package org.session.libsession.messaging.utilities;

import com.goterl.lazysodium.LazySodiumAndroid;
import com.goterl.lazysodium.SodiumAndroid;
import com.goterl.lazysodium.interfaces.Hash;
import com.goterl.lazysodium.utils.Key;
import com.goterl.lazysodium.utils.KeyPair;
import java.util.Iterator;
import java.util.List;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.Metadata;
import kotlin.collections.ArraysKt;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.JvmStatic;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.ByteCompanionObject;
import kotlin.jvm.internal.Intrinsics;
import org.session.libsignal.utilities.Hex;
import org.session.libsignal.utilities.IdPrefix;
import org.thoughtcrime.securesms.database.AttachmentDatabase;
import org.thoughtcrime.securesms.mediasend.MediaSendActivity;
import org.whispersystems.curve25519.Curve25519;

/* compiled from: SodiumUtilities.kt */
@Metadata(d1 = {"\u0000J\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\b\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0002\b\r\n\u0002\u0010\u000b\n\u0002\b\u0004\n\u0002\u0010 \n\u0002\b\n\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u001a\u0010\u0015\u001a\u0004\u0018\u00010\u00162\u0006\u0010\u0017\u001a\u00020\u00182\u0006\u0010\u0019\u001a\u00020\u0016H\u0007J\u0018\u0010\u001a\u001a\u0004\u0018\u00010\u001b2\u0006\u0010\u001c\u001a\u00020\u001b2\u0006\u0010\u001d\u001a\u00020\u001bJ \u0010\u001e\u001a\u0004\u0018\u00010\u001b2\u0006\u0010\u001f\u001a\u00020\u001b2\u0006\u0010 \u001a\u00020\u001b2\u0006\u0010!\u001a\u00020\u001bJ,\u0010\"\u001a\u0004\u0018\u00010\u001b2\u0006\u0010#\u001a\u00020\u001b2\u0006\u0010$\u001a\u00020\u001b2\u0006\u0010!\u001a\u00020\u001b2\n\b\u0002\u0010%\u001a\u0004\u0018\u00010\u001bJ\u0010\u0010&\u001a\u0004\u0018\u00010\u001b2\u0006\u0010\u0017\u001a\u00020\u0018J\u0010\u0010'\u001a\u0004\u0018\u00010\u001b2\u0006\u0010$\u001a\u00020\u001bJ\u001e\u0010(\u001a\u00020)2\u0006\u0010*\u001a\u00020\u00182\u0006\u0010+\u001a\u00020\u00182\u0006\u0010\u0017\u001a\u00020\u0018J\u0018\u0010,\u001a\u0004\u0018\u00010\u001b2\f\u0010-\u001a\b\u0012\u0004\u0012\u00020\u001b0.H\u0002J(\u0010/\u001a\u0004\u0018\u00010\u001b2\u0006\u0010$\u001a\u00020\u001b2\u0006\u00100\u001a\u00020\u001b2\u0006\u00101\u001a\u00020\u001b2\u0006\u00102\u001a\u00020\u001bJ(\u00103\u001a\u0004\u0018\u00010\u001b2\u0006\u0010#\u001a\u00020\u001b2\u0006\u0010$\u001a\u00020\u001b2\u0006\u00104\u001a\u00020\u001b2\u0006\u00105\u001a\u00020\u001bJ\u0010\u00106\u001a\u0004\u0018\u00010\u001b2\u0006\u00107\u001a\u00020\u001bR\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R#\u0010\t\u001a\n \u000b*\u0004\u0018\u00010\n0\n8BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\u000e\u0010\u000f\u001a\u0004\b\f\u0010\rR\u001b\u0010\u0010\u001a\u00020\u00118BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\u0014\u0010\u000f\u001a\u0004\b\u0012\u0010\u0013¨\u00068"}, d2 = {"Lorg/session/libsession/messaging/utilities/SodiumUtilities;", "", "()V", "NO_CLAMP_LENGTH", "", "PUBLIC_KEY_LENGTH", "SCALAR_LENGTH", "SCALAR_MULT_LENGTH", "SECRET_KEY_LENGTH", "curve", "Lorg/whispersystems/curve25519/Curve25519;", "kotlin.jvm.PlatformType", "getCurve", "()Lorg/whispersystems/curve25519/Curve25519;", "curve$delegate", "Lkotlin/Lazy;", "sodium", "Lcom/goterl/lazysodium/LazySodiumAndroid;", "getSodium", "()Lcom/goterl/lazysodium/LazySodiumAndroid;", "sodium$delegate", "blindedKeyPair", "Lcom/goterl/lazysodium/utils/KeyPair;", "serverPublicKey", "", "edKeyPair", "combineKeys", "", "lhsKey", "rhsKey", "decrypt", "ciphertext", "decryptionKey", "nonce", "encrypt", MediaSendActivity.EXTRA_MESSAGE, "secretKey", "additionalData", "generateBlindingFactor", "generatePrivateKeyScalar", "sessionId", "", "standardSessionId", "blindedSessionId", "sha512Multipart", AttachmentDatabase.DIRECTORY, "", "sharedBlindedEncryptionKey", "otherBlindedPublicKey", "kA", "kB", "sogsSignature", "blindedSecretKey", "blindedPublicKey", "toX25519", "ed25519PublicKey", "libsession_release"}, k = 1, mv = {1, 6, 0}, xi = 48)
/* loaded from: classes3.dex */
public final class SodiumUtilities {
    private static final int NO_CLAMP_LENGTH = 32;
    private static final int PUBLIC_KEY_LENGTH = 32;
    private static final int SCALAR_LENGTH = 32;
    private static final int SCALAR_MULT_LENGTH = 32;
    private static final int SECRET_KEY_LENGTH = 64;
    public static final SodiumUtilities INSTANCE = new SodiumUtilities();

