package com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.utils;

import androidx.annotation.NonNull;
import com.huawei.iotplatform.security.common.util.CommonUtil;
import com.huawei.iotplatform.security.common.util.KeyDerivationUtils;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.nativehelper.X25519Methods;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.AsymKeyPair;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.StsResponseData;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.NoSuchAlgorithmException;

/* loaded from: classes2.dex */
public class StsUtils {
    private StsUtils() {
    }

    public static byte[] stsAckRequest(@NonNull byte[] bArr, @NonNull byte[] bArr2, byte[] bArr3, byte[] bArr4, int i) throws InvalidKeyException, NoSuchAlgorithmException, InvalidParameterException {
        byte[] computeSharedSecret = X25519Methods.computeSharedSecret(bArr2, bArr);
        if (computeSharedSecret == null || computeSharedSecret.length < 32) {
            throw new InvalidParameterException();
        }
        return KeyDerivationUtils.hkdf(computeSharedSecret, bArr3, bArr4, i);
    }

    public static StsResponseData stsResponse(@NonNull byte[] bArr, @NonNull byte[] bArr2, int i) throws InvalidKeyException, NoSuchAlgorithmException, InvalidParameterException {
        StsResponseData stsResponseData = new StsResponseData();
        AsymKeyPair keypair = X25519Methods.keypair();
        if (keypair == null) {
            throw new InvalidKeyException();
        }
        stsResponseData.setPrivateKey(keypair.getPrivateKey());
        stsResponseData.setPublicKey(keypair.getPublicKey());
        keypair.clear();
        if (stsResponseData.getPrivateKey() == null || stsResponseData.getPublicKey() == null || stsResponseData.getPrivateKey().length != 32 || stsResponseData.getPublicKey().length != 32) {
            throw new InvalidKeyException();
        }
        byte[] computeSharedSecret = X25519Methods.computeSharedSecret(stsResponseData.getPrivateKey(), bArr);
        if (computeSharedSecret == null || computeSharedSecret.length < 32) {
            throw new InvalidParameterException();
        }
        byte[] randomBytes = CommonUtil.getRandomBytes(16);
        stsResponseData.setSalt(randomBytes);
        stsResponseData.setSessionKey(KeyDerivationUtils.hkdf(computeSharedSecret, randomBytes, bArr2, i));
        CommonUtil.clearBytes(computeSharedSecret);
        return stsResponseData;
    }

    public static AsymKeyPair stsStart() throws InvalidKeyException {
        AsymKeyPair keypair = X25519Methods.keypair();
        if (keypair == null) {
            throw new InvalidKeyException();
        }
        byte[] privateKey = keypair.getPrivateKey();
        if (privateKey == null || privateKey.length != 32) {
            keypair.clear();
            throw new InvalidKeyException();
        }
        byte[] publicKey = keypair.getPublicKey();
        if (publicKey != null && publicKey.length == 32) {
            return keypair;
        }
        keypair.clear();
        throw new InvalidKeyException();
    }
}
