package io.getlime.security.powerauth.crypto.lib.encryptor.ecies;

import com.google.common.primitives.Bytes;
import io.getlime.security.powerauth.crypto.lib.config.PowerAuthConfiguration;
import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.exception.EciesException;
import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.kdf.KdfX9_63;
import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesPayload;
import io.getlime.security.powerauth.crypto.lib.generator.KeyGenerator;
import io.getlime.security.powerauth.crypto.lib.util.AESEncryptionUtils;
import io.getlime.security.powerauth.crypto.lib.util.HMACHashUtilities;
import io.getlime.security.powerauth.provider.CryptoProviderUtil;
import java.security.InvalidKeyException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.SecretKey;

/* loaded from: input_file:io/getlime/security/powerauth/crypto/lib/encryptor/ecies/BasicEciesDecryptor.class */
public class BasicEciesDecryptor {
    private final AESEncryptionUtils aes;
    private final HMACHashUtilities hmac;
    private final KeyGenerator keyGenerator;
    private final CryptoProviderUtil keyConverter;
    private final PrivateKey privateKey;
    private final byte[] sharedInfo2;
    private PublicKey ephemeralPublicKey;
    private boolean canDecryptData;
    private boolean canEncryptData;

    public BasicEciesDecryptor(ECPrivateKey eCPrivateKey) {
        this(eCPrivateKey, null);
    }

    public BasicEciesDecryptor(ECPrivateKey eCPrivateKey, byte[] bArr) {
        this.aes = new AESEncryptionUtils();
        this.hmac = new HMACHashUtilities();
        this.keyGenerator = new KeyGenerator();
        this.keyConverter = PowerAuthConfiguration.INSTANCE.getKeyConvertor();
        this.privateKey = eCPrivateKey;
        this.sharedInfo2 = bArr;
        this.canDecryptData = true;
        this.canEncryptData = false;
    }

    /* JADX WARN: Type inference failed for: r0v16, types: [byte[], byte[][]] */
    public byte[] decrypt(EciesPayload eciesPayload, byte[] bArr) throws EciesException {
        try {
            if (!this.canDecryptData) {
                throw new EciesException("This decryptor instance was already used");
            }
            this.ephemeralPublicKey = eciesPayload.getEphemeralPublicKey();
            byte[] derive = KdfX9_63.derive(this.keyConverter.convertSharedSecretKeyToBytes(this.keyGenerator.computeSharedKey(this.privateKey, this.ephemeralPublicKey, true)), bArr, 32);
            if (!Arrays.equals(this.hmac.hash(Arrays.copyOfRange(derive, 16, 32), this.sharedInfo2 == null ? eciesPayload.getEncryptedData() : Bytes.concat((byte[][]) new byte[]{eciesPayload.getEncryptedData(), this.sharedInfo2})), eciesPayload.getMac())) {
                throw new EciesException("Invalid MAC");
            }
            SecretKey convertBytesToSharedSecretKey = this.keyConverter.convertBytesToSharedSecretKey(Arrays.copyOf(derive, 16));
            this.canDecryptData = false;
            this.canEncryptData = true;
            return this.aes.decrypt(eciesPayload.getEncryptedData(), new byte[16], convertBytesToSharedSecretKey);
        } catch (InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) {
            throw new EciesException("Decryption error occurred", e);
        }
    }

    /* JADX WARN: Type inference failed for: r0v25, types: [byte[], byte[][]] */
    public EciesPayload encrypt(byte[] bArr, byte[] bArr2) throws EciesException {
        try {
            if (!this.canEncryptData) {
                throw new EciesException("This decryptor instance was already used");
            }
            byte[] derive = KdfX9_63.derive(this.keyConverter.convertSharedSecretKeyToBytes(this.keyGenerator.computeSharedKey(this.privateKey, this.ephemeralPublicKey, true)), bArr2, 32);
            byte[] encrypt = this.aes.encrypt(bArr, new byte[16], this.keyConverter.convertBytesToSharedSecretKey(Arrays.copyOf(derive, 16)));
            byte[] hash = this.hmac.hash(Arrays.copyOfRange(derive, 16, 32), this.sharedInfo2 == null ? encrypt : Bytes.concat((byte[][]) new byte[]{encrypt, this.sharedInfo2}));
            this.canEncryptData = false;
            return new EciesPayload(this.ephemeralPublicKey, hash, encrypt);
        } catch (InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) {
            throw new EciesException("Decryption error occurred", e);
        }
    }

    public EciesPayload encrypt(byte[] bArr, ECPublicKey eCPublicKey, byte[] bArr2) throws EciesException {
        this.ephemeralPublicKey = eCPublicKey;
        this.canDecryptData = false;
        this.canEncryptData = true;
        return encrypt(bArr, bArr2);
    }
}
