package com.huawei.wisesecurity.keyindex.service.groupkey;

import c.a.a.a.a;
import com.huawei.wisesecurity.keyindex.KiContext;
import com.huawei.wisesecurity.keyindex.config.CryptoVersion;
import com.huawei.wisesecurity.keyindex.config.CryptoVersionUtil;
import com.huawei.wisesecurity.keyindex.constant.KiConstants;
import com.huawei.wisesecurity.keyindex.crypto.KiAESCipher;
import com.huawei.wisesecurity.keyindex.crypto.KiSessionKey;
import com.huawei.wisesecurity.keyindex.crypto.MCEnum;
import com.huawei.wisesecurity.keyindex.crypto.ec.ECCipher;
import com.huawei.wisesecurity.keyindex.crypto.ec.ECCurveEnum;
import com.huawei.wisesecurity.keyindex.crypto.ec.ECKeyPair;
import com.huawei.wisesecurity.keyindex.crypto.key.DefaultSecretKeyHandler;
import com.huawei.wisesecurity.keyindex.entity.PublicKey;
import com.huawei.wisesecurity.keyindex.entity.groupkey.EncryptGroupKeyResult;
import com.huawei.wisesecurity.keyindex.entity.groupkey.FailInfo;
import com.huawei.wisesecurity.keyindex.entity.groupkey.GroupKey;
import com.huawei.wisesecurity.keyindex.entity.groupkey.GroupKeyInfo;
import com.huawei.wisesecurity.keyindex.entity.groupkey.LocalGroupKey;
import com.huawei.wisesecurity.keyindex.entity.groupkey.Sender;
import com.huawei.wisesecurity.keyindex.entity.groupkey.WrappedGroupKey;
import com.huawei.wisesecurity.keyindex.exception.KiCryptoException;
import com.huawei.wisesecurity.keyindex.exception.KiErrorCode;
import com.huawei.wisesecurity.keyindex.exception.KiException;
import com.huawei.wisesecurity.keyindex.log.LogKi;
import com.huawei.wisesecurity.keyindex.service.key.KeyEntry;
import com.huawei.wisesecurity.keyindex.service.key.UserKeyManager;
import com.huawei.wisesecurity.keyindex.service.key.WorkKeyManager;
import com.huawei.wisesecurity.keyindex.utils.Base64Util;
import com.huawei.wisesecurity.kfs.crypto.cipher.CipherAlg;
import java.util.ArrayList;
import java.util.List;

/* loaded from: classes.dex */
public class DefaultGroupKeyHandler implements GroupKeyHandler {
    public static final String TAG = "DefaultGroupKeyHandler";

    private byte[] decryptGroupKey(String str, byte[] bArr, CryptoVersion cryptoVersion) throws KiException {
        try {
            return new KiAESCipher().withCipherText(str).withKey(bArr).withCipherAlg(cryptoVersion.getCipherAlgByType(KiConstants.CryptoVersion.GROUP_KEY_CRYPTO)).doCommonKeyDecrypt();
        } catch (KiCryptoException e2) {
            throw new KiException(KiErrorCode.DECRYPT_GROUP_KEY_FAIL, e2.getMessage());
        }
    }

    private FailInfo genFailInfo(PublicKey publicKey, int i2, String str) {
        FailInfo failInfo = new FailInfo();
        failInfo.setUid(publicKey.getUid());
        failInfo.setDeviceId(publicKey.getDeviceId());
        failInfo.setAppId(publicKey.getAppId());
        failInfo.setErrCode(i2);
        failInfo.setErrMsg(str);
        return failInfo;
    }

    private GroupKey genGroupKey(PublicKey publicKey, byte[] bArr, ECKeyPair eCKeyPair, ECKeyPair eCKeyPair2, CryptoVersion cryptoVersion) throws KiException {
        String doCommonKeyEncrypt = new KiAESCipher().withPlainText(bArr).withKey(genSessionKey(Base64Util.decode(publicKey.getPublicKeyInfo().getLpk()), Base64Util.decode(publicKey.getPublicKeyInfo().getTpk()), eCKeyPair, eCKeyPair2, KiContext.getContext().getUserInfo().getUid(), publicKey.getUid(), cryptoVersion)).withCipherAlg(cryptoVersion.getCipherAlgByType(KiConstants.CryptoVersion.GROUP_KEY_CRYPTO)).doCommonKeyEncrypt();
        GroupKeyInfo groupKeyInfo = new GroupKeyInfo();
        groupKeyInfo.setGroupKeyEnc(doCommonKeyEncrypt);
        groupKeyInfo.setMpkIdx(publicKey.getPublicKeyInfo().getMpkIdx());
        groupKeyInfo.setOpkIdx(publicKey.getPublicKeyInfo().getOpkIdx());
        GroupKey groupKey = new GroupKey();
        groupKey.setUid(publicKey.getUid());
        groupKey.setDeviceId(publicKey.getDeviceId());
        groupKey.setAppId(publicKey.getAppId());
        groupKey.setContent(groupKeyInfo);
        return groupKey;
    }

    private byte[] genSessionKey(byte[] bArr, byte[] bArr2, ECKeyPair eCKeyPair, ECKeyPair eCKeyPair2, String str, String str2, CryptoVersion cryptoVersion) throws KiException {
        return new KiSessionKey().withMyLPK(eCKeyPair.getPrivateKey()).withMyEPK(eCKeyPair2.getPrivateKey()).withPeerLPK(bArr).withPeerTPK(bArr2).withSenderUid(str).withReceiverUid(str2).withAlg(cryptoVersion.getECDHAlgByType(KiConstants.CryptoVersion.SK_AGREEMENT)).build();
    }

