package com.google.security.cryptauth.lib.securegcm;

import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import com.google.security.cryptauth.lib.securegcm.UkeyProto;
import com.google.security.cryptauth.lib.securemessage.CryptoOps;
import com.google.security.cryptauth.lib.securemessage.PublicKeyProtoUtil;
import com.google.security.cryptauth.lib.securemessage.SecureMessageProto;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import javax.crypto.SecretKey;

/* loaded from: classes2.dex */
public class Ukey2Handshake {
    private static final String NEXT_PROTOCOL = "AES_256_CBC-HMAC_SHA256";
    private static final int NONCE_LENGTH_IN_BYTES = 32;
    private static final String UTF_8 = "UTF-8";
    public static final int VERSION = 1;
    private SecretKey mDerivedSecretKey;
    private final HandshakeCipher mHandshakeCipher;
    private final HandshakeRole mHandshakeRole;
    private InternalState mHandshakeState;
    private byte[] mIvSpec;
    private final KeyPair mOurKeyPair;
    private byte[] mRawMessage1;
    private byte[] mRawMessage2;
    private final HashMap<HandshakeCipher, byte[]> mRawMessage3Map = new HashMap<>();
    private byte[] mTheirCommitment;
    private PublicKey mTheirPublicKey;

    /* renamed from: com.google.security.cryptauth.lib.securegcm.Ukey2Handshake$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass1 {
        public static final /* synthetic */ int[] $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$HandshakeCipher;
        public static final /* synthetic */ int[] $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState;
        public static final /* synthetic */ int[] $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType;
        public static final /* synthetic */ int[] $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Message$Type;

        static {
            int[] iArr = new int[UkeyProto.Ukey2Alert.AlertType.values().length];
            $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType = iArr;
            try {
                iArr[UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE_TYPE.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[UkeyProto.Ukey2Alert.AlertType.INCORRECT_MESSAGE.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE_DATA.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[UkeyProto.Ukey2Alert.AlertType.BAD_VERSION.ordinal()] = 5;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[UkeyProto.Ukey2Alert.AlertType.BAD_RANDOM.ordinal()] = 6;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[UkeyProto.Ukey2Alert.AlertType.BAD_HANDSHAKE_CIPHER.ordinal()] = 7;
            } catch (NoSuchFieldError unused7) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[UkeyProto.Ukey2Alert.AlertType.BAD_NEXT_PROTOCOL.ordinal()] = 8;
            } catch (NoSuchFieldError unused8) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[UkeyProto.Ukey2Alert.AlertType.BAD_PUBLIC_KEY.ordinal()] = 9;
            } catch (NoSuchFieldError unused9) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[UkeyProto.Ukey2Alert.AlertType.INTERNAL_ERROR.ordinal()] = 10;
            } catch (NoSuchFieldError unused10) {
            }
            int[] iArr2 = new int[UkeyProto.Ukey2Message.Type.values().length];
            $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Message$Type = iArr2;
            try {
                iArr2[UkeyProto.Ukey2Message.Type.ALERT.ordinal()] = 1;
            } catch (NoSuchFieldError unused11) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Message$Type[UkeyProto.Ukey2Message.Type.CLIENT_INIT.ordinal()] = 2;
            } catch (NoSuchFieldError unused12) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Message$Type[UkeyProto.Ukey2Message.Type.SERVER_INIT.ordinal()] = 3;
            } catch (NoSuchFieldError unused13) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Message$Type[UkeyProto.Ukey2Message.Type.CLIENT_FINISH.ordinal()] = 4;
            } catch (NoSuchFieldError unused14) {
            }
            int[] iArr3 = new int[HandshakeCipher.values().length];
            $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$HandshakeCipher = iArr3;
            try {
                iArr3[HandshakeCipher.P256_SHA512.ordinal()] = 1;
            } catch (NoSuchFieldError unused15) {
            }
            int[] iArr4 = new int[InternalState.values().length];
            $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState = iArr4;
            try {
                iArr4[InternalState.CLIENT_START.ordinal()] = 1;
            } catch (NoSuchFieldError unused16) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.SERVER_START.ordinal()] = 2;
            } catch (NoSuchFieldError unused17) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.SERVER_AFTER_CLIENT_INIT.ordinal()] = 3;
            } catch (NoSuchFieldError unused18) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.CLIENT_AFTER_SERVER_INIT.ordinal()] = 4;
            } catch (NoSuchFieldError unused19) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.CLIENT_WAITING_FOR_SERVER_INIT.ordinal()] = 5;
            } catch (NoSuchFieldError unused20) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.SERVER_WAITING_FOR_CLIENT_FINISHED.ordinal()] = 6;
            } catch (NoSuchFieldError unused21) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.HANDSHAKE_ERROR.ordinal()] = 7;
            } catch (NoSuchFieldError unused22) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.HANDSHAKE_VERIFICATION_NEEDED.ordinal()] = 8;
            } catch (NoSuchFieldError unused23) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.HANDSHAKE_VERIFICATION_IN_PROGRESS.ordinal()] = 9;
            } catch (NoSuchFieldError unused24) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.HANDSHAKE_FINISHED.ordinal()] = 10;
            } catch (NoSuchFieldError unused25) {
            }
            try {
                $SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[InternalState.HANDSHAKE_ALREADY_USED.ordinal()] = 11;
            } catch (NoSuchFieldError unused26) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public static class AlertException extends Exception {
        private final UkeyProto.Ukey2Alert mAlertMessageToSend;