    /* renamed from: sodium$delegate, reason: from kotlin metadata */
    private static final Lazy sodium = LazyKt.lazy(new Function0<LazySodiumAndroid>() { // from class: org.session.libsession.messaging.utilities.SodiumUtilities$sodium$2
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // kotlin.jvm.functions.Function0
        public final LazySodiumAndroid invoke() {
            return new LazySodiumAndroid(new SodiumAndroid());
        }
    });

    /* renamed from: curve$delegate, reason: from kotlin metadata */
    private static final Lazy curve = LazyKt.lazy(new Function0<Curve25519>() { // from class: org.session.libsession.messaging.utilities.SodiumUtilities$curve$2
        @Override // kotlin.jvm.functions.Function0
        public final Curve25519 invoke() {
            return Curve25519.getInstance(Curve25519.BEST);
        }
    });

    private SodiumUtilities() {
    }

    @JvmStatic
    public static final KeyPair blindedKeyPair(String serverPublicKey, KeyPair edKeyPair) {
        byte[] generateBlindingFactor;
        Intrinsics.checkNotNullParameter(serverPublicKey, "serverPublicKey");
        Intrinsics.checkNotNullParameter(edKeyPair, "edKeyPair");
        int length = edKeyPair.getPublicKey().getAsBytes().length;
        SodiumUtilities sodiumUtilities = INSTANCE;
        if (length != 32 || edKeyPair.getSecretKey().getAsBytes().length != 64 || (generateBlindingFactor = sodiumUtilities.generateBlindingFactor(serverPublicKey)) == null) {
            return null;
        }
        byte[] asBytes = edKeyPair.getSecretKey().getAsBytes();
        Intrinsics.checkNotNullExpressionValue(asBytes, "edKeyPair.secretKey.asBytes");
        byte[] generatePrivateKeyScalar = sodiumUtilities.generatePrivateKeyScalar(asBytes);
        if (generatePrivateKeyScalar == null) {
            return null;
        }
        byte[] bArr = new byte[64];
        sodiumUtilities.getSodium().cryptoCoreEd25519ScalarMul(bArr, generateBlindingFactor, generatePrivateKeyScalar);
        boolean z = false;
        int i = 0;
        while (true) {
            if (i >= 64) {
                z = true;
                break;
            }
            if (!(bArr[i] == 0)) {
                break;
            }
            i++;
        }
        if (z) {
            return null;
        }
        byte[] bArr2 = new byte[32];
        if (INSTANCE.getSodium().cryptoScalarMultEd25519BaseNoClamp(bArr2, bArr)) {
            return new KeyPair(Key.fromBytes(bArr2), Key.fromBytes(bArr));
        }
        return null;
    }

    public static /* synthetic */ byte[] encrypt$default(SodiumUtilities sodiumUtilities, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, int i, Object obj) {
        if ((i & 8) != 0) {
            bArr4 = null;
        }
        return sodiumUtilities.encrypt(bArr, bArr2, bArr3, bArr4);
    }

    private final Curve25519 getCurve() {
        return (Curve25519) curve.getValue();
    }

    private final LazySodiumAndroid getSodium() {
        return (LazySodiumAndroid) sodium.getValue();
    }

    private final byte[] sha512Multipart(List<byte[]> parts) {
        Hash.State512 state512 = new Hash.State512();
        getSodium().cryptoHashSha512Init(state512);
        Iterator<T> it = parts.iterator();
        while (it.hasNext()) {
            INSTANCE.getSodium().cryptoHashSha512Update(state512, (byte[]) it.next(), r1.length);
        }
        byte[] bArr = new byte[64];
        if (getSodium().cryptoHashSha512Final(state512, bArr)) {
            return bArr;
        }
        return null;
    }

