package com.huawei.iotplatform.security.e2esecurity.local;

import com.huawei.iotplatform.security.common.crypto.AesCcm256Cipher;
import com.huawei.iotplatform.security.common.crypto.OpenSsl;
import com.huawei.iotplatform.security.common.crypto.exception.CipherException;
import com.huawei.iotplatform.security.common.crypto.exception.OpenSslException;
import com.huawei.iotplatform.security.common.util.CommonUtil;
import com.huawei.iotplatform.security.common.util.HashUtils;
import com.huawei.iotplatform.security.common.util.LogUtil;
import com.huawei.iotplatform.security.e2esecurity.hichain.adapter.utils.AuthInfoType;
import com.huawei.iotplatform.security.e2esecurity.hichain.adapter.utils.Constants;
import com.huawei.iotplatform.security.e2esecurity.hichain.adapter.utils.KeyType;
import com.huawei.iotplatform.security.e2esecurity.local.PeerPublicKey;
import com.huawei.iotplatform.security.e2esecurity.local.assetexception.AssetNotFoundException;
import com.huawei.iotplatform.security.e2esecurity.local.assetexception.AssetUnknownException;
import d.b.g0;
import d.b.h0;
import e.b.a.a.a;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;

/* loaded from: classes2.dex */
public class LocalHiLinkAssetMgmt {
    public static final LocalHiLinkAssetMgmt INSTANCE = new LocalHiLinkAssetMgmt();
    public static final int SIGN_INFO_LENGTH = 64;
    public static final String TAG = "LocalHiLinkAssetMgmt";
    public byte[] mEncryptAad;
    public HiLinkIdBlob mHiLinkIdBlob;
    public final Object mHiLinkIdBlobLock = new Object();
    public Map<String, PeerPublicKey> mPeerPublicKeys = new ConcurrentHashMap();
    public HiLinkIdBlob mTempHiLinkIdBlob;

    private byte[] decryptByKek(@g0 byte[] bArr) {
        byte[] kek;
        try {
            try {
                synchronized (this.mHiLinkIdBlobLock) {
                    if (this.mHiLinkIdBlob == null) {
                        throw new AssetUnknownException(new IllegalStateException("decrypt by KEK HiLink ID does not exist"));
                    }
                    kek = this.mHiLinkIdBlob.getKek();
                }
                if (CommonUtil.isEmpty(this.mEncryptAad)) {
                    throw new AssetUnknownException(new IllegalStateException("decrypt by KEK AAD is empty"));
                }
                byte[] decrypt = AesCcm256Cipher.decrypt(bArr, kek, this.mEncryptAad);
                CommonUtil.clearBytes(kek);
                return decrypt;
            } catch (CipherException e2) {
                throw new AssetUnknownException(e2);
            }
        } catch (Throwable th) {
            CommonUtil.clearBytes(null);
            throw th;
        }
    }

    private byte[] encryptByKek(@g0 byte[] bArr) {
        byte[] kek;
        try {
            try {
                synchronized (this.mHiLinkIdBlobLock) {
                    if (this.mHiLinkIdBlob == null) {
                        throw new AssetUnknownException(new IllegalStateException("encrypt by KEK HiLink ID does not exist"));
                    }
                    kek = this.mHiLinkIdBlob.getKek();
                }
                if (CommonUtil.isEmpty(this.mEncryptAad)) {
                    throw new AssetUnknownException(new IllegalStateException("encrypt by KEK AAD is empty"));
                }
                byte[] encrypt = AesCcm256Cipher.encrypt(bArr, kek, this.mEncryptAad);
                CommonUtil.clearBytes(kek);
                return encrypt;
            } catch (CipherException e2) {
                throw new AssetUnknownException(e2);
            }
        } catch (Throwable th) {
            CommonUtil.clearBytes(null);
            throw th;
        }
    }