        public AlertException(String str, UkeyProto.Ukey2Alert ukey2Alert) {
            super(str);
            this.mAlertMessageToSend = ukey2Alert;
        }

        public byte[] getAlertMessageToSend() {
            return this.mAlertMessageToSend.toByteArray();
        }
    }

    /* loaded from: classes2.dex */
    public enum HandshakeCipher {
        P256_SHA512(UkeyProto.Ukey2HandshakeCipher.P256_SHA512);

        private final UkeyProto.Ukey2HandshakeCipher mValue;

        HandshakeCipher(UkeyProto.Ukey2HandshakeCipher ukey2HandshakeCipher) {
            if (ukey2HandshakeCipher == UkeyProto.Ukey2HandshakeCipher.P256_SHA512) {
                this.mValue = ukey2HandshakeCipher;
                return;
            }
            throw new IllegalArgumentException("Unknown cipher value: " + ukey2HandshakeCipher);
        }

        public UkeyProto.Ukey2HandshakeCipher getValue() {
            return this.mValue;
        }
    }

    /* loaded from: classes2.dex */
    public enum HandshakeRole {
        CLIENT,
        SERVER
    }

    /* loaded from: classes2.dex */
    public enum InternalState {
        CLIENT_START,
        CLIENT_WAITING_FOR_SERVER_INIT,
        CLIENT_AFTER_SERVER_INIT,
        SERVER_START,
        SERVER_AFTER_CLIENT_INIT,
        SERVER_WAITING_FOR_CLIENT_FINISHED,
        HANDSHAKE_VERIFICATION_NEEDED,
        HANDSHAKE_VERIFICATION_IN_PROGRESS,
        HANDSHAKE_FINISHED,
        HANDSHAKE_ALREADY_USED,
        HANDSHAKE_ERROR
    }

    /* loaded from: classes2.dex */
    public enum State {
        IN_PROGRESS,
        VERIFICATION_NEEDED,
        VERIFICATION_IN_PROGRESS,
        FINISHED,
        ALREADY_USED,
        ERROR
    }

    private Ukey2Handshake(InternalState internalState, HandshakeCipher handshakeCipher) {
        if (handshakeCipher == null) {
            throwIllegalArgumentException("Invalid handshake cipher");
        }
        this.mHandshakeCipher = handshakeCipher;
        int i10 = AnonymousClass1.$SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[internalState.ordinal()];
        if (i10 == 1) {
            this.mHandshakeRole = HandshakeRole.CLIENT;
        } else if (i10 != 2) {
            throwIllegalStateException("Invalid handshake state");
            this.mHandshakeRole = null;
        } else {
            this.mHandshakeRole = HandshakeRole.SERVER;
        }
        this.mHandshakeState = internalState;
        this.mOurKeyPair = genKeyPair(handshakeCipher);
    }

    public static Ukey2Handshake forInitiator(HandshakeCipher handshakeCipher) {
        return new Ukey2Handshake(InternalState.CLIENT_START, handshakeCipher);
    }

    public static Ukey2Handshake forResponder(HandshakeCipher handshakeCipher) {
        return new Ukey2Handshake(InternalState.SERVER_START, handshakeCipher);
    }

