package com.protectoria.pss.proto.client;

import com.google.gson.Gson;
import com.google.gson.JsonParseException;
import com.protectoria.pss.core.BouncyCastleProviderHolder;
import com.protectoria.pss.core.encryption.AsymmetricEncryptionParams;
import com.protectoria.pss.core.encryption.Encryption;
import com.protectoria.pss.core.encryption.SymmetricEncryptionIVParams;
import com.protectoria.pss.core.key.AESKeyGenerator;
import com.protectoria.pss.core.key.BouncyCryptoAlgorithm;
import com.protectoria.pss.core.key.CryptoAlgorithm;
import com.protectoria.pss.core.key.KeyExchange;
import com.protectoria.pss.core.key.KeyParams;
import com.protectoria.pss.core.key.KeyUtils;
import com.protectoria.pss.core.signature.SHA256WithRSABouncyMessageSignatureImpl;
import com.protectoria.pss.dto.ClientActionRequest;
import com.protectoria.pss.dto.ClientActionRequestHeader;
import com.protectoria.pss.dto.ClientActionRequestWrapper;
import com.protectoria.pss.dto.ClientActionResponse;
import com.protectoria.pss.dto.ClientActionResponseWrapper;
import com.protectoria.pss.dto.ClientActionType;
import com.protectoria.pss.dto.auth.ClientPrepareAuthRequest;
import com.protectoria.pss.dto.commit.ClientCommitAuthRequest;
import com.protectoria.pss.dto.enroll.ClientCommitEnrollmentRequest;
import com.protectoria.pss.dto.enroll.ClientPrepareEnrollmentRequest;
import com.protectoria.pss.dto.handshake.ClientHandshakeStep1Request;
import com.protectoria.pss.dto.handshake.ClientHandshakeStep1Response;
import com.protectoria.pss.dto.handshake.ClientHandshakeStep2Request;
import com.protectoria.pss.dto.handshake.ClientHandshakeStep2Response;
import com.protectoria.pss.dto.update.ClientUpdateCodeRequest;
import com.protectoria.pss.dto.wakeup.ClientWakeUpRequest;
import com.protectoria.pss.proto.ClientProtocolReceiverConverter;
import com.protectoria.pss.proto.ProtocolException;
import com.protectoria.pss.proto.client.AbstractClientProtocolReceiverContext;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import javax.crypto.SecretKey;

/* loaded from: classes4.dex */
public abstract class AbstractClientProtocolReceiverConverter<C extends AbstractClientProtocolReceiverContext> implements ClientProtocolReceiverConverter<C> {
    public static final Charset CHARSET = Charset.forName("UTF-8");
    private final Encryption a;
    private final Encryption b;
    private final KeyExchange c;
    private final Gson d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes4.dex */
    public static /* synthetic */ class a {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[ClientActionType.values().length];
            a = iArr;
            try {
                iArr[ClientActionType.PREPARE_ENROLLMENT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[ClientActionType.COMMIT_ENROLLMENT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[ClientActionType.WAKE_UP.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                a[ClientActionType.HANDSHAKE_STEP1.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                a[ClientActionType.UPDATE_CODE.ordinal()] = 5;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                a[ClientActionType.PREPARE_AUTH.ordinal()] = 6;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                a[ClientActionType.COMMIT_AUTH.ordinal()] = 7;
            } catch (NoSuchFieldError unused7) {
            }
            try {
                a[ClientActionType.HANDSHAKE_STEP2.ordinal()] = 8;
            } catch (NoSuchFieldError unused8) {
            }
            try {
                a[ClientActionType.UNKNOWN.ordinal()] = 9;
            } catch (NoSuchFieldError unused9) {
            }
        }
    }

    public AbstractClientProtocolReceiverConverter(Encryption encryption, Encryption encryption2, KeyExchange keyExchange, Gson gson) {
        this.a = encryption;
        this.b = encryption2;
        this.c = keyExchange;
        this.d = gson;
    }

    private <T extends ClientActionRequest> T a(ClientActionRequestHeader clientActionRequestHeader, byte[] bArr, C c, Class<T> cls) throws GeneralSecurityException {
        SecretKey symmetricKeyForDecryption = getSymmetricKeyForDecryption(clientActionRequestHeader, c);
        onSecretKeyForDecryptionChange(symmetricKeyForDecryption, c);
        return (T) a(bArr, decodeBase64(clientActionRequestHeader.getNIV()), symmetricKeyForDecryption, cls);
    }

    private <T extends ClientActionRequest> T a(byte[] bArr, byte[] bArr2, SecretKey secretKey, Class<T> cls) throws GeneralSecurityException {
        return (T) this.d.fromJson(new String(this.b.decrypt(new SymmetricEncryptionIVParams(bArr, bArr2, secretKey)), CHARSET), (Class) cls);
    }

