package com.protectoria.gateway.proto.client;

import com.google.gson.Gson;
import com.google.gson.JsonParseException;
import com.protectoria.gateway.dto.ClientActionRequest;
import com.protectoria.gateway.dto.ClientActionRequestHeader;
import com.protectoria.gateway.dto.ClientActionRequestWrapper;
import com.protectoria.gateway.dto.ClientActionResponse;
import com.protectoria.gateway.dto.ClientActionResponseWrapper;
import com.protectoria.gateway.dto.MultiTenantClientActionType;
import com.protectoria.gateway.dto.linking.ClientLinkTenantRequest;
import com.protectoria.gateway.dto.unlinking.ClientUnlinkTenantRequest;
import com.protectoria.gateway.dto.update.ClientUpdateTenantRequest;
import com.protectoria.gateway.proto.ClientProtocolReceiverConverter;
import com.protectoria.gateway.proto.ProtocolException;
import com.protectoria.gateway.proto.client.AbstractClientProtocolReceiverContext;
import com.protectoria.pss.core.BouncyCastleProviderHolder;
import com.protectoria.pss.core.encryption.AsymmetricEncryptionParams;
import com.protectoria.pss.core.encryption.Encryption;
import com.protectoria.pss.core.encryption.SymmetricEncryptionIVParams;
import com.protectoria.pss.core.key.CryptoAlgorithm;
import com.protectoria.pss.core.key.KeyUtils;
import com.protectoria.pss.core.signature.SHA256WithRSABouncyMessageSignatureImpl;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import javax.crypto.SecretKey;
import lombok.Generated;

/* loaded from: classes4.dex */
public abstract class AbstractClientProtocolReceiverConverter<C extends AbstractClientProtocolReceiverContext> implements ClientProtocolReceiverConverter<C> {
    public static final Charset UTF_8 = Charset.forName("UTF-8");
    public final Encryption aesEncryption;
    public final Gson gson;
    public final Encryption rsaEncryption;

    /* renamed from: com.protectoria.gateway.proto.client.AbstractClientProtocolReceiverConverter$1, reason: invalid class name */
    /* loaded from: classes4.dex */
    public static /* synthetic */ class AnonymousClass1 {
        public static final /* synthetic */ int[] $SwitchMap$com$protectoria$gateway$dto$MultiTenantClientActionType;

        static {
            int[] iArr = new int[MultiTenantClientActionType.values().length];
            $SwitchMap$com$protectoria$gateway$dto$MultiTenantClientActionType = iArr;
            try {
                MultiTenantClientActionType multiTenantClientActionType = MultiTenantClientActionType.LINK_TENANT;
                iArr[0] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                int[] iArr2 = $SwitchMap$com$protectoria$gateway$dto$MultiTenantClientActionType;
                MultiTenantClientActionType multiTenantClientActionType2 = MultiTenantClientActionType.UPDATE_TENANT;
                iArr2[1] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                int[] iArr3 = $SwitchMap$com$protectoria$gateway$dto$MultiTenantClientActionType;
                MultiTenantClientActionType multiTenantClientActionType3 = MultiTenantClientActionType.UNLINK_TENANT;
                iArr3[2] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    public AbstractClientProtocolReceiverConverter(Encryption encryption, Encryption encryption2, Gson gson) {
        this.rsaEncryption = encryption;
        this.aesEncryption = encryption2;
        this.gson = gson;
    }

    private ClientActionResponseWrapper buildResponseMessageUnsafe(ClientActionResponse clientActionResponse, C c) throws GeneralSecurityException {
        ClientActionResponseWrapper clientActionResponseWrapper = new ClientActionResponseWrapper();
        byte[] encryptResponse = encryptResponse(clientActionResponse, c);
        clientActionResponseWrapper.setEncryptedData(encryptResponse);
        clientActionResponseWrapper.setSignGateway(sign(encryptResponse, decodePrivateKey(c.getServerPrivateKey())));
        return clientActionResponseWrapper;
    }