    private KeyPair genKeyPair(HandshakeCipher handshakeCipher) {
        if (AnonymousClass1.$SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$HandshakeCipher[handshakeCipher.ordinal()] == 1) {
            return PublicKeyProtoUtil.generateEcP256KeyPair();
        }
        throwHandshakeException("unknown cipher: " + handshakeCipher);
        return null;
    }

    private UkeyProto.Ukey2ClientFinished generateP256SHA512ClientFinished(KeyPair keyPair) {
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[16];
        this.mIvSpec = bArr;
        secureRandom.nextBytes(bArr);
        byte[] byteArray = PublicKeyProtoUtil.encodePublicKey(keyPair.getPublic()).toByteArray();
        UkeyProto.Ukey2ClientFinished.Builder newBuilder = UkeyProto.Ukey2ClientFinished.newBuilder();
        newBuilder.setPublicKey(ByteString.copyFrom(byteArray));
        newBuilder.setIvSpec(ByteString.copyFrom(this.mIvSpec));
        this.mRawMessage3Map.put(HandshakeCipher.P256_SHA512, makeUkey2Message(UkeyProto.Ukey2Message.Type.CLIENT_FINISH, newBuilder.build().toByteArray()));
        return newBuilder.build();
    }

    private UkeyProto.Ukey2ClientInit.CipherCommitment generateP256SHA512Commitment() {
        HashMap<HandshakeCipher, byte[]> hashMap = this.mRawMessage3Map;
        HandshakeCipher handshakeCipher = HandshakeCipher.P256_SHA512;
        if (!hashMap.containsKey(handshakeCipher)) {
            generateP256SHA512ClientFinished(this.mOurKeyPair);
        }
        UkeyProto.Ukey2ClientInit.CipherCommitment.Builder newBuilder = UkeyProto.Ukey2ClientInit.CipherCommitment.newBuilder();
        newBuilder.setHandshakeCipher(UkeyProto.Ukey2HandshakeCipher.P256_SHA512);
        newBuilder.setCommitment(ByteString.copyFrom(sha512(this.mRawMessage3Map.get(handshakeCipher))));
        return newBuilder.build();
    }

    private static byte[] generateRandomNonce() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    private UkeyProto.Ukey2Alert makeAlertMessage(UkeyProto.Ukey2Alert.AlertType alertType, String str) {
        switch (AnonymousClass1.$SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Alert$AlertType[alertType.ordinal()]) {
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
            case 8:
            case 9:
            case 10:
                break;
            default:
                throwHandshakeException("Unknown alert type: " + alertType);
                break;
        }
        UkeyProto.Ukey2Alert.Builder newBuilder = UkeyProto.Ukey2Alert.newBuilder();
        newBuilder.setType(alertType);
        if (str != null) {
            newBuilder.setErrorMessage(str);
        }
        return newBuilder.build();
    }

    private byte[] makeClientInitMessage() {
        UkeyProto.Ukey2ClientInit.Builder newBuilder = UkeyProto.Ukey2ClientInit.newBuilder();
        newBuilder.setVersion(1);
        newBuilder.setRandom(ByteString.copyFrom(generateRandomNonce()));
        newBuilder.setNextProtocol(NEXT_PROTOCOL);
        newBuilder.addCipherCommitments(generateP256SHA512Commitment());
        return newBuilder.build().toByteArray();
    }

    private byte[] makeServerInitMessage() {
        UkeyProto.Ukey2ServerInit.Builder newBuilder = UkeyProto.Ukey2ServerInit.newBuilder();
        newBuilder.setVersion(1);
        newBuilder.setRandom(ByteString.copyFrom(generateRandomNonce()));
        newBuilder.setHandshakeCipher(this.mHandshakeCipher.getValue());
        newBuilder.setPublicKey(PublicKeyProtoUtil.encodePublicKey(this.mOurKeyPair.getPublic()).toByteString());
        return newBuilder.build().toByteArray();
    }

