package com.amazon.whisperjoin.provisionerSDK.devices.security;

import com.amazon.whisperbridge.constants.Command;
import com.amazon.whispercloak.SecureChannel;
import com.amazon.whisperjoin.common.sharedtypes.cryptography.AesGcmEncryptionProvider;
import com.amazon.whisperjoin.common.sharedtypes.cryptography.AuthenticatedEcdheKeyExchangeRequest;
import com.amazon.whisperjoin.common.sharedtypes.cryptography.EncryptionProvider;
import com.amazon.whisperjoin.common.sharedtypes.cryptography.UnauthenticatedEcdheKeyExchangeRequest;
import com.amazon.whisperjoin.common.sharedtypes.devices.WhisperJoinPeripheralDeviceDetails;
import com.amazon.whisperjoin.common.sharedtypes.devices.interfaces.PeripheralDevice;
import com.amazon.whisperjoin.common.sharedtypes.exceptions.TrustProviderInitializationFailedException;
import com.amazon.whisperjoin.common.sharedtypes.utility.Serializer;
import com.amazon.whisperjoin.common.sharedtypes.utility.WJLog;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.DSSClient;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.data.FinalizeEcdheAuthenticationSessionRequest;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.data.FinalizeEcdheAuthenticationSessionResponse;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.data.StartEcdheAuthenticationSessionRequest;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.data.StartEcdheAuthenticationSessionResponse;
import java.util.concurrent.ExecutionException;
import org.bouncycastle.util.encoders.Base64;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes13.dex */
public class BaseEcdheTrustNegotiator {
    private static final String TAG = "BaseEcdheTrustNegotiator";
    private final DSSClient mDSSClient;
    private final Serializer mSerializer;

    /* JADX INFO: Access modifiers changed from: package-private */
    public BaseEcdheTrustNegotiator(DSSClient dSSClient, Serializer serializer) {
        if (dSSClient == null) {
            throw new IllegalArgumentException("DSSClient can not be null");
        }
        if (serializer == null) {
            throw new IllegalArgumentException("Serializer can not be null");
        }
        this.mDSSClient = dSSClient;
        this.mSerializer = serializer;
    }

    private static byte[] convertPEMtoDER(String str) {
        String[] split = str.split("\n");
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < split.length; i++) {
            if (i != 0 && i != split.length - 1) {
                sb.append(split[i]);
            }
        }
        return Base64.decode(sb.toString());
    }

    private byte[] getPayloadForCommand(Command command, byte[] bArr, byte[] bArr2) {
        if (Command.EXCHANGE_ECDHE_KEY.equals(command)) {
            return this.mSerializer.serialize(new UnauthenticatedEcdheKeyExchangeRequest(bArr, bArr2));
        }
        if (Command.EXCHANGE_AUTHENTICATED_ECDHE_KEY.equals(command)) {
            return this.mSerializer.serialize(new AuthenticatedEcdheKeyExchangeRequest(bArr, bArr2));
        }
        throw new RuntimeException("Unsupported Command : " + command.name());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptionProvider start(PeripheralDevice peripheralDevice, SecureChannel secureChannel, Command command) throws TrustProviderInitializationFailedException {
        if (peripheralDevice == null) {
            throw new IllegalArgumentException("PeripheralDevice can not be null");
        }
        WhisperJoinPeripheralDeviceDetails peripheralDeviceDetails = peripheralDevice.getPeripheralDeviceDetails();
        try {
            StartEcdheAuthenticationSessionResponse blockingGet = this.mDSSClient.startEcdheAuthenticationSession(new StartEcdheAuthenticationSessionRequest.Builder().setNonce(peripheralDeviceDetails.getClientNonce()).setProductIndex(peripheralDeviceDetails.getProductIndex()).setAuthMaterialIndex(peripheralDeviceDetails.getDeviceIdentity()).setSoftwareVersionIndex(peripheralDeviceDetails.getSoftwareVersion()).createRequest()).blockingGet();
            String str = TAG;
            WJLog.d(str, "Handling response from DSS - Start Auth Session.");
            byte[] convertPEMtoDER = convertPEMtoDER(blockingGet.getProvisionerEcdhePublicKeyPemEncoded());
            byte[] decode = Base64.decode(blockingGet.getEcdsaSignatureBase64Encoded());
            WJLog.d(str, "Exchanging Keys with Provisionable");
            byte[] executeCommand = peripheralDevice.executeCommand(command, getPayloadForCommand(command, convertPEMtoDER, decode));
            WJLog.d(str, "Finalize Auth Session via DSS");
            FinalizeEcdheAuthenticationSessionResponse blockingGet2 = this.mDSSClient.finalizeEcdheAuthenticationSession(new FinalizeEcdheAuthenticationSessionRequest(blockingGet.getContinuationToken(), executeCommand)).blockingGet();
            WJLog.d(str, "Auth Session Finalized. Creating encryption provider with new shared secret.");
            return new AesGcmEncryptionProvider(secureChannel.getCipher(), blockingGet2.getSessionKeyDEREncoded(), this.mSerializer);
        } catch (InterruptedException e2) {
            WJLog.e(TAG, "Interrupted Exception Occurred", e2);
            throw new TrustProviderInitializationFailedException(e2);
        } catch (RuntimeException e3) {
            WJLog.e(TAG, "RuntimeException Occurred", e3);
            if (e3.getCause() != null) {
                throw new TrustProviderInitializationFailedException(e3.getCause());
            }
            throw new TrustProviderInitializationFailedException(e3);
        } catch (ExecutionException e4) {
            WJLog.e(TAG, "Execution Exception Occurred", e4);
            throw new TrustProviderInitializationFailedException(e4);
        } catch (Exception e5) {
            WJLog.e(TAG, "An exception occurred", e5);
            throw new TrustProviderInitializationFailedException(e5);
        }
    }
}
