package com.diasemi.blemeshlib.security;

import com.diasemi.blemeshlib.MeshUtils;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.security.SecureRandom;
import java.security.Security;
import java.util.Arrays;
import java.util.UUID;
import org.spongycastle.crypto.InvalidCipherTextException;
import org.spongycastle.crypto.engines.AESEngine;
import org.spongycastle.crypto.macs.CMac;
import org.spongycastle.crypto.modes.CCMBlockCipher;
import org.spongycastle.crypto.params.AEADParameters;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class MeshSecurity {
    public static final byte[] ID128;
    public static final byte[] ID6;
    public static final byte[] ID64;
    public static final byte[] NKBK;
    public static final byte[] NKBK_SALT;
    public static final byte[] NKIK;
    public static final byte[] NKIK_SALT;
    public static final byte[] PRCK;
    public static final byte[] PRDK;
    public static final byte[] PRSK;
    public static final byte[] PRSN;
    public static final byte[] S1_KEY;
    public static final byte[] SMK2;
    public static final byte[] SMK2_SALT;
    public static final byte[] SMK3;
    public static final byte[] SMK3_SALT;
    public static final byte[] SMK4;
    public static final byte[] SMK4_SALT;
    public static final byte[] VTAD;
    public static final byte[] VTAD_SALT;

    /* loaded from: classes.dex */
    public static class SecurityMaterial {
        public int id;
        public byte[] encryptionKey = new byte[16];
        public byte[] privacyKey = new byte[16];
    }

    static {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.insertProviderAt(new BouncyCastleProvider(), 1);
        }
        S1_KEY = new byte[16];
        SMK2 = "smk2".getBytes(Charset.forName("US-ASCII"));
        SMK2_SALT = s1(SMK2);
        SMK3 = "smk3".getBytes(Charset.forName("US-ASCII"));
        SMK3_SALT = s1(SMK3);
        SMK4 = "smk4".getBytes(Charset.forName("US-ASCII"));
        SMK4_SALT = s1(SMK4);
        NKIK = "nkik".getBytes(Charset.forName("US-ASCII"));
        NKIK_SALT = s1(NKIK);
        NKBK = "nkbk".getBytes(Charset.forName("US-ASCII"));
        NKBK_SALT = s1(NKBK);
        VTAD = "vtad".getBytes(Charset.forName("US-ASCII"));
        VTAD_SALT = s1(VTAD);
        ID6 = "id6".getBytes(Charset.forName("US-ASCII"));
        ID64 = "id64".getBytes(Charset.forName("US-ASCII"));
        ID128 = "id128".getBytes(Charset.forName("US-ASCII"));
        PRDK = "prdk".getBytes(Charset.forName("US-ASCII"));
        PRCK = "prck".getBytes(Charset.forName("US-ASCII"));
        PRSK = "prsk".getBytes(Charset.forName("US-ASCII"));
        PRSN = "prsn".getBytes(Charset.forName("US-ASCII"));
    }

    public static byte[] aesCMAC(byte[] bArr, byte[] bArr2) {
        CMac cMac = new CMac(new AESEngine());
        cMac.init(new KeyParameter(bArr));
        cMac.update(bArr2, 0, bArr2.length);
        byte[] bArr3 = new byte[16];
        cMac.doFinal(bArr3, 0);
        return bArr3;
    }

    public static byte[] aesDecryptCCM(byte[] bArr, byte[] bArr2, byte[] bArr3, boolean z, byte[] bArr4) {
        CCMBlockCipher cCMBlockCipher = new CCMBlockCipher(new AESEngine());
        cCMBlockCipher.init(false, new AEADParameters(new KeyParameter(bArr), z ? 64 : 32, bArr2, bArr4));
        byte[] bArr5 = new byte[bArr3.length - (z ? 8 : 4)];
        try {
            cCMBlockCipher.processPacket(bArr3, 0, bArr3.length, bArr5, 0);
            return bArr5;
        } catch (InvalidCipherTextException unused) {
            return null;
        }
    }

    public static byte[] aesEncrypt(byte[] bArr, byte[] bArr2) {
        AESEngine aESEngine = new AESEngine();
        aESEngine.init(true, new KeyParameter(bArr));
        byte[] bArr3 = new byte[bArr2.length];
        aESEngine.processBlock(bArr2, 0, bArr3, 0);
        return bArr3;
    }

