package com.allawn.cryptography.util;

import android.content.Context;
import android.content.SharedPreferences;
import androidx.appcompat.app.ToolbarActionBar$$ExternalSyntheticThrowCCEIfNotNull0;
import com.allawn.cryptography.EncryptException;
import com.allawn.cryptography.algorithm.AesUtil;
import com.allawn.cryptography.algorithm.HashUtil;
import com.allawn.cryptography.core.CryptoCore;
import com.allawn.cryptography.cpace.CPaceSceneData;
import com.allawn.cryptography.data.source.memory.BizCertMemoryDataSource;
import com.allawn.cryptography.digitalenvelope.entity.EciesSceneData;
import com.allawn.cryptography.digitalenvelope.entity.RsaSceneData;
import com.allawn.cryptography.entity.CipherContainer;
import com.allawn.cryptography.entity.CryptoParameters;
import com.allawn.cryptography.entity.NegotiationAlgorithmEnum;
import com.allawn.cryptography.entity.SceneConfig;
import com.allawn.cryptography.entity.SceneData;
import com.allawn.cryptography.exception.BizDataNotFoundException;
import com.allawn.cryptography.exception.InvalidArgumentException;
import com.allawn.cryptography.exception.SceneNotFoundException;
import com.allawn.cryptography.keymanager.entity.ApplicationKeyPairs;
import com.allawn.cryptography.keymanager.entity.UpgradeCertResponse;
import com.allawn.cryptography.noiseprotocol.entity.NoiseSceneData;
import com.allawn.cryptography.security.keystore.CryptoKeyStore;
import com.allawn.cryptography.sigma.SigmaSceneData;
import java.nio.charset.StandardCharsets;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateEncodingException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.SecretKey;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public abstract class SceneUtil {
    public static boolean compareCertMemoryData(JSONObject jSONObject, String str, SceneData sceneData, BizCertMemoryDataSource bizCertMemoryDataSource, boolean z) {
        UpgradeCertResponse upgradeCertResponse;
        NegotiationAlgorithmEnum negotiationAlgorithm = sceneData.getNegotiationAlgorithm();
        if (sceneData.isRelatedCertificate()) {
            if (!z) {
                try {
                    upgradeCertResponse = bizCertMemoryDataSource.getUpgradeCertResponse(str);
                } catch (BizDataNotFoundException unused) {
                }
                if (upgradeCertResponse != null || upgradeCertResponse.getCert4Encrypt() == null) {
                    bizCertMemoryDataSource.getHardcodedPublicKey(str);
                    LogUtil.d("SceneUtil", "compareCertMemoryData the biz public key is missing, discard this record");
                    return false;
                }
                try {
                    if (!jSONObject.optString("sha256Cert").equals(Base64Utils.encodeToString(HashUtil.sha256(upgradeCertResponse.getCert4Encrypt().getEncoded())))) {
                        LogUtil.d("SceneUtil", "compareCertMemoryData the biz certificate has been changed, discard this record");
                        return false;
                    }
                } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
                    LogUtil.w("SceneUtil", "compareCertMemoryData getCert4Encrypt fail. " + e);
                    return false;
                }
            }
            upgradeCertResponse = null;
            if (upgradeCertResponse != null) {
            }
            bizCertMemoryDataSource.getHardcodedPublicKey(str);
            LogUtil.d("SceneUtil", "compareCertMemoryData the biz public key is missing, discard this record");
            return false;
        }
        if (sceneData.isRelatedPublicKey()) {
            ApplicationKeyPairs localBizKeyPairs = bizCertMemoryDataSource.getLocalBizKeyPairs(str);
            if (localBizKeyPairs == null || localBizKeyPairs.getPublicKeyForSign() == null || localBizKeyPairs.getPublicKeyForEncrypt() == null) {
                LogUtil.d("SceneUtil", "compareCertMemoryData the application key is missing, discard this record");
                return false;
            }
            if (!jSONObject.getString("appPubKey").equals(Base64Utils.encodeToString((negotiationAlgorithm == NegotiationAlgorithmEnum.SIGMA ? localBizKeyPairs.getPublicKeyForSign() : localBizKeyPairs.getPublicKeyForEncrypt()).getEncoded()))) {
                LogUtil.d("SceneUtil", "compareCertMemoryData the application key has been changed, discard this record");
                return false;
            }
        }
        return true;
    }

