package org.whispersystems.signalservice.api.crypto;

import com.google.protobuf.InvalidProtocolBufferException;
import java.util.UUID;
import org.signal.libsignal.metadata.InvalidMetadataMessageException;
import org.signal.libsignal.metadata.InvalidMetadataVersionException;
import org.signal.libsignal.metadata.ProtocolDuplicateMessageException;
import org.signal.libsignal.metadata.ProtocolInvalidKeyException;
import org.signal.libsignal.metadata.ProtocolInvalidKeyIdException;
import org.signal.libsignal.metadata.ProtocolInvalidMessageException;
import org.signal.libsignal.metadata.ProtocolInvalidVersionException;
import org.signal.libsignal.metadata.ProtocolLegacyMessageException;
import org.signal.libsignal.metadata.ProtocolNoSessionException;
import org.signal.libsignal.metadata.ProtocolUntrustedIdentityException;
import org.signal.libsignal.metadata.SealedSessionCipher;
import org.signal.libsignal.metadata.SelfSendException;
import org.signal.libsignal.metadata.certificate.CertificateValidator;
import org.whispersystems.libsignal.DuplicateMessageException;
import org.whispersystems.libsignal.InvalidKeyException;
import org.whispersystems.libsignal.InvalidKeyIdException;
import org.whispersystems.libsignal.InvalidMessageException;
import org.whispersystems.libsignal.InvalidVersionException;
import org.whispersystems.libsignal.LegacyMessageException;
import org.whispersystems.libsignal.NoSessionException;
import org.whispersystems.libsignal.SessionCipher;
import org.whispersystems.libsignal.SignalProtocolAddress;
import org.whispersystems.libsignal.protocol.CiphertextMessage;
import org.whispersystems.libsignal.protocol.PreKeySignalMessage;
import org.whispersystems.libsignal.protocol.SignalMessage;
import org.whispersystems.libsignal.state.SignalProtocolStore;
import org.whispersystems.libsignal.util.guava.Optional;
import org.whispersystems.signalservice.api.messages.SignalServiceContent;
import org.whispersystems.signalservice.api.messages.SignalServiceEnvelope;
import org.whispersystems.signalservice.api.messages.SignalServiceMetadata;
import org.whispersystems.signalservice.api.push.SignalServiceAddress;
import org.whispersystems.signalservice.api.util.UuidUtil;
import org.whispersystems.signalservice.internal.push.OutgoingPushMessage;
import org.whispersystems.signalservice.internal.push.PushTransportDetails;
import org.whispersystems.signalservice.internal.push.SignalServiceProtos;
import org.whispersystems.signalservice.internal.push.UnsupportedDataMessageException;
import org.whispersystems.signalservice.internal.serialize.SignalServiceAddressProtobufSerializer;
import org.whispersystems.signalservice.internal.serialize.SignalServiceMetadataProtobufSerializer;
import org.whispersystems.signalservice.internal.serialize.protos.SignalServiceContentProto;
import org.whispersystems.util.Base64;

/* loaded from: input_file:org/whispersystems/signalservice/api/crypto/SignalServiceCipher.class */
public class SignalServiceCipher {
    private static final String TAG = SignalServiceCipher.class.getSimpleName();
    private final SignalProtocolStore signalProtocolStore;
    private final SignalServiceAddress localAddress;
    private final CertificateValidator certificateValidator;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/whispersystems/signalservice/api/crypto/SignalServiceCipher$Plaintext.class */
    public static class Plaintext {
        private final SignalServiceMetadata metadata;
        private final byte[] data;

        private Plaintext(SignalServiceMetadata signalServiceMetadata, byte[] bArr) {
            this.metadata = signalServiceMetadata;
            this.data = bArr;
        }

        public SignalServiceMetadata getMetadata() {
            return this.metadata;
        }

        public byte[] getData() {
            return this.data;
        }
    }

    public SignalServiceCipher(SignalServiceAddress signalServiceAddress, SignalProtocolStore signalProtocolStore, CertificateValidator certificateValidator) {
        this.signalProtocolStore = signalProtocolStore;
        this.localAddress = signalServiceAddress;
        this.certificateValidator = certificateValidator;
    }