    private ClientActionRequestHeader a(ClientActionRequestWrapper clientActionRequestWrapper, C c) throws GeneralSecurityException {
        onInstallationIdChange(parseInstallationID(clientActionRequestWrapper.getInstallationId()), c);
        ClientActionRequestHeader a2 = a(clientActionRequestWrapper.getEncryptedHeader(), decodePrivateKey(c.getPssPrivateKey()));
        onInitializationVectorChange(decodeBase64(a2.getNIV()), c);
        onClientActionTypeChange(a2.getType(), c);
        onEnrollmentIdentifierChange(a2.getEnrollmentId(), c);
        return a2;
    }

    private ClientActionRequestHeader a(byte[] bArr, PrivateKey privateKey) throws GeneralSecurityException {
        return (ClientActionRequestHeader) this.d.fromJson(new String(this.a.decrypt(new AsymmetricEncryptionParams(bArr, privateKey)), CHARSET), ClientActionRequestHeader.class);
    }

    private ClientActionResponseWrapper a(ClientActionResponse clientActionResponse, C c) throws GeneralSecurityException {
        c(clientActionResponse, c);
        ClientActionResponseWrapper b = b(clientActionResponse, (ClientActionResponse) c);
        b.setSignaturePSS(b(b.getDataEncryptedResponse(), decodePrivateKey(c.getPssPrivateKey())));
        return b;
    }

    private static <T extends ClientActionRequest> Class<T> a(ClientActionType clientActionType) {
        switch (a.a[clientActionType.ordinal()]) {
            case 1:
                return ClientPrepareEnrollmentRequest.class;
            case 2:
                return ClientCommitEnrollmentRequest.class;
            case 3:
                return ClientWakeUpRequest.class;
            case 4:
                return ClientHandshakeStep1Request.class;
            case 5:
                return ClientUpdateCodeRequest.class;
            case 6:
                return ClientPrepareAuthRequest.class;
            case 7:
                return ClientCommitAuthRequest.class;
            case 8:
                return ClientHandshakeStep2Request.class;
            default:
                return ClientActionRequest.class;
        }
    }

    private SecretKey a() throws GeneralSecurityException {
        return new AESKeyGenerator().generateKey(new KeyParams(CryptoAlgorithm.AES.getDefaultSize()));
    }

    private SecretKey a(C c) throws GeneralSecurityException {
        String name = BouncyCryptoAlgorithm.ELLIPTIC_CURVE_DIFFIE_HELLMAN.getName();
        Provider bouncyCastleProviderHolder = BouncyCastleProviderHolder.getInstance();
        PublicKey bytesToPublicKey = KeyUtils.bytesToPublicKey(c.getPsaPublicDhKey(), name, bouncyCastleProviderHolder);
        return this.c.generateSharedSecret(KeyUtils.bytesToPrivateKey(c.getPssPrivateDhKey(), name, bouncyCastleProviderHolder), bytesToPublicKey);
    }

    private byte[] a(ClientActionResponse clientActionResponse) {
        return this.d.toJson(clientActionResponse).getBytes(CHARSET);
    }

    private byte[] a(SecretKey secretKey, C c) throws GeneralSecurityException {
        if (!ClientActionType.COMMIT_ENROLLMENT.equals(c.getClientActionType()) && !ClientActionType.HANDSHAKE_STEP1.equals(c.getClientActionType())) {
            return null;
        }
        return this.a.encrypt(new AsymmetricEncryptionParams(secretKey.getEncoded(), KeyUtils.bytesToPublicKey(c.getPsaPublicKey(), CryptoAlgorithm.RSA.name())));
    }

    private ClientActionResponseWrapper b(ClientActionResponse clientActionResponse, C c) throws GeneralSecurityException {
        SecretKey b = b(c);
        onSecretKeyForEncryptionChange(b, c);
        ClientActionResponseWrapper clientActionResponseWrapper = new ClientActionResponseWrapper();
        clientActionResponseWrapper.setSkPSS(a(b, (SecretKey) c));
        clientActionResponseWrapper.setDataEncryptedResponse(this.b.encrypt(new SymmetricEncryptionIVParams(a(clientActionResponse), c.getInitializationVector(), b)));
        return clientActionResponseWrapper;
    }

    private SecretKey b(C c) throws GeneralSecurityException {
        switch (a.a[c.getClientActionType().ordinal()]) {
            case 1:
            case 2:
            case 3:
            case 5:
                return c.getSymmetricKey();
            case 4:
                return a();
            case 6:
            case 7:
                return KeyUtils.bytesToSecretKey(c.getSessionSymmetricKey(), CryptoAlgorithm.AES.name());
            case 8:
                return a((AbstractClientProtocolReceiverConverter<C>) c);
            default:
                throw new IllegalStateException("Unexpected type \"" + c.getClientActionType() + "\".");
        }
    }

    private byte[] b(byte[] bArr, PrivateKey privateKey) throws GeneralSecurityException {
        return new SHA256WithRSABouncyMessageSignatureImpl().sign(bArr, privateKey);
    }

    private void c(ClientActionResponse clientActionResponse, C c) {
        clientActionResponse.setNoncePSA(c.getNoncePSA());
        if (ClientActionType.HANDSHAKE_STEP1.equals(c.getClientActionType())) {
            ((ClientHandshakeStep1Response) clientActionResponse).setPubPSSDH(c.getPssPublicDhKey());
        } else if (ClientActionType.HANDSHAKE_STEP2.equals(c.getClientActionType())) {
            ((ClientHandshakeStep2Response) clientActionResponse).setPubPSSDH(c.getPssPublicDhKey());
        }
    }

