package com.ucar.protocol.security;

import com.google.common.primitives.Bytes;
import com.ucar.protocol.MemUtil;
import com.ucar.protocol.ProtocolConfig;
import java.io.ByteArrayOutputStream;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.SecureRandom;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public class SecurityManager {
    private static final int PREFIX_LEN = 4;
    private static final Map<String, SecretKey> SESSION_KEY_MAP = new ConcurrentHashMap();
    private static final String TAG = "SecurityManager";
    private static final int TAG_LENGTH = 16;
    private Cipher mDecryptCipher;
    private Cipher mEncryptorCipher;
    private SecureRandom mRandom;
    private String mSessionKeyAlias;

    public SecurityManager() {
        this("session_key");
    }

    public SecurityManager(String str) {
        try {
            this.mSessionKeyAlias = str;
            this.mEncryptorCipher = Cipher.getInstance("AES/GCM/NoPadding");
            this.mDecryptCipher = Cipher.getInstance("AES/GCM/NoPadding");
            this.mRandom = SecureRandom.getInstance("SHA1PRNG");
        } catch (Exception e) {
            ProtocolConfig.getLogger().e(TAG, "Init SecurityManager error.", e);
        }
    }

    private void checkSecurityManager(SecretKey secretKey) {
        if (secretKey == null) {
            throw new SecurityException("no session key: " + this.mSessionKeyAlias);
        }
        if (this.mDecryptCipher == null) {
            throw new SecurityException("encryption cipher is not created");
        }
        if (this.mRandom == null) {
            throw new SecurityException("random generator is not created");
        }
    }

    public static byte[] getSessionKey(String str) {
        SecretKey secretKey = SESSION_KEY_MAP.get(str);
        if (secretKey != null) {
            return secretKey.getEncoded();
        }
        return null;
    }

    public static void setSessionKey(byte[] bArr, String str) {
        SESSION_KEY_MAP.put(str, new SecretKeySpec(bArr, "AES"));
    }

    private static byte[] toByteArray(int i) {
        return ByteBuffer.allocate(4).order(ByteOrder.BIG_ENDIAN).putInt(i).array();
    }

    private static int toInt(byte[] bArr, int i, int i2) {
        return ByteBuffer.wrap(bArr, i, i2).order(ByteOrder.BIG_ENDIAN).getInt();
    }

    public ByteBuffer decrypt(ByteBuffer byteBuffer) {
        return decrypt(byteBuffer, true);
    }

    public ByteBuffer decrypt(ByteBuffer byteBuffer, boolean z) {
        ByteBuffer allocate;
        if (byteBuffer == null || byteBuffer.remaining() == 0) {
            return MemUtil.EMPTY_BYTE_BUFFER;
        }
        SecretKey secretKey = SESSION_KEY_MAP.get(this.mSessionKeyAlias);
        synchronized (this) {
            try {
                try {
                    checkSecurityManager(secretKey);
                    int i = byteBuffer.getInt();
                    byte[] tempArray = MemUtil.tempArray(i);
                    byteBuffer.get(tempArray, 0, i);
                    this.mDecryptCipher.init(2, secretKey, new GCMParameterSpec(128, tempArray, 0, i));
                    int i2 = byteBuffer.getInt();
                    byte[] tempArray2 = MemUtil.tempArray(i2);
                    byteBuffer.get(tempArray2, 0, i2);
                    int outputSize = this.mDecryptCipher.getOutputSize(i2);
                    allocate = z ? ByteBuffer.allocate(outputSize) : MemUtil.tempBuffer(outputSize);
                    this.mDecryptCipher.doFinal(ByteBuffer.wrap(tempArray2, 0, i2), allocate);
                    allocate.flip();
                } catch (Exception e) {
                    ProtocolConfig.getLogger().e(TAG, "decrypt error.", e);
                    return MemUtil.EMPTY_BYTE_BUFFER;
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return allocate;
    }

    public byte[] decrypt(byte[] bArr) {
        byte[] byteArray;
        SecretKey secretKey = SESSION_KEY_MAP.get(this.mSessionKeyAlias);
        synchronized (this) {
            try {
                try {
                    checkSecurityManager(secretKey);
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    int i = 0;
                    while (i < bArr.length) {
                        int i2 = toInt(bArr, i, 4);
                        int i3 = i + 4;
                        this.mDecryptCipher.init(2, secretKey, new GCMParameterSpec(128, bArr, i3, i2));
                        int i4 = i3 + i2;
                        int i5 = toInt(bArr, i4, 4);
                        byteArrayOutputStream.write(this.mDecryptCipher.doFinal(bArr, i4 + 4, i5));
                        i += i2 + 4 + 4 + i5;
                    }
                    byteArray = byteArrayOutputStream.toByteArray();
                } catch (Exception e) {
                    ProtocolConfig.getLogger().e(TAG, "decrypt error.", e);
                    return new byte[0];
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return byteArray;
    }

    public ByteBuffer encrypt(ByteBuffer byteBuffer) {
        ByteBuffer tempBuffer;
        SecretKey secretKey = SESSION_KEY_MAP.get(this.mSessionKeyAlias);
        if (byteBuffer == null || byteBuffer.remaining() == 0) {
            return MemUtil.EMPTY_BYTE_BUFFER;
        }
        synchronized (this) {
            try {
                checkSecurityManager(secretKey);
                this.mEncryptorCipher.init(1, secretKey, this.mRandom);
                byte[] iv = this.mEncryptorCipher.getIV();
                int outputSize = this.mEncryptorCipher.getOutputSize(byteBuffer.remaining());
                if (iv == null) {
                    throw new SecurityException("invalid IV for encryption");
                }
                if (outputSize <= 0) {
                    throw new SecurityException("encryption returns nothing");
                }
                tempBuffer = MemUtil.tempBuffer(iv.length + 4 + 4 + outputSize);
                tempBuffer.putInt(iv.length);
                tempBuffer.put(iv);
                tempBuffer.putInt(outputSize);
                this.mEncryptorCipher.doFinal(byteBuffer, tempBuffer);
                tempBuffer.flip();
            } catch (Exception e) {
                ProtocolConfig.getLogger().e(TAG, "encrypt error.", e);
                return MemUtil.EMPTY_BYTE_BUFFER;
            }
        }
        return tempBuffer;
    }

    public byte[] encrypt(byte[] bArr) {
        byte[] concat;
        SecretKey secretKey = SESSION_KEY_MAP.get(this.mSessionKeyAlias);
        synchronized (this) {
            try {
                checkSecurityManager(secretKey);
                this.mEncryptorCipher.init(1, secretKey, this.mRandom);
                byte[] iv = this.mEncryptorCipher.getIV();
                byte[] doFinal = this.mEncryptorCipher.doFinal(bArr);
                if (iv == null) {
                    throw new SecurityException("invalid IV for encryption");
                }
                if (doFinal == null) {
                    throw new SecurityException("encryption returns nothing");
                }
                concat = Bytes.concat(toByteArray(iv.length), iv, toByteArray(doFinal.length), doFinal);
            } catch (Exception e) {
                ProtocolConfig.getLogger().e(TAG, "encrypt error.", e);
                return new byte[0];
            }
        }
        return concat;
    }
}