    public OutgoingPushMessage encrypt(SignalProtocolAddress signalProtocolAddress, Optional<UnidentifiedAccess> optional, byte[] bArr) throws org.whispersystems.libsignal.UntrustedIdentityException, InvalidKeyException {
        int i;
        if (optional.isPresent()) {
            SealedSessionCipher sealedSessionCipher = new SealedSessionCipher(this.signalProtocolStore, (UUID) this.localAddress.getUuid().orNull(), (String) this.localAddress.getNumber().orNull(), 1);
            return new OutgoingPushMessage(6, signalProtocolAddress.getDeviceId(), sealedSessionCipher.getRemoteRegistrationId(signalProtocolAddress), Base64.encodeBytes(sealedSessionCipher.encrypt(signalProtocolAddress, ((UnidentifiedAccess) optional.get()).getUnidentifiedCertificate(), new PushTransportDetails(sealedSessionCipher.getSessionVersion(signalProtocolAddress)).getPaddedMessageBody(bArr))));
        }
        SessionCipher sessionCipher = new SessionCipher(this.signalProtocolStore, signalProtocolAddress);
        CiphertextMessage encrypt = sessionCipher.encrypt(new PushTransportDetails(sessionCipher.getSessionVersion()).getPaddedMessageBody(bArr));
        int remoteRegistrationId = sessionCipher.getRemoteRegistrationId();
        String encodeBytes = Base64.encodeBytes(encrypt.serialize());
        switch (encrypt.getType()) {
            case 2:
                i = 1;
                break;
            case 3:
                i = 3;
                break;
            default:
                throw new AssertionError("Bad type: " + encrypt.getType());
        }
        return new OutgoingPushMessage(i, signalProtocolAddress.getDeviceId(), remoteRegistrationId, encodeBytes);
    }

    public SignalServiceContent decrypt(SignalServiceEnvelope signalServiceEnvelope) throws InvalidMetadataMessageException, InvalidMetadataVersionException, ProtocolInvalidKeyIdException, ProtocolLegacyMessageException, ProtocolUntrustedIdentityException, ProtocolNoSessionException, ProtocolInvalidVersionException, ProtocolInvalidMessageException, ProtocolInvalidKeyException, ProtocolDuplicateMessageException, SelfSendException, UnsupportedDataMessageException {
        try {
            if (signalServiceEnvelope.hasLegacyMessage()) {
                Plaintext decrypt = decrypt(signalServiceEnvelope, signalServiceEnvelope.getLegacyMessage());
                return SignalServiceContent.createFromProto((SignalServiceContentProto) SignalServiceContentProto.newBuilder().setLocalAddress(SignalServiceAddressProtobufSerializer.toProtobuf(this.localAddress)).setMetadata(SignalServiceMetadataProtobufSerializer.toProtobuf(decrypt.metadata)).setLegacyDataMessage(SignalServiceProtos.DataMessage.parseFrom(decrypt.getData())).build());
            }
            if (!signalServiceEnvelope.hasContent()) {
                return null;
            }
            Plaintext decrypt2 = decrypt(signalServiceEnvelope, signalServiceEnvelope.getContent());
            return SignalServiceContent.createFromProto((SignalServiceContentProto) SignalServiceContentProto.newBuilder().setLocalAddress(SignalServiceAddressProtobufSerializer.toProtobuf(this.localAddress)).setMetadata(SignalServiceMetadataProtobufSerializer.toProtobuf(decrypt2.metadata)).setContent(SignalServiceProtos.Content.parseFrom(decrypt2.getData())).build());
        } catch (InvalidProtocolBufferException e) {
            throw new InvalidMetadataMessageException(e);
        }
    }