    private byte[] exportPublicKeyWithSignature(@g0 byte[] bArr) {
        StringBuilder sb;
        String str;
        String sb2;
        PeerPublicKey peerPublicKey = this.mPeerPublicKeys.get(CommonUtil.bytesToString8859(bArr));
        if (peerPublicKey == null) {
            sb2 = "export auth info with signature public key does not exist";
        } else {
            byte[] bytes = peerPublicKey.toBytes(true);
            if (!CommonUtil.isEmpty(bytes)) {
                try {
                    byte[] sign = sign(bArr, bytes);
                    if (!CommonUtil.isEmpty(sign)) {
                        return CommonUtil.concatenateAll(sign, bytes);
                    }
                    LogUtil.error(TAG, "export auth info with signature sign info is empty");
                    return new byte[0];
                } catch (AssetNotFoundException e2) {
                    e = e2;
                    sb = new StringBuilder();
                    str = "export auth info with signature AssetNotFoundException ";
                    sb.append(str);
                    sb.append(e.getMessage());
                    sb2 = sb.toString();
                    LogUtil.error(TAG, sb2);
                    return new byte[0];
                } catch (AssetUnknownException e3) {
                    e = e3;
                    sb = new StringBuilder();
                    str = "export auth info with signature AssetUnknownException ";
                    sb.append(str);
                    sb.append(e.getMessage());
                    sb2 = sb.toString();
                    LogUtil.error(TAG, sb2);
                    return new byte[0];
                }
            }
            sb2 = "export auth info with signature public key info is empty";
        }
        LogUtil.error(TAG, sb2);
        return new byte[0];
    }

    private HiLinkIdBlob getCurrentHiLinkIdBlob() {
        synchronized (this.mHiLinkIdBlobLock) {
            if (this.mHiLinkIdBlob != null) {
                return this.mHiLinkIdBlob;
            }
            return this.mTempHiLinkIdBlob;
        }
    }

    private HiLinkIdBlob getHiLinkIdBlobByAuthId(@g0 byte[] bArr) {
        synchronized (this.mHiLinkIdBlobLock) {
            if (this.mHiLinkIdBlob != null && Arrays.equals(bArr, this.mHiLinkIdBlob.getAuthId())) {
                return this.mHiLinkIdBlob;
            }
            if (this.mTempHiLinkIdBlob == null || !Arrays.equals(bArr, this.mTempHiLinkIdBlob.getAuthId())) {
                return null;
            }
            return this.mTempHiLinkIdBlob;
        }
    }

    public static LocalHiLinkAssetMgmt getInstance() {
        return INSTANCE;
    }

    private boolean importPublicKeyWithSignature(@g0 byte[] bArr) {
        String str;
        if (bArr.length <= 64) {
            str = "import public key with signature authInfoBytes is invalid";
        } else {
            byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, 64);
            byte[] copyOfRange2 = Arrays.copyOfRange(bArr, 64, bArr.length);
            PeerPublicKey fromBytes = PeerPublicKey.fromBytes(copyOfRange2, true);
            if (fromBytes == null) {
                str = "import public key with signature peerPublicKey is null";
            } else if (verifyPeerSignature(fromBytes.getOwnerId(), copyOfRange2, copyOfRange)) {
                HiLinkIdBlob currentHiLinkIdBlob = getCurrentHiLinkIdBlob();
                if (currentHiLinkIdBlob == null) {
                    str = "import public key with signature the HiLink ID does not exist";
                } else {
                    fromBytes.setLocalId(currentHiLinkIdBlob.getAuthId());
                    if (fromBytes.saveToLocal()) {
                        String bytesToString8859 = CommonUtil.bytesToString8859(fromBytes.getAuthId());
                        if (this.mPeerPublicKeys.containsKey(bytesToString8859)) {
                            LogUtil.warn(TAG, "import public key with signature already exist");
                        }
                        this.mPeerPublicKeys.put(bytesToString8859, fromBytes);
                        return true;
                    }
                    str = "import public key with signature save to local failed";
                }
            } else {
                str = "import public key with signature peerPublicKey verify signature failed";
            }
        }
        LogUtil.error(TAG, str);
        return false;
    }

    private void initEncryptAad() {
        byte[] sha256 = HashUtils.sha256(Constants.DEVICE_AUTH_PACKAGE_NAME);
        this.mEncryptAad = sha256;
        if (CommonUtil.isEmpty(sha256)) {
            LogUtil.error(TAG, "init encrypt AAD SHA256 failed");
            throw new AssetUnknownException(new IllegalArgumentException("init encrypt AAD SHA256 failed"));
        }
        StringBuilder a2 = a.a("init encrypt AAD the length is ");
        a2.append(this.mEncryptAad.length);
        LogUtil.info(TAG, a2.toString());
    }

