package qa;

import android.util.Log;
import com.google.crypto.tink.subtle.X25519;
import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import ds.e;
import ds.i;
import espressif.Sec1$Sec1Payload;
import espressif.Sec1$SessionCmd0;
import espressif.Sec1$SessionCmd1;
import espressif.Session$SessionData;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* compiled from: Security1.java */
/* loaded from: classes2.dex */
public class b implements d {

    /* renamed from: g, reason: collision with root package name */
    public static final String f61085g = "Espressif::" + b.class.getSimpleName();

    /* renamed from: d, reason: collision with root package name */
    public byte[] f61089d;

    /* renamed from: f, reason: collision with root package name */
    public Cipher f61091f;

    /* renamed from: a, reason: collision with root package name */
    public int f61086a = 0;

    /* renamed from: b, reason: collision with root package name */
    public byte[] f61087b = null;

    /* renamed from: c, reason: collision with root package name */
    public byte[] f61088c = null;

    /* renamed from: e, reason: collision with root package name */
    public byte[] f61090e = null;

    public b(String str) {
        this.f61089d = null;
        if (str != null) {
            this.f61089d = str.getBytes();
        }
    }

    @Override // qa.d
    public byte[] a(byte[] bArr) {
        int i10 = this.f61086a;
        if (i10 == 0) {
            this.f61086a = 1;
            return c();
        }
        if (i10 == 1) {
            this.f61086a = 2;
            e(bArr);
            return d();
        }
        if (i10 == 2) {
            this.f61086a = 3;
            f(bArr);
        }
        return null;
    }

    public final void b() throws InvalidKeyException {
        byte[] generatePrivateKey = X25519.generatePrivateKey();
        this.f61087b = generatePrivateKey;
        this.f61088c = X25519.publicFromPrivate(generatePrivateKey);
    }

    public final byte[] c() {
        try {
            b();
            return Session$SessionData.newBuilder().d(i.SecScheme1).b(Sec1$Sec1Payload.newBuilder().b(Sec1$SessionCmd0.newBuilder().a(ByteString.copyFrom(this.f61088c)).build()).build()).build().toByteArray();
        } catch (InvalidKeyException e10) {
            Log.e(f61085g, e10.getMessage());
            return null;
        }
    }

    public final byte[] d() {
        return Session$SessionData.newBuilder().d(i.SecScheme1).b(Sec1$Sec1Payload.newBuilder().c(Sec1$SessionCmd1.newBuilder().a(ByteString.copyFrom(this.f61090e)).build()).a(e.Session_Command1).build()).build().toByteArray();
    }

    @Override // qa.d
    public byte[] decrypt(byte[] bArr) {
        return this.f61091f.update(bArr);
    }

    public final void e(byte[] bArr) throws RuntimeException {
        try {
            if (bArr == null) {
                throw new RuntimeException("No response from device");
            }
            Session$SessionData parseFrom = Session$SessionData.parseFrom(bArr);
            if (parseFrom.getSecVer() != i.SecScheme1) {
                throw new RuntimeException("Security version mismatch");
            }
            byte[] byteArray = parseFrom.getSec1().getSr0().getDevicePubkey().toByteArray();
            byte[] byteArray2 = parseFrom.getSec1().getSr0().getDeviceRandom().toByteArray();
            byte[] computeSharedSecret = X25519.computeSharedSecret(this.f61087b, byteArray);
            if (this.f61089d.length > 0) {
                MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
                messageDigest.update(this.f61089d);
                computeSharedSecret = ta.a.a(computeSharedSecret, messageDigest.digest());
            }
            IvParameterSpec ivParameterSpec = new IvParameterSpec(byteArray2);
            SecretKeySpec secretKeySpec = new SecretKeySpec(computeSharedSecret, 0, computeSharedSecret.length, "AES");
            Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
            this.f61091f = cipher;
            cipher.init(1, secretKeySpec, ivParameterSpec);
            this.f61090e = encrypt(byteArray);
        } catch (InvalidProtocolBufferException e10) {
            Log.e(f61085g, e10.getMessage());
        } catch (InvalidAlgorithmParameterException e11) {
            e11.printStackTrace();
        } catch (InvalidKeyException e12) {
            Log.e(f61085g, e12.getMessage());
        } catch (NoSuchAlgorithmException e13) {
            Log.e(f61085g, e13.getMessage());
        } catch (NoSuchPaddingException e14) {
            e14.printStackTrace();
        }
    }

    @Override // qa.d
    public byte[] encrypt(byte[] bArr) {
        return this.f61091f.update(bArr);
    }

    public final void f(byte[] bArr) throws RuntimeException {
        try {
            if (bArr == null) {
                throw new RuntimeException("No response from device");
            }
            Session$SessionData parseFrom = Session$SessionData.parseFrom(bArr);
            if (parseFrom.getSecVer() != i.SecScheme1) {
                throw new RuntimeException("Security version mismatch");
            }
            if (!Arrays.equals(this.f61088c, decrypt(parseFrom.getSec1().getSr1().getDeviceVerifyData().toByteArray()))) {
                throw new RuntimeException("Session establishment failed !");
            }
        } catch (InvalidProtocolBufferException e10) {
            Log.e(f61085g, e10.getMessage());
        }
    }
}