    public static Map createSceneConfigMap(List list) {
        HashMap hashMap = new HashMap();
        if (list == null) {
            return hashMap;
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            SceneConfig sceneConfig = (SceneConfig) it.next();
            if (sceneConfig != null) {
                hashMap.put(sceneConfig.getScene(), sceneConfig);
            }
        }
        return hashMap;
    }

    public static Map createUpgradeCertResponseMap(Set set) {
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        if (set != null && !set.isEmpty()) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (str != null) {
                    concurrentHashMap.put(str, new UpgradeCertResponse());
                }
            }
        }
        return concurrentHashMap;
    }

    public static String decryptARecord(String str, SecretKey secretKey) {
        CipherContainer unwrap = CipherUtil.unwrap(str);
        return new String(AesUtil.decrypt(new CryptoParameters.Builder().setAlgorithm(CryptoParameters.AlgorithmEnum.AES_GCM_NOPADDING).setCryptoText(unwrap.getCipher()).setKey(secretKey).setIV(unwrap.getIv()).build()), StandardCharsets.UTF_8);
    }

    public static String encryptARecord(String str, SecretKey secretKey) {
        return CipherUtil.wrap(AesUtil.encrypt(new CryptoParameters.Builder().setAlgorithm(CryptoParameters.AlgorithmEnum.AES_GCM_NOPADDING).setKey(secretKey).setCryptoText(str.getBytes(StandardCharsets.UTF_8)).build()));
    }

    public static boolean importCertMemoryData(JSONObject jSONObject, String str, SceneData sceneData, BizCertMemoryDataSource bizCertMemoryDataSource, boolean z) {
        UpgradeCertResponse upgradeCertResponse;
        NegotiationAlgorithmEnum negotiationAlgorithm = sceneData.getNegotiationAlgorithm();
        if (negotiationAlgorithm == NegotiationAlgorithmEnum.NOISE_NN) {
            LogUtil.d("SceneUtil", "importCertMemoryData long-term reuse of keys is not supported in noise nn");
            return false;
        }
        if (sceneData.isRelatedCertificate()) {
            if (!z) {
                try {
                    upgradeCertResponse = bizCertMemoryDataSource.getUpgradeCertResponse(str);
                } catch (BizDataNotFoundException unused) {
                }
                if (upgradeCertResponse != null || upgradeCertResponse.getCert4Encrypt() == null) {
                    bizCertMemoryDataSource.getHardcodedPublicKey(str);
                    LogUtil.w("SceneUtil", "importCertMemoryData biz public key lost(" + str + ")");
                    return false;
                }
                try {
                    jSONObject.put("sha256Cert", Base64Utils.encodeToString(HashUtil.sha256(upgradeCertResponse.getCert4Encrypt().getEncoded())));
                } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
                    LogUtil.w("SceneUtil", "importCertMemoryData getCert4Encrypt fail " + e);
                    return false;
                }
            }
            upgradeCertResponse = null;
            if (upgradeCertResponse != null) {
            }
            bizCertMemoryDataSource.getHardcodedPublicKey(str);
            LogUtil.w("SceneUtil", "importCertMemoryData biz public key lost(" + str + ")");
            return false;
        }
        if (!sceneData.isRelatedPublicKey() || sceneData.getNegotiationAlgorithm() == NegotiationAlgorithmEnum.EC) {
            return true;
        }
        ApplicationKeyPairs localBizKeyPairs = bizCertMemoryDataSource.getLocalBizKeyPairs(str);
        if (localBizKeyPairs != null && localBizKeyPairs.getPublicKeyForEncrypt() != null && localBizKeyPairs.getPublicKeyForSign() != null) {
            jSONObject.put("appPubKey", Base64Utils.encodeToString((negotiationAlgorithm == NegotiationAlgorithmEnum.SIGMA ? localBizKeyPairs.getPublicKeyForSign() : localBizKeyPairs.getPublicKeyForEncrypt()).getEncoded()));
            return true;
        }
        LogUtil.w("SceneUtil", "importCertMemoryData localBizKeyPairs lost(" + str + ")");
        return false;
    }