    private void loadLocalPeerPublicKeys() {
        LogUtil.info(TAG, "load local peer public keys");
        ArrayList arrayList = new ArrayList(0);
        synchronized (this.mHiLinkIdBlobLock) {
            if (this.mHiLinkIdBlob != null) {
                arrayList.addAll(PeerPublicKey.loadLocalPeerPublicKeys(this.mHiLinkIdBlob.getAuthId()));
            }
            if (this.mTempHiLinkIdBlob != null) {
                arrayList.addAll(PeerPublicKey.loadLocalPeerPublicKeys(this.mTempHiLinkIdBlob.getAuthId()));
            }
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            PeerPublicKey peerPublicKey = (PeerPublicKey) it.next();
            this.mPeerPublicKeys.put(CommonUtil.bytesToString8859(peerPublicKey.getAuthId()), peerPublicKey);
        }
    }

    public boolean addAuthInfo(@g0 byte[] bArr, int i2, @g0 byte[] bArr2) {
        String str;
        HiLinkIdBlob currentHiLinkIdBlob = getCurrentHiLinkIdBlob();
        if (currentHiLinkIdBlob == null) {
            str = "add auth info the HiLink ID does not exist";
        } else {
            byte[] authId = currentHiLinkIdBlob.getAuthId();
            byte[] valueToBytes = KeyType.valueToBytes(i2);
            if (!CommonUtil.isEmpty(valueToBytes)) {
                this.mPeerPublicKeys.put(CommonUtil.bytesToString8859(bArr), new PeerPublicKey.Builder().setAuthId(bArr).setPublicKey(bArr2).setKeyType(valueToBytes).setOwnerId(authId).setLocalId(authId).build());
                return true;
            }
            str = "add auth info the key type is invalid";
        }
        LogUtil.error(TAG, str);
        return false;
    }

    public void clear() {
        synchronized (this.mHiLinkIdBlobLock) {
            if (this.mHiLinkIdBlob != null) {
                this.mHiLinkIdBlob.clear();
                this.mHiLinkIdBlob = null;
            }
            if (this.mTempHiLinkIdBlob != null) {
                this.mTempHiLinkIdBlob.clear();
                this.mTempHiLinkIdBlob = null;
            }
        }
        this.mPeerPublicKeys.clear();
    }

    public byte[] decryptByDek(byte[] bArr) {
        byte[] dek;
        if (CommonUtil.isEmpty(bArr)) {
            LogUtil.error(TAG, "decrypt by DEK input is invalid");
            throw new CipherException("decrypt by DEK input is invalid");
        }
        try {
            try {
                synchronized (this.mHiLinkIdBlobLock) {
                    if (this.mHiLinkIdBlob == null) {
                        LogUtil.error(TAG, "decrypt by DEK HiLink ID does not exist");
                        throw new CipherException("decrypt by DEK HiLink ID does not exist");
                    }
                    dek = this.mHiLinkIdBlob.getDek();
                }
                if (CommonUtil.isEmpty(this.mEncryptAad)) {
                    LogUtil.error(TAG, "decrypt by DEK AAD is empty");
                    throw new CipherException("decrypt by DEK AAD is empty");
                }
                byte[] decrypt = AesCcm256Cipher.decrypt(bArr, dek, this.mEncryptAad);
                CommonUtil.clearBytes(dek);
                return decrypt;
            } catch (AssetUnknownException e2) {
                LogUtil.error(TAG, "decrypt by DEK AssetUnknownException " + e2.getMessage());
                throw new CipherException(e2.getMessage());
            }
        } catch (Throwable th) {
            CommonUtil.clearBytes(null);
            throw th;
        }
    }

    public boolean deleteAuthInfo(@g0 byte[] bArr) {
        PeerPublicKey remove = this.mPeerPublicKeys.remove(CommonUtil.bytesToString8859(bArr));
        if (remove == null) {
            return true;
        }
        return remove.deleteFromLocal();
    }

    public void destroy() {
        LogUtil.info(TAG, "destroy LocalHiLinkAssetMgmt");
        ArrayList arrayList = new ArrayList(0);
        synchronized (this.mHiLinkIdBlobLock) {
            if (this.mHiLinkIdBlob != null) {
                arrayList.addAll(PeerPublicKey.loadLocalPeerPublicKeys(this.mHiLinkIdBlob.getAuthId()));
                this.mHiLinkIdBlob.destroy();
                this.mHiLinkIdBlob = null;
            }
            if (this.mTempHiLinkIdBlob != null) {
                arrayList.addAll(PeerPublicKey.loadLocalPeerPublicKeys(this.mTempHiLinkIdBlob.getAuthId()));
                this.mTempHiLinkIdBlob.destroy();
                this.mTempHiLinkIdBlob = null;
            }
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            PeerPublicKey peerPublicKey = (PeerPublicKey) it.next();
            if (peerPublicKey != null) {
                peerPublicKey.deleteFromLocal();
            }
        }
        this.mPeerPublicKeys.clear();
        LogUtil.info(TAG, "finish destroy LocalHiLinkAssetMgmt");
    }

