package com.aetherpal.tools.dske;

import android.os.Messenger;
import android.os.RemoteException;
import com.aetherpal.core.exceptions.CryptoException;
import com.aetherpal.core.logger.ApLog;
import com.aetherpal.core.utils.CryptoUtils;
import com.aetherpal.messages.ApDataTypeEnum;
import com.aetherpal.messages.ToolMessages;
import com.aetherpal.messages.datatype.ARRAY_RAWBYTE;
import com.aetherpal.messages.datatype.UINT_32;
import com.aetherpal.messages.datatype.UINT_8;
import com.aetherpal.messages.datatype.unsigned.UnsignedInteger;
import com.aetherpal.messages.signal.SignalCode;
import com.aetherpal.messages.signal.SignalMessage;
import com.aetherpal.messages.signal.SignalParamNames;
import com.aetherpal.messages.signal.SignalParameter;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Hashtable;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class DeviceStubKeyExchange {
    private static final int RANDOM_SEED_LENGTH = 32;
    private static final int SSD_LENGTH = 32;
    private static final int SVR_CONNECTION_PROCTOR_SVR = 16384;
    private int moduleId;
    private OnKEPCompleted onKEPCompleted;
    private int pkoi;
    private int pkoid;
    private PublicKey publicKey;
    private Object tag;
    private Hashtable<Integer, SignalMessage> signalCache = new Hashtable<>();
    private byte[] challenge = null;
    private byte[] ssd = null;
    private int kepCryptoSuite = 1;
    private String kepCipherAlg = "RSA/NONE/OAEPWITHSHA1ANDMGF1PADDING";
    private String hashAlg = "HmacSHA256";
    private byte negotiateId = 0;
    private SignalMessage toolSvcRequest = null;
    private DSKEState state = DSKEState.Null;

    public DeviceStubKeyExchange(int i, OnKEPCompleted onKEPCompleted) {
        this.onKEPCompleted = null;
        this.moduleId = i;
        this.onKEPCompleted = onKEPCompleted;
    }

    private void Challenge(byte[] bArr, Messenger messenger) {
        SignalMessage signalMessage = new SignalMessage(this.moduleId);
        signalMessage.signalCode = SignalCode.NEG_REQ;
        SignalParameter signalParameter = new SignalParameter(ApDataTypeEnum.UINT_8);
        signalParameter.name = SignalParamNames.NegotiationType;
        UINT_8 uint_8 = new UINT_8();
        uint_8.setData((Byte) (byte) 0);
        signalParameter.value = uint_8;
        signalMessage.addParameter(signalParameter);
        SignalParameter signalParameter2 = new SignalParameter(ApDataTypeEnum.UINT_8);
        signalParameter2.name = SignalParamNames.NegotiationID;
        UINT_8 uint_82 = new UINT_8();
        uint_82.setData(Byte.valueOf(this.negotiateId));
        signalParameter2.value = uint_82;
        signalMessage.addParameter(signalParameter2);
        SignalParameter signalParameter3 = new SignalParameter(ApDataTypeEnum.UINT_8);
        signalParameter3.name = SignalParamNames.NegotiationCode;
        UINT_8 uint_83 = new UINT_8();
        uint_83.setData(Byte.valueOf(NegotiationCode.getByteValue(NegotiationCode.CHALLENGE)));
        signalParameter3.value = uint_83;
        signalMessage.addParameter(signalParameter3);
        SignalParameter signalParameter4 = new SignalParameter(ApDataTypeEnum.UINT_32);
        signalParameter4.name = SignalParamNames.PKOI;
        UINT_32 uint_32 = new UINT_32();
        uint_32.setData(new UnsignedInteger(this.pkoi));
        signalParameter4.value = uint_32;
        signalMessage.addParameter(signalParameter4);
        SignalParameter signalParameter5 = new SignalParameter(ApDataTypeEnum.UINT_32);
        signalParameter5.name = SignalParamNames.PKOID;
        UINT_32 uint_322 = new UINT_32();
        uint_322.setData(new UnsignedInteger(this.pkoid));
        signalParameter5.value = uint_322;
        signalMessage.addParameter(signalParameter5);
        SignalParameter signalParameter6 = new SignalParameter(ApDataTypeEnum.UINT_8);
        signalParameter6.name = SignalParamNames.CryptoSuite;
        UINT_8 uint_84 = new UINT_8();
        uint_84.setData(Byte.valueOf((byte) this.kepCryptoSuite));
        signalParameter6.value = uint_84;
        signalMessage.addParameter(signalParameter6);
        SignalParameter signalParameter7 = new SignalParameter(ApDataTypeEnum.ARRAY_RAWBYTE);
        signalParameter7.name = SignalParamNames.DSKE.DS_CC_EChal;
        ARRAY_RAWBYTE array_rawbyte = new ARRAY_RAWBYTE();
        array_rawbyte.setData(bArr);
        signalParameter7.value = array_rawbyte;
        signalMessage.addParameter(signalParameter7);
        relaySignal(signalMessage, messenger);
        this.state = DSKEState.Challenge;
    }

