package com.virgilsecurity.keyknox.crypto;

import com.virgilsecurity.crypto.foundation.Aes256Gcm;
import com.virgilsecurity.crypto.foundation.RecipientCipher;
import com.virgilsecurity.keyknox.exception.SignatureVerificationException;
import com.virgilsecurity.keyknox.exception.SignerNotFoundException;
import com.virgilsecurity.keyknox.model.DecryptedKeyknoxValue;
import com.virgilsecurity.keyknox.model.EncryptedKeyknoxValue;
import com.virgilsecurity.keyknox.utils.ValidationKt;
import com.virgilsecurity.sdk.crypto.VirgilCrypto;
import com.virgilsecurity.sdk.crypto.VirgilPrivateKey;
import com.virgilsecurity.sdk.crypto.VirgilPublicKey;
import com.virgilsecurity.sdk.crypto.exceptions.CryptoException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.collections.ArraysKt___ArraysJvmKt;
import kotlin.jdk7.AutoCloseableKt;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;

/* compiled from: KeyknoxCrypto.kt */
@Metadata(bv = {}, d1 = {"\u00008\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\u0018\u00002\u00020\u0001B\u000f\u0012\u0006\u0010\u0010\u001a\u00020\u000f¢\u0006\u0004\b\u0011\u0010\u0012B\t\b\u0016¢\u0006\u0004\b\u0011\u0010\u0013J2\u0010\n\u001a\u000e\u0012\u0004\u0012\u00020\u0002\u0012\u0004\u0012\u00020\u00020\t2\u0006\u0010\u0003\u001a\u00020\u00022\u0006\u0010\u0005\u001a\u00020\u00042\f\u0010\b\u001a\b\u0012\u0004\u0012\u00020\u00070\u0006H\u0016J&\u0010\u000e\u001a\u00020\r2\u0006\u0010\f\u001a\u00020\u000b2\u0006\u0010\u0005\u001a\u00020\u00042\f\u0010\b\u001a\b\u0012\u0004\u0012\u00020\u00070\u0006H\u0016¨\u0006\u0014"}, d2 = {"Lcom/virgilsecurity/keyknox/crypto/KeyknoxCrypto;", "Lcom/virgilsecurity/keyknox/crypto/KeyknoxCryptoProtocol;", "", "data", "Lcom/virgilsecurity/sdk/crypto/VirgilPrivateKey;", "privateKey", "", "Lcom/virgilsecurity/sdk/crypto/VirgilPublicKey;", "publicKeys", "Lkotlin/Pair;", "encrypt", "Lcom/virgilsecurity/keyknox/model/EncryptedKeyknoxValue;", "encryptedKeyknoxValue", "Lcom/virgilsecurity/keyknox/model/DecryptedKeyknoxValue;", "decrypt", "Lcom/virgilsecurity/sdk/crypto/VirgilCrypto;", "crypto", "<init>", "(Lcom/virgilsecurity/sdk/crypto/VirgilCrypto;)V", "()V", "sdk"}, k = 1, mv = {1, 4, 0})
/* loaded from: classes7.dex */
public final class KeyknoxCrypto implements KeyknoxCryptoProtocol {
    public final VirgilCrypto crypto;

    public KeyknoxCrypto() {
        this(new VirgilCrypto());
    }

    public KeyknoxCrypto(@NotNull VirgilCrypto crypto) {
        Intrinsics.checkParameterIsNotNull(crypto, "crypto");
        this.crypto = crypto;
    }