    public static boolean importSceneData(JSONObject jSONObject, SceneData sceneData, String str, String str2) {
        jSONObject.put("sha256Host", HashUtil.sha256(str));
        jSONObject.put("type", sceneData.getNegotiationAlgorithm().name());
        if (sceneData.isRelatedDevice()) {
            jSONObject.put("device", str2);
        }
        jSONObject.put("sceneData", sceneData.backup());
        jSONObject.put("expiredTime", sceneData.getExpiredTime());
        return true;
    }

    public static Set initHardcodedPublicKeySettings(String[] strArr, Map map, BizCertMemoryDataSource bizCertMemoryDataSource) {
        HashSet hashSet = new HashSet();
        if (strArr != null) {
            for (String str : strArr) {
                if (str != null) {
                    hashSet.add(str);
                }
            }
        }
        if (map != null) {
            for (String str2 : map.keySet()) {
                ToolbarActionBar$$ExternalSyntheticThrowCCEIfNotNull0.m(map.get(str2));
                bizCertMemoryDataSource.setHardcodedPublicKey(str2, null);
            }
        }
        return hashSet;
    }

    public static Set initNeedCertificateDownloadSet(Set set, Set set2) {
        HashSet hashSet = new HashSet(set);
        if (set2 != null) {
            hashSet.removeAll(set2);
        }
        return hashSet;
    }

    public static Map initNeedRegisterPubKeyMap(Map map) {
        HashMap hashMap = new HashMap();
        if (map == null) {
            return hashMap;
        }
        map.remove(null);
        hashMap.putAll(map);
        return hashMap;
    }

    public static Map loadLocalSceneDataInSP(CryptoCore cryptoCore, Set set) {
        SceneConfig sceneConfig;
        String string;
        JSONObject jSONObject;
        if (Thread.currentThread().isInterrupted()) {
            LogUtil.d("SceneUtil", "loadLocalSceneDataInSP current thread interrupted");
            return null;
        }
        Context context = cryptoCore.getContext();
        if (set.isEmpty()) {
            FileUtil.deleteSharedPreferences(context, "pki_sdk_crypto_scene_data_sp");
            return null;
        }
        try {
            SecretKey createOrGetSecretKeyToSP = CryptoKeyStore.createOrGetSecretKeyToSP(context, "pki_sdk_scene_data_sp_alias", "pki_sdk_crypto_scene_data_sp");
            char c = 0;
            SharedPreferences sharedPreferences = context.getSharedPreferences("pki_sdk_crypto_scene_data_sp", 0);
            Map<String, ?> all = sharedPreferences.getAll();
            if (all.isEmpty()) {
                return null;
            }
            HashMap hashMap = new HashMap();
            HashMap hashMap2 = new HashMap();
            for (String str : all.keySet()) {
                String[] splitKeyAlias = splitKeyAlias(str);
                if (splitKeyAlias == null) {
                    LogUtil.d("SceneUtil", "loadLocalSceneDataInSP invalid biz, discard this record");
                } else {
                    String str2 = splitKeyAlias[c];
                    String str3 = splitKeyAlias[1];
                    LogUtil.d("SceneUtil", "loadLocalSceneDataInSP load sceneData(" + str2 + ", " + str3 + ")");
                    if (set.contains(str2)) {
                        try {
                            sceneConfig = cryptoCore.getSceneConfig(str3);
                            string = sharedPreferences.getString(str, "");
                        } catch (SceneNotFoundException unused) {
                            LogUtil.d("SceneUtil", "loadLocalSceneDataInSP invalid scene, discard this record");
                        }
                        if (string.equals("")) {
                            LogUtil.w("SceneUtil", "loadLocalSceneDataInSP corrupted data, discard this record");
                        } else {
                            try {
                                jSONObject = new JSONObject(decryptARecord(string, createOrGetSecretKeyToSP));
                            } catch (EncryptException | InvalidArgumentException | JSONException e) {
                                LogUtil.w("SceneUtil", "loadLocalSceneDataInSP load a sceneData record error. " + e);
                            }
                            if (sceneConfig.isNeedLongTermReuse()) {
                                SceneData restoreSceneData = restoreSceneData(jSONObject, sceneConfig, cryptoCore.getBizHostname(str2), cryptoCore.getDevice());
                                if (restoreSceneData != null && compareCertMemoryData(jSONObject, str2, restoreSceneData, cryptoCore.getBizKeyMemoryDataSource(), cryptoCore.isUseHardcodedPublicKey(str2))) {
                                    String spliceKeyAlias = spliceKeyAlias(str2, str3);
                                    hashMap.put(spliceKeyAlias, restoreSceneData);
                                    hashMap2.put(spliceKeyAlias, string);
                                    if (Thread.currentThread().isInterrupted()) {
                                        LogUtil.d("SceneUtil", "loadLocalSceneDataInSP current thread interrupted");
                                        return null;
                                    }
                                }
                                c = 0;
                            } else {
                                LogUtil.d("SceneUtil", "loadLocalSceneDataInSP no long-term reuse requirements, discard this record");
                                c = 0;
                            }
                        }
                    } else {
                        LogUtil.d("SceneUtil", "loadLocalSceneDataInSP invalid biz, discard this record");
                    }
                }
            }
            if (hashMap2.size() != sharedPreferences.getAll().size()) {
                updateSP(sharedPreferences, hashMap2);
            }
            return hashMap;
        } catch (KeyStoreException e2) {
            LogUtil.e("SceneUtil", "loadLocalSceneDataInSP get secret key error. " + e2);
            FileUtil.deleteSharedPreferences(context, "pki_sdk_crypto_scene_data_sp");
            return null;
        }
    }

