package com.today.crypt;

import android.text.TextUtils;
import android.util.Log;
import com.today.app.App;
import com.today.crypt.bean.Keys;
import com.today.crypt.bean.PreKeyEntity;
import com.today.crypt.bean.SignedPreKeyEntity;
import com.today.crypt.store.MyProtocolStoreImpl;
import com.today.db.GreenDaoInstance;
import com.today.db.bean.SecureSessionBean;
import com.today.db.dao.SecureSessionBeanDao;
import com.today.service.CallMsgService;
import com.today.utils.Base64;
import com.today.utils.Logger;
import com.today.utils.SystemConfigure;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.LinkedList;
import java.util.List;
import org.apache.commons.lang3.time.DateUtils;
import org.whispersystems.libsignal.DuplicateMessageException;
import org.whispersystems.libsignal.IdentityKeyPair;
import org.whispersystems.libsignal.InvalidKeyException;
import org.whispersystems.libsignal.InvalidKeyIdException;
import org.whispersystems.libsignal.InvalidMessageException;
import org.whispersystems.libsignal.InvalidVersionException;
import org.whispersystems.libsignal.LegacyMessageException;
import org.whispersystems.libsignal.SessionBuilder;
import org.whispersystems.libsignal.SessionCipher;
import org.whispersystems.libsignal.SignalProtocolAddress;
import org.whispersystems.libsignal.UntrustedIdentityException;
import org.whispersystems.libsignal.ecc.ECPublicKey;
import org.whispersystems.libsignal.protocol.CiphertextMessage;
import org.whispersystems.libsignal.protocol.PreKeySignalMessage;
import org.whispersystems.libsignal.state.PreKeyBundle;
import org.whispersystems.libsignal.state.PreKeyRecord;
import org.whispersystems.libsignal.state.SessionRecord;
import org.whispersystems.libsignal.state.SignalProtocolStore;
import org.whispersystems.libsignal.state.SignedPreKeyRecord;

/* loaded from: classes2.dex */
public class CryptService {
    public static final int BATCH_SIZE = 5;
    public static final int PREKEY_MAX_USE_TIME = 10;
    public static final int PREKEY_MINIMUM = 10;
    private static CryptService cryptService;
    private SignalProtocolStore signalProtocolStore = new MyProtocolStoreImpl(App.getInstance());
    private static final String TAG = CryptService.class.getSimpleName();
    public static int CURRENT_RECEIVE_MESSAGE_NUM = 0;
    public static boolean inUploadPreKeys = false;
    public static long UploadPreKeysTimes = 0;
    public static int decryptFailedTime = 0;

    private CryptService() {
    }

    public static synchronized void checkPreKeyCount(boolean z) {
        synchronized (CryptService.class) {
            CURRENT_RECEIVE_MESSAGE_NUM++;
            if ((GreenDaoInstance.getInstance().oneTimePreKeyBeanDao.count() > 10 || CURRENT_RECEIVE_MESSAGE_NUM < 10) && !z) {
                return;
            }
            Integer preKeyCount = QuicUtil.getPreKeyCount();
            if (preKeyCount == null || preKeyCount.intValue() < 10 || z) {
                getInstance();
                updateUserKey(true);
                CURRENT_RECEIVE_MESSAGE_NUM = 0;
            }
        }
    }

    public static synchronized void checkPreKeyCountSync(final boolean z) {
        synchronized (CryptService.class) {
            new Thread(new Runnable() { // from class: com.today.crypt.CryptService.1
                @Override // java.lang.Runnable
                public void run() {
                    CryptService.checkPreKeyCount(z);
                }
            }).start();
        }
    }

    public static void checkPreKeyUpload() {
        long currentTimeMillis = System.currentTimeMillis();
        if ((!inUploadPreKeys || currentTimeMillis - UploadPreKeysTimes >= DateUtils.MILLIS_PER_MINUTE) && currentTimeMillis - SystemConfigure.getLastPreKeysUpdateTime() > DateUtils.MILLIS_PER_DAY) {
            Logger.d(TAG, "正在上传本人的各种key");
            UploadPreKeysTimes = currentTimeMillis;
            inUploadPreKeys = true;
            if (!TextUtils.isEmpty(updateUserKey(true))) {
                Logger.d(TAG, "上传 key 失败");
                return;
            }
            Logger.d(TAG, "上传本人的各种 key 成功");
            SystemConfigure.setLastPreKeysUpdateTime(currentTimeMillis);
            inUploadPreKeys = false;
        }
    }

    public static CryptService getInstance() {
        if (cryptService == null) {
            synchronized (CallMsgService.class) {
                if (cryptService == null) {
                    cryptService = new CryptService();
                }
            }
        }
        return cryptService;
    }

