package com.allawn.cryptography.sigma;

import com.allawn.cryptography.core.CryptoCore;
import com.allawn.cryptography.entity.ExceptionResponse;
import com.allawn.cryptography.entity.NegotiationParam;
import com.allawn.cryptography.entity.SceneConfig;
import com.allawn.cryptography.entity.SceneData;
import com.allawn.cryptography.exception.InvalidArgumentException;
import com.allawn.cryptography.keymanager.entity.ApplicationKeyPairs;
import com.allawn.cryptography.keymanager.entity.BizPublicKeys;
import com.allawn.cryptography.sigma.Sigma;
import com.allawn.cryptography.sigma.SigmaParameters;
import com.allawn.cryptography.util.KeyUtil;
import com.allawn.cryptography.util.LogUtil;
import com.allawn.cryptography.util.SceneUtil;
import com.heytap.baselib.utils.SecurityUtils;
import java.security.InvalidKeyException;
import java.security.KeyException;
import java.security.PublicKey;
import java.security.cert.X509Certificate;

/* loaded from: classes.dex */
public abstract class SigmaUtil {
    public static final Object SIGMA_SCENE_DATA_LOCK = new Object();

    public static SceneData createAndSaveSceneData(CryptoCore cryptoCore, String str, String str2, NegotiationParam negotiationParam, ExceptionResponse exceptionResponse) {
        final PublicKey publicKey;
        long j;
        String device = cryptoCore.getDevice();
        if (device == null) {
            throw new InvalidArgumentException("DeviceId is null");
        }
        BizPublicKeys bizPublicKeys = cryptoCore.getBizPublicKeys(str, true, SecurityUtils.ECDSA.KEY_ALGORITHM, exceptionResponse);
        if (bizPublicKeys != null) {
            publicKey = bizPublicKeys.getPublic4Sign();
            j = bizPublicKeys.getVersion();
        } else {
            publicKey = null;
            j = 0;
        }
        if (publicKey == null) {
            throw new InvalidKeyException("Missing biz public key. " + exceptionResponse.getException());
        }
        if (!publicKey.getAlgorithm().equals(SecurityUtils.ECDSA.KEY_ALGORITHM)) {
            throw new InvalidKeyException("Current scene only supports EC key, not " + publicKey.getAlgorithm() + ". Please specify the correct biz or biz public key");
        }
        ApplicationKeyPairs applicationKeyPairs = cryptoCore.getApplicationKeyPairs(str, exceptionResponse);
        if (applicationKeyPairs == null) {
            throw new KeyException("Missing application key pair. " + exceptionResponse.getException());
        }
        final String valueOf = String.valueOf(j);
        SceneConfig sceneConfig = cryptoCore.getSceneConfig(str2);
        SigmaSceneData sigmaSceneData = new SigmaSceneData(sceneConfig.getNegotiationAlgorithm());
        SceneUtil.setSceneData(sceneConfig, sigmaSceneData);
        SigmaSession sigmaSession = new SigmaSession();
        sigmaSession.setBiz(str);
        sigmaSession.setHostname(cryptoCore.getBizHostname(str));
        sigmaSession.setDevice(device);
        sigmaSession.setScene(str2);
        sigmaSession.setKeyIds(valueOf, applicationKeyPairs.getAccessId());
        SigmaParameters.Builder peerPublicKeyChecker = new SigmaParameters.Builder().setId(applicationKeyPairs.getAccessId()).setLocalPublicKey(applicationKeyPairs.getPublicKeyForSign()).setLocalPrivateKey(applicationKeyPairs.getPrivateKeyForSign()).setLocalPublicKeyFormat(LocalPublicKeyFormatEnum.PUB_FORMAT_ID).setPeerPublicKeyChecker(new Sigma.PeerPublicKeyChecker() { // from class: com.allawn.cryptography.sigma.SigmaUtil.1
            @Override // com.allawn.cryptography.sigma.Sigma.PeerPublicKeyChecker
            public void checkCertificate(X509Certificate x509Certificate) {
            }

            @Override // com.allawn.cryptography.sigma.Sigma.PeerPublicKeyChecker
            public void checkPublicKey(PublicKey publicKey2) {
            }

            @Override // com.allawn.cryptography.sigma.Sigma.PeerPublicKeyChecker
            public PublicKey checkPublicKeyID(String str3) {
                if (valueOf.equals(str3)) {
                    return publicKey;
                }
                throw new KeyException("The server public keys used are inconsistent: certVersion=" + str3);
            }
        });
        if (sceneConfig.getEncryptAlgorithm() != null) {
            peerPublicKeyChecker.setKeyLength(sceneConfig.getEncryptAlgorithm().getKeyLength() / 8);
        }
        sigmaSession.setParameters(peerPublicKeyChecker.build());
        sigmaSession.setNegotiationVersion(sigmaSceneData.getVersion());
        if (sceneConfig.isNeedReuse()) {
            synchronized (SIGMA_SCENE_DATA_LOCK) {
                try {
                    SceneData sceneData = cryptoCore.getSceneData(str, sceneConfig.getScene());
                    if (sceneData != null && !sceneData.isExpired() && (sceneData instanceof SigmaSceneData)) {
                        sigmaSceneData = (SigmaSceneData) sceneData;
                    }
                    LogUtil.d("SigmaUtil", "createAndSaveSceneData send a sigma message to pki server, biz is " + str);
                    sigmaSceneData.setEncryptKey(KeyUtil.bytesToSecretKey(sigmaSession.handshake(), "AES"));
                    cryptoCore.saveSceneData(str, sigmaSceneData);
                    LogUtil.d("SigmaUtil", "createAndSaveSceneData adopt and save to cryptoCore");
                } finally {
                }
            }
        } else {
            LogUtil.d("SigmaUtil", "createAndSaveSceneData send a sigma message to pki server, biz is " + str);
            sigmaSceneData.setEncryptKey(KeyUtil.bytesToSecretKey(sigmaSession.handshake(), "AES"));
        }
        return sigmaSceneData;
    }
}