    private byte[] makeUkey2Message(UkeyProto.Ukey2Message.Type type, byte[] bArr) {
        UkeyProto.Ukey2Message.Builder newBuilder = UkeyProto.Ukey2Message.newBuilder();
        int i10 = AnonymousClass1.$SwitchMap$com$google$security$cryptauth$lib$securegcm$UkeyProto$Ukey2Message$Type[type.ordinal()];
        if (i10 != 1 && i10 != 2 && i10 != 3 && i10 != 4) {
            throwIllegalArgumentException("Invalid message type: " + type);
        }
        newBuilder.setMessageType(type);
        if (type != UkeyProto.Ukey2Message.Type.ALERT) {
            if (bArr == null || bArr.length == 0) {
                throwIllegalArgumentException("Cannot send empty message data for non-alert messages");
            }
            newBuilder.setMessageData(ByteString.copyFrom(bArr));
        }
        return newBuilder.build().toByteArray();
    }

    private void parseMessage1(byte[] bArr) {
        UkeyProto.Ukey2Message ukey2Message;
        UkeyProto.Ukey2ClientInit ukey2ClientInit = null;
        try {
            ukey2Message = UkeyProto.Ukey2Message.parseFrom(bArr);
        } catch (InvalidProtocolBufferException e10) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE, "Can't parse message 1 " + e10.getMessage());
            ukey2Message = null;
        }
        if (!ukey2Message.hasMessageType() || ukey2Message.getMessageType() != UkeyProto.Ukey2Message.Type.CLIENT_INIT) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE_TYPE, "Expected, but did not find ClientInit message type");
        }
        if (!ukey2Message.hasMessageData()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE_DATA, "Expected message data, but didn't find it");
        }
        try {
            ukey2ClientInit = UkeyProto.Ukey2ClientInit.parseFrom(ukey2Message.getMessageData());
        } catch (InvalidProtocolBufferException unused) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE_DATA, "Can't parse message data into ClientInit");
        }
        if (!ukey2ClientInit.hasVersion()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_VERSION, "ClientInit missing version");
        }
        if (ukey2ClientInit.getVersion() != 1) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_VERSION, "ClientInit version mismatch");
        }
        if (!ukey2ClientInit.hasRandom()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_RANDOM, "ClientInit missing random");
        }
        if (ukey2ClientInit.getRandom().toByteArray().length != 32) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_RANDOM, "ClientInit has incorrect nonce length");
        }
        List<UkeyProto.Ukey2ClientInit.CipherCommitment> cipherCommitmentsList = ukey2ClientInit.getCipherCommitmentsList();
        if (cipherCommitmentsList.isEmpty()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_HANDSHAKE_CIPHER, "ClientInit is missing cipher commitments");
        }
        for (UkeyProto.Ukey2ClientInit.CipherCommitment cipherCommitment : cipherCommitmentsList) {
            if (!cipherCommitment.hasHandshakeCipher() || !cipherCommitment.hasCommitment()) {
                throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_HANDSHAKE_CIPHER, "ClientInit has improperly formatted cipher commitment");
            }
            if (cipherCommitment.getHandshakeCipher() == this.mHandshakeCipher.getValue()) {
                this.mTheirCommitment = cipherCommitment.getCommitment().toByteArray();
            }
        }
        if (this.mTheirCommitment == null) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_HANDSHAKE_CIPHER, "No acceptable commitments found");
        }
        if (!ukey2ClientInit.hasNextProtocol() || !NEXT_PROTOCOL.equals(ukey2ClientInit.getNextProtocol())) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_NEXT_PROTOCOL, "Incorrect next protocol");
        }
        this.mRawMessage1 = bArr;
    }

