package ru.ftc.cs.cam_rs.crypto.session.cmn;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECFieldFp;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.BiConsumer;
import java.util.function.BiFunction;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
import ru.CryptoPro.JCP.tools.CertReader.Extension;
import ru.CryptoPro.JCSP.JCSP;
import ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession;
import ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSessionDefault;

/* loaded from: classes4.dex */
public class CryptoSessionDefault implements CryptoSession {
    private static final String CONTENT_ENCRYPTION_KEY = "contentEncryptionKey";
    private static final SecureString EC = SecureString.copy("EC");
    private static final SecureString P_256 = SecureString.copy("P-256");
    private static final SecureString A128GCM = SecureString.copy("A128GCM");
    private static final SecureString DOT = SecureString.copy(Extension.DOT_CHAR);
    private static final ECParameterSpec P_256_SPEC = new ECParameterSpec(new EllipticCurve(new ECFieldFp(new BigInteger("115792089210356248762697446949407573530086143415290314195533631308867097853951")), new BigInteger("115792089210356248762697446949407573530086143415290314195533631308867097853948"), new BigInteger("41058363725152142129326129780047268409114441015993725554835256314039467401291")), new ECPoint(new BigInteger("48439561293906451759052585252797914202762949526041747995844080717082404635286"), new BigInteger("36134250956749795798585127919587881956611106672985015071877198253568414405109")), new BigInteger("115792089210356248762697446949407573529996955224135760342422259061068512044369"), 1);
    private SecureString producerName = null;
    private SecureString consumerName = null;
    private ECPrivateKey ownEphemPrivateKey = null;
    private ECPublicKey ownEphemPublicKey = null;
    private BytesRef contentEncryptionKey = null;
    private final Jwe jwe = new Jwe();

    /* loaded from: classes4.dex */
    private class Jwe implements CryptoSession.Jwe {
        private SecureString compactSerialization;
        private final Map<String, Object> headers;
        private BytesRef payload;

        private Jwe() {
            this.headers = new LinkedHashMap();
            this.payload = null;
            this.compactSerialization = null;
        }

        private void clearCompactSerialization() {
            if (Objects.nonNull(this.compactSerialization)) {
                this.compactSerialization.clear();
            }
            this.compactSerialization = null;
        }

        private void clearHeaders() {
            this.headers.forEach(new BiConsumer() { // from class: ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSessionDefault$Jwe$$ExternalSyntheticLambda0
                @Override // java.util.function.BiConsumer
                public final void accept(Object obj, Object obj2) {
                    CryptoSessionDefault.Jwe.lambda$clearHeaders$1((String) obj, obj2);
                }
            });
            this.headers.clear();
        }

        private void clearPayload() {
            if (Objects.nonNull(this.payload)) {
                this.payload.clear();
            }
            this.payload = null;
        }

        @Nonnull
        private BytesRef decryptAesGcm(int i, @Nonnull BytesRef bytesRef, @Nonnull BytesRef bytesRef2, @Nonnull BytesRef bytesRef3, @Nonnull BytesRef bytesRef4) {
            return doAesGcmCipher(2, i, bytesRef, bytesRef2, bytesRef3, bytesRef4);
        }

        @Nonnull
        private BytesRef doAesGcmCipher(int i, int i2, @Nonnull BytesRef bytesRef, @Nonnull BytesRef bytesRef2, @Nonnull BytesRef bytesRef3, @Nonnull BytesRef bytesRef4) {
            try {
                Cipher cipher = Cipher.getInstance("AES/GCM/NOPADDING");
                cipher.init(i, new SecretKeySpec(bytesRef.getBytes(), bytesRef.getOffset(), bytesRef.getLength(), JCSP.AES_NAME), new GCMParameterSpec(i2, bytesRef2.getBytes(), bytesRef2.getOffset(), bytesRef2.getLength()));
                cipher.updateAAD(bytesRef3.getBytes(), bytesRef3.getOffset(), bytesRef3.getLength());
                return BytesRef.wrap(cipher.doFinal(bytesRef4.getBytes(), bytesRef4.getOffset(), bytesRef4.getLength()));
            } catch (GeneralSecurityException e) {
                throw new CryptoSessionException("Failed to cipher", e);
            }
        }

        @Nonnull
        private BytesRef encryptAesGcm(int i, @Nonnull BytesRef bytesRef, @Nonnull BytesRef bytesRef2, @Nonnull BytesRef bytesRef3, @Nonnull BytesRef bytesRef4) {
            return doAesGcmCipher(1, i, bytesRef, bytesRef2, bytesRef3, bytesRef4);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static /* synthetic */ void lambda$clearHeaders$1(String str, Object obj) {
            if (obj instanceof SecureObject) {
                ((SecureObject) obj).clear();
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static /* synthetic */ Object lambda$setHeader$0(SecureString secureString, String str, Object obj) {
            if (obj instanceof SecureString) {
                ((SecureString) obj).clear();
            }
            return secureString;
        }