    @Override // com.protectoria.pss.proto.ClientProtocolReceiverConverter
    public ClientActionResponseWrapper buildResponseMessage(ClientActionResponse clientActionResponse, C c) throws ProtocolException {
        try {
            ClientActionResponseWrapper a2 = a(clientActionResponse, (ClientActionResponse) c);
            onResponseWrapperCreated(a2, c);
            return a2;
        } catch (JsonParseException e2) {
            throw new ProtocolException("Error while processing JSON.", e2);
        } catch (IllegalStateException e3) {
            throw new ProtocolException("Error while generating symmetric key.", e3);
        } catch (NullPointerException e4) {
            throw new ProtocolException("No enough data to encrypt response.", e4);
        } catch (GeneralSecurityException e5) {
            throw new ProtocolException("General security problem.", e5);
        }
    }

    protected abstract byte[] decodeBase64(String str);

    protected PrivateKey decodePrivateKey(byte[] bArr) throws GeneralSecurityException {
        return KeyUtils.bytesToPrivateKey(bArr, CryptoAlgorithm.RSA.name(), BouncyCastleProviderHolder.getInstance());
    }

    protected SecretKey getSymmetricKeyForDecryption(ClientActionRequestHeader clientActionRequestHeader, C c) throws GeneralSecurityException {
        switch (a.a[clientActionRequestHeader.getType().ordinal()]) {
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
                return KeyUtils.bytesToSecretKey(clientActionRequestHeader.getSymmetricKeyPSA(), CryptoAlgorithm.AES.name());
            case 6:
            case 7:
                return KeyUtils.bytesToSecretKey(c.getSessionSymmetricKey(), CryptoAlgorithm.AES.name());
            case 8:
                return a((AbstractClientProtocolReceiverConverter<C>) c);
            default:
                throw new IllegalStateException("Unexpected type \"" + clientActionRequestHeader.getType() + "\".");
        }
    }

    protected void onClientActionTypeChange(ClientActionType clientActionType, C c) {
        c.setClientActionType(clientActionType);
    }

    protected void onEnrollmentIdentifierChange(String str, C c) {
        c.setEnrollmentIdentifier(str);
    }

    protected void onInitializationVectorChange(byte[] bArr, C c) {
        c.setInitializationVector(bArr);
    }

    protected void onInstallationIdChange(Long l2, C c) {
        c.setInstallationId(l2);
    }

    protected void onRequestHeaderParsed(ClientActionRequestHeader clientActionRequestHeader, C c) {
    }

    protected void onRequestParsed(ClientActionRequest clientActionRequest, C c) {
        if (ClientActionType.COMMIT_ENROLLMENT.equals(c.getClientActionType())) {
            c.setPsaPublicKey(((ClientCommitEnrollmentRequest) clientActionRequest).getPubClient());
        }
        c.setNoncePSA(clientActionRequest.getNoncePSA());
    }

    protected void onRequestWrapperProcessed(ClientActionRequestWrapper clientActionRequestWrapper, C c) {
    }

    protected void onResponseWrapperCreated(ClientActionResponseWrapper clientActionResponseWrapper, C c) {
    }

    protected void onSecretKeyForDecryptionChange(SecretKey secretKey, C c) {
        c.setSymmetricKey(secretKey);
    }

    protected void onSecretKeyForEncryptionChange(SecretKey secretKey, C c) {
        c.setSymmetricKey(secretKey);
    }

    protected Long parseInstallationID(String str) {
        return Long.valueOf(Long.parseLong(str));
    }

    @Override // com.protectoria.pss.proto.ClientProtocolReceiverConverter
    public <T extends ClientActionRequest> T parseRequestMessage(ClientActionRequestWrapper clientActionRequestWrapper, C c) throws ProtocolException {
        try {
            try {
                try {
                    ClientActionRequestHeader a2 = a(clientActionRequestWrapper, (ClientActionRequestWrapper) c);
                    onRequestHeaderParsed(a2, c);
                    T t2 = (T) a(a2, clientActionRequestWrapper.getDataEncryptedRequest(), (byte[]) c, (Class) a(c.getClientActionType()));
                    onRequestParsed(t2, c);
                    return t2;
                } catch (IllegalStateException e2) {
                    throw new ProtocolException("Error while generating symmetric key.", e2);
                } catch (GeneralSecurityException e3) {
                    throw new ProtocolException("General security problem.", e3);
                }
            } catch (JsonParseException e4) {
                throw new ProtocolException("Error while processing JSON.", e4);
            } catch (NullPointerException e5) {
                throw new ProtocolException("No enough data to decrypt request.", e5);
            } catch (NumberFormatException e6) {
                throw new ProtocolException("Cannot parse installationID.", e6);
            }
        } finally {
            onRequestWrapperProcessed(clientActionRequestWrapper, c);
        }
    }
}