    private void parseMessage2(byte[] bArr) {
        UkeyProto.Ukey2Message ukey2Message;
        UkeyProto.Ukey2ServerInit ukey2ServerInit;
        HandshakeCipher handshakeCipher = null;
        try {
            ukey2Message = UkeyProto.Ukey2Message.parseFrom(bArr);
        } catch (InvalidProtocolBufferException e10) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE, "Can't parse message 2 " + e10.getMessage());
            ukey2Message = null;
        }
        if (!ukey2Message.hasMessageType()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE_TYPE, "Expected, but did not find message type");
        }
        if (ukey2Message.getMessageType() == UkeyProto.Ukey2Message.Type.ALERT) {
            this.mHandshakeState = InternalState.HANDSHAKE_ERROR;
            throwHandshakeMessageFromAlertMessage(ukey2Message);
        }
        if (ukey2Message.getMessageType() != UkeyProto.Ukey2Message.Type.SERVER_INIT) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE_TYPE, "Expected, but did not find SERVER_INIT message type");
        }
        if (!ukey2Message.hasMessageData()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE_DATA, "Expected message data, but didn't find it");
        }
        try {
            ukey2ServerInit = UkeyProto.Ukey2ServerInit.parseFrom(ukey2Message.getMessageData());
        } catch (InvalidProtocolBufferException unused) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_MESSAGE_DATA, "Can't parse message data into ServerInit");
            ukey2ServerInit = null;
        }
        if (!ukey2ServerInit.hasVersion()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_VERSION, "ServerInit missing version");
        }
        if (ukey2ServerInit.getVersion() != 1) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_VERSION, "ServerInit version mismatch");
        }
        if (!ukey2ServerInit.hasRandom()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_RANDOM, "ServerInit missing random");
        }
        if (ukey2ServerInit.getRandom().toByteArray().length != 32) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_RANDOM, "ServerInit has incorrect nonce length");
        }
        if (!ukey2ServerInit.hasHandshakeCipher()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_HANDSHAKE_CIPHER, "No handshake cipher found");
        }
        HandshakeCipher[] values = HandshakeCipher.values();
        int length = values.length;
        int i10 = 0;
        while (true) {
            if (i10 >= length) {
                break;
            }
            HandshakeCipher handshakeCipher2 = values[i10];
            if (handshakeCipher2.getValue() == ukey2ServerInit.getHandshakeCipher()) {
                handshakeCipher = handshakeCipher2;
                break;
            }
            i10++;
        }
        if (handshakeCipher == null || handshakeCipher != this.mHandshakeCipher) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_HANDSHAKE_CIPHER, "No acceptable handshake cipher found");
        }
        if (!ukey2ServerInit.hasPublicKey()) {
            throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_PUBLIC_KEY, "No public key found in ServerInit");
        }
        this.mTheirPublicKey = parseP256PublicKey(ukey2ServerInit.getPublicKey().toByteArray());
        this.mRawMessage2 = bArr;
    }

    private void parseMessage3(byte[] bArr) {
        UkeyProto.Ukey2Message ukey2Message;
        UkeyProto.Ukey2ClientFinished ukey2ClientFinished = null;
        try {
            ukey2Message = UkeyProto.Ukey2Message.parseFrom(bArr);
        } catch (InvalidProtocolBufferException e10) {
            throwHandshakeException("Can't parse message 3", e10);
            ukey2Message = null;
        }
        if (!ukey2Message.hasMessageType()) {
            throw new HandshakeException("Expected, but did not find message type");
        }
        if (ukey2Message.getMessageType() == UkeyProto.Ukey2Message.Type.ALERT) {
            throwHandshakeMessageFromAlertMessage(ukey2Message);
        }
        if (ukey2Message.getMessageType() != UkeyProto.Ukey2Message.Type.CLIENT_FINISH) {
            throwHandshakeException("Expected, but did not find CLIENT_FINISH message type");
        }
        verifyCommitment(bArr);
        if (!ukey2Message.hasMessageData()) {
            throwHandshakeException("Expected message data, but didn't find it");
        }
        try {
            ukey2ClientFinished = UkeyProto.Ukey2ClientFinished.parseFrom(ukey2Message.getMessageData());
        } catch (InvalidProtocolBufferException e11) {
            throwHandshakeException(e11);
        }
        if (!ukey2ClientFinished.hasPublicKey()) {
            throwHandshakeException("No public key found in ClientFinished");
        }
        try {
            this.mTheirPublicKey = parseP256PublicKey(ukey2ClientFinished.getPublicKey().toByteArray());
            this.mIvSpec = ukey2ClientFinished.getIvSpec().toByteArray();
        } catch (AlertException e12) {
            throwHandshakeException(e12);
        }
    }

    private PublicKey parseP256PublicKey(byte[] bArr) {
        try {
            return PublicKeyProtoUtil.parsePublicKey(SecureMessageProto.GenericPublicKey.parseFrom(bArr));
        } catch (InvalidProtocolBufferException | InvalidKeySpecException e10) {
            this.throwAlertException(UkeyProto.Ukey2Alert.AlertType.BAD_PUBLIC_KEY, "Cannot parse public key: " + e10.getMessage());
            return null;
        }
    }

