package com.share.connect.security;

import android.content.Context;
import android.text.TextUtils;
import com.easy.logger.EasyLog;
import com.google.protobuf.ByteString;
import com.share.connect.utils.Bytes;
import com.ucar.databus.proto.UCarProto;
import java.nio.charset.StandardCharsets;

/* loaded from: classes2.dex */
public class ServerKeyNegotiator extends KeyNegotiator {
    private static final int NONCE_SIZE = 32;
    private static final String sAuthKeyAlias = "server_auth_key_for_client_";
    private static UCarProto.AuthResponse sInternalError = null;
    private static final String sTAG = "ServerKeyNegotiator";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class ClientInfo {
        byte[] agreementPk;
        byte[] agreementPkSig;
        byte[] authPk;
        byte[] authPkMac;
        byte[] id;
        byte[] nonce;
        boolean userConfirmed;
        int version;

        private ClientInfo() {
        }
    }

    static {
        try {
            sInternalError = UCarProto.AuthResponse.newBuilder().setVersion(getProtocolVersion()).setAuthPk(ByteString.EMPTY).setAuthPkHmac(ByteString.EMPTY).setAgreementPk(ByteString.EMPTY).setAgreementPkSig(ByteString.EMPTY).setRandom(ByteString.EMPTY).setResult(3).build();
        } catch (Exception e) {
            EasyLog.e(sTAG, "build AuthResponse Exception", e);
        }
    }

    public ServerKeyNegotiator(Context context) {
        super(context);
    }

    public static void deletePhoneById(Context context, String str) {
        if (TextUtils.isEmpty(str)) {
            EasyLog.w(sTAG, "deletePhoneById received empty deviceId");
            return;
        }
        try {
            byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
            initDb(context);
            removePeer(bytes, getSignKeyAlias(bytes));
        } catch (Exception e) {
            EasyLog.e(sTAG, "removePeer Exception", e);
        }
    }

    private static String getSignKeyAlias(byte[] bArr) {
        return sAuthKeyAlias + new String(bArr, StandardCharsets.UTF_8);
    }

    private ClientInfo parseClientInfo(UCarProto.AuthRequest authRequest) {
        ClientInfo clientInfo = new ClientInfo();
        clientInfo.id = authRequest.getId().toByteArray();
        clientInfo.version = authRequest.getVersion();
        clientInfo.authPk = authRequest.getAuthPk().toByteArray();
        clientInfo.authPkMac = authRequest.getAuthPkHmac().toByteArray();
        clientInfo.agreementPk = authRequest.getAgreementPk().toByteArray();
        clientInfo.agreementPkSig = authRequest.getAgreementPkSig().toByteArray();
        clientInfo.nonce = authRequest.getRandom().toByteArray();
        clientInfo.userConfirmed = authRequest.getUserConfirmed();
        return clientInfo;
    }

