package com.allawn.cryptography.digitalenvelope;

import com.allawn.cryptography.EncryptException;
import com.allawn.cryptography.algorithm.AesUtil;
import com.allawn.cryptography.core.CryptoCore;
import com.allawn.cryptography.data.source.SessionSceneDataRepository;
import com.allawn.cryptography.digitalenvelope.entity.RsaCryptoConfig;
import com.allawn.cryptography.digitalenvelope.entity.RsaSceneData;
import com.allawn.cryptography.entity.CryptoConfig;
import com.allawn.cryptography.entity.CryptoParameters;
import com.allawn.cryptography.entity.EncryptAlgorithmEnum;
import com.allawn.cryptography.entity.EncryptEnum;
import com.allawn.cryptography.entity.ExceptionResponse;
import com.allawn.cryptography.entity.Function;
import com.allawn.cryptography.entity.SceneConfig;
import com.allawn.cryptography.entity.SceneData;
import com.allawn.cryptography.exception.InvalidArgumentException;
import com.allawn.cryptography.exception.SceneNotFoundException;
import com.allawn.cryptography.keymanager.entity.BizPublicKeys;
import com.allawn.cryptography.util.Base64Utils;
import com.allawn.cryptography.util.CipherUtil;
import com.allawn.cryptography.util.LogUtil;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.util.Map;
import javax.crypto.SecretKey;
import org.json.JSONException;

/* loaded from: classes.dex */
public class RsaDigitalEnvelopeFunction extends Function {
    public final Map mCryptoConfigMap;
    public final CryptoCore mCryptoCore;
    public final SessionSceneDataRepository mSessionSceneDataRepository;
    public final Object mSceneDataLock = new Object();
    public final Object mCryptoConfigLock = new Object();

    public RsaDigitalEnvelopeFunction(CryptoCore cryptoCore, SessionSceneDataRepository sessionSceneDataRepository, Map map) {
        this.mCryptoCore = cryptoCore;
        this.mSessionSceneDataRepository = sessionSceneDataRepository;
        this.mCryptoConfigMap = map;
    }

    private SceneData getSceneData(String str, String str2) {
        SceneConfig sceneConfig = this.mCryptoCore.getSceneConfig(str2);
        SceneData sceneData = this.mSessionSceneDataRepository.getSceneData(str, str2);
        if (sceneData != null || !sceneConfig.isNeedReuse()) {
            return sceneData;
        }
        SceneData sceneData2 = this.mCryptoCore.getSceneData(str, str2);
        if (sceneData2 == null || sceneData2.isExpired()) {
            return null;
        }
        this.mSessionSceneDataRepository.addSceneData(str, sceneData2);
        return sceneData2;
    }

    public final RsaSceneData createAndSaveSceneData(String str, String str2) {
        RsaSceneData createAndSaveSceneData = RsaDigitalEnvelopeUtil.createAndSaveSceneData(this.mCryptoCore, str, this.mCryptoCore.getSceneConfig(str2));
        synchronized (this.mSceneDataLock) {
            try {
                SceneData sceneData = this.mSessionSceneDataRepository.getSceneData(str, str2);
                if (sceneData instanceof RsaSceneData) {
                    createAndSaveSceneData = (RsaSceneData) sceneData;
                } else {
                    LogUtil.d("RsaDigitalEnvelopeFunction", "createAndSaveSceneData adopt and save to session");
                    this.mSessionSceneDataRepository.addSceneData(str, createAndSaveSceneData);
                    this.mCryptoConfigMap.remove(str2);
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return createAndSaveSceneData;
    }