    private byte[] sha512(byte[] bArr) {
        try {
            return MessageDigest.getInstance("SHA-512").digest(bArr);
        } catch (NoSuchAlgorithmException e10) {
            this.throwHandshakeException("No security provider initialized yet?", e10);
            return null;
        }
    }

    private void throwAlertException(UkeyProto.Ukey2Alert.AlertType alertType, String str) {
        this.mHandshakeState = InternalState.HANDSHAKE_ERROR;
        throw new AlertException(str, makeAlertMessage(alertType, str));
    }

    private void throwHandshakeException(Exception exc) {
        this.mHandshakeState = InternalState.HANDSHAKE_ERROR;
        throw new HandshakeException(exc);
    }

    private void throwHandshakeException(String str) {
        this.mHandshakeState = InternalState.HANDSHAKE_ERROR;
        throw new HandshakeException(str);
    }

    private void throwHandshakeException(String str, Exception exc) {
        this.mHandshakeState = InternalState.HANDSHAKE_ERROR;
        throw new HandshakeException(str, exc);
    }

    private void throwHandshakeMessageFromAlertMessage(UkeyProto.Ukey2Message ukey2Message) {
        if (ukey2Message.hasMessageData()) {
            UkeyProto.Ukey2Alert ukey2Alert = null;
            try {
                ukey2Alert = UkeyProto.Ukey2Alert.parseFrom(ukey2Message.getMessageData());
            } catch (InvalidProtocolBufferException e10) {
                throwHandshakeException("Cannot parse alert message", e10);
            }
            if (ukey2Alert.hasType() && ukey2Alert.hasErrorMessage()) {
                throwHandshakeException("Received Alert message. Type: " + ukey2Alert.getType() + " Error Message: " + ukey2Alert.getErrorMessage());
            } else if (ukey2Alert.hasType()) {
                throwHandshakeException("Received Alert message. Type: " + ukey2Alert.getType());
            }
        }
        throwHandshakeException("Received empty Alert Message");
    }

    private void throwIllegalArgumentException(String str) {
        this.mHandshakeState = InternalState.HANDSHAKE_ERROR;
        throw new IllegalArgumentException(str);
    }

    private void throwIllegalStateException(String str) {
        this.mHandshakeState = InternalState.HANDSHAKE_ERROR;
        throw new IllegalStateException(str);
    }

    private void verifyCommitment(byte[] bArr) {
        byte[] sha512;
        if (AnonymousClass1.$SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$HandshakeCipher[this.mHandshakeCipher.ordinal()] != 1) {
            throwIllegalStateException("Unexpected handshakeCipher");
            sha512 = null;
        } else {
            sha512 = sha512(bArr);
        }
        if (MessageDigest.isEqual(sha512, this.mTheirCommitment)) {
            return;
        }
        throwHandshakeException("Commitment does not match");
    }

    public State getHandshakeState() {
        switch (AnonymousClass1.$SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[this.mHandshakeState.ordinal()]) {
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
                return State.IN_PROGRESS;
            case 7:
                return State.ERROR;
            case 8:
                return State.VERIFICATION_NEEDED;
            case 9:
                return State.VERIFICATION_IN_PROGRESS;
            case 10:
                return State.FINISHED;
            case 11:
                return State.ALREADY_USED;
            default:
                throwIllegalStateException("Unknown state");
                return null;
        }
    }

    public byte[] getIvSpec() {
        return this.mIvSpec;
    }

    public byte[] getNextHandshakeMessage() {
        int i10 = AnonymousClass1.$SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[this.mHandshakeState.ordinal()];
        if (i10 == 1) {
            byte[] makeUkey2Message = makeUkey2Message(UkeyProto.Ukey2Message.Type.CLIENT_INIT, makeClientInitMessage());
            this.mRawMessage1 = makeUkey2Message;
            this.mHandshakeState = InternalState.CLIENT_WAITING_FOR_SERVER_INIT;
            return makeUkey2Message;
        }
        if (i10 == 3) {
            byte[] makeUkey2Message2 = makeUkey2Message(UkeyProto.Ukey2Message.Type.SERVER_INIT, makeServerInitMessage());
            this.mRawMessage2 = makeUkey2Message2;
            this.mHandshakeState = InternalState.SERVER_WAITING_FOR_CLIENT_FINISHED;
            return makeUkey2Message2;
        }
        if (i10 != 4) {
            throwIllegalStateException("Cannot get next message in state: " + this.mHandshakeState);
            return null;
        }
        if (!this.mRawMessage3Map.containsKey(this.mHandshakeCipher)) {
            throwIllegalStateException("Client state is CLIENT_AFTER_SERVER_INIT, and cipher is " + this.mHandshakeCipher + ", but no corresponding raw client finished message has been generated");
        }
        this.mHandshakeState = InternalState.HANDSHAKE_VERIFICATION_NEEDED;
        return this.mRawMessage3Map.get(this.mHandshakeCipher);
    }