    @Override // com.huawei.wisesecurity.keyindex.service.groupkey.GroupKeyHandler
    public byte[] decryptLocalGroupKey(LocalGroupKey localGroupKey) throws KiException {
        return WorkKeyManager.instance.decryptWithGkWorkKey(localGroupKey.getWkAlias(), MCEnum.version2Alg(localGroupKey.getEncAlg()), localGroupKey.getGroupKeyEnc());
    }

    @Override // com.huawei.wisesecurity.keyindex.service.groupkey.GroupKeyHandler
    public EncryptGroupKeyResult encryptGroupKey(List<PublicKey> list, byte[] bArr, CryptoVersion cryptoVersion) throws KiException {
        LogKi.i(TAG, "get long key entry");
        KeyEntry longKeyEntry = UserKeyManager.instance.getLongKeyEntry();
        LogKi.i(TAG, "gen tmp key entry");
        ECKeyPair genKeyPair = ECCipher.getHandler().genKeyPair(ECCurveEnum.X25519);
        LogKi.i(TAG, "gen group key list start");
        ArrayList arrayList = new ArrayList(list.size());
        ArrayList arrayList2 = new ArrayList();
        for (PublicKey publicKey : list) {
            if (publicKey != null) {
                try {
                    publicKey.checkParam();
                    publicKey.getPublicKeyInfo().checkParam();
                    arrayList.add(genGroupKey(publicKey, bArr, longKeyEntry.getMyLpkPair(), genKeyPair, cryptoVersion));
                } catch (KiException e2) {
                    arrayList2.add(genFailInfo(publicKey, e2.getCode(), e2.getMessage()));
                } catch (Exception e3) {
                    arrayList2.add(genFailInfo(publicKey, KiErrorCode.INNER_ERROR, e3.getMessage()));
                }
            }
        }
        StringBuilder a2 = a.a("gen group key list end, success : ");
        a2.append(arrayList.size());
        a2.append(", fail : ");
        a2.append(arrayList2.size());
        LogKi.i(TAG, a2.toString());
        longKeyEntry.destroy();
        return new EncryptGroupKeyResult(arrayList, arrayList2, genKeyPair.getPublicKeyB64(), longKeyEntry.getMyLpkPair().getPublicKeyB64());
    }

    @Override // com.huawei.wisesecurity.keyindex.service.groupkey.GroupKeyHandler
    public byte[] genGroupKey(CryptoVersion cryptoVersion) throws KiException {
        return new DefaultSecretKeyHandler().genSecretKey(cryptoVersion.getSecretKeyAlgByType(KiConstants.CryptoVersion.GROUP_KEY_DERIVED));
    }

    @Override // com.huawei.wisesecurity.keyindex.service.groupkey.GroupKeyHandler
    public LocalGroupKey genLocalGroupKey(byte[] bArr, CryptoVersion cryptoVersion) throws KiException {
        int mc = CryptoVersionUtil.getSDKCryptoVersion().getMC();
        CipherAlg version2Alg = MCEnum.version2Alg(mc);
        WorkKeyManager workKeyManager = WorkKeyManager.instance;
        String encryptWithGkWorkKey = workKeyManager.encryptWithGkWorkKey(version2Alg, bArr);
        LocalGroupKey localGroupKey = new LocalGroupKey();
        localGroupKey.setGroupKeyEnc(encryptWithGkWorkKey);
        localGroupKey.setEncAlg(mc);
        localGroupKey.setDeviceId(KiContext.getContext().getDeviceId());
        localGroupKey.setWkAlias(workKeyManager.getGkWorkKeyAlias());
        localGroupKey.setCryptoVersion(cryptoVersion.getRawCvStr());
        return localGroupKey;
    }

    @Override // com.huawei.wisesecurity.keyindex.service.groupkey.GroupKeyHandler
    public LocalGroupKey reEncryptGroupKey(WrappedGroupKey wrappedGroupKey) throws KiException {
        Sender sender = wrappedGroupKey.getSender();
        GroupKeyInfo content = wrappedGroupKey.getGroupKey().getContent();
        UserKeyManager userKeyManager = UserKeyManager.instance;
        LogKi.i(TAG, "get opk/mpk from local");
        KeyEntry keyEntry = userKeyManager.getKeyEntry(content.getMpkIdx(), content.getOpkIdx());
        LogKi.i(TAG, "gen session key");
        byte[] decode = Base64Util.decode(sender.getLpk());
        byte[] decode2 = Base64Util.decode(sender.getEpk());
        String uid = sender.getUid();
        CryptoVersion fromString = CryptoVersion.fromString(sender.getCryptoVersion());
        byte[] genSessionKey = genSessionKey(decode, decode2, keyEntry.getMyLpkPair(), keyEntry.getMyTpkPair(), uid, KiContext.getContext().getUserInfo().getUid(), fromString);
        LogKi.i(TAG, "decrypt group key start");
        byte[] decryptGroupKey = decryptGroupKey(content.getGroupKeyEnc(), genSessionKey, fromString);
        userKeyManager.setTmpKeyUsed(content.getMpkIdx(), content.getOpkIdx());
        keyEntry.destroy();
        LogKi.i(TAG, "decrypt group key end");
        return genLocalGroupKey(decryptGroupKey, fromString);
    }
}