    private void processKeys(int i, SignalProtocolAddress signalProtocolAddress, Keys keys) throws InvalidKeyException, UntrustedIdentityException {
        int i2;
        ECPublicKey eCPublicKey;
        byte[] bArr;
        for (PreKeyEntity preKeyEntity : keys.getPreKeys()) {
            int i3 = -1;
            ECPublicKey eCPublicKey2 = null;
            if (keys.getSignedPreKey() != null) {
                eCPublicKey = keys.getSignedPreKey().getPublicKey();
                i2 = keys.getSignedPreKey().getKeyId();
                bArr = keys.getSignedPreKey().getSignature();
            } else {
                i2 = -1;
                eCPublicKey = null;
                bArr = null;
            }
            if (preKeyEntity != null) {
                i3 = preKeyEntity.getKeyId();
                eCPublicKey2 = preKeyEntity.getPublicKey();
            }
            new SessionBuilder(this.signalProtocolStore, signalProtocolAddress).process(new PreKeyBundle(i, 1, i3, eCPublicKey2, i2, eCPublicKey, bArr, keys.getIdentityKey()));
        }
    }

    private void resetSessionStore(long j) {
        SecureSessionBean unique = GreenDaoInstance.getInstance().secureSessionBeanDao.queryBuilder().where(SecureSessionBeanDao.Properties.UserId.eq(Long.valueOf(j)), SecureSessionBeanDao.Properties.DeviceId.eq(1)).unique();
        if (unique != null) {
            unique.setRecord(unique.getOriginalRecord());
            GreenDaoInstance.getInstance().secureSessionBeanDao.update(unique);
        }
    }

    private void updateSessionStore(long j) {
        SecureSessionBean unique = GreenDaoInstance.getInstance().secureSessionBeanDao.queryBuilder().where(SecureSessionBeanDao.Properties.UserId.eq(Long.valueOf(j)), SecureSessionBeanDao.Properties.DeviceId.eq(1)).unique();
        if (unique != null) {
            unique.setOriginalRecord(unique.getRecord());
            GreenDaoInstance.getInstance().secureSessionBeanDao.update(unique);
        }
    }

    public static String updateUserKey(boolean z) {
        long parseLong = Long.parseLong(SystemConfigure.getUserId());
        IdentityKeyUtil.generateIdentityKeys(App.getInstance());
        IdentityKeyPair identityKeyPair = IdentityKeyUtil.getIdentityKeyPair(App.getInstance());
        List<PreKeyRecord> generatePreKeys = PreKeyUtil.generatePreKeys(App.getInstance(), parseLong);
        SignedPreKeyRecord generateSignedPreKey = PreKeyUtil.generateSignedPreKey(App.getInstance(), parseLong, identityKeyPair, true);
        LinkedList linkedList = new LinkedList();
        for (PreKeyRecord preKeyRecord : generatePreKeys) {
            linkedList.add(new PreKeyEntity(preKeyRecord.getId(), preKeyRecord.getKeyPair().getPublicKey()));
        }
        String updateUserKey = QuicUtil.updateUserKey("jsonData=" + JsonUtil.toJson(new Keys(Integer.valueOf(Integer.parseInt(SystemConfigure.getUserId())), linkedList, new SignedPreKeyEntity(generateSignedPreKey.getId(), generateSignedPreKey.getKeyPair().getPublicKey(), generateSignedPreKey.getSignature()), identityKeyPair.getPublicKey())));
        Logger.d(TAG, "uploadKeys=" + updateUserKey);
        return updateUserKey;
    }

    public void UpdatePreKeys(boolean z) {
        long parseLong = Long.parseLong(SystemConfigure.getUserId());
        IdentityKeyUtil.generateIdentityKeys(App.getInstance());
        IdentityKeyPair identityKeyPair = IdentityKeyUtil.getIdentityKeyPair(App.getInstance());
        List<PreKeyRecord> generatePreKeys = PreKeyUtil.generatePreKeys(App.getInstance(), parseLong);
        SignedPreKeyRecord generateSignedPreKey = PreKeyUtil.generateSignedPreKey(App.getInstance(), parseLong, identityKeyPair, true);
        LinkedList linkedList = new LinkedList();
        for (PreKeyRecord preKeyRecord : generatePreKeys) {
            linkedList.add(new PreKeyEntity(preKeyRecord.getId(), preKeyRecord.getKeyPair().getPublicKey()));
        }
        String updateUserKey = QuicUtil.updateUserKey("jsonData=" + JsonUtil.toJson(new Keys(Integer.valueOf(Integer.parseInt(SystemConfigure.getUserId())), linkedList, new SignedPreKeyEntity(generateSignedPreKey.getId(), generateSignedPreKey.getKeyPair().getPublicKey(), generateSignedPreKey.getSignature()), identityKeyPair.getPublicKey())));
        Logger.d(TAG, "uploadKeys=" + updateUserKey);
    }