        @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession.Jwe
        @Nonnull
        public Jwe clear() {
            clearHeaders();
            clearPayload();
            clearCompactSerialization();
            return this;
        }

        @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession.Jwe
        @Nonnull
        public SecureString getCompactSerialization() {
            CryptoSessionException.checkNonNull(CryptoSessionDefault.CONTENT_ENCRYPTION_KEY, CryptoSessionDefault.this.contentEncryptionKey);
            CryptoSessionException.checkNonNull("payload", this.payload);
            try {
                if (Objects.isNull(this.compactSerialization)) {
                    this.headers.put("alg", "dir");
                    this.headers.put("enc", CryptoSessionDefault.A128GCM.copy());
                    SecureJson copy = SecureJson.copy(this.headers);
                    try {
                        BytesRef randomize = BytesRef.wrap(new byte[12]).randomize();
                        try {
                            BytesRef copyToBytesRef = copy.getString().copyToBytesRef(StandardCharsets.UTF_8);
                            try {
                                SecureString copyToString = SecureB64u.wrap(copyToBytesRef).copyToString();
                                try {
                                    BytesRef copyToBytesRef2 = copyToString.copyToBytesRef(StandardCharsets.US_ASCII);
                                    try {
                                        BytesRef encryptAesGcm = encryptAesGcm(128, CryptoSessionDefault.this.contentEncryptionKey, randomize, copyToBytesRef2, this.payload);
                                        try {
                                            BytesRef wrap = encryptAesGcm.wrap(0, encryptAesGcm.getLength() - 16);
                                            try {
                                                BytesRef wrap2 = encryptAesGcm.wrap(encryptAesGcm.getLength() - 16, 16);
                                                try {
                                                    SecureString copyToString2 = SecureB64u.wrap(randomize).copyToString();
                                                    try {
                                                        SecureString copyToString3 = SecureB64u.wrap(wrap).copyToString();
                                                        try {
                                                            SecureString copyToString4 = SecureB64u.wrap(wrap2).copyToString();
                                                            try {
                                                                this.compactSerialization = copyToString.copyConcat(CryptoSessionDefault.DOT, CryptoSessionDefault.DOT, copyToString2, CryptoSessionDefault.DOT, copyToString3, CryptoSessionDefault.DOT, copyToString4);
                                                                if (copyToString4 != null) {
                                                                    copyToString4.close();
                                                                }
                                                                if (copyToString3 != null) {
                                                                    copyToString3.close();
                                                                }
                                                                if (copyToString2 != null) {
                                                                    copyToString2.close();
                                                                }
                                                                if (wrap2 != null) {
                                                                    wrap2.close();
                                                                }
                                                                if (wrap != null) {
                                                                    wrap.close();
                                                                }
                                                                if (encryptAesGcm != null) {
                                                                    encryptAesGcm.close();
                                                                }
                                                                if (copyToBytesRef2 != null) {
                                                                    copyToBytesRef2.close();
                                                                }
                                                                if (copyToString != null) {
                                                                    copyToString.close();
                                                                }
                                                                if (copyToBytesRef != null) {
                                                                    copyToBytesRef.close();
                                                                }
                                                                if (randomize != null) {
                                                                    randomize.close();
                                                                }
                                                                if (copy != null) {
                                                                    copy.close();
                                                                }
                                                            } finally {
                                                            }
                                                        } finally {
                                                        }
                                                    } finally {
                                                    }
                                                } finally {
                                                }
                                            } finally {
                                            }
                                        } finally {
                                        }
                                    } finally {
                                    }
                                } finally {
                                }
                            } finally {
                            }
                        } finally {
                        }
                    } finally {
                    }
                }
                return this.compactSerialization.copy();
            } catch (Exception e) {
                throw new CryptoSessionException("Failed to get JWE compact serialization", e);
            }
        }

        @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession.Jwe
        @Nullable
        public SecureString getHeader(@Nonnull String str) {
            return (SecureString) this.headers.get(str);
        }