    public byte[] getVerificationString(int i10) {
        byte[] bArr;
        if (i10 < 1 || i10 > 32) {
            throwIllegalArgumentException("Minimum length is 1 byte, max is 32 bytes");
        }
        if (this.mHandshakeState != InternalState.HANDSHAKE_VERIFICATION_NEEDED) {
            throwIllegalStateException("Unexpected state: " + this.mHandshakeState);
        }
        try {
            this.mDerivedSecretKey = EnrollmentCryptoOps.doKeyAgreement(this.mOurKeyPair.getPrivate(), this.mTheirPublicKey);
        } catch (InvalidKeyException e10) {
            throwHandshakeException(e10);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            byteArrayOutputStream.write(this.mRawMessage1);
            byteArrayOutputStream.write(this.mRawMessage2);
        } catch (IOException e11) {
            throwHandshakeException(e11);
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byte[] bArr2 = null;
        try {
            bArr = "UKEY2 v1 auth".getBytes("UTF-8");
        } catch (UnsupportedEncodingException e12) {
            throwHandshakeException(e12);
            bArr = null;
        }
        try {
            bArr2 = CryptoOps.hkdf(this.mDerivedSecretKey, bArr, byteArray);
        } catch (InvalidKeyException | NoSuchAlgorithmException e13) {
            throwHandshakeException(e13);
        }
        this.mHandshakeState = InternalState.HANDSHAKE_VERIFICATION_IN_PROGRESS;
        return Arrays.copyOf(bArr2, i10);
    }