    public byte[] encryptByDek(byte[] bArr) {
        byte[] dek;
        if (CommonUtil.isEmpty(bArr)) {
            LogUtil.error(TAG, "encrypt by DEK input is invalid");
            throw new CipherException("encrypt by DEK input is invalid");
        }
        try {
            try {
                synchronized (this.mHiLinkIdBlobLock) {
                    if (this.mHiLinkIdBlob == null) {
                        LogUtil.error(TAG, "encrypt by DEK HiLink ID does not exist");
                        throw new CipherException("encrypt by DEK HiLink ID does not exist");
                    }
                    dek = this.mHiLinkIdBlob.getDek();
                }
                if (CommonUtil.isEmpty(this.mEncryptAad)) {
                    LogUtil.error(TAG, "encrypt by DEK AAD is empty");
                    throw new CipherException("encrypt by DEK AAD is empty");
                }
                byte[] encrypt = AesCcm256Cipher.encrypt(bArr, dek, this.mEncryptAad);
                CommonUtil.clearBytes(dek);
                return encrypt;
            } catch (AssetUnknownException e2) {
                LogUtil.error(TAG, "encrypt by DEK AssetUnknownException " + e2.getMessage());
                throw new CipherException(e2.getMessage());
            }
        } catch (Throwable th) {
            CommonUtil.clearBytes(null);
            throw th;
        }
    }

    public byte[] exportAuthInfo(@g0 byte[] bArr, @g0 AuthInfoType authInfoType) {
        String sb;
        if (authInfoType == AuthInfoType.FULL_AUTH_INFO) {
            sb = "export auth info not support";
        } else {
            if (authInfoType != AuthInfoType.LITE_AUTH_INFO) {
                return exportPublicKeyWithSignature(bArr);
            }
            PeerPublicKey peerPublicKey = this.mPeerPublicKeys.get(CommonUtil.bytesToString8859(bArr));
            if (peerPublicKey == null) {
                sb = "export auth info public key does not exist";
            } else {
                byte[] bytes = peerPublicKey.toBytes(false);
                if (CommonUtil.isEmpty(bytes)) {
                    sb = "export auth info public key is empty";
                } else {
                    try {
                        return encryptByKek(bytes);
                    } catch (AssetUnknownException e2) {
                        StringBuilder a2 = a.a("export auth info AssetUnknownException ");
                        a2.append(e2.getMessage());
                        sb = a2.toString();
                    }
                }
            }
        }
        LogUtil.error(TAG, sb);
        return new byte[0];
    }

    public boolean generateTempHiLinkId(@g0 byte[] bArr) {
        boolean addAuthInfo;
        if (isHiLinkIdExist()) {
            LogUtil.error(TAG, "the HiLink ID exists, can't generate temp HiLink ID");
            return false;
        }
        synchronized (this.mHiLinkIdBlobLock) {
            try {
                try {
                    LogUtil.info(TAG, "generate temp HiLink ID");
                    HiLinkIdBlob generateTempHiLinkId = HiLinkIdBlob.generateTempHiLinkId(bArr);
                    this.mTempHiLinkIdBlob = generateTempHiLinkId;
                    addAuthInfo = addAuthInfo(generateTempHiLinkId.getAuthId(), KeyType.USER_PUBLIC_KEY.getValue(), this.mTempHiLinkIdBlob.getPublicKey());
                } catch (AssetUnknownException unused) {
                    LogUtil.error(TAG, "generate temp HiLink ID failed");
                    return false;
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return addAuthInfo;
    }

    public byte[] getCurrentAuthId(@h0 byte[] bArr) {
        String str;
        if (CommonUtil.isEmpty(bArr)) {
            HiLinkIdBlob currentHiLinkIdBlob = getCurrentHiLinkIdBlob();
            if (currentHiLinkIdBlob != null) {
                return currentHiLinkIdBlob.getAuthId();
            }
            str = "get current auth id the HiLink ID does not exist";
        } else {
            PeerPublicKey peerPublicKey = this.mPeerPublicKeys.get(CommonUtil.bytesToString8859(bArr));
            if (peerPublicKey != null) {
                return peerPublicKey.getLocalId();
            }
            str = "get current auth id the public key does not exist";
        }
        LogUtil.error(TAG, str);
        return new byte[0];
    }

