package com.icodici.crypto;

import com.icodici.crypto.SymmetricKey;
import java.io.EOFException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Arrays;
import java.util.Map;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import java.util.function.Predicate;
import net.sergeych.boss.Boss;
import net.sergeych.farcall.BossConnector;
import net.sergeych.farcall.Command;
import net.sergeych.farcall.Connector;
import net.sergeych.farcall.Farcall;
import net.sergeych.tools.AsyncEvent;
import net.sergeych.tools.Binder;
import net.sergeych.tools.Do;
import net.sergeych.utils.Bytes;
import net.sergeych.utils.LogPrinter;

/* loaded from: input_file:com/icodici/crypto/BitrustedConnector.class */
public class BitrustedConnector implements Farcall.Target, Connector {
    private static final int MY_VERSION = 2;
    private static LogPrinter log = new LogPrinter("BRCN");
    private static ExecutorService pool = Executors.newCachedThreadPool();
    private final PrivateKey myKey;
    private Farcall connection;
    private PublicKey remoteKey;
    private SymmetricKey remoteSessionKey;
    private Predicate<byte[]> isTrustedKey;
    private final SymmetricKey mySessionKey = new SymmetricKey();
    private final byte[] myNonce = Do.randomBytes(32);
    private int handshakeTimeoutMillis = 2000;
    private AsyncEvent ready = new AsyncEvent();
    private boolean connected = false;
    private BlockingQueue<Binder> inputQueue = new LinkedBlockingQueue();

    /* loaded from: input_file:com/icodici/crypto/BitrustedConnector$Error.class */
    class Error extends IOException {
        public Error() {
        }

        public Error(String str) {
            super(str);
        }

        public Error(String str, Throwable th) {
            super(str, th);
        }

        public Error(Throwable th) {
            super(th);
        }
    }

    public BitrustedConnector(PrivateKey privateKey, InputStream inputStream, OutputStream outputStream) throws IOException {
        this.myKey = privateKey;
        this.connection = new Farcall(new BossConnector(inputStream, outputStream));
        this.connection.asyncCommands(Executors.newSingleThreadExecutor());
    }

    public void send(Map<String, Object> map) throws IOException {
        checkConnected();
        byte[] etaEncrypt = this.mySessionKey.etaEncrypt(Boss.pack(map));
        if (this.connection.isClosed()) {
            throw new EOFException("connection closed");
        }
        this.connection.sendParams("block", new Object[]{etaEncrypt});
    }

    public Map<String, Object> receive() throws IOException {
        try {
            return this.inputQueue.take();
        } catch (InterruptedException e) {
            throw new EOFException("input is interrupted/being closed");
        }
    }

    public void close() {
        this.connected = false;
        this.connection.close();
    }

    private void checkConnected() {
        if (!this.connected) {
            throw new IllegalStateException("connector is not connected");
        }
    }

    public BitrustedConnector connect(Predicate<byte[]> predicate) throws Error, TimeoutException, InterruptedException {
        Future submit = pool.submit(() -> {
            this.isTrustedKey = predicate;
            this.connection.start(this);
            try {
                processHelloAnswer(Binder.from(this.connection.sendKeyParams("hello", new Object[]{"protocol", "bitrusted", "version", Integer.valueOf(MY_VERSION), "public_key", this.myKey.getPublicKey().pack(), "session_key", this.mySessionKey.pack(), "nonce", this.myNonce}).waitSuccess()));
                this.ready.await();
                return true;
            } catch (EncryptionError e) {
                log.e("Encryption error my k: " + this.myKey + " remote k: " + this.remoteKey, new Object[0]);
                return false;
            }
        });
        try {
            submit.get(this.handshakeTimeoutMillis, TimeUnit.MILLISECONDS);
            this.connected = true;
            return this;
        } catch (InterruptedException | TimeoutException e) {
            submit.cancel(true);
            throw e;
        } catch (Exception e2) {
            submit.cancel(true);
            throw new Error("initialization failed", e2.getCause());
        }
    }