    public final byte[] combineKeys(byte[] lhsKey, byte[] rhsKey) {
        Intrinsics.checkNotNullParameter(lhsKey, "lhsKey");
        Intrinsics.checkNotNullParameter(rhsKey, "rhsKey");
        byte[] bArr = new byte[32];
        if (getSodium().cryptoScalarMultEd25519NoClamp(bArr, lhsKey, rhsKey)) {
            return bArr;
        }
        return null;
    }

    public final byte[] decrypt(byte[] ciphertext, byte[] decryptionKey, byte[] nonce) {
        Intrinsics.checkNotNullParameter(ciphertext, "ciphertext");
        Intrinsics.checkNotNullParameter(decryptionKey, "decryptionKey");
        Intrinsics.checkNotNullParameter(nonce, "nonce");
        int length = ciphertext.length - 16;
        byte[] bArr = new byte[length];
        if (getSodium().cryptoAeadXChaCha20Poly1305IetfDecrypt(bArr, new long[]{length}, null, ciphertext, ciphertext.length, null, 0L, nonce, decryptionKey)) {
            return bArr;
        }
        return null;
    }

    public final byte[] encrypt(byte[] message, byte[] secretKey, byte[] nonce, byte[] additionalData) {
        Intrinsics.checkNotNullParameter(message, "message");
        Intrinsics.checkNotNullParameter(secretKey, "secretKey");
        Intrinsics.checkNotNullParameter(nonce, "nonce");
        byte[] bArr = new byte[message.length + 16];
        if (getSodium().cryptoAeadXChaCha20Poly1305IetfEncrypt(bArr, new long[]{0}, message, message.length, additionalData, additionalData != null ? additionalData.length : 0, null, nonce, secretKey)) {
            return bArr;
        }
        return null;
    }

    public final byte[] generateBlindingFactor(String serverPublicKey) {
        Intrinsics.checkNotNullParameter(serverPublicKey, "serverPublicKey");
        byte[] fromStringCondensed = Hex.fromStringCondensed(serverPublicKey);
        if (fromStringCondensed.length != 32) {
            return null;
        }
        byte[] bArr = new byte[64];
        if (!getSodium().cryptoGenericHash(bArr, 64, fromStringCondensed, fromStringCondensed.length)) {
            return null;
        }
        byte[] bArr2 = new byte[32];
        getSodium().cryptoCoreEd25519ScalarReduce(bArr2, bArr);
        boolean z = false;
        int i = 0;
        while (true) {
            if (i >= 32) {
                break;
            }
            if (bArr2[i] != 0) {
                z = true;
                break;
            }
            i++;
        }
        if (z) {
            return bArr2;
        }
        return null;
    }

    public final byte[] generatePrivateKeyScalar(byte[] secretKey) {
        Intrinsics.checkNotNullParameter(secretKey, "secretKey");
        byte[] bArr = new byte[32];
        if (getSodium().convertSecretKeyEd25519ToCurve25519(bArr, secretKey)) {
            return bArr;
        }
        return null;
    }

    public final boolean sessionId(String standardSessionId, String blindedSessionId, String serverPublicKey) {
        byte[] generateBlindingFactor;
        Intrinsics.checkNotNullParameter(standardSessionId, "standardSessionId");
        Intrinsics.checkNotNullParameter(blindedSessionId, "blindedSessionId");
        Intrinsics.checkNotNullParameter(serverPublicKey, "serverPublicKey");
        SessionId sessionId = new SessionId(standardSessionId);
        if (sessionId.getPrefix() != IdPrefix.STANDARD) {
            return false;
        }
        SessionId sessionId2 = new SessionId(blindedSessionId);
        if (sessionId2.getPrefix() != IdPrefix.BLINDED || (generateBlindingFactor = generateBlindingFactor(serverPublicKey)) == null) {
            return false;
        }
        byte[] xEd25519Key = getCurve().convertToEd25519PublicKey(Key.fromHexString(sessionId.getPublicKey()).getAsBytes());
        Intrinsics.checkNotNullExpressionValue(xEd25519Key, "xEd25519Key");
        byte[] combineKeys = combineKeys(generateBlindingFactor, xEd25519Key);
        if (combineKeys == null) {
            return false;
        }
        return Intrinsics.areEqual(new SessionId(IdPrefix.BLINDED, combineKeys).getPublicKey(), sessionId2.getPublicKey()) || Intrinsics.areEqual(new SessionId(IdPrefix.BLINDED, ArraysKt.plus(CollectionsKt.toByteArray(ArraysKt.take(combineKeys, 31)), CollectionsKt.toByteArray(CollectionsKt.listOf(Byte.valueOf((byte) (ArraysKt.last(combineKeys) ^ ByteCompanionObject.MIN_VALUE)))))).getPublicKey(), sessionId2.getPublicKey());
    }

