package com.huawei.iotplatform.security.e2esecurity.local;

import com.huawei.iotplatform.security.common.crypto.AesCcm256Cipher;
import com.huawei.iotplatform.security.common.crypto.exception.CipherException;
import com.huawei.iotplatform.security.common.util.CommonUtil;
import com.huawei.iotplatform.security.common.util.HashUtils;
import com.huawei.iotplatform.security.common.util.LogUtil;
import com.huawei.iotplatform.security.e2esecurity.hichain.adapter.utils.Constants;
import com.huawei.iotplatform.security.e2esecurity.local.assetexception.AssetNotFoundException;
import com.huawei.iotplatform.security.e2esecurity.local.assetexception.AssetUnknownException;
import com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException;
import com.huawei.iotplatform.security.e2esecurity.local.keystore.KeyStoreManager;
import d.b.g0;
import e.b.a.a.a;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public class HiLinkIdBlob {
    public static final String DEK_FACTOR = "hichain_data_enc_key";
    public static final String KEK_FACTOR = "hichain_key_enc_key";
    public static final String KEY_HI_LINK_ID = "hilink_id";
    public static final String KEY_TEMP_AUTH_ID_SUFFIX = "temp_auth_id_suffix";
    public static final int PRIVATE_KEY_LENGTH = 64;
    public static final int PUBLIC_KEY_LENGTH = 32;
    public static final String TAG = "HiLinkIdBlob";
    public byte[] mAuthId;
    public byte[] mEncryptedDek;
    public byte[] mEncryptedKek;
    public byte[] mEncryptedPrivateKey;
    public int mPrimaryKeyVersion = 0;
    public byte[] mPublicKey;

    /* loaded from: classes2.dex */
    public static class HiLinkIdParser {
        public static final int ASSET_LENGTH_BYTES = 4;
        public static final int ASSET_TYPE_BYTES = 4;
        public static final int AUTH_ID_LENGTH_OFFSET = 2;
        public static final int DERIVED_KEY_LENGTH_IN_BYTES = 32;
        public static final int ITERATION_COUNT = 10000;
        public static final int LENGTH_BYTES = 1;
        public static final int PRIVATE_KEY_OFFSET = 160;
        public static final int PUBLIC_KEY_OFFSET = 128;
        public static final String TAG = "HiLinkIdParser";

        public static byte[] parseBlob(@g0 byte[] bArr, @g0 AtomicInteger atomicInteger) {
            int readIntForLittleEndian = readIntForLittleEndian(bArr, atomicInteger.addAndGet(4), 4);
            byte[] readBytes = readBytes(bArr, atomicInteger.addAndGet(4), readIntForLittleEndian);
            atomicInteger.addAndGet(readIntForLittleEndian);
            return readBytes;
        }

