package com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.component.task;

import com.huawei.iotplatform.security.common.util.CommonUtil;
import com.huawei.iotplatform.security.common.util.LogUtil;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.sdk.ReturnCode;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.CallbackMethods;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.KeyManagerImpl;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.component.TaskBase;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.component.status.ExchangeAuthInfoTaskStatus;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.TaskFeedback;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.CallerInfo;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.ExchangeData;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.KeyStruct;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.ProcessedSessionInfo;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.PublicKeyInfo;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.utils.BlockCipherUtils;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.utils.Deserializer;
import com.huawei.iotplatform.security.e2esecurity.local.LocalHiLinkAssetMgmt;
import d.b.g0;
import e.b.a.a.a;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class ExchangeAuthInfoTask extends TaskBase {
    public static final byte[] REQUEST_AAD = CommonUtil.stringToBytes("hichain_exchange_request");
    public static final byte[] RESPONSE_AAD = CommonUtil.stringToBytes("hichain_exchange_response");
    public byte[] mChallenge;

    public ExchangeAuthInfoTask(@g0 ProcessedSessionInfo processedSessionInfo, @g0 CallbackMethods callbackMethods, @g0 TaskFeedback taskFeedback, boolean z) {
        super(processedSessionInfo, callbackMethods, taskFeedback);
        this.mTaskStatus = new ExchangeAuthInfoTaskStatus(z);
        this.mChallenge = new byte[32];
    }

    private byte[] getLocalPublicKeyInfo() {
        StringBuilder a2 = a.a("mSelfType is ");
        a2.append(this.mSelfType);
        LogUtil.info("TaskBase", a2.toString());
        KeyStruct.PubKeyInfo localPubKeyInfo = KeyManagerImpl.getInstance().getLocalPubKeyInfo(new CallerInfo(this.mServiceId, this.mCallerPkgName), this.mSelfId, this.mChallenge);
        if (localPubKeyInfo.getInfo() == null || localPubKeyInfo.getInfo().length == 0) {
            LogUtil.error("TaskBase", "need to register first");
            this.mOperationResult = ReturnCode.NOT_REGISTERED;
            return new byte[0];
        }
        if (localPubKeyInfo.getPublicKeySignature() != null && localPubKeyInfo.getPublicKeySignature().length != 0) {
            return CommonUtil.concatenateAll(localPubKeyInfo.getInfo(), localPubKeyInfo.getPublicKeySignature());
        }
        LogUtil.error("TaskBase", "sign publicKey info error");
        this.mOperationResult = 1;
        return new byte[0];
    }

    private void parseExchangeResponse(JSONObject jSONObject) {
        int i2;
        byte[] decryptAesGcm;
        try {
            decryptAesGcm = BlockCipherUtils.decryptAesGcm(ExchangeData.extractExchangeData(jSONObject).getExAuthInfo(), this.mSessionKey, RESPONSE_AAD);
        } catch (JSONException unused) {
            LogUtil.error("TaskBase", "bad payload in passThrough data");
            i2 = -268435445;
        }
        if (decryptAesGcm.length == 0) {
            LogUtil.error("TaskBase", "parse payload error");
            i2 = 1;
            this.mOperationResult = i2;
            this.mTaskStatus.nextStatus();
        }
        verifyAndSaveAuthInfo(decryptAesGcm);
        if (this.mOperationResult == 0) {
            this.mReturnData = this.mPeerId;
        } else {
            this.mReturnData = new byte[0];
        }
        this.mTaskStatus.nextStatus();
    }

    private void sendExchangeRequest() {
        byte[] localPublicKeyInfo = getLocalPublicKeyInfo();
        if (localPublicKeyInfo.length == 0) {
            LogUtil.error("TaskBase", "cannot get local public key");
            informPeerAndCancel();
            return;
        }
        byte[] encryptAesGcm = BlockCipherUtils.encryptAesGcm(localPublicKeyInfo, this.mSessionKey, REQUEST_AAD);
        ExchangeData exchangeData = new ExchangeData();
        try {
            exchangeData.setExAuthInfo(encryptAesGcm);
            sendPassThroughData(3, exchangeData.getExchangeDataJsonObj());
        } catch (JSONException unused) {
            LogUtil.error("TaskBase", "cannot generate exchange public key request data");
            this.mOperationResult = 1;
            informPeerAndCancel();
        }
    }