    public final byte[] sharedBlindedEncryptionKey(byte[] secretKey, byte[] otherBlindedPublicKey, byte[] kA, byte[] kB) {
        byte[] combineKeys;
        Intrinsics.checkNotNullParameter(secretKey, "secretKey");
        Intrinsics.checkNotNullParameter(otherBlindedPublicKey, "otherBlindedPublicKey");
        Intrinsics.checkNotNullParameter(kA, "kA");
        Intrinsics.checkNotNullParameter(kB, "kB");
        byte[] generatePrivateKeyScalar = generatePrivateKeyScalar(secretKey);
        if (generatePrivateKeyScalar == null || (combineKeys = combineKeys(generatePrivateKeyScalar, otherBlindedPublicKey)) == null) {
            return null;
        }
        byte[] bArr = new byte[32];
        if (getSodium().cryptoGenericHash(bArr, 32, ArraysKt.plus(ArraysKt.plus(combineKeys, kA), kB), r4.length)) {
            return bArr;
        }
        return null;
    }

    public final byte[] sogsSignature(byte[] message, byte[] secretKey, byte[] blindedSecretKey, byte[] blindedPublicKey) {
        boolean z;
        byte[] sha512Multipart;
        boolean z2;
        boolean z3;
        Intrinsics.checkNotNullParameter(message, "message");
        Intrinsics.checkNotNullParameter(secretKey, "secretKey");
        Intrinsics.checkNotNullParameter(blindedSecretKey, "blindedSecretKey");
        Intrinsics.checkNotNullParameter(blindedPublicKey, "blindedPublicKey");
        byte[] bArr = new byte[64];
        if (getSodium().cryptoHashSha512(bArr, secretKey, secretKey.length)) {
            boolean z4 = false;
            byte[] sha512Multipart2 = sha512Multipart(CollectionsKt.listOf((Object[]) new byte[][]{CollectionsKt.toByteArray(ArraysKt.takeLast(bArr, 32)), blindedPublicKey, message}));
            if (sha512Multipart2 == null) {
                return null;
            }
            byte[] bArr2 = new byte[32];
            getSodium().cryptoCoreEd25519ScalarReduce(bArr2, sha512Multipart2);
            int i = 0;
            while (true) {
                if (i >= 32) {
                    z = true;
                    break;
                }
                if (!(bArr2[i] == 0)) {
                    z = false;
                    break;
                }
                i++;
            }
            if (z) {
                return null;
            }
            byte[] bArr3 = new byte[32];
            if (!getSodium().cryptoScalarMultEd25519BaseNoClamp(bArr3, bArr2) || (sha512Multipart = sha512Multipart(CollectionsKt.listOf((Object[]) new byte[][]{bArr3, blindedPublicKey, message}))) == null) {
                return null;
            }
            byte[] bArr4 = new byte[32];
            getSodium().cryptoCoreEd25519ScalarReduce(bArr4, sha512Multipart);
            int i2 = 0;
            while (true) {
                if (i2 >= 32) {
                    z2 = true;
                    break;
                }
                if (!(bArr4[i2] == 0)) {
                    z2 = false;
                    break;
                }
                i2++;
            }
            if (z2) {
                return null;
            }
            byte[] bArr5 = new byte[32];
            byte[] bArr6 = new byte[32];
            getSodium().cryptoCoreEd25519ScalarMul(bArr5, bArr4, blindedSecretKey);
            int i3 = 0;
            while (true) {
                if (i3 >= 32) {
                    z3 = false;
                    break;
                }
                if (bArr5[i3] != 0) {
                    z3 = true;
                    break;
                }
                i3++;
            }
            if (z3) {
                getSodium().cryptoCoreEd25519ScalarAdd(bArr6, bArr2, bArr5);
                int i4 = 0;
                while (true) {
                    if (i4 >= 32) {
                        z4 = true;
                        break;
                    }
                    if (!(bArr6[i4] == 0)) {
                        break;
                    }
                    i4++;
                }
                if (z4) {
                    return null;
                }
                return ArraysKt.plus(bArr3, bArr6);
            }
        }
        return null;
    }

    public final byte[] toX25519(byte[] ed25519PublicKey) {
        Intrinsics.checkNotNullParameter(ed25519PublicKey, "ed25519PublicKey");
        byte[] bArr = new byte[32];
        if (getSodium().convertPublicKeyEd25519ToCurve25519(bArr, ed25519PublicKey)) {
            return bArr;
        }
        return null;
    }
}