        public static void parseHiLinkId(@g0 HiLinkIdBlob hiLinkIdBlob, @g0 byte[] bArr, String str) {
            byte[] bArr2;
            byte[] bArr3;
            byte[] sha256;
            byte[] parseBlob;
            byte[] parseBlob2;
            byte[] parseBlob3;
            byte[] bArr4 = null;
            try {
                AtomicInteger atomicInteger = new AtomicInteger(0);
                parseHiLinkIdExtension(hiLinkIdBlob, atomicInteger, bArr);
                sha256 = HashUtils.sha256(CommonUtil.concatenateAll(CommonUtil.stringToBytes(Constants.HUKS_UUID), HashUtils.sha256(readBytes(bArr, 4, atomicInteger.get() - 4))));
                byte[] parseBlob4 = parseBlob(bArr, atomicInteger);
                parseBlob = parseBlob(bArr, atomicInteger);
                parseBlob2 = parseBlob(bArr, atomicInteger);
                parseBlob3 = parseBlob(bArr, atomicInteger);
                bArr3 = pbkdf2WithHmacSha256(str, parseBlob4);
            } catch (CipherException e2) {
                e = e2;
                bArr2 = null;
                bArr3 = null;
                try {
                    LogUtil.error(TAG, "parse HiLink ID Exception " + e.getMessage());
                    throw new AssetUnknownException(e);
                } catch (Throwable th) {
                    th = th;
                    CommonUtil.clearBytes(bArr4);
                    CommonUtil.clearBytes(bArr2);
                    CommonUtil.clearBytes(bArr3);
                    throw th;
                }
            } catch (IotKeyStoreException e3) {
                e = e3;
                bArr2 = null;
                bArr3 = null;
                LogUtil.error(TAG, "parse HiLink ID Exception " + e.getMessage());
                throw new AssetUnknownException(e);
            } catch (Throwable th2) {
                th = th2;
                bArr2 = null;
                bArr3 = null;
            }
            try {
                byte[] decrypt = AesCcm256Cipher.decrypt(CommonUtil.concatenateAll(parseBlob2, parseBlob, parseBlob3), bArr3, sha256);
                try {
                    if (decrypt.length < 224) {
                        LogUtil.error(TAG, "parse HiLink ID plainText length is invalid " + decrypt.length);
                        throw new AssetUnknownException(new IllegalArgumentException("parse HiLink ID plainText length is invalid"));
                    }
                    hiLinkIdBlob.mPublicKey = Arrays.copyOfRange(decrypt, 128, 160);
                    byte[] copyOfRange = Arrays.copyOfRange(decrypt, 160, 224);
                    hiLinkIdBlob.mEncryptedPrivateKey = KeyStoreManager.getInstance().encrypt(copyOfRange);
                    KeyStoreManager.getInstance().save(CommonUtil.bytesToString8859(hiLinkIdBlob.mAuthId) + HiLinkIdBlob.KEY_HI_LINK_ID, CommonUtil.concatenateAll(CommonUtil.intToBytes(hiLinkIdBlob.mPrimaryKeyVersion), hiLinkIdBlob.mPublicKey, copyOfRange));
                    HiLinkIdBlob.deriveDekAndKek(hiLinkIdBlob, copyOfRange);
                    LogUtil.info(TAG, "parse HiLink ID success");
                    CommonUtil.clearBytes(decrypt);
                    CommonUtil.clearBytes(copyOfRange);
                    CommonUtil.clearBytes(bArr3);
                } catch (CipherException e4) {
                    e = e4;
                    bArr4 = decrypt;
                    bArr2 = null;
                    LogUtil.error(TAG, "parse HiLink ID Exception " + e.getMessage());
                    throw new AssetUnknownException(e);
                } catch (IotKeyStoreException e5) {
                    e = e5;
                    bArr4 = decrypt;
                    bArr2 = null;
                    LogUtil.error(TAG, "parse HiLink ID Exception " + e.getMessage());
                    throw new AssetUnknownException(e);
                } catch (Throwable th3) {
                    th = th3;
                    bArr4 = decrypt;
                    bArr2 = null;
                    CommonUtil.clearBytes(bArr4);
                    CommonUtil.clearBytes(bArr2);
                    CommonUtil.clearBytes(bArr3);
                    throw th;
                }
            } catch (CipherException e6) {
                e = e6;
                bArr2 = null;
                LogUtil.error(TAG, "parse HiLink ID Exception " + e.getMessage());
                throw new AssetUnknownException(e);
            } catch (IotKeyStoreException e7) {
                e = e7;
                bArr2 = null;
                LogUtil.error(TAG, "parse HiLink ID Exception " + e.getMessage());
                throw new AssetUnknownException(e);
            } catch (Throwable th4) {
                th = th4;
                bArr2 = null;
            }
        }

        public static void parseHiLinkIdExtension(@g0 HiLinkIdBlob hiLinkIdBlob, @g0 AtomicInteger atomicInteger, @g0 byte[] bArr) {
            hiLinkIdBlob.mPrimaryKeyVersion = readInt(bArr, atomicInteger.getAndAdd(4), 4);
            LogUtil.info(TAG, "parse HiLink ID primary key version is " + hiLinkIdBlob.mPrimaryKeyVersion);
            int readInt = readInt(bArr, atomicInteger.addAndGet(2), 1);
            hiLinkIdBlob.mAuthId = readBytes(bArr, atomicInteger.addAndGet(1), readInt);
            int readInt2 = readInt(bArr, atomicInteger.addAndGet(readInt), 1);
            atomicInteger.addAndGet(1);
            int readInt3 = readInt(bArr, atomicInteger.addAndGet(readInt2), 1);
            atomicInteger.addAndGet(1);
            atomicInteger.addAndGet(readInt3);
        }