    public final RsaCryptoConfig createRsaCryptoConfig(String str, RsaSceneData rsaSceneData) {
        PublicKey publicKey;
        long j;
        ExceptionResponse exceptionResponse = new ExceptionResponse();
        BizPublicKeys bizPublicKeys = this.mCryptoCore.getBizPublicKeys(str, true, "RSA", exceptionResponse);
        if (bizPublicKeys != null) {
            publicKey = bizPublicKeys.getPublic4Enc();
            j = bizPublicKeys.getVersion();
        } else {
            publicKey = null;
            j = 0;
        }
        long j2 = j;
        if (publicKey == null) {
            throw new InvalidKeyException("Missing biz public key. " + exceptionResponse.getException());
        }
        if (publicKey.getAlgorithm().equals("RSA")) {
            return new RsaCryptoConfig(Base64Utils.encodeToString(RsaDigitalEnvelopeUtil.generateProtectedKey(rsaSceneData.getEncryptKey(), publicKey)), rsaSceneData.getVersion(), j2);
        }
        throw new InvalidKeyException("Current scene only supports rsa key, not " + publicKey.getAlgorithm() + ". Please specify the correct biz or biz public Key.");
    }

    @Override // com.allawn.cryptography.entity.Function
    public String encrypt(byte[] bArr, String str, String str2) {
        try {
            SceneData sceneData = getSceneData(str, str2);
            if (!(sceneData instanceof RsaSceneData)) {
                sceneData = createAndSaveSceneData(str, str2);
            }
            if (!this.mCryptoConfigMap.containsKey(str2)) {
                synchronized (this.mCryptoConfigLock) {
                    try {
                        if (!this.mCryptoConfigMap.containsKey(str2)) {
                            RsaCryptoConfig createRsaCryptoConfig = createRsaCryptoConfig(str, (RsaSceneData) sceneData);
                            LogUtil.d("RsaDigitalEnvelopeFunction", "encrypt start packing digital envelopes, using server public key version " + createRsaCryptoConfig.getNegotiationVersion());
                            this.mCryptoConfigMap.put(str2, createRsaCryptoConfig);
                        }
                    } finally {
                    }
                }
            }
            SecretKey encryptKey = ((RsaSceneData) sceneData).getEncryptKey();
            EncryptAlgorithmEnum encryptAlgorithm = sceneData.getEncryptAlgorithm();
            if (EncryptEnum.AES == encryptAlgorithm.getAlgorithm()) {
                return CipherUtil.wrap(AesUtil.encrypt(new CryptoParameters.Builder().setAlgorithm(CryptoParameters.AlgorithmEnum.getAlgorithm(encryptAlgorithm.getMethod())).setCryptoText(bArr).setKey(encryptKey).build()));
            }
            throw new IllegalArgumentException(encryptAlgorithm.getAlgorithm().name());
        } catch (InvalidArgumentException | SceneNotFoundException | InvalidKeyException | NoSuchAlgorithmException | JSONException e) {
            throw new EncryptException(e);
        }
    }

    @Override // com.allawn.cryptography.entity.Function
    public CryptoConfig getCryptoConfig(String str, String str2) {
        try {
            if (!this.mCryptoConfigMap.containsKey(str2)) {
                SceneData sceneData = getSceneData(str, str2);
                if (!(sceneData instanceof RsaSceneData)) {
                    sceneData = createAndSaveSceneData(str, str2);
                }
                synchronized (this.mCryptoConfigLock) {
                    try {
                        if (!this.mCryptoConfigMap.containsKey(str2)) {
                            RsaCryptoConfig createRsaCryptoConfig = createRsaCryptoConfig(str, (RsaSceneData) sceneData);
                            LogUtil.d("RsaDigitalEnvelopeFunction", "getCryptoConfig start packing digital envelopes, using server public key version " + createRsaCryptoConfig.getNegotiationVersion());
                            this.mCryptoConfigMap.put(str2, createRsaCryptoConfig);
                        }
                    } finally {
                    }
                }
            }
            return (CryptoConfig) this.mCryptoConfigMap.get(str2);
        } catch (SceneNotFoundException | InvalidKeyException | NoSuchAlgorithmException e) {
            throw new EncryptException(e);
        }
    }
}