    public static Map organizeBizHostnameMap(Map map) {
        HashMap hashMap = new HashMap();
        if (map == null) {
            return hashMap;
        }
        map.remove(null);
        for (String str : map.keySet()) {
            String str2 = (String) map.get(str);
            String organizeHostname = HttpUtil.organizeHostname(str2);
            if (organizeHostname != null) {
                hashMap.put(str, organizeHostname);
            } else {
                LogUtil.d("SceneUtil", "organizeBizMap domain name is not compliant, biz is " + str + ", domain name is " + str2);
            }
        }
        return hashMap;
    }

    public static SceneData restoreSceneData(JSONObject jSONObject, SceneConfig sceneConfig, String str, String str2) {
        SceneData noiseSceneData;
        String optString = jSONObject.optString("sha256Host");
        if ((optString.isEmpty() && str != null) || ((!optString.isEmpty() && str == null) || (!optString.isEmpty() && !optString.equals(HashUtil.sha256(str))))) {
            LogUtil.d("SceneUtil", "restoreSceneData host name has changed, discard this record");
            return null;
        }
        String string = jSONObject.getString("type");
        NegotiationAlgorithmEnum type = NegotiationAlgorithmEnum.getType(string);
        if (sceneConfig.getNegotiationAlgorithm() == null || type != sceneConfig.getNegotiationAlgorithm()) {
            LogUtil.d("SceneUtil", "restoreSceneData negotiation algorithm change, discard this record");
            return null;
        }
        long j = jSONObject.getLong("expiredTime");
        long now = DateUtil.now();
        if (now > j) {
            LogUtil.d("SceneUtil", "restoreSceneData the valid time has expired, discard this record");
            return null;
        }
        if (type == NegotiationAlgorithmEnum.RSA) {
            noiseSceneData = new RsaSceneData(type);
        } else if (type == NegotiationAlgorithmEnum.EC) {
            noiseSceneData = new EciesSceneData(type);
        } else if (type == NegotiationAlgorithmEnum.NOISE_NK || type == NegotiationAlgorithmEnum.NOISE_KK || type == NegotiationAlgorithmEnum.NOISE_IK || type == NegotiationAlgorithmEnum.NOISE_IX) {
            noiseSceneData = new NoiseSceneData(type);
        } else if (type == NegotiationAlgorithmEnum.CPACE) {
            noiseSceneData = new CPaceSceneData(type);
        } else {
            if (type != NegotiationAlgorithmEnum.SIGMA) {
                throw new InvalidArgumentException("Unexpected type: " + string);
            }
            noiseSceneData = new SigmaSceneData(type);
        }
        if (noiseSceneData.isRelatedDevice() && !jSONObject.getString("device").equals(str2)) {
            LogUtil.d("SceneUtil", "restoreSceneData unique id has changed, discard this record");
            return null;
        }
        if (!noiseSceneData.restore(jSONObject.getJSONObject("sceneData"))) {
            LogUtil.d("SceneUtil", "restoreSceneData the sceneData restoration failed, discard this record");