        public static byte[] pbkdf2WithHmacSha256(@g0 String str, byte[] bArr) {
            byte[] bArr2 = new byte[32];
            byte[] bArr3 = new byte[32];
            try {
                byte[] hmacSha256 = HiLinkIdBlob.hmacSha256(CommonUtil.stringToBytes(str), CommonUtil.concatenateAll(bArr, CommonUtil.intToBytes(1)));
                if (!CommonUtil.copyByteArray(hmacSha256, 0, bArr2, 0, 32)) {
                    throw new CipherException("pbkdf2WithHmacSha256 first digest is invalid");
                }
                for (int i2 = 1; i2 < 10000; i2++) {
                    if (!CommonUtil.copyByteArray(HiLinkIdBlob.hmacSha256(CommonUtil.stringToBytes(str), hmacSha256), 0, hmacSha256, 0, 32)) {
                        throw new CipherException("pbkdf2WithHmacSha256 second digest is invalid");
                    }
                    for (int i3 = 0; i3 < 32; i3++) {
                        bArr2[i3] = (byte) (bArr2[i3] ^ hmacSha256[i3]);
                    }
                }
                if (CommonUtil.copyByteArray(bArr2, 0, bArr3, 0, 32)) {
                    return bArr3;
                }
                throw new CipherException("pbkdf2WithHmacSha256 out buffer is invalid");
            } catch (AssetUnknownException e2) {
                StringBuilder a2 = a.a("pbkdf2WithHmacSha256 AssetUnknownException ");
                a2.append(e2.getMessage());
                throw new CipherException(a2.toString());
            }
        }

        public static byte[] readBytes(@g0 byte[] bArr, int i2, int i3) {
            int i4 = i3 + i2;
            if (bArr.length >= i4) {
                return Arrays.copyOfRange(bArr, i2, i4);
            }
            throw new AssetUnknownException(new IllegalArgumentException("readBytes invalid parameters"));
        }

        public static int readInt(@g0 byte[] bArr, int i2, int i3) {
            int i4 = i3 + i2;
            if (bArr.length >= i4) {
                return CommonUtil.bytesToInt(Arrays.copyOfRange(bArr, i2, i4));
            }
            throw new AssetUnknownException(new IllegalArgumentException("readInt invalid parameters"));
        }

        public static int readIntForLittleEndian(@g0 byte[] bArr, int i2, int i3) {
            int i4 = i3 + i2;
            if (bArr.length >= i4) {
                return CommonUtil.bytesToIntForLittleEndian(Arrays.copyOfRange(bArr, i2, i4));
            }
            throw new AssetUnknownException(new IllegalArgumentException("readIntForLittleEndian invalid parameters"));
        }
    }