        @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession.Jwe
        @Nonnull
        public SecureJson getPayload() {
            CryptoSessionException.checkNonNull("compactSerialization", this.compactSerialization);
            CryptoSessionException.checkNonNull(CryptoSessionDefault.CONTENT_ENCRYPTION_KEY, CryptoSessionDefault.this.contentEncryptionKey);
            try {
                if (Objects.isNull(this.payload)) {
                    List<SecureString> split = this.compactSerialization.split('.');
                    if (split.size() != 5) {
                        throw new IllegalArgumentException("Number of jwe parts must be 5");
                    }
                    BytesRef copyToBytesRef = split.get(0).copyToBytesRef(StandardCharsets.US_ASCII);
                    try {
                        BytesRef bytesRef = SecureB64u.copy(split.get(2)).getBytesRef();
                        try {
                            BytesRef bytesRef2 = SecureB64u.copy(split.get(3)).getBytesRef();
                            try {
                                BytesRef bytesRef3 = SecureB64u.copy(split.get(4)).getBytesRef();
                                try {
                                    BytesRef copyConcat = bytesRef2.copyConcat(bytesRef3);
                                    try {
                                        this.payload = decryptAesGcm(128, CryptoSessionDefault.this.contentEncryptionKey, bytesRef, copyToBytesRef, copyConcat);
                                        if (copyConcat != null) {
                                            copyConcat.close();
                                        }
                                        if (bytesRef3 != null) {
                                            bytesRef3.close();
                                        }
                                        if (bytesRef2 != null) {
                                            bytesRef2.close();
                                        }
                                        if (bytesRef != null) {
                                            bytesRef.close();
                                        }
                                        if (copyToBytesRef != null) {
                                            copyToBytesRef.close();
                                        }
                                    } finally {
                                    }
                                } finally {
                                }
                            } finally {
                            }
                        } finally {
                        }
                    } finally {
                    }
                }
                return SecureJson.copy(this.payload);
            } catch (Exception e) {
                throw new CryptoSessionException("Failed to get payload JWE", e);
            }
        }

        @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession.Jwe
        @Nonnull
        public CryptoSession.Jwe setCompactSerialization(@Nonnull SecureString secureString) {
            try {
                List<SecureString> split = secureString.split('.');
                if (split.size() != 5) {
                    throw new IllegalArgumentException("Number of jwe parts must be 5");
                }
                SecureB64u copy = SecureB64u.copy(split.get(0));
                try {
                    clear();
                    SecureJson copy2 = SecureJson.copy(copy.getBytesRef());
                    this.headers.putAll(copy2.getMap());
                    copy2.getString().clear();
                    if (this.headers.size() == 0) {
                        throw new IllegalArgumentException("Empty header");
                    }
                    if (!this.headers.containsKey("enc") || !CryptoSessionDefault.A128GCM.equals(this.headers.get("enc"))) {
                        throw new IllegalArgumentException("Unknown encryption method");
                    }
                    this.compactSerialization = secureString.copy();
                    if (copy != null) {
                        copy.close();
                    }
                    return this;
                } finally {
                }
            } catch (Exception e) {
                throw new CryptoSessionException("Failed to set JWE compact serialization", e);
            }
        }

        @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession.Jwe
        @Nonnull
        public CryptoSession.Jwe setHeader(@Nonnull String str, @Nonnull final SecureString secureString) {
            this.headers.compute(str, new BiFunction() { // from class: ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSessionDefault$Jwe$$ExternalSyntheticLambda1
                @Override // java.util.function.BiFunction
                public final Object apply(Object obj, Object obj2) {
                    return CryptoSessionDefault.Jwe.lambda$setHeader$0(SecureString.this, (String) obj, obj2);
                }
            });
            return this;
        }

        @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession.Jwe
        @Nonnull
        public CryptoSession.Jwe setPayload(@Nonnull SecureJson secureJson) {
            clearPayload();
            clearCompactSerialization();
            this.payload = secureJson.getString().copyToBytesRef(StandardCharsets.UTF_8);
            return this;
        }
    }

    private static byte[] bytesOfInt(int i) {
        return ByteBuffer.allocate(4).putInt(i).array();
    }

    private static byte[] bytesWithLenPrefix(@Nonnull BytesRef bytesRef) {
        return ByteBuffer.allocate(bytesRef.getLength() + 4).putInt(bytesRef.getLength()).put(bytesRef.wrapToBuffer()).array();
    }

    @Nonnull
    private static ECPublicKey parseEcPublicKeyJwk(@Nonnull SecureJson secureJson) {
        try {
            Map<String, Object> map = secureJson.getMap();
            if (!map.containsKey("crv") || !P_256.equals(map.get("crv"))) {
                throw new IllegalArgumentException("Unknown curve name in ephemeral public key");
            }
            return (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(SecureB64u.copy((SecureString) map.get("x")).getBytesRef().copy().getBytes()), new BigInteger(SecureB64u.copy((SecureString) map.get("y")).getBytesRef().copy().getBytes())), P_256_SPEC));
        } catch (Exception e) {
            throw new CryptoSessionException("Failed to parse JWK", e);
        }
    }

