package net.i2p.crypto;

import com.umeng.analytics.a;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import net.i2p.I2PAppContext;
import net.i2p.data.DataFormatException;
import net.i2p.data.DataHelper;
import net.i2p.data.PrivateKey;
import net.i2p.data.PublicKey;
import net.i2p.data.SessionKey;
import net.i2p.data.SessionTag;
import net.i2p.util.Log;
import net.i2p.util.SimpleByteCache;

/* loaded from: classes.dex */
public class ElGamalAESEngine {
    public static final int MAX_TAGS_RECEIVED = 200;
    private static final int MIN_ENCRYPTED_SIZE = 80;
    private final I2PAppContext _context;
    private final Log _log;

    public ElGamalAESEngine(I2PAppContext i2PAppContext) {
        this._context = i2PAppContext;
        this._log = this._context.logManager().getLog(ElGamalAESEngine.class);
        this._context.statManager().createFrequencyStat("crypto.elGamalAES.encryptNewSession", "how frequently we encrypt to a new ElGamal/AES+SessionTag session?", "Encryption", new long[]{a.i});
        this._context.statManager().createFrequencyStat("crypto.elGamalAES.encryptExistingSession", "how frequently we encrypt to an existing ElGamal/AES+SessionTag session?", "Encryption", new long[]{a.i});
        this._context.statManager().createFrequencyStat("crypto.elGamalAES.decryptNewSession", "how frequently we decrypt with a new ElGamal/AES+SessionTag session?", "Encryption", new long[]{a.i});
        this._context.statManager().createFrequencyStat("crypto.elGamalAES.decryptExistingSession", "how frequently we decrypt with an existing ElGamal/AES+SessionTag session?", "Encryption", new long[]{a.i});
        this._context.statManager().createFrequencyStat("crypto.elGamalAES.decryptFailed", "how frequently we fail to decrypt with ElGamal/AES+SessionTag?", "Encryption", new long[]{a.i});
    }

    private byte[] decryptExistingSession(byte[] bArr, SessionKey sessionKey, PrivateKey privateKey, Set<SessionTag> set, SessionKey sessionKey2, SessionKey sessionKey3) throws DataFormatException {
        byte[] acquire = SimpleByteCache.acquire(32);
        System.arraycopy(bArr, 0, acquire, 0, 32);
        byte[] halfHash = halfHash(acquire);
        SimpleByteCache.release(acquire);
        byte[] decryptAESBlock = decryptAESBlock(bArr, 32, bArr.length - 32, sessionKey, halfHash, acquire, set, sessionKey3);
        SimpleByteCache.release(halfHash);
        if (decryptAESBlock != null) {
            sessionKey2.setData(sessionKey.getData());
            return decryptAESBlock;
        }
        if (this._log.shouldLog(30)) {
            this._log.warn("Decrypting looks negative... existing key fails with existing tag, lets try as a new one");
        }
        byte[] decryptNewSession = decryptNewSession(bArr, privateKey, set, sessionKey2, sessionKey3);
        if (!this._log.shouldLog(30)) {
            return decryptNewSession;
        }
        if (decryptNewSession == null) {
            this._log.warn("Decrypting failed with a known existing tag as either an existing message or a new session");
            return decryptNewSession;
        }
        this._log.warn("Decrypting suceeded as a new session, even though it used an existing tag!");
        return decryptNewSession;
    }

    private byte[] decryptNewSession(byte[] bArr, PrivateKey privateKey, Set<SessionTag> set, SessionKey sessionKey, SessionKey sessionKey2) throws DataFormatException {
        if (bArr == null || bArr.length < 514) {
            return null;
        }
        byte[] bArr2 = new byte[514];
        if (bArr.length > 514) {
            System.arraycopy(bArr, 0, bArr2, 0, 514);
        } else {
            System.arraycopy(bArr, 0, bArr2, 514 - bArr.length, bArr.length);
        }
        byte[] decrypt = this._context.elGamalEngine().decrypt(bArr2, privateKey);
        if (decrypt == null) {
            return null;
        }
        byte[] bArr3 = new byte[32];
        System.arraycopy(decrypt, 0, bArr3, 0, 32);
        int i = 0 + 32;
        sessionKey.setData(bArr3);
        byte[] acquire = SimpleByteCache.acquire(32);
        System.arraycopy(decrypt, i, acquire, 0, 32);
        byte[] halfHash = halfHash(acquire);
        SimpleByteCache.release(acquire);
        this._context.random().harvester().feedEntropy("ElG/AES", decrypt, i + 32, decrypt.length - 64);
        byte[] decryptAESBlock = decryptAESBlock(bArr, 514, bArr.length - 514, sessionKey, halfHash, null, set, sessionKey2);
        SimpleByteCache.release(halfHash);
        return decryptAESBlock;
    }