    public static void deriveDekAndKek(HiLinkIdBlob hiLinkIdBlob, byte[] bArr) {
        byte[] bArr2;
        byte[] bArr3 = null;
        try {
            byte[] hmacSha256 = hmacSha256(bArr, CommonUtil.stringToBytes(DEK_FACTOR));
            try {
                hiLinkIdBlob.mEncryptedDek = KeyStoreManager.getInstance().encrypt(hmacSha256);
                bArr3 = hmacSha256(bArr, CommonUtil.stringToBytes(KEK_FACTOR));
                hiLinkIdBlob.mEncryptedKek = KeyStoreManager.getInstance().encrypt(bArr3);
                CommonUtil.clearBytes(hmacSha256);
                CommonUtil.clearBytes(bArr3);
            } catch (IotKeyStoreException e2) {
                e = e2;
                bArr2 = bArr3;
                bArr3 = hmacSha256;
                try {
                    LogUtil.error(TAG, "derive dek and kek IotKeyStoreException " + e.getMessage());
                    throw new AssetUnknownException(e);
                } catch (Throwable th) {
                    th = th;
                    CommonUtil.clearBytes(bArr3);
                    CommonUtil.clearBytes(bArr2);
                    throw th;
                }
            } catch (Throwable th2) {
                th = th2;
                bArr2 = bArr3;
                bArr3 = hmacSha256;
                CommonUtil.clearBytes(bArr3);
                CommonUtil.clearBytes(bArr2);
                throw th;
            }
        } catch (IotKeyStoreException e3) {
            e = e3;
            bArr2 = null;
        } catch (Throwable th3) {
            th = th3;
            bArr2 = null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:17:0x00c2  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static com.huawei.iotplatform.security.e2esecurity.local.HiLinkIdBlob generateTempHiLinkId(@d.b.g0 byte[] r9) {
        /*
            r0 = 0
            com.huawei.iotplatform.security.e2esecurity.local.HiLinkIdBlob r1 = new com.huawei.iotplatform.security.e2esecurity.local.HiLinkIdBlob     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            r1.<init>()     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            java.util.UUID r2 = java.util.UUID.randomUUID()     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            java.lang.String r3 = "-"
            java.lang.String r4 = ""
            java.lang.String r2 = r2.replace(r3, r4)     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            r3 = 2
            byte[][] r4 = new byte[r3]     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            r5 = 0
            r4[r5] = r9     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            byte[] r6 = com.huawei.iotplatform.security.common.util.CommonUtil.stringToBytes8859(r2)     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            r7 = 1
            r4[r7] = r6     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            byte[] r4 = com.huawei.iotplatform.security.common.util.CommonUtil.concatenateAll(r4)     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            r1.mAuthId = r4     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            com.huawei.iotplatform.security.common.crypto.OpenSsl$KeyPair r4 = com.huawei.iotplatform.security.common.crypto.OpenSsl.generateEd25519KeyPair()     // Catch: java.lang.Throwable -> L97 com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L9a
            byte[] r6 = r4.getPublicKey()     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r1.mPublicKey = r6     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            byte[] r0 = r4.getPrivateKey()     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            com.huawei.iotplatform.security.e2esecurity.local.keystore.KeyStoreManager r6 = com.huawei.iotplatform.security.e2esecurity.local.keystore.KeyStoreManager.getInstance()     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            byte[] r6 = r6.encrypt(r0)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r1.mEncryptedPrivateKey = r6     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            com.huawei.iotplatform.security.e2esecurity.local.keystore.KeyStoreManager r6 = com.huawei.iotplatform.security.e2esecurity.local.keystore.KeyStoreManager.getInstance()     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            java.lang.StringBuilder r8 = new java.lang.StringBuilder     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r8.<init>()     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            java.lang.String r9 = com.huawei.iotplatform.security.common.util.CommonUtil.bytesToString8859(r9)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r8.append(r9)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            java.lang.String r9 = "temp_auth_id_suffix"
            r8.append(r9)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            java.lang.String r9 = r8.toString()     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            byte[] r2 = com.huawei.iotplatform.security.common.util.CommonUtil.stringToBytes8859(r2)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r6.save(r9, r2)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            com.huawei.iotplatform.security.e2esecurity.local.keystore.KeyStoreManager r9 = com.huawei.iotplatform.security.e2esecurity.local.keystore.KeyStoreManager.getInstance()     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r2.<init>()     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            byte[] r6 = r1.mAuthId     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            java.lang.String r6 = com.huawei.iotplatform.security.common.util.CommonUtil.bytesToString8859(r6)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r2.append(r6)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            java.lang.String r6 = "hilink_id"
            r2.append(r6)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            java.lang.String r2 = r2.toString()     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            byte[][] r3 = new byte[r3]     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            byte[] r6 = r1.mPublicKey     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r3[r5] = r6     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r3[r7] = r0     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            byte[] r3 = com.huawei.iotplatform.security.common.util.CommonUtil.concatenateAll(r3)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            r9.save(r2, r3)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            deriveDekAndKek(r1, r0)     // Catch: com.huawei.iotplatform.security.e2esecurity.local.keystore.IotKeyStoreException -> L95 java.lang.Throwable -> Lbc
            com.huawei.iotplatform.security.common.util.CommonUtil.clearBytes(r0)
            r4.clear()
            return r1
        L95:
            r9 = move-exception
            goto L9c
        L97:
            r9 = move-exception
            r4 = r0
            goto Lbd
        L9a:
            r9 = move-exception
            r4 = r0
        L9c:
            java.lang.String r1 = "HiLinkIdBlob"
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> Lbc
            r2.<init>()     // Catch: java.lang.Throwable -> Lbc
            java.lang.String r3 = "generate temp HiLink ID IotKeyStoreException "
            r2.append(r3)     // Catch: java.lang.Throwable -> Lbc
            java.lang.String r3 = r9.getMessage()     // Catch: java.lang.Throwable -> Lbc
            r2.append(r3)     // Catch: java.lang.Throwable -> Lbc
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> Lbc
            com.huawei.iotplatform.security.common.util.LogUtil.error(r1, r2)     // Catch: java.lang.Throwable -> Lbc
            com.huawei.iotplatform.security.e2esecurity.local.assetexception.AssetUnknownException r1 = new com.huawei.iotplatform.security.e2esecurity.local.assetexception.AssetUnknownException     // Catch: java.lang.Throwable -> Lbc
            r1.<init>(r9)     // Catch: java.lang.Throwable -> Lbc
            throw r1     // Catch: java.lang.Throwable -> Lbc
        Lbc:
            r9 = move-exception
        Lbd:
            com.huawei.iotplatform.security.common.util.CommonUtil.clearBytes(r0)
            if (r4 == 0) goto Lc5
            r4.clear()
        Lc5:
            throw r9
        */
        throw new UnsupportedOperationException("Method not decompiled: com.huawei.iotplatform.security.e2esecurity.local.HiLinkIdBlob.generateTempHiLinkId(byte[]):com.huawei.iotplatform.security.e2esecurity.local.HiLinkIdBlob");
    }