    private <T extends ClientActionRequest> T decryptRequest(ClientActionRequestHeader clientActionRequestHeader, byte[] bArr, C c) throws GeneralSecurityException {
        SecretKey symmetricKeyForDecryption = getSymmetricKeyForDecryption(clientActionRequestHeader);
        onSecretKeyForDecryptionChange(symmetricKeyForDecryption, c);
        return (T) decryptRequest(bArr, clientActionRequestHeader.getNIV(), symmetricKeyForDecryption, getRequestType(clientActionRequestHeader.getType()));
    }

    public static <T extends ClientActionRequest> Class<T> getRequestType(MultiTenantClientActionType multiTenantClientActionType) {
        if (multiTenantClientActionType == null) {
            throw new IllegalStateException("Null action type");
        }
        int ordinal = multiTenantClientActionType.ordinal();
        if (ordinal == 0) {
            return ClientLinkTenantRequest.class;
        }
        if (ordinal == 1) {
            return ClientUpdateTenantRequest.class;
        }
        if (ordinal == 2) {
            return ClientUnlinkTenantRequest.class;
        }
        throw new IllegalStateException("Unexpected action type: \"" + multiTenantClientActionType + "\".");
    }

    private SecretKey getSymmetricKeyForEncryption(C c) {
        MultiTenantClientActionType action = c.getAction();
        if (action == MultiTenantClientActionType.LINK_TENANT || action == MultiTenantClientActionType.UPDATE_TENANT || action == MultiTenantClientActionType.UNLINK_TENANT) {
            return c.getSymmetricKey();
        }
        throw new IllegalStateException("Unexpected type \"" + action.name() + "\".");
    }

    private ClientActionRequestHeader parseRequestHeaderUnsafe(ClientActionRequestWrapper clientActionRequestWrapper, C c) throws GeneralSecurityException {
        onInstallationIdChange(parseInstallationID(clientActionRequestWrapper.getInstallationId()), c);
        ClientActionRequestHeader decryptHeader = decryptHeader(clientActionRequestWrapper.getEncryptedHeader(), decodePrivateKey(c.getServerPrivateKey()));
        onInitializationVectorChange(decryptHeader.getNIV(), c);
        onMultiTenantClientActionTypeChange(decryptHeader.getType(), c);
        return decryptHeader;
    }

    @Override // com.protectoria.gateway.proto.ClientProtocolReceiverConverter
    public ClientActionResponseWrapper buildResponseMessage(ClientActionResponse clientActionResponse, C c) throws ProtocolException {
        if (clientActionResponse == null) {
            throw new ProtocolException("Cannot wrap request. Request is null.", new NullPointerException());
        }
        if (c == null) {
            throw new ProtocolException("Cannot wrap request. Context is null.", new NullPointerException());
        }
        try {
            ClientActionResponseWrapper buildResponseMessageUnsafe = buildResponseMessageUnsafe(clientActionResponse, c);
            onResponseWrapperCreated(buildResponseMessageUnsafe, c);
            return buildResponseMessageUnsafe;
        } catch (JsonParseException e2) {
            throw new ProtocolException("Error while processing JSON.", e2);
        } catch (IllegalStateException e3) {
            throw new ProtocolException("Error while generating symmetric key.", e3);
        } catch (GeneralSecurityException e4) {
            throw new ProtocolException("General security problem.", e4);
        } catch (Exception e5) {
            throw new ProtocolException("Cannot parse request", e5);
        }
    }

    public PrivateKey decodePrivateKey(byte[] bArr) throws GeneralSecurityException {
        return KeyUtils.bytesToPrivateKey(bArr, CryptoAlgorithm.RSA.name(), BouncyCastleProviderHolder.getInstance());
    }