            return null;
        }
        if (!noiseSceneData.getScene().equals(sceneConfig.getScene())) {
            LogUtil.d("SceneUtil", "restoreSceneData scene names are inconsistent, discard this record");
            return null;
        }
        if (!(noiseSceneData instanceof NoiseSceneData) && sceneConfig.getEncryptAlgorithm() != null) {
            if (noiseSceneData.getKeyLength() != sceneConfig.getEncryptAlgorithm().getKeyLength() / 8) {
                LogUtil.d("SceneUtil", "restoreSceneData symmetric algorithm key length change, discard this record");
                return null;
            }
        }
        noiseSceneData.setEncryptAlgorithm(sceneConfig.getEncryptAlgorithm());
        noiseSceneData.setExpireTime(j - now);
        noiseSceneData.setExpiredTime(j);
        return noiseSceneData;
    }

    public static void saveSceneDataMemoryData(Context context, String str, String str2, String str3) {
        SecretKey createOrGetSecretKeyToSP = CryptoKeyStore.createOrGetSecretKeyToSP(context, "pki_sdk_scene_data_sp_alias", "pki_sdk_crypto_scene_data_sp");
        try {
            context.getSharedPreferences("pki_sdk_crypto_scene_data_sp", 0).edit().putString(spliceKeyAlias(str, str2), encryptARecord(str3, createOrGetSecretKeyToSP)).apply();
            LogUtil.d("SceneUtil", "saveSceneDataMemoryData sceneData(" + str + ", " + str2 + ") save success");
        } catch (EncryptException | InvalidArgumentException | JSONException e) {
            LogUtil.w("SceneUtil", "saveSceneDataMemoryData sceneData(" + str + ", " + str2 + ") save error. " + e);
        }
    }

    public static void setSceneData(SceneConfig sceneConfig, SceneData sceneData) {
        sceneData.setScene(sceneConfig.getScene());
        sceneData.setEncryptAlgorithm(sceneConfig.getEncryptAlgorithm());
        sceneData.setExpireTime(sceneConfig.getExpireTime() * 1000);
        long now = DateUtil.now();
        long expireTime = sceneData.getExpireTime() + now;
        if (sceneConfig.isNeedReuse()) {
            sceneData.setVersion((10000 * expireTime) + new SecureRandom().nextInt(10000));
        } else {
            sceneData.setVersion((now * 10000) + new SecureRandom().nextInt(10000));
        }
        sceneData.setExpiredTime(expireTime);
    }

    public static String spliceKeyAlias(String... strArr) {
        return PackUtil.concat(":s:", strArr);
    }

    public static String[] splitKeyAlias(String str) {
        String[] split = str.split(":s:");
        if (split.length == 2) {
            return split;
        }
        return null;
    }

    public static void updateSP(SharedPreferences sharedPreferences, Map map) {
        if (map.isEmpty()) {
            sharedPreferences.edit().clear().apply();
            return;
        }
        SharedPreferences.Editor edit = sharedPreferences.edit();
        edit.clear();
        for (String str : map.keySet()) {
            edit.putString(str, (String) map.get(str));
        }
        edit.apply();
    }
}