    public void parseHandshakeMessage(byte[] bArr) {
        int i10 = AnonymousClass1.$SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState[this.mHandshakeState.ordinal()];
        if (i10 == 2) {
            parseMessage1(bArr);
            this.mHandshakeState = InternalState.SERVER_AFTER_CLIENT_INIT;
            return;
        }
        if (i10 == 5) {
            parseMessage2(bArr);
            this.mHandshakeState = InternalState.CLIENT_AFTER_SERVER_INIT;
        } else if (i10 == 6) {
            parseMessage3(bArr);
            this.mHandshakeState = InternalState.HANDSHAKE_VERIFICATION_NEEDED;
        } else {
            throwIllegalStateException("Cannot parse message in state " + this.mHandshakeState);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:31:0x0088  */
    /* JADX WARN: Removed duplicated region for block: B:33:0x008d  */
    /* JADX WARN: Removed duplicated region for block: B:36:0x008a  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.google.security.cryptauth.lib.securegcm.D2DConnectionContext toConnectionContext() {
        /*
            r5 = this;
            int[] r0 = com.google.security.cryptauth.lib.securegcm.Ukey2Handshake.AnonymousClass1.$SwitchMap$com$google$security$cryptauth$lib$securegcm$Ukey2Handshake$InternalState
            com.google.security.cryptauth.lib.securegcm.Ukey2Handshake$InternalState r1 = r5.mHandshakeState
            int r1 = r1.ordinal()
            r0 = r0[r1]
            r1 = 7
            r2 = 0
            if (r0 == r1) goto L99
            r1 = 8
            if (r0 == r1) goto L93
            r1 = 10
            if (r0 == r1) goto L26
            r1 = 11
            if (r0 == r1) goto L20
            java.lang.String r0 = "Handshake is not complete; cannot create connection context"
            r5.throwIllegalStateException(r0)
            goto L26
        L20:
            java.lang.String r0 = "Cannot reuse handshake context; is has already been used"
            r5.throwIllegalStateException(r0)
            return r2
        L26:
            javax.crypto.SecretKey r0 = r5.mDerivedSecretKey
            if (r0 != 0) goto L2f
            java.lang.String r0 = "Unexpected state error: derived key is null"
            r5.throwIllegalStateException(r0)
        L2f:
            java.io.ByteArrayOutputStream r0 = new java.io.ByteArrayOutputStream
            r0.<init>()
            byte[] r1 = r5.mRawMessage1     // Catch: java.io.IOException -> L3f
            r0.write(r1)     // Catch: java.io.IOException -> L3f
            byte[] r1 = r5.mRawMessage2     // Catch: java.io.IOException -> L3f
            r0.write(r1)     // Catch: java.io.IOException -> L3f
            goto L43
        L3f:
            r1 = move-exception
            r5.throwHandshakeException(r1)
        L43:
            byte[] r0 = r0.toByteArray()
            java.lang.String r1 = "UKEY2 v1 next"
            java.lang.String r3 = "UTF-8"
            byte[] r1 = r1.getBytes(r3)     // Catch: java.io.UnsupportedEncodingException -> L50
            goto L55
        L50:
            r1 = move-exception
            r5.throwHandshakeException(r1)
            r1 = r2
        L55:
            javax.crypto.spec.SecretKeySpec r3 = new javax.crypto.spec.SecretKeySpec     // Catch: java.lang.Throwable -> L63
            javax.crypto.SecretKey r4 = r5.mDerivedSecretKey     // Catch: java.lang.Throwable -> L63
            byte[] r0 = com.google.security.cryptauth.lib.securemessage.CryptoOps.hkdf(r4, r1, r0)     // Catch: java.lang.Throwable -> L63
            java.lang.String r1 = "AES"
            r3.<init>(r0, r1)     // Catch: java.lang.Throwable -> L63
            goto L68
        L63:
            r0 = move-exception
            r5.throwHandshakeException(r0)
            r3 = r2
        L68:
            java.lang.String r0 = "client"
            javax.crypto.SecretKey r0 = com.google.security.cryptauth.lib.securegcm.D2DCryptoOps.deriveNewKeyForPurpose(r3, r0)     // Catch: java.lang.Throwable -> L77
            java.lang.String r1 = "server"
            javax.crypto.SecretKey r2 = com.google.security.cryptauth.lib.securegcm.D2DCryptoOps.deriveNewKeyForPurpose(r3, r1)     // Catch: java.lang.Throwable -> L75
            goto L7c
        L75:
            r1 = move-exception
            goto L79
        L77:
            r1 = move-exception
            r0 = r2
        L79:
            r5.throwHandshakeException(r1)
        L7c:
            com.google.security.cryptauth.lib.securegcm.Ukey2Handshake$InternalState r1 = com.google.security.cryptauth.lib.securegcm.Ukey2Handshake.InternalState.HANDSHAKE_ALREADY_USED
            r5.mHandshakeState = r1
            com.google.security.cryptauth.lib.securegcm.D2DConnectionContextV1 r1 = new com.google.security.cryptauth.lib.securegcm.D2DConnectionContextV1
            com.google.security.cryptauth.lib.securegcm.Ukey2Handshake$HandshakeRole r5 = r5.mHandshakeRole
            com.google.security.cryptauth.lib.securegcm.Ukey2Handshake$HandshakeRole r3 = com.google.security.cryptauth.lib.securegcm.Ukey2Handshake.HandshakeRole.CLIENT
            if (r5 != r3) goto L8a
            r4 = r0
            goto L8b
        L8a:
            r4 = r2
        L8b:
            if (r5 != r3) goto L8e
            r0 = r2
        L8e:
            r5 = 0
            r1.<init>(r4, r0, r5, r5)
            return r1
        L93:
            java.lang.String r0 = "Handshake not verified, cannot create context"
            r5.throwIllegalStateException(r0)
            return r2
        L99:
            java.lang.String r0 = "Cannot make context; handshake had error"
            r5.throwIllegalStateException(r0)
            return r2
        */
        throw new UnsupportedOperationException("Method not decompiled: com.google.security.cryptauth.lib.securegcm.Ukey2Handshake.toConnectionContext():com.google.security.cryptauth.lib.securegcm.D2DConnectionContext");
    }

    public void verifyHandshake() {
        if (this.mHandshakeState != InternalState.HANDSHAKE_VERIFICATION_IN_PROGRESS) {
            throwIllegalStateException("Unexpected state: " + this.mHandshakeState);
        }
        this.mHandshakeState = InternalState.HANDSHAKE_FINISHED;
    }
}