    public UCarProto.AuthResponse generateKeyNegotiationInfo(UCarProto.AuthRequest authRequest) {
        ClientInfo parseClientInfo;
        ClientInfo clientInfo = null;
        if (getPinCode() == null || getPinCode().length < 6) {
            return null;
        }
        try {
            parseClientInfo = parseClientInfo(authRequest);
        } catch (Exception e) {
            e = e;
        }
        try {
            if (parseClientInfo.agreementPk.length != 0 && parseClientInfo.nonce.length != 0 && parseClientInfo.id.length != 0) {
                byte[] encodePublicKey = encodePublicKey(generateAgreementPublicKey());
                byte[] generateNonce = generateNonce(32);
                if (parseClientInfo.authPk.length != 0 && parseClientInfo.authPkMac.length != 0) {
                    EasyLog.i(sTAG, "normal connection initiated by the phone");
                    if (agreeOnSessionKey(getPeerAgreementPublicKey(parseClientInfo.agreementPk, parseClientInfo.nonce, parseClientInfo.agreementPkSig, getPeerAuthenticationPublicKey(parseClientInfo.authPk, new byte[0], parseClientInfo.nonce, parseClientInfo.authPkMac)), Bytes.concat(parseClientInfo.nonce, getNonce())) && savePeer(parseClientInfo.id, parseClientInfo.authPk)) {
                        byte[] encodePublicKey2 = encodePublicKey(generateAuthenticationPublicKey(getSignKeyAlias(parseClientInfo.id)));
                        EasyLog.i(sTAG, "normal connection succeeded");
                        return UCarProto.AuthResponse.newBuilder().setVersion(getProtocolVersion()).setAuthPk(ByteString.copyFrom(encodePublicKey2)).setAuthPkHmac(ByteString.copyFrom(generateHmac(Bytes.concat(encodePublicKey2, parseClientInfo.authPk), Bytes.concat(generateNonce, parseClientInfo.nonce)))).setAgreementPk(ByteString.copyFrom(encodePublicKey)).setAgreementPkSig(ByteString.copyFrom(generateSign(getSignKeyAlias(parseClientInfo.id), encodePublicKey, Bytes.concat(parseClientInfo.agreementPk, generateNonce, parseClientInfo.nonce)))).setRandom(ByteString.copyFrom(generateNonce)).setResult(0).build();
                    }
                    EasyLog.e(sTAG, "normal connection failed");
                    removePeer(parseClientInfo.id, getSignKeyAlias(parseClientInfo.id));
                    return sInternalError;
                }
                Peer peer = getPeer(parseClientInfo.id);
                if (peer == null) {
                    EasyLog.i(sTAG, "quick connection rejected, need normal connection");
                    return UCarProto.AuthResponse.newBuilder().setVersion(getProtocolVersion()).setAuthPk(ByteString.EMPTY).setAuthPkHmac(ByteString.EMPTY).setAgreementPk(ByteString.EMPTY).setAgreementPkSig(ByteString.EMPTY).setRandom(ByteString.EMPTY).setResult(1).build();
                }
                Peer lastPeer = getLastPeer();
                if (lastPeer != null && !lastPeer.id.equals(peer.id) && !parseClientInfo.userConfirmed) {
                    EasyLog.i(sTAG, "the incoming phone wants quick connection but is not the last connected one, the phone needs to disconnect and ask for user confirmation");
                    return UCarProto.AuthResponse.newBuilder().setVersion(getProtocolVersion()).setAuthPk(ByteString.EMPTY).setAuthPkHmac(ByteString.EMPTY).setAgreementPk(ByteString.EMPTY).setAgreementPkSig(ByteString.EMPTY).setRandom(ByteString.EMPTY).setResult(2).build();
                }
                if (agreeOnSessionKey(getPeerAgreementPublicKey(parseClientInfo.agreementPk, parseClientInfo.nonce, parseClientInfo.agreementPkSig, getPeerAuthenticationPublicKey(decodeBase64(peer.authKey))), Bytes.concat(parseClientInfo.nonce, getNonce()))) {
                    EasyLog.i(sTAG, "quick connection succeeded");
                    updateLastPeer(parseClientInfo.id);
                    return UCarProto.AuthResponse.newBuilder().setVersion(getProtocolVersion()).setAuthPk(ByteString.EMPTY).setAuthPkHmac(ByteString.EMPTY).setAgreementPk(ByteString.copyFrom(encodePublicKey)).setAgreementPkSig(ByteString.copyFrom(generateSign(getSignKeyAlias(parseClientInfo.id), encodePublicKey, Bytes.concat(parseClientInfo.agreementPk, generateNonce, parseClientInfo.nonce)))).setRandom(ByteString.copyFrom(generateNonce)).setResult(0).build();
                }
                EasyLog.e(sTAG, "quick connection failed");
                removePeer(parseClientInfo.id, getSignKeyAlias(parseClientInfo.id));
                return sInternalError;
            }
            return null;
        } catch (Exception e2) {
            e = e2;
            clientInfo = parseClientInfo;
            EasyLog.e(sTAG, "generateKeyNegotiationInfo Exception", e);
            if (clientInfo != null) {
                removePeer(clientInfo.id, getSignKeyAlias(clientInfo.id));
            }
            return sInternalError;
        }
    }
}