    private Plaintext decrypt(SignalServiceEnvelope signalServiceEnvelope, byte[] bArr) throws InvalidMetadataMessageException, InvalidMetadataVersionException, ProtocolDuplicateMessageException, ProtocolUntrustedIdentityException, ProtocolLegacyMessageException, ProtocolInvalidKeyException, ProtocolInvalidVersionException, ProtocolInvalidMessageException, ProtocolInvalidKeyIdException, ProtocolNoSessionException, SelfSendException {
        byte[] paddedMessage;
        SignalServiceMetadata signalServiceMetadata;
        int sessionVersion;
        try {
            if (!signalServiceEnvelope.hasSource() && !signalServiceEnvelope.isUnidentifiedSender()) {
                throw new ProtocolInvalidMessageException(new InvalidMessageException("Non-UD envelope is missing a source!"), (String) null, 0);
            }
            if (signalServiceEnvelope.isPreKeySignalMessage()) {
                SessionCipher sessionCipher = new SessionCipher(this.signalProtocolStore, getPreferredProtocolAddress(this.signalProtocolStore, signalServiceEnvelope.getSourceAddress(), signalServiceEnvelope.getSourceDevice()));
                paddedMessage = sessionCipher.decrypt(new PreKeySignalMessage(bArr));
                signalServiceMetadata = new SignalServiceMetadata(signalServiceEnvelope.getSourceAddress(), signalServiceEnvelope.getSourceDevice(), signalServiceEnvelope.getTimestamp(), false);
                sessionVersion = sessionCipher.getSessionVersion();
            } else if (signalServiceEnvelope.isSignalMessage()) {
                SessionCipher sessionCipher2 = new SessionCipher(this.signalProtocolStore, getPreferredProtocolAddress(this.signalProtocolStore, signalServiceEnvelope.getSourceAddress(), signalServiceEnvelope.getSourceDevice()));
                paddedMessage = sessionCipher2.decrypt(new SignalMessage(bArr));
                signalServiceMetadata = new SignalServiceMetadata(signalServiceEnvelope.getSourceAddress(), signalServiceEnvelope.getSourceDevice(), signalServiceEnvelope.getTimestamp(), false);
                sessionVersion = sessionCipher2.getSessionVersion();
            } else {
                if (!signalServiceEnvelope.isUnidentifiedSender()) {
                    throw new InvalidMetadataMessageException("Unknown type: " + signalServiceEnvelope.getType());
                }
                SealedSessionCipher sealedSessionCipher = new SealedSessionCipher(this.signalProtocolStore, (UUID) this.localAddress.getUuid().orNull(), (String) this.localAddress.getNumber().orNull(), 1);
                SealedSessionCipher.DecryptionResult decrypt = sealedSessionCipher.decrypt(this.certificateValidator, bArr, signalServiceEnvelope.getServerTimestamp());
                SignalServiceAddress signalServiceAddress = new SignalServiceAddress(UuidUtil.parse((String) decrypt.getSenderUuid().orNull()), (Optional<String>) decrypt.getSenderE164());
                SignalProtocolAddress preferredProtocolAddress = getPreferredProtocolAddress(this.signalProtocolStore, signalServiceAddress, decrypt.getDeviceId());
                paddedMessage = decrypt.getPaddedMessage();
                signalServiceMetadata = new SignalServiceMetadata(signalServiceAddress, decrypt.getDeviceId(), signalServiceEnvelope.getTimestamp(), true);
                sessionVersion = sealedSessionCipher.getSessionVersion(preferredProtocolAddress);
            }
            return new Plaintext(signalServiceMetadata, new PushTransportDetails(sessionVersion).getStrippedPaddingMessageBody(paddedMessage));
        } catch (NoSessionException e) {
            throw new ProtocolNoSessionException(e, signalServiceEnvelope.getSourceIdentifier(), signalServiceEnvelope.getSourceDevice());
        } catch (InvalidKeyIdException e2) {
            throw new ProtocolInvalidKeyIdException(e2, signalServiceEnvelope.getSourceIdentifier(), signalServiceEnvelope.getSourceDevice());
        } catch (DuplicateMessageException e3) {
            throw new ProtocolDuplicateMessageException(e3, signalServiceEnvelope.getSourceIdentifier(), signalServiceEnvelope.getSourceDevice());
        } catch (InvalidVersionException e4) {
            throw new ProtocolInvalidVersionException(e4, signalServiceEnvelope.getSourceIdentifier(), signalServiceEnvelope.getSourceDevice());
        } catch (InvalidKeyException e5) {
            throw new ProtocolInvalidKeyException(e5, signalServiceEnvelope.getSourceIdentifier(), signalServiceEnvelope.getSourceDevice());
        } catch (org.whispersystems.libsignal.UntrustedIdentityException e6) {
            throw new ProtocolUntrustedIdentityException(e6, signalServiceEnvelope.getSourceIdentifier(), signalServiceEnvelope.getSourceDevice());
        } catch (LegacyMessageException e7) {
            throw new ProtocolLegacyMessageException(e7, signalServiceEnvelope.getSourceIdentifier(), signalServiceEnvelope.getSourceDevice());
        } catch (InvalidMessageException e8) {
            throw new ProtocolInvalidMessageException(e8, signalServiceEnvelope.getSourceIdentifier(), signalServiceEnvelope.getSourceDevice());
        }
    }

    private static SignalProtocolAddress getPreferredProtocolAddress(SignalProtocolStore signalProtocolStore, SignalServiceAddress signalServiceAddress, int i) {
        SignalProtocolAddress signalProtocolAddress = signalServiceAddress.getUuid().isPresent() ? new SignalProtocolAddress(((UUID) signalServiceAddress.getUuid().get()).toString(), i) : null;
        SignalProtocolAddress signalProtocolAddress2 = signalServiceAddress.getNumber().isPresent() ? new SignalProtocolAddress((String) signalServiceAddress.getNumber().get(), i) : null;
        return (signalProtocolAddress == null || !signalProtocolStore.containsSession(signalProtocolAddress)) ? (signalProtocolAddress2 == null || !signalProtocolStore.containsSession(signalProtocolAddress2)) ? new SignalProtocolAddress(signalServiceAddress.getLegacyIdentifier(), i) : signalProtocolAddress2 : signalProtocolAddress;
    }
}