    private void KeyCommit(byte[] bArr, Messenger messenger) {
        SignalMessage signalMessage = new SignalMessage(this.moduleId);
        signalMessage.signalCode = SignalCode.NEG_REQ;
        SignalParameter signalParameter = new SignalParameter(ApDataTypeEnum.UINT_8);
        signalParameter.name = SignalParamNames.NegotiationType;
        UINT_8 uint_8 = new UINT_8();
        uint_8.setData((Byte) (byte) 0);
        signalParameter.value = uint_8;
        signalMessage.addParameter(signalParameter);
        SignalParameter signalParameter2 = new SignalParameter(ApDataTypeEnum.UINT_8);
        signalParameter2.name = SignalParamNames.NegotiationID;
        UINT_8 uint_82 = new UINT_8();
        uint_82.setData(Byte.valueOf(this.negotiateId));
        signalParameter2.value = uint_82;
        signalMessage.addParameter(signalParameter2);
        SignalParameter signalParameter3 = new SignalParameter(ApDataTypeEnum.UINT_8);
        signalParameter3.name = SignalParamNames.NegotiationCode;
        UINT_8 uint_83 = new UINT_8();
        uint_83.setData(Byte.valueOf(NegotiationCode.getByteValue(NegotiationCode.RESULT)));
        signalParameter3.value = uint_83;
        signalMessage.addParameter(signalParameter3);
        SignalParameter signalParameter4 = new SignalParameter(ApDataTypeEnum.ARRAY_RAWBYTE);
        signalParameter4.name = SignalParamNames.DSKE.DS_CC_EMSSSD;
        ARRAY_RAWBYTE array_rawbyte = new ARRAY_RAWBYTE();
        array_rawbyte.setData(bArr);
        signalParameter4.value = array_rawbyte;
        signalMessage.addParameter(signalParameter4);
        relaySignal(signalMessage, messenger);
        this.state = DSKEState.Result;
    }

    private void OnChallengeResponse(byte[] bArr, byte[] bArr2, Messenger messenger) {
        try {
            Mac mac = Mac.getInstance(this.hashAlg);
            mac.init(new SecretKeySpec(this.challenge, this.hashAlg));
            byte[] doFinal = mac.doFinal(bArr);
            try {
                byte[] doRSADecrypt = CryptoUtils.doRSADecrypt(this.publicKey, bArr2, "RSA/ECB/PKCS1Padding");
                if (doRSADecrypt == null) {
                    onKeyExchangeCompleted(-1, null, messenger);
                } else if (Arrays.equals(doFinal, Arrays.copyOfRange(doRSADecrypt, doRSADecrypt.length - doFinal.length, doRSADecrypt.length))) {
                    this.ssd = SecureRandom.getSeed(32);
                    try {
                        KeyCommit(CryptoUtils.doRSAEncrypt(this.publicKey, this.ssd, this.kepCipherAlg), messenger);
                    } catch (CryptoException e) {
                        ApLog.printStackTrace(e);
                        onKeyExchangeCompleted(-1, null, messenger);
                    }
                } else {
                    onKeyExchangeCompleted(-1, null, messenger);
                }
            } catch (CryptoException e2) {
                ApLog.printStackTrace(e2);
                onKeyExchangeCompleted(-1, null, messenger);
            }
        } catch (Exception e3) {
            ApLog.printStackTrace(e3);
            onKeyExchangeCompleted(-1, null, messenger);
        }
    }