    private void sendExchangeResponse(JSONObject jSONObject) {
        try {
            byte[] decryptAesGcm = BlockCipherUtils.decryptAesGcm(ExchangeData.extractExchangeData(jSONObject).getExAuthInfo(), this.mSessionKey, REQUEST_AAD);
            if (decryptAesGcm.length == 0) {
                LogUtil.error("TaskBase", "parse payload error");
                this.mOperationResult = 1;
            } else {
                verifyAndSaveAuthInfo(decryptAesGcm);
                if (this.mOperationResult != 0) {
                    informPeerAndCancel();
                    return;
                }
                this.mReturnData = this.mPeerId;
                byte[] localPublicKeyInfo = getLocalPublicKeyInfo();
                if (localPublicKeyInfo.length != 0) {
                    byte[] encryptAesGcm = BlockCipherUtils.encryptAesGcm(localPublicKeyInfo, this.mSessionKey, RESPONSE_AAD);
                    ExchangeData exchangeData = new ExchangeData();
                    try {
                        exchangeData.setExAuthInfo(encryptAesGcm);
                        sendPassThroughData(32771, exchangeData.getExchangeDataJsonObj());
                        return;
                    } catch (JSONException unused) {
                        LogUtil.error("TaskBase", "cannot generate exchange public key response data");
                        this.mOperationResult = 1;
                        informPeerAndCancel();
                        return;
                    }
                }
                LogUtil.error("TaskBase", "cannot get local public key");
            }
        } catch (JSONException unused2) {
            LogUtil.error("TaskBase", "bad payload in passThrough data");
            this.mOperationResult = -268435445;
        }
        informPeerAndCancel();
    }

    private void verifyAndSaveAuthInfo(byte[] bArr) {
        byte[] bArr2 = new byte[64];
        int length = bArr.length - 64;
        if (length <= 0) {
            LogUtil.error("TaskBase", "bad format of public key info");
            this.mOperationResult = 1;
            return;
        }
        byte[] bArr3 = new byte[length];
        if (!CommonUtil.copyByteArray(bArr, 0, bArr3, 0, length)) {
            LogUtil.error("TaskBase", "bad format of info in public key info");
            this.mOperationResult = 1;
            return;
        }
        if (!CommonUtil.copyByteArray(bArr, length, bArr2, 0, 64)) {
            LogUtil.error("TaskBase", "bad format of signature in public key info");
            this.mOperationResult = 1;
            return;
        }
        try {
            PublicKeyInfo deserializePubKeyInfo = Deserializer.deserializePubKeyInfo(bArr3);
            this.mPeerId = deserializePubKeyInfo.getAuthId();
            byte[] publicKey = deserializePubKeyInfo.getPublicKey();
            byte[] bArr4 = new byte[32];
            CommonUtil.copyByteArray(this.mChallenge, 16, bArr4, 0, 16);
            CommonUtil.copyByteArray(this.mChallenge, 0, bArr4, 16, 16);
            if (!LocalHiLinkAssetMgmt.getInstance().verify(CommonUtil.concatenateAll(bArr4, bArr3), bArr2, publicKey)) {
                LogUtil.error("TaskBase", "verify peer public key info's signature failed");
                this.mOperationResult = 1;
            } else {
                LogUtil.info("TaskBase", "verify peer public key ok");
                KeyStruct.OperationResult addAuthInfo = KeyManagerImpl.getInstance().addAuthInfo(new CallerInfo(this.mServiceId, this.mCallerPkgName), this.mPeerType, this.mPeerId, publicKey);
                this.mOperationResult = addAuthInfo.getResult();
                this.mReturnData = addAuthInfo.getAdditionalInfo();
            }
        } catch (JSONException unused) {
            LogUtil.error("TaskBase", "bad format of peer's public key info");
            this.mOperationResult = 1;
        }
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.component.TaskBase
    public void doStart() {
        sendExchangeRequest();
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.component.TaskBase
    public void processReceived(int i2, @g0 JSONObject jSONObject) {
        if (i2 == 3) {
            sendExchangeResponse(jSONObject);
            if (!this.mTaskStatus.isFinished()) {
                return;
            }
        } else {
            if (i2 != 32771) {
                return;
            }
            parseExchangeResponse(jSONObject);
            if (!this.mTaskStatus.isFinished()) {
                return;
            }
        }
        doStop();
    }

    public void setChallenge(byte[] bArr) {
        if (bArr != null) {
            this.mChallenge = (byte[]) bArr.clone();
        }
    }
}