    public static byte[] aesEncryptCCM(byte[] bArr, byte[] bArr2, byte[] bArr3, boolean z, byte[] bArr4) {
        CCMBlockCipher cCMBlockCipher = new CCMBlockCipher(new AESEngine());
        cCMBlockCipher.init(true, new AEADParameters(new KeyParameter(bArr), z ? 64 : 32, bArr2, bArr4));
        byte[] bArr5 = new byte[bArr3.length + (z ? 8 : 4)];
        try {
            cCMBlockCipher.processPacket(bArr3, 0, bArr3.length, bArr5, 0);
            return bArr5;
        } catch (InvalidCipherTextException unused) {
            return null;
        }
    }

    public static boolean checkNodeIdentity(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        ByteBuffer allocate = ByteBuffer.allocate(16);
        allocate.position(6);
        allocate.put(bArr3).put(bArr4);
        return Arrays.equals(bArr2, Arrays.copyOfRange(aesEncrypt(bArr, allocate.array()), 8, 16));
    }

    public static byte[] generateBeaconKey(byte[] bArr) {
        ByteBuffer allocate = ByteBuffer.allocate(ID128.length + 1);
        allocate.put(ID128).put((byte) 1);
        return k1(bArr, NKBK_SALT, allocate.array());
    }

    public static byte[] generateIdentityKey(byte[] bArr) {
        ByteBuffer allocate = ByteBuffer.allocate(ID128.length + 1);
        allocate.put(ID128).put((byte) 1);
        return k1(bArr, NKIK_SALT, allocate.array());
    }

    public static byte[] generateKey() {
        return generateRandomNumber(16);
    }

    public static SecurityMaterial generateMasterSecurityMaterial(byte[] bArr) {
        SecurityMaterial securityMaterial = new SecurityMaterial();
        byte[] k2 = k2(bArr, new byte[]{0});
        securityMaterial.id = k2[0];
        System.arraycopy(k2, 1, securityMaterial.encryptionKey, 0, 16);
        System.arraycopy(k2, 17, securityMaterial.privacyKey, 0, 16);
        return securityMaterial;
    }

    public static byte[] generateRandomNumber(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    public static byte[] k1(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return aesCMAC(aesCMAC(bArr2, bArr), bArr3);
    }

    public static byte[] k2(byte[] bArr, byte[] bArr2) {
        byte[] aesCMAC = aesCMAC(SMK2_SALT, bArr);
        ByteBuffer allocate = ByteBuffer.allocate(bArr2.length + 1);
        allocate.put(bArr2).put((byte) 1);
        byte[] aesCMAC2 = aesCMAC(aesCMAC, allocate.array());
        ByteBuffer allocate2 = ByteBuffer.allocate(aesCMAC2.length + bArr2.length + 1);
        allocate2.put(aesCMAC2).put(bArr2).put((byte) 2);
        byte[] aesCMAC3 = aesCMAC(aesCMAC, allocate2.array());
        ByteBuffer allocate3 = ByteBuffer.allocate(aesCMAC3.length + bArr2.length + 1);
        allocate3.put(aesCMAC3).put(bArr2).put((byte) 3);
        byte[] aesCMAC4 = aesCMAC(aesCMAC, allocate3.array());
        ByteBuffer allocate4 = ByteBuffer.allocate(33);
        allocate4.put((byte) (aesCMAC2[15] & Byte.MAX_VALUE)).put(aesCMAC3).put(aesCMAC4);
        return allocate4.array();
    }

    public static byte[] k3(byte[] bArr) {
        ByteBuffer allocate = ByteBuffer.allocate(ID64.length + 1);
        allocate.put(ID64).put((byte) 1);
        return Arrays.copyOfRange(aesCMAC(aesCMAC(SMK3_SALT, bArr), allocate.array()), 8, 16);
    }

    public static int k4(byte[] bArr) {
        ByteBuffer allocate = ByteBuffer.allocate(ID6.length + 1);
        allocate.put(ID6).put((byte) 1);
        return aesCMAC(aesCMAC(SMK4_SALT, bArr), allocate.array())[15] & 63;
    }

    public static byte[] s1(byte[] bArr) {
        return aesCMAC(S1_KEY, bArr);
    }

    public static boolean verifyNetworkBeacon(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return Arrays.equals(bArr3, Arrays.copyOfRange(aesCMAC(bArr, bArr2), 0, 8));
    }

    public static int virtualAddressHash(UUID uuid) {
        return virtualAddressHash(MeshUtils.uuidBytes(uuid));
    }

    public static int virtualAddressHash(byte[] bArr) {
        byte[] aesCMAC = aesCMAC(VTAD_SALT, bArr);
        return (aesCMAC[15] & 255) | ((aesCMAC[14] & 63) << 8) | 32768;
    }
}