    public static byte[] hmacSha256(byte[] bArr, byte[] bArr2) {
        try {
            Mac mac = Mac.getInstance("hmacSHA256");
            mac.init(new SecretKeySpec(bArr, "hmacSHA256"));
            mac.update(bArr2);
            return mac.doFinal();
        } catch (InvalidKeyException e2) {
            LogUtil.error(TAG, "hmac InvalidKeyException");
            throw new AssetUnknownException(e2);
        } catch (NoSuchAlgorithmException e3) {
            LogUtil.error(TAG, "hmac NoSuchAlgorithmException");
            throw new AssetUnknownException(e3);
        }
    }

    public static HiLinkIdBlob importHiLinkId(byte[] bArr, String str) {
        HiLinkIdBlob hiLinkIdBlob = new HiLinkIdBlob();
        HiLinkIdParser.parseHiLinkId(hiLinkIdBlob, bArr, str);
        return hiLinkIdBlob;
    }

    public static HiLinkIdBlob loadHiLinkId(@g0 byte[] bArr) {
        try {
            try {
                HiLinkIdBlob hiLinkIdBlob = new HiLinkIdBlob();
                hiLinkIdBlob.mAuthId = (byte[]) bArr.clone();
                byte[] read = KeyStoreManager.getInstance().read(CommonUtil.bytesToString8859(hiLinkIdBlob.mAuthId) + KEY_HI_LINK_ID);
                try {
                    if (CommonUtil.isEmpty(read)) {
                        LogUtil.warn(TAG, "load HiLink ID hiLinkIdInfo is empty");
                        throw new AssetNotFoundException();
                    }
                    if (read.length < 100) {
                        LogUtil.error(TAG, "load HiLink ID hiLinkIdInfo is invalid");
                        throw new AssetUnknownException(new IllegalArgumentException("hiLinkIdInfo is invalid"));
                    }
                    hiLinkIdBlob.mPrimaryKeyVersion = CommonUtil.bytesToInt(Arrays.copyOfRange(read, 0, 4));
                    LogUtil.warn(TAG, "load HiLink ID primary key version is " + hiLinkIdBlob.mPrimaryKeyVersion);
                    hiLinkIdBlob.mPublicKey = Arrays.copyOfRange(read, 4, 36);
                    byte[] copyOfRange = Arrays.copyOfRange(read, 36, 100);
                    hiLinkIdBlob.mEncryptedPrivateKey = KeyStoreManager.getInstance().encrypt(copyOfRange);
                    deriveDekAndKek(hiLinkIdBlob, copyOfRange);
                    CommonUtil.clearBytes(copyOfRange);
                    CommonUtil.clearBytes(read);
                    return hiLinkIdBlob;
                } catch (IotKeyStoreException e2) {
                    e = e2;
                    LogUtil.error(TAG, "load HiLink ID IotKeyStoreException " + e.getMessage());
                    throw new AssetUnknownException(e);
                }
            } catch (Throwable th) {
                th = th;
                CommonUtil.clearBytes(null);
                CommonUtil.clearBytes(bArr);
                throw th;
            }
        } catch (IotKeyStoreException e3) {
            e = e3;
        } catch (Throwable th2) {
            th = th2;
            bArr = null;
            CommonUtil.clearBytes(null);
            CommonUtil.clearBytes(bArr);
            throw th;
        }
    }