    public void UpdateSignedPreKey(boolean z) {
        long parseLong = Long.parseLong(SystemConfigure.getUserId());
        IdentityKeyUtil.generateIdentityKeys(App.getInstance());
        IdentityKeyPair identityKeyPair = IdentityKeyUtil.getIdentityKeyPair(App.getInstance());
        List<PreKeyRecord> generatePreKeys = PreKeyUtil.generatePreKeys(App.getInstance(), parseLong);
        SignedPreKeyRecord generateSignedPreKey = PreKeyUtil.generateSignedPreKey(App.getInstance(), parseLong, identityKeyPair, true);
        LinkedList linkedList = new LinkedList();
        for (PreKeyRecord preKeyRecord : generatePreKeys) {
            linkedList.add(new PreKeyEntity(preKeyRecord.getId(), preKeyRecord.getKeyPair().getPublicKey()));
        }
        String updateUserKey = QuicUtil.updateUserKey("jsonData=" + JsonUtil.toJson(new Keys(Integer.valueOf(Integer.parseInt(SystemConfigure.getUserId())), linkedList, new SignedPreKeyEntity(generateSignedPreKey.getId(), generateSignedPreKey.getKeyPair().getPublicKey(), generateSignedPreKey.getSignature()), identityKeyPair.getPublicKey())));
        Logger.d(TAG, "uploadKeys=" + updateUserKey);
    }

    public boolean checkUserKey(long j, boolean z) throws UntrustedIdentityException, InvalidKeyException {
        if (!z && !IdentityKeyUtil.hasIdentityKey(App.getInstance())) {
            checkPreKeyCount(true);
        }
        SignalProtocolAddress signalProtocolAddress = new SignalProtocolAddress(String.valueOf(j), 1);
        SessionRecord loadSession = this.signalProtocolStore.loadSession(signalProtocolAddress);
        if (z) {
            this.signalProtocolStore.deleteSession(signalProtocolAddress);
        } else if (loadSession.getSessionState() != null && loadSession.serialize().length > 10) {
            return true;
        }
        SignalProtocolAddress signalProtocolAddress2 = new SignalProtocolAddress(String.valueOf(j), 1);
        Keys keys = QuicUtil.getKeys(j);
        if (keys == null) {
            return false;
        }
        int i = (int) j;
        try {
            processKeys(i, signalProtocolAddress2, keys);
        } catch (UntrustedIdentityException unused) {
            Logger.e(TAG, "好友的identity key已修改");
            this.signalProtocolStore.deleteSession(signalProtocolAddress);
            processKeys(i, signalProtocolAddress2, keys);
        }
        updateSessionStore(j);
        return true;
    }

    public synchronized String decrypt(long j, String str) throws UntrustedIdentityException, InvalidKeyException, InvalidVersionException, InvalidMessageException, DuplicateMessageException, LegacyMessageException, InvalidKeyIdException, IOException {
        byte[] decrypt;
        boolean hasIdentityKey = IdentityKeyUtil.hasIdentityKey(App.getInstance());
        Logger.d(TAG, "decrypt hasIdentityKey=" + hasIdentityKey);
        if (!hasIdentityKey) {
            IdentityKeyUtil.generateIdentityKeys(App.getInstance());
        }
        if (decryptFailedTime > 1) {
            updateUserKey(true);
        }
        SignalProtocolAddress signalProtocolAddress = new SignalProtocolAddress(String.valueOf(j), 1);
        if (!this.signalProtocolStore.containsSession(signalProtocolAddress) && !checkUserKey(j, false)) {
            return null;
        }
        SessionCipher sessionCipher = new SessionCipher(this.signalProtocolStore, signalProtocolAddress);
        try {
            decrypt = sessionCipher.decrypt(new PreKeySignalMessage(Base64.decode(str)));
        } catch (Exception unused) {
            if (!checkUserKey(j, true)) {
                return null;
            }
            decrypt = sessionCipher.decrypt(new PreKeySignalMessage(Base64.decode(str)));
        }
        decryptFailedTime = 0;
        resetSessionStore(j);
        String str2 = new String(decrypt);
        Log.d(TAG, "decryptContent=" + str2);
        return str2;
    }

    public void deleteUserKey(long j) throws UntrustedIdentityException, InvalidKeyException {
        this.signalProtocolStore.deleteSession(new SignalProtocolAddress(String.valueOf(j), 1));
    }

    public String encrypt(long j, String str) throws UntrustedIdentityException, InvalidKeyException, UnsupportedEncodingException {
        CiphertextMessage encrypt;
        SignalProtocolAddress signalProtocolAddress = new SignalProtocolAddress(String.valueOf(j), 1);
        if (!checkUserKey(j, false)) {
            throw new InvalidKeyException("没有对方的加密key");
        }
        SessionCipher sessionCipher = new SessionCipher(this.signalProtocolStore, signalProtocolAddress);
        try {
            encrypt = sessionCipher.encrypt(str.getBytes("UTF-8"));
        } catch (Exception unused) {
            this.signalProtocolStore.loadSession(signalProtocolAddress);
            this.signalProtocolStore.deleteSession(signalProtocolAddress);
            checkUserKey(j, false);
            encrypt = sessionCipher.encrypt(str.getBytes("UTF-8"));
        }
        if (encrypt == null) {
            return null;
        }
        resetSessionStore(j);
        String encodeBytes = Base64.encodeBytes(encrypt.serialize());
        Log.d(TAG, "content length=" + str.length() + "、encrypt length=" + encrypt.serialize().length + "、body=" + encodeBytes);
        return encodeBytes;
    }
}
