package com.espressif.provisioning.security;

import android.util.Log;
import com.espressif.provisioning.srp6a.BigIntegerUtils;
import com.espressif.provisioning.srp6a.SRP6ClientSession;
import com.espressif.provisioning.srp6a.SRP6CryptoParams;
import com.espressif.provisioning.srp6a.SRP6Exception;
import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import espressif.Sec2;
import espressif.Session;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class Security2 implements Security {
    private static final int SESSION_STATE_FINISHED = 3;
    private static final int SESSION_STATE_REQUEST1 = 0;
    private static final int SESSION_STATE_RESPONSE1_REQUEST2 = 1;
    private static final int SESSION_STATE_RESPONSE2 = 2;
    private static final String TAG = "Espressif::Security2";
    private Cipher cipher;
    private SRP6ClientSession client;
    private byte[] clientProof;
    private byte[] deviceNonce;
    private byte[] key;
    private byte[] sharedKey;
    private String userName;
    private int sessionState = 0;
    private BigInteger clientPublicKey = null;
    private BigInteger devicePublicKey = null;

    public Security2(String str, String str2) {
        this.userName = str;
        Log.d(TAG, "User name : " + str + " password : " + str2);
        try {
            this.cipher = Cipher.getInstance("AES/GCM/NoPadding");
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            e.printStackTrace();
        }
        SRP6ClientSession sRP6ClientSession = new SRP6ClientSession();
        this.client = sRP6ClientSession;
        sRP6ClientSession.step1(str, str2);
    }

    private byte[] getStep0Request() {
        try {
            try {
                this.clientPublicKey = this.client.getClientPublicKey(SRP6CryptoParams.getInstance(3072, "SHA-512"));
            } catch (SRP6Exception e) {
                e.printStackTrace();
            }
            return Session.SessionData.newBuilder().setSecVer(Session.SecSchemeVersion.SecScheme2).setSec2(Sec2.Sec2Payload.newBuilder().setSc0(Sec2.S2SessionCmd0.newBuilder().setClientUsername(ByteString.copyFrom(this.userName.getBytes())).setClientPubkey(ByteString.copyFrom(BigIntegerUtils.bigIntegerToBytes(this.clientPublicKey))).build()).build()).build().toByteArray();
        } catch (Exception e2) {
            Log.e(TAG, e2.getMessage());
            e2.printStackTrace();
            return null;
        }
    }

    private byte[] getStep1Request() {
        return Session.SessionData.newBuilder().setSecVer(Session.SecSchemeVersion.SecScheme2).setSec2(Sec2.Sec2Payload.newBuilder().setSc1(Sec2.S2SessionCmd1.newBuilder().setClientProof(ByteString.copyFrom(this.clientProof)).build()).setMsg(Sec2.Sec2MsgType.S2Session_Command1).build()).build().toByteArray();
    }

    private void processStep0Response(byte[] bArr) throws RuntimeException {
        try {
            if (bArr == null) {
                throw new RuntimeException("No response from device");
            }
            Session.SessionData parseFrom = Session.SessionData.parseFrom(bArr);
            if (parseFrom.getSecVer() != Session.SecSchemeVersion.SecScheme2) {
                throw new RuntimeException("Security version mismatch");
            }
            byte[] byteArray = parseFrom.getSec2().getSr0().getDeviceSalt().toByteArray();
            byte[] byteArray2 = parseFrom.getSec2().getSr0().getDevicePubkey().toByteArray();
            BigInteger bigIntegerFromBytes = BigIntegerUtils.bigIntegerFromBytes(byteArray);
            this.devicePublicKey = BigIntegerUtils.bigIntegerFromBytes(byteArray2);
            try {
                this.clientProof = BigIntegerUtils.bigIntegerToBytes(this.client.step2_for_client_evidence(SRP6CryptoParams.getInstance(3072, "SHA-512"), bigIntegerFromBytes, this.devicePublicKey, byteArray).M1);
            } catch (SRP6Exception e) {
                e.printStackTrace();
            }
        } catch (InvalidProtocolBufferException e2) {
            Log.e(TAG, e2.getMessage());
        }
    }

    private void processStep1Response(byte[] bArr) throws RuntimeException {
        try {
            if (bArr == null) {
                throw new RuntimeException("No response from device");
            }
            Session.SessionData parseFrom = Session.SessionData.parseFrom(bArr);
            if (parseFrom.getSecVer() != Session.SecSchemeVersion.SecScheme2) {
                throw new RuntimeException("Security version mismatch");
            }
            byte[] byteArray = parseFrom.getSec2().getSr1().getDeviceProof().toByteArray();
            this.deviceNonce = parseFrom.getSec2().getSr1().getDeviceNonce().toByteArray();
            try {
                this.client.step3(BigIntegerUtils.bigIntegerFromBytes(byteArray));
            } catch (SRP6Exception e) {
                e.printStackTrace();
            }
            byte[] bigIntegerToBytes = BigIntegerUtils.bigIntegerToBytes(this.client.K);
            this.sharedKey = bigIntegerToBytes;
            this.key = Arrays.copyOfRange(bigIntegerToBytes, 0, 32);
        } catch (InvalidProtocolBufferException e2) {
            Log.e(TAG, e2.getMessage());
        }
    }

    @Override // com.espressif.provisioning.security.Security
    public byte[] decrypt(byte[] bArr) {
        try {
            this.cipher.init(2, new SecretKeySpec(this.key, "AES"), new IvParameterSpec(this.deviceNonce));
        } catch (InvalidAlgorithmParameterException e) {
            e.printStackTrace();
        } catch (InvalidKeyException e2) {
            e2.printStackTrace();
        }
        try {
            return this.cipher.doFinal(bArr);
        } catch (BadPaddingException e3) {
            e3.printStackTrace();
            return null;
        } catch (IllegalBlockSizeException e4) {
            e4.printStackTrace();
            return null;
        }
    }

    @Override // com.espressif.provisioning.security.Security
    public byte[] encrypt(byte[] bArr) {
        try {
            this.cipher.init(1, new SecretKeySpec(this.key, "AES"), new IvParameterSpec(this.deviceNonce));
        } catch (InvalidAlgorithmParameterException e) {
            e.printStackTrace();
        } catch (InvalidKeyException e2) {
            e2.printStackTrace();
        }
        try {
            return this.cipher.doFinal(bArr);
        } catch (BadPaddingException e3) {
            e3.printStackTrace();
            return null;
        } catch (IllegalBlockSizeException e4) {
            e4.printStackTrace();
            return null;
        }
    }

    @Override // com.espressif.provisioning.security.Security
    public byte[] getNextRequestInSession(byte[] bArr) {
        int i = this.sessionState;
        if (i == 0) {
            this.sessionState = 1;
            return getStep0Request();
        }
        if (i == 1) {
            this.sessionState = 2;
            processStep0Response(bArr);
            return getStep1Request();
        }
        if (i == 2) {
            this.sessionState = 3;
            processStep1Response(bArr);
        }
        return null;
    }
}