    public ClientActionRequestHeader decryptHeader(byte[] bArr, PrivateKey privateKey) throws GeneralSecurityException {
        return (ClientActionRequestHeader) this.gson.fromJson(new String(this.rsaEncryption.decrypt(new AsymmetricEncryptionParams(bArr, privateKey)), UTF_8), ClientActionRequestHeader.class);
    }

    public <T extends ClientActionRequest> T decryptRequest(byte[] bArr, byte[] bArr2, SecretKey secretKey, Class<T> cls) throws GeneralSecurityException {
        return (T) this.gson.fromJson(new String(this.aesEncryption.decrypt(new SymmetricEncryptionIVParams(bArr, bArr2, secretKey)), UTF_8), (Class) cls);
    }

    public byte[] encryptResponse(ClientActionResponse clientActionResponse, C c) throws GeneralSecurityException {
        return this.aesEncryption.encrypt(new SymmetricEncryptionIVParams(this.gson.toJson(clientActionResponse).getBytes(UTF_8), c.getNonceIV(), getSymmetricKeyForEncryption(c)));
    }

    @Generated
    public Gson getGson() {
        return this.gson;
    }

    public SecretKey getSymmetricKeyForDecryption(ClientActionRequestHeader clientActionRequestHeader) {
        MultiTenantClientActionType type = clientActionRequestHeader.getType();
        if (type == MultiTenantClientActionType.LINK_TENANT || type == MultiTenantClientActionType.UPDATE_TENANT || type == MultiTenantClientActionType.UNLINK_TENANT) {
            return KeyUtils.bytesToSecretKey(clientActionRequestHeader.getSymmetricKeyPSA(), CryptoAlgorithm.AES.name());
        }
        throw new IllegalStateException("Unexpected type \"" + type.name() + "\".");
    }

    public void onInitializationVectorChange(byte[] bArr, C c) {
        c.setNonceIV(bArr);
    }

    public void onInstallationIdChange(Long l2, C c) {
        c.setInstallationId(l2);
    }

    public void onMultiTenantClientActionTypeChange(MultiTenantClientActionType multiTenantClientActionType, C c) {
        c.setAction(multiTenantClientActionType);
    }

    public void onRequestParsed(ClientActionRequest clientActionRequest, C c) {
    }

    public void onResponseWrapperCreated(ClientActionResponseWrapper clientActionResponseWrapper, C c) {
    }

    public void onSecretKeyForDecryptionChange(SecretKey secretKey, C c) {
        c.setSymmetricKey(secretKey);
    }

    public Long parseInstallationID(String str) {
        return Long.valueOf(Long.parseLong(str));
    }

    @Override // com.protectoria.gateway.proto.ClientProtocolReceiverConverter
    public <T extends ClientActionRequest> T parseRequestMessage(ClientActionRequestWrapper clientActionRequestWrapper, C c) throws ProtocolException {
        if (clientActionRequestWrapper == null) {
            throw new ProtocolException("Cannot start parsing. Message is null.", new NullPointerException());
        }
        if (c == null) {
            throw new ProtocolException("Cannot start parsing. Context is null.", new NullPointerException());
        }
        try {
            T t2 = (T) decryptRequest(parseRequestHeaderUnsafe(clientActionRequestWrapper, c), clientActionRequestWrapper.getEncryptedData(), c);
            onRequestParsed(t2, c);
            return t2;
        } catch (JsonParseException e2) {
            throw new ProtocolException("Error while processing JSON.", e2);
        } catch (IllegalStateException e3) {
            throw new ProtocolException("Error while generating symmetric key.", e3);
        } catch (NumberFormatException e4) {
            throw new ProtocolException("Cannot parse installationID.", e4);
        } catch (GeneralSecurityException e5) {
            throw new ProtocolException("General security problem.", e5);
        }
    }

    public byte[] sign(byte[] bArr, PrivateKey privateKey) throws GeneralSecurityException {
        return new SHA256WithRSABouncyMessageSignatureImpl().sign(bArr, privateKey);
    }
}