    public static HiLinkIdBlob loadTempHiLinkId(@g0 byte[] bArr) {
        try {
            try {
                HiLinkIdBlob hiLinkIdBlob = new HiLinkIdBlob();
                byte[] read = KeyStoreManager.getInstance().read(CommonUtil.bytesToString8859(bArr) + KEY_TEMP_AUTH_ID_SUFFIX);
                if (CommonUtil.isEmpty(read)) {
                    LogUtil.warn(TAG, "the temp auth id suffix is empty");
                    throw new AssetNotFoundException();
                }
                hiLinkIdBlob.mAuthId = CommonUtil.concatenateAll(bArr, read);
                byte[] read2 = KeyStoreManager.getInstance().read(CommonUtil.bytesToString8859(hiLinkIdBlob.mAuthId) + KEY_HI_LINK_ID);
                try {
                    if (CommonUtil.isEmpty(read2)) {
                        LogUtil.warn(TAG, "load temp HiLink ID hiLinkIdInfo is empty");
                        throw new AssetNotFoundException();
                    }
                    if (read2.length < 96) {
                        LogUtil.error(TAG, "load temp HiLink ID hiLinkIdInfo is invalid");
                        throw new AssetUnknownException(new IllegalArgumentException("hiLinkIdInfo is invalid"));
                    }
                    hiLinkIdBlob.mPublicKey = Arrays.copyOfRange(read2, 0, 32);
                    byte[] copyOfRange = Arrays.copyOfRange(read2, 32, 96);
                    hiLinkIdBlob.mEncryptedPrivateKey = KeyStoreManager.getInstance().encrypt(copyOfRange);
                    deriveDekAndKek(hiLinkIdBlob, copyOfRange);
                    CommonUtil.clearBytes(copyOfRange);
                    CommonUtil.clearBytes(read2);
                    return hiLinkIdBlob;
                } catch (IotKeyStoreException e2) {
                    e = e2;
                    LogUtil.error(TAG, "load temp HiLink ID IotKeyStoreException " + e.getMessage());
                    throw new AssetUnknownException(e);
                }
            } catch (Throwable th) {
                th = th;
                CommonUtil.clearBytes(null);
                CommonUtil.clearBytes(bArr);
                throw th;
            }
        } catch (IotKeyStoreException e3) {
            e = e3;
        } catch (Throwable th2) {
            th = th2;
            bArr = null;
            CommonUtil.clearBytes(null);
            CommonUtil.clearBytes(bArr);
            throw th;
        }
    }

    public void clear() {
        CommonUtil.clearBytes(this.mEncryptedPrivateKey);
        CommonUtil.clearBytes(this.mEncryptedDek);
        CommonUtil.clearBytes(this.mEncryptedKek);
        CommonUtil.clearBytes(this.mPublicKey);
    }

    public void destroy() {
        clear();
        try {
            KeyStoreManager.getInstance().remove(CommonUtil.bytesToString8859(this.mAuthId) + KEY_HI_LINK_ID);
        } catch (IotKeyStoreException e2) {
            StringBuilder a2 = a.a("destroy HiLink ID IotKeyStoreException ");
            a2.append(e2.getMessage());
            LogUtil.error(TAG, a2.toString());
        }
    }

    public byte[] getAuthId() {
        byte[] bArr = this.mAuthId;
        return bArr == null ? new byte[0] : (byte[]) bArr.clone();
    }

    public byte[] getDek() {
        try {
            return KeyStoreManager.getInstance().decrypt(this.mEncryptedDek);
        } catch (IotKeyStoreException e2) {
            StringBuilder a2 = a.a("get dek IotKeyStoreException ");
            a2.append(e2.getMessage());
            LogUtil.error(TAG, a2.toString());
            throw new AssetUnknownException(e2);
        }
    }

    public byte[] getKek() {
        try {
            return KeyStoreManager.getInstance().decrypt(this.mEncryptedKek);
        } catch (IotKeyStoreException e2) {
            StringBuilder a2 = a.a("get kek IotKeyStoreException ");
            a2.append(e2.getMessage());
            LogUtil.error(TAG, a2.toString());
            throw new AssetUnknownException(e2);
        }
    }

    public int getPrimaryKeyVersion() {
        return this.mPrimaryKeyVersion;
    }

    public byte[] getPrivateKey() {
        try {
            return KeyStoreManager.getInstance().decrypt(this.mEncryptedPrivateKey);
        } catch (IotKeyStoreException e2) {
            StringBuilder a2 = a.a("get private key IotKeyStoreException ");
            a2.append(e2.getMessage());
            LogUtil.error(TAG, a2.toString());
            throw new AssetUnknownException(e2);
        }
    }

    public byte[] getPublicKey() {
        byte[] bArr = this.mPublicKey;
        return bArr == null ? new byte[0] : (byte[]) bArr.clone();
    }
}