    @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession, ru.ftc.cs.cam_rs.crypto.session.cmn.SecureObject
    public void clear() {
        this.ownEphemPrivateKey = null;
        this.ownEphemPublicKey = null;
        this.consumerName = null;
        this.producerName = null;
        this.contentEncryptionKey = null;
        this.jwe.clear();
    }

    @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession
    @Nonnull
    public BytesRef exportContentEncryptionKey() {
        CryptoSessionException.checkNonNull(CONTENT_ENCRYPTION_KEY, this.contentEncryptionKey);
        return this.contentEncryptionKey.copy();
    }

    @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession
    @Nonnull
    public SecureJson exportEphemeralPublicKeyAsJwk() {
        CryptoSessionException.checkNonNull("ownEphemPublicKey", this.ownEphemPublicKey);
        return SecureJson.copy("kty", EC, "crv", P_256, "x", SecureB64u.wrap(BytesRef.wrap(this.ownEphemPublicKey.getW().getAffineX().toByteArray())).copyToString(), "y", SecureB64u.wrap(BytesRef.wrap(this.ownEphemPublicKey.getW().getAffineY().toByteArray())).copyToString());
    }

    @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession
    @Nonnull
    public CryptoSession generateContentEncryptionKey(@Nonnull SecureJson secureJson) {
        CryptoSessionException.checkNonNull("producerName", this.producerName);
        CryptoSessionException.checkNonNull("consumerName", this.consumerName);
        CryptoSessionException.checkNonNull("ownEphemPrivateKey", this.ownEphemPrivateKey);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(128);
            byteArrayOutputStream.write(bytesOfInt(0));
            byteArrayOutputStream.write(bytesWithLenPrefix(this.producerName.copyToBytesRef(StandardCharsets.UTF_8)));
            byteArrayOutputStream.write(bytesWithLenPrefix(this.consumerName.copyToBytesRef(StandardCharsets.UTF_8)));
            byteArrayOutputStream.write(bytesOfInt(256));
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            ECPublicKey parseEcPublicKeyJwk = parseEcPublicKeyJwk(secureJson);
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
            keyAgreement.init(this.ownEphemPrivateKey);
            keyAgreement.doPhase(parseEcPublicKeyJwk, true);
            byte[] generateSecret = keyAgreement.generateSecret();
            MessageDigest messageDigest = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA256);
            messageDigest.update(bytesOfInt(1));
            messageDigest.update(generateSecret);
            messageDigest.update(byteArray);
            this.contentEncryptionKey = BytesRef.wrap(messageDigest.digest(), 0, 16);
            return this;
        } catch (IOException | InvalidKeyException | NoSuchAlgorithmException e) {
            throw new CryptoSessionException("Failed to generate CEK", e);
        }
    }

    @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession
    @Nonnull
    public CryptoSession generateEphemeralKeyPair() {
        for (int i = 0; i < 100; i++) {
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
                keyPairGenerator.initialize(new ECGenParameterSpec("secp256r1"));
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                this.ownEphemPrivateKey = (ECPrivateKey) generateKeyPair.getPrivate();
                this.ownEphemPublicKey = (ECPublicKey) generateKeyPair.getPublic();
                boolean z = true;
                boolean z2 = this.ownEphemPrivateKey.getS().toByteArray().length == 32;
                boolean z3 = this.ownEphemPublicKey.getW().getAffineX().toByteArray().length == 32;
                if (this.ownEphemPublicKey.getW().getAffineY().toByteArray().length != 32) {
                    z = false;
                }
                if (z2 && z3 && z) {
                    return this;
                }
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e) {
                throw new CryptoSessionException("Failed to generate EC key pair", e);
            }
        }
        this.ownEphemPrivateKey = null;
        this.ownEphemPublicKey = null;
        throw new CryptoSessionException("Failed to generate EC key pair. No more retries");
    }

    @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession
    @Nonnull
    public CryptoSession.Jwe jwe() {
        return this.jwe;
    }

    @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession
    @Nonnull
    public CryptoSession setContentEncryptionKey(@Nonnull BytesRef bytesRef) {
        this.contentEncryptionKey = bytesRef.copy();
        return this;
    }

    @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession
    @Nonnull
    public CryptoSession setJweConsumerName(@Nonnull SecureString secureString) {
        this.consumerName = secureString;
        return this;
    }

    @Override // ru.ftc.cs.cam_rs.crypto.session.cmn.CryptoSession
    @Nonnull
    public CryptoSession setJweProducerName(@Nonnull SecureString secureString) {
        this.producerName = secureString;
        return this;
    }
}