    private void onKeyExchangeCompleted(int i, byte[] bArr, Messenger messenger) {
        this.state = DSKEState.Null;
        if (i == 0 && Arrays.equals(this.ssd, bArr)) {
            this.onKEPCompleted.onKEPCompleted(true, this.toolSvcRequest, messenger);
        } else {
            this.onKEPCompleted.onKEPCompleted(false, this.toolSvcRequest, messenger);
        }
    }

    private void relaySignal(SignalMessage signalMessage, Messenger messenger) {
        signalMessage.source = this.moduleId;
        signalMessage.destination = 16384L;
        this.signalCache.put(Integer.valueOf((int) signalMessage.sequenceNumber), signalMessage);
        try {
            messenger.send(ToolMessages.createToolMessage(signalMessage));
        } catch (RemoteException e) {
            ApLog.printStackTrace(e);
        }
    }

    public void initiateKEP(SignalMessage signalMessage, Messenger messenger) {
        this.toolSvcRequest = signalMessage;
        this.challenge = SecureRandom.getSeed(32);
        try {
            Challenge(CryptoUtils.doRSAEncrypt(this.publicKey, this.challenge, this.kepCipherAlg), messenger);
        } catch (CryptoException e) {
            ApLog.printStackTrace(e);
            this.onKEPCompleted.onKEPCompleted(false, this.toolSvcRequest, messenger);
        }
    }

    public boolean processNegotiationMessage(SignalMessage signalMessage, Messenger messenger) {
        if (!this.signalCache.containsKey(Integer.valueOf((int) signalMessage.refSequenceNumber))) {
            return false;
        }
        try {
            if (this.signalCache.get(Integer.valueOf((int) signalMessage.refSequenceNumber)).signalCode == SignalCode.NEG_REQ) {
                SignalParameter signalParameter = (SignalParameter) signalMessage.getParameter(SignalParamNames.NegotiationCode);
                if (NegotiationCode.getEnum(((UINT_8) signalParameter.value).getData().byteValue()) == NegotiationCode.RENEGOTIATE) {
                    this.state = DSKEState.Null;
                    this.negotiateId = (byte) (this.negotiateId + 1);
                    initiateKEP(this.toolSvcRequest, messenger);
                    return true;
                }
                if (signalMessage.signalCode == SignalCode.ACK) {
                    switch (this.state) {
                        case Challenge:
                            if (NegotiationCode.getEnum(((UINT_8) signalParameter.value).getData().byteValue()) == NegotiationCode.RESPONSE) {
                                OnChallengeResponse(((ARRAY_RAWBYTE) ((SignalParameter) signalMessage.getParameter(SignalParamNames.DSKE.DS_CC_Rand)).value).getData(), ((ARRAY_RAWBYTE) ((SignalParameter) signalMessage.getParameter(SignalParamNames.DSKE.DS_CC_SChalResp)).value).getData(), messenger);
                                break;
                            }
                            break;
                        case Result:
                            if (NegotiationCode.getEnum(((UINT_8) signalParameter.value).getData().byteValue()) == NegotiationCode.COMMIT) {
                                onKeyExchangeCompleted(0, ((ARRAY_RAWBYTE) ((SignalParameter) signalMessage.getParameter(SignalParamNames.DSKE.DM_CC_MSSSD)).value).getData(), messenger);
                                this.state = DSKEState.Null;
                                break;
                            }
                            break;
                    }
                } else if (signalMessage.signalCode == SignalCode.NAK) {
                    onKeyExchangeCompleted(signalMessage.containsParameter(SignalParamNames.ErrorCode) ? (int) ((UINT_32) ((SignalParameter) signalMessage.getParameter(SignalParamNames.ErrorCode)).value).getData().longValue() : 0, null, messenger);
                }
            }
        } catch (Exception e) {
            ApLog.printStackTrace(e);
        }
        this.signalCache.remove(Integer.valueOf((int) signalMessage.refSequenceNumber));
        return true;
    }

    public void updateSessionArgs(int i, int i2, PublicKey publicKey) {
        this.pkoi = i2;
        this.pkoid = i;
        this.publicKey = publicKey;
    }
}