    public boolean isConnected() {
        return this.connected;
    }

    private void processHelloAnswer(Binder binder) throws EncryptionError {
        byte[] binaryOrThrow = binder.getBinaryOrThrow("data");
        byte[] binaryOrThrow2 = binder.getBinaryOrThrow("signature");
        setRemoteKey(binder.getBinaryOrThrow("public_key"));
        if (!this.remoteKey.verify(binaryOrThrow, binaryOrThrow2, HashType.SHA256)) {
            throw new EncryptionError("bad signature in hello answer");
        }
        Binder unpack = Boss.unpack(this.myKey.decrypt(binaryOrThrow));
        if (!Arrays.equals(unpack.getBinaryOrThrow("nonce"), this.myNonce)) {
            throw new EncryptionError("nonce mismatch");
        }
        this.remoteSessionKey = new SymmetricKey(unpack.getBinary("session_key"));
    }

    public Object onCommand(Command command) throws Exception {
        String name = command.getName();
        boolean z = -1;
        switch (name.hashCode()) {
            case 93832333:
                if (name.equals("block")) {
                    z = true;
                    break;
                }
                break;
            case 99162322:
                if (name.equals("hello")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return onHello(Binder.from(command.getKeyParams()));
            case true:
                return decryptBlock(command);
            default:
                return null;
        }
    }

    private Object decryptBlock(Command command) throws EncryptionError {
        try {
            synchronized (this.remoteSessionKey) {
                Bytes bytes = (Bytes) command.getParam(0);
                if (bytes == null) {
                    throw new IllegalStateException("missing block data");
                }
                this.inputQueue.put(Boss.unpack(this.remoteSessionKey.etaDecrypt(bytes.toArray())));
            }
            return null;
        } catch (SymmetricKey.AuthenticationFailed e) {
            throw new EncryptionError("authentication failed on bitrusted block");
        } catch (InterruptedException e2) {
            Thread.interrupted();
            return null;
        } catch (Exception e3) {
            log.wtf("failed to process block", e3);
            e3.printStackTrace();
            return null;
        }
    }

    private Object onHello(Binder binder) throws IOException {
        if (!binder.getStringOrThrow("protocol").equals("bitrusted")) {
            throw new IOException("unsupported protocol, needs bitrusted'");
        }
        if (binder.getIntOrThrow("version") > MY_VERSION) {
            throw new IOException("unsupported protocol version, needs <= 2");
        }
        byte[] binaryOrThrow = binder.getBinaryOrThrow("nonce");
        setRemoteKey(binder.getBinaryOrThrow("public_key"));
        this.remoteSessionKey = new SymmetricKey(binder.getBinaryOrThrow("session_key"));
        byte[] encrypt = this.remoteKey.encrypt(Boss.pack(Binder.fromKeysValues(new Object[]{"session_key", this.mySessionKey.pack(), "nonce", binaryOrThrow})));
        byte[] sign = this.myKey.sign(encrypt, HashType.SHA256);
        this.ready.fire((Object) null);
        return Binder.fromKeysValues(new Object[]{"data", encrypt, "signature", sign, "public_key", this.myKey.getPublicKey().pack()});
    }

    public int getHandshakeTimeoutMillis() {
        return this.handshakeTimeoutMillis;
    }

    public void setHandshakeTimeoutMillis(int i) {
        this.handshakeTimeoutMillis = i;
    }

    public SymmetricKey getMySessionKey() {
        return this.mySessionKey;
    }

    public SymmetricKey getRemoteSessionKey() {
        return this.remoteSessionKey;
    }

    public void setRemoteKey(byte[] bArr) throws EncryptionError {
        if (this.isTrustedKey != null && !this.isTrustedKey.test(bArr)) {
            throw new IllegalArgumentException("public key is not accepted");
        }
        PublicKey publicKey = new PublicKey(bArr);
        synchronized (this.ready) {
            if (this.remoteKey == null) {
                this.remoteKey = publicKey;
            } else if (!publicKey.equals(this.remoteKey)) {
                throw new IllegalArgumentException("remote key already set to a different value");
            }
        }
    }
}