    @Override // com.virgilsecurity.keyknox.crypto.KeyknoxCryptoProtocol
    @NotNull
    public DecryptedKeyknoxValue decrypt(@NotNull EncryptedKeyknoxValue encryptedKeyknoxValue, @NotNull VirgilPrivateKey privateKey, @NotNull List<? extends VirgilPublicKey> publicKeys) throws CryptoException, IllegalArgumentException {
        Object obj;
        Intrinsics.checkParameterIsNotNull(encryptedKeyknoxValue, "encryptedKeyknoxValue");
        Intrinsics.checkParameterIsNotNull(privateKey, "privateKey");
        Intrinsics.checkParameterIsNotNull(publicKeys, "publicKeys");
        ValidationKt.requires(!publicKeys.isEmpty(), "privateKey");
        if (encryptedKeyknoxValue.getMeta().length == 0) {
            if (encryptedKeyknoxValue.getValue().length == 0) {
                return new DecryptedKeyknoxValue(encryptedKeyknoxValue.getRoot(), encryptedKeyknoxValue.getPath(), encryptedKeyknoxValue.getKey(), encryptedKeyknoxValue.getOwner(), encryptedKeyknoxValue.getIdentities(), new byte[0], new byte[0], encryptedKeyknoxValue.getVersion(), encryptedKeyknoxValue.getKeyknoxHash());
            }
        }
        byte[] meta = encryptedKeyknoxValue.getMeta();
        byte[] value = encryptedKeyknoxValue.getValue();
        RecipientCipher recipientCipher = new RecipientCipher();
        try {
            recipientCipher.startDecryptionWithKey(privateKey.getIdentifier(), privateKey.getPrivateKey(), new byte[0]);
            try {
                byte[] process = recipientCipher.processDecryption(ArraysKt___ArraysJvmKt.plus(meta, value));
                byte[] finish = recipientCipher.finishDecryption();
                Intrinsics.checkExpressionValueIsNotNull(process, "process");
                Intrinsics.checkExpressionValueIsNotNull(finish, "finish");
                byte[] plus = ArraysKt___ArraysJvmKt.plus(process, finish);
                byte[] findData = recipientCipher.customParams().findData(VirgilCrypto.CUSTOM_PARAM_SIGNER_ID);
                Iterator<T> it = publicKeys.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        obj = null;
                        break;
                    }
                    obj = it.next();
                    if (Arrays.equals(((VirgilPublicKey) obj).getIdentifier(), findData)) {
                        break;
                    }
                }
                VirgilPublicKey virgilPublicKey = (VirgilPublicKey) obj;
                if (virgilPublicKey == null) {
                    throw new SignerNotFoundException("Signer's Public key not found");
                }
                if (!this.crypto.verifySignature(recipientCipher.customParams().findData(VirgilCrypto.CUSTOM_PARAM_SIGNATURE), plus, virgilPublicKey)) {
                    throw new SignatureVerificationException(null, 1, null);
                }
                AutoCloseableKt.closeFinally(recipientCipher, null);
                return new DecryptedKeyknoxValue(encryptedKeyknoxValue.getRoot(), encryptedKeyknoxValue.getPath(), encryptedKeyknoxValue.getKey(), encryptedKeyknoxValue.getOwner(), encryptedKeyknoxValue.getIdentities(), meta, plus, encryptedKeyknoxValue.getVersion(), encryptedKeyknoxValue.getKeyknoxHash());
            } catch (Throwable th) {
                th = th;
                Throwable th2 = th;
                try {
                    throw th2;
                } catch (Throwable th3) {
                    AutoCloseableKt.closeFinally(recipientCipher, th2);
                    throw th3;
                }
            }
        } catch (Throwable th4) {
            th = th4;
        }
    }

    @Override // com.virgilsecurity.keyknox.crypto.KeyknoxCryptoProtocol
    @NotNull
    public Pair<byte[], byte[]> encrypt(@NotNull byte[] data, @NotNull VirgilPrivateKey privateKey, @NotNull List<? extends VirgilPublicKey> publicKeys) throws CryptoException, IllegalArgumentException {
        Intrinsics.checkParameterIsNotNull(data, "data");
        Intrinsics.checkParameterIsNotNull(privateKey, "privateKey");
        Intrinsics.checkParameterIsNotNull(publicKeys, "publicKeys");
        ValidationKt.requires(!(data.length == 0), "data");
        ValidationKt.requires(!publicKeys.isEmpty(), "privateKey");
        byte[] generateSignature = this.crypto.generateSignature(data, privateKey);
        Aes256Gcm aes256Gcm = new Aes256Gcm();
        try {
            RecipientCipher recipientCipher = new RecipientCipher();
            try {
                recipientCipher.setEncryptionCipher(aes256Gcm);
                recipientCipher.setRandom(this.crypto.getRng());
                for (VirgilPublicKey virgilPublicKey : publicKeys) {
                    recipientCipher.addKeyRecipient(virgilPublicKey.getIdentifier(), virgilPublicKey.getPublicKey());
                }
                recipientCipher.customParams().addData(VirgilCrypto.CUSTOM_PARAM_SIGNER_ID, privateKey.getIdentifier());
                recipientCipher.customParams().addData(VirgilCrypto.CUSTOM_PARAM_SIGNATURE, generateSignature);
                recipientCipher.startEncryption();
                byte[] packMessageInfo = recipientCipher.packMessageInfo();
                byte[] processEncryption = recipientCipher.processEncryption(data);
                byte[] finishEncryption = recipientCipher.finishEncryption();
                Intrinsics.checkExpressionValueIsNotNull(finishEncryption, "cipher.finishEncryption()");
                Pair<byte[], byte[]> pair = new Pair<>(packMessageInfo, ArraysKt___ArraysJvmKt.plus(processEncryption, finishEncryption));
                AutoCloseableKt.closeFinally(recipientCipher, null);
                AutoCloseableKt.closeFinally(aes256Gcm, null);
                return pair;
            } finally {
            }
        } finally {
        }
    }
}