    public byte[] getHiLinkIdPublicKey() {
        HiLinkIdBlob currentHiLinkIdBlob = getCurrentHiLinkIdBlob();
        if (currentHiLinkIdBlob != null) {
            return currentHiLinkIdBlob.getPublicKey();
        }
        LogUtil.error(TAG, "get HiLink ID public key the HiLink ID does not exist");
        return new byte[0];
    }

    public int getLocalPrimaryKeyVersion() {
        synchronized (this.mHiLinkIdBlobLock) {
            if (this.mHiLinkIdBlob == null) {
                return 0;
            }
            return this.mHiLinkIdBlob.getPrimaryKeyVersion();
        }
    }

    public byte[] getPeerPublicKey(@g0 byte[] bArr) {
        PeerPublicKey peerPublicKey = this.mPeerPublicKeys.get(CommonUtil.bytesToString8859(bArr));
        if (peerPublicKey != null) {
            return peerPublicKey.getPublicKey();
        }
        LogUtil.error(TAG, "get peer public key the public key does not exist");
        return new byte[0];
    }

    public boolean importAuthInfo(@g0 byte[] bArr, @g0 AuthInfoType authInfoType) {
        String sb;
        if (authInfoType == AuthInfoType.FULL_AUTH_INFO) {
            sb = "import auth info not support";
        } else if (CommonUtil.isEmpty(bArr)) {
            sb = "import auth info authInfoBlob is empty";
        } else {
            try {
                if (authInfoType == AuthInfoType.SIGNED_AUTH_INFO) {
                    return importPublicKeyWithSignature(bArr);
                }
                PeerPublicKey fromBytes = PeerPublicKey.fromBytes(decryptByKek(bArr), false);
                if (fromBytes == null) {
                    LogUtil.error(TAG, "import auth info peerPublicKey is null");
                    return false;
                }
                HiLinkIdBlob currentHiLinkIdBlob = getCurrentHiLinkIdBlob();
                if (currentHiLinkIdBlob == null) {
                    LogUtil.error(TAG, "import auth info the HiLink ID is exist");
                    return false;
                }
                fromBytes.setLocalId(currentHiLinkIdBlob.getAuthId());
                String bytesToString8859 = CommonUtil.bytesToString8859(fromBytes.getAuthId());
                if (this.mPeerPublicKeys.containsKey(bytesToString8859)) {
                    LogUtil.warn(TAG, "import auth info already exist");
                }
                this.mPeerPublicKeys.put(bytesToString8859, fromBytes);
                return true;
            } catch (AssetUnknownException e2) {
                StringBuilder a2 = a.a("import auth info AssetUnknownException ");
                a2.append(e2.getMessage());
                sb = a2.toString();
            }
        }
        LogUtil.error(TAG, sb);
        return false;
    }

    public boolean importHiLinkId(@g0 byte[] bArr, @g0 String str) {
        boolean addAuthInfo;
        synchronized (this.mHiLinkIdBlobLock) {
            try {
                try {
                    LogUtil.info(TAG, "import HiLink ID");
                    HiLinkIdBlob importHiLinkId = HiLinkIdBlob.importHiLinkId(bArr, str);
                    this.mHiLinkIdBlob = importHiLinkId;
                    addAuthInfo = addAuthInfo(importHiLinkId.getAuthId(), KeyType.USER_PUBLIC_KEY.getValue(), this.mHiLinkIdBlob.getPublicKey());
                } catch (AssetUnknownException unused) {
                    LogUtil.error(TAG, "import HiLink ID failed");
                    return false;
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return addAuthInfo;
    }

    public void init(@g0 byte[] bArr) {
        LogUtil.info(TAG, "start init local HiLink asset manager");
        initEncryptAad();
        synchronized (this.mHiLinkIdBlobLock) {
            try {
                HiLinkIdBlob loadHiLinkId = HiLinkIdBlob.loadHiLinkId(bArr);
                this.mHiLinkIdBlob = loadHiLinkId;
                addAuthInfo(loadHiLinkId.getAuthId(), KeyType.USER_PUBLIC_KEY.getValue(), this.mHiLinkIdBlob.getPublicKey());
                LogUtil.info(TAG, "load HiLink ID success");
            } catch (AssetNotFoundException unused) {
                LogUtil.warn(TAG, "load HiLink ID AssetNotFoundException");
            }
            try {
                HiLinkIdBlob loadTempHiLinkId = HiLinkIdBlob.loadTempHiLinkId(bArr);
                this.mTempHiLinkIdBlob = loadTempHiLinkId;
                addAuthInfo(loadTempHiLinkId.getAuthId(), KeyType.USER_PUBLIC_KEY.getValue(), this.mTempHiLinkIdBlob.getPublicKey());
                LogUtil.info(TAG, "load temp HiLink ID success");
            } catch (AssetNotFoundException unused2) {
                LogUtil.warn(TAG, "load temp HiLink ID AssetNotFoundException");
            }
        }
        loadLocalPeerPublicKeys();
        LogUtil.info(TAG, "finish init local HiLink asset manager");
    }

