySyncFromUI", "SAK is not supported");
            return null;
        }
        if (!s(str)) {
            com.samsung.android.oneconnect.base.debug.a.b0("[E2ee]SharedKeyManager", "decryptBySharedKey", "Not my owned source id");
            return null;
        }
        SecretKey b2 = this.f10528g.b(str);
        if (b2 == null) {
            com.samsung.android.oneconnect.manager.e2ee.c.e("[E2ee]SharedKeyManager", "decryptBySharedKeySyncFromUI", "no shared key in key store");
            return null;
        }
        List<byte[]> p = p(b2, list);
        if (p == null) {
            return null;
        }
        return k(p);
    }

    public /* synthetic */ byte[] t(CompositeDisposable compositeDisposable, f fVar, byte[] bArr) {
        com.samsung.android.oneconnect.base.debug.a.x("[E2ee]SharedKeyManager", "generateCertificate", "");
        try {
            return com.samsung.android.oneconnect.manager.e2ee.d.d(this.f10523b.j(bArr));
        } catch (KeyStoreException | CertificateException unused) {
            com.samsung.android.oneconnect.manager.e2ee.c.a("[E2ee]SharedKeyManager", "generateCertificate", "Attestation failed");
            compositeDisposable.dispose();
            fVar.onFailure(DecryptError.ATTEST_FAILED);
            return null;
        } catch (ProviderException unused2) {
            com.samsung.android.oneconnect.manager.e2ee.c.a("[E2ee]SharedKeyManager", "generateCertificate", "Not verified device");
            compositeDisposable.dispose();
            fVar.onFailure(DecryptError.NOT_VERIFIED_DEVICE);
            return null;
        }
    }

    public /* synthetic */ byte[] u(String str, CompositeDisposable compositeDisposable, f fVar, byte[] bArr) {
        com.samsung.android.oneconnect.base.debug.a.x("[E2ee]SharedKeyManager", "generateSignature", "");
        byte[] c2 = this.f10523b.c(str, bArr);
        if (c2 != null) {
            return c2;
        }
        com.samsung.android.oneconnect.manager.e2ee.c.a("[E2ee]SharedKeyManager", "generateSignature", "Failed to generate signature");
        compositeDisposable.dispose();
        fVar.onFailure(DecryptError.GENERATE_SIGNATURE_FAILED);
        return null;
    }
}