    public boolean isHiLinkIdExist() {
        boolean z;
        synchronized (this.mHiLinkIdBlobLock) {
            z = (this.mHiLinkIdBlob == null && this.mTempHiLinkIdBlob == null) ? false : true;
        }
        return z;
    }

    public boolean isRegistered(@g0 byte[] bArr) {
        synchronized (this.mHiLinkIdBlobLock) {
            if (this.mHiLinkIdBlob != null && Arrays.equals(bArr, this.mHiLinkIdBlob.getAuthId())) {
                return true;
            }
            if (this.mTempHiLinkIdBlob == null) {
                return false;
            }
            byte[] authId = this.mTempHiLinkIdBlob.getAuthId();
            if (authId != null && authId.length >= bArr.length) {
                return Arrays.equals(bArr, Arrays.copyOfRange(authId, 0, bArr.length));
            }
            return false;
        }
    }

    public boolean isTempHiLinkId() {
        boolean z;
        synchronized (this.mHiLinkIdBlobLock) {
            z = this.mHiLinkIdBlob == null && this.mTempHiLinkIdBlob != null;
        }
        return z;
    }

    public boolean isTrustPeer(@g0 byte[] bArr) {
        return this.mPeerPublicKeys.containsKey(CommonUtil.bytesToString8859(bArr));
    }

    public Set<String> listAllAuthId() {
        return this.mPeerPublicKeys.keySet();
    }

    public boolean savePublicKeyToLocal(@g0 byte[] bArr) {
        String str;
        if (bArr == null) {
            str = "authId is null";
        } else {
            PeerPublicKey peerPublicKey = this.mPeerPublicKeys.get(CommonUtil.bytesToString8859(bArr));
            if (peerPublicKey == null) {
                str = "auth info public key does not exist";
            } else {
                if (peerPublicKey.saveToLocal()) {
                    return true;
                }
                str = "import public key to local failed";
            }
        }
        LogUtil.error(TAG, str);
        return false;
    }

    public byte[] sign(@g0 byte[] bArr, @g0 byte[] bArr2) {
        HiLinkIdBlob hiLinkIdBlobByAuthId;
        PeerPublicKey peerPublicKey = this.mPeerPublicKeys.get(CommonUtil.bytesToString8859(bArr));
        if (peerPublicKey == null) {
            LogUtil.info(TAG, "peer public key does not exist");
            hiLinkIdBlobByAuthId = getCurrentHiLinkIdBlob();
        } else {
            hiLinkIdBlobByAuthId = getHiLinkIdBlobByAuthId(peerPublicKey.getLocalId());
        }
        if (hiLinkIdBlobByAuthId == null) {
            LogUtil.error(TAG, "the HiLink ID does not exist");
            throw new AssetNotFoundException();
        }
        byte[] bArr3 = null;
        try {
            try {
                bArr3 = hiLinkIdBlobByAuthId.getPrivateKey();
                return OpenSsl.ed25519Sign(HashUtils.sha256(bArr2), bArr3);
            } catch (OpenSslException e2) {
                LogUtil.error(TAG, "sign message OpenSslException " + e2.getMessage());
                throw new AssetUnknownException(e2);
            }
        } finally {
            CommonUtil.clearBytes(bArr3);
        }
    }

    public boolean verify(@g0 byte[] bArr, @g0 byte[] bArr2, @g0 byte[] bArr3) {
        return OpenSsl.ed25519Verify(HashUtils.sha256(bArr), bArr2, bArr3);
    }

    public boolean verifyPeerSignature(@g0 byte[] bArr, @g0 byte[] bArr2, @g0 byte[] bArr3) {
        PeerPublicKey peerPublicKey = this.mPeerPublicKeys.get(CommonUtil.bytesToString8859(bArr));
        if (peerPublicKey != null) {
            return verify(bArr2, bArr3, peerPublicKey.getPublicKey());
        }
        LogUtil.error(TAG, "verify peer signature peer public key does not exist");
        return false;
    }
}