    private final byte[] encryptAESBlock(byte[] bArr, SessionKey sessionKey, byte[] bArr2, Set<SessionTag> set, SessionKey sessionKey2, long j, int i) {
        int i2;
        if (set == null) {
            set = Collections.emptySet();
        }
        int size = (sessionKey2 == null ? 1 : 33) + (set.size() * 32) + 2 + 4 + 32 + bArr.length;
        byte[] bArr3 = new byte[size + getPaddingSize(size, j) + i];
        DataHelper.toLong(bArr3, i, 2, set.size());
        int i3 = i + 2;
        Iterator<SessionTag> it = set.iterator();
        while (it.hasNext()) {
            System.arraycopy(it.next().getData(), 0, bArr3, i3, 32);
            i3 += 32;
        }
        DataHelper.toLong(bArr3, i3, 4, bArr.length);
        int i4 = i3 + 4;
        this._context.sha().calculateHash(bArr, 0, bArr.length, bArr3, i4);
        int i5 = i4 + 32;
        if (sessionKey2 == null) {
            bArr3[i5] = 0;
            i2 = i5 + 1;
        } else {
            int i6 = i5 + 1;
            bArr3[i5] = 1;
            System.arraycopy(sessionKey2.getData(), 0, bArr3, i6, 32);
            i2 = i6 + 32;
        }
        System.arraycopy(bArr, 0, bArr3, i2, bArr.length);
        int length = i2 + bArr.length;
        byte[] padding = getPadding(this._context, size, j);
        System.arraycopy(padding, 0, bArr3, length, padding.length);
        int length2 = length + padding.length;
        this._context.aes().encrypt(bArr3, i, bArr3, i, sessionKey, bArr2, bArr3.length - i);
        return bArr3;
    }

    private byte[] encryptExistingSession(byte[] bArr, PublicKey publicKey, SessionKey sessionKey, Set<SessionTag> set, SessionTag sessionTag, SessionKey sessionKey2, long j) {
        byte[] data = sessionTag.getData();
        byte[] halfHash = halfHash(data);
        byte[] encryptAESBlock = encryptAESBlock(bArr, sessionKey, halfHash, set, sessionKey2, j, 32);
        SimpleByteCache.release(halfHash);
        System.arraycopy(data, 0, encryptAESBlock, 0, data.length);
        return encryptAESBlock;
    }

    private byte[] encryptNewSession(byte[] bArr, PublicKey publicKey, SessionKey sessionKey, Set<SessionTag> set, SessionKey sessionKey2, long j) {
        byte[] bArr2 = new byte[222];
        System.arraycopy(sessionKey.getData(), 0, bArr2, 0, 32);
        this._context.random().nextBytes(bArr2, 32, 190);
        byte[] acquire = SimpleByteCache.acquire(32);
        System.arraycopy(bArr2, 32, acquire, 0, 32);
        long now = this._context.clock().now();
        byte[] encrypt = this._context.elGamalEngine().encrypt(bArr2, publicKey);
        if (this._log.shouldLog(20)) {
            this._log.info("elgEngine.encrypt of the session key took " + (this._context.clock().now() - now) + "ms");
        }
        if (encrypt.length < 514) {
            byte[] bArr3 = new byte[514];
            System.arraycopy(encrypt, 0, bArr3, bArr3.length - encrypt.length, encrypt.length);
            encrypt = bArr3;
        }
        byte[] halfHash = halfHash(acquire);
        SimpleByteCache.release(acquire);
        byte[] encryptAESBlock = encryptAESBlock(bArr, sessionKey, halfHash, set, sessionKey2, j);
        SimpleByteCache.release(halfHash);
        byte[] bArr4 = new byte[encrypt.length + encryptAESBlock.length];
        System.arraycopy(encrypt, 0, bArr4, 0, encrypt.length);
        System.arraycopy(encryptAESBlock, 0, bArr4, encrypt.length, encryptAESBlock.length);
        return bArr4;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final byte[] getPadding(I2PAppContext i2PAppContext, int i, long j) {
        byte[] bArr = new byte[getPaddingSize(i, j)];
        i2PAppContext.random().nextBytes(bArr);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final int getPaddingSize(int i, long j) {
        int i2 = ((long) i) < j ? ((int) j) - i : 0;
        int i3 = i2;
        return (i + i2) % 16 != 0 ? i3 + (16 - ((i + i2) % 16)) : i3;
    }

    private byte[] halfHash(byte[] bArr) {
        byte[] acquire = SimpleByteCache.acquire(32);
        this._context.sha().calculateHash(bArr, 0, 32, acquire, 0);
        byte[] acquire2 = SimpleByteCache.acquire(16);
        System.arraycopy(acquire, 0, acquire2, 0, 16);
        SimpleByteCache.release(acquire);
        return acquire2;
    }

    public byte[] decrypt(byte[] bArr, PrivateKey privateKey) throws DataFormatException {
        return decrypt(bArr, privateKey, this._context.sessionKeyManager());
    }

    public byte[] decrypt(byte[] bArr, PrivateKey privateKey, SessionKeyManager sessionKeyManager) throws DataFormatException {
        byte[] decryptNewSession;
        if (bArr == null) {
            if (this._log.shouldLog(40)) {
                this._log.error("Null data being decrypted?");
            }
            return null;
        }
        if (bArr.length < 80) {
            if (this._log.shouldLog(40)) {
                this._log.error("Data is less than the minimum size (" + bArr.length + " < 80)");
            }
            return null;
        }
        byte[] bArr2 = new byte[32];
        System.arraycopy(bArr, 0, bArr2, 0, 32);
        SessionTag sessionTag = new SessionTag(bArr2);
        SessionKey consumeTag = sessionKeyManager.consumeTag(sessionTag);
        SessionKey sessionKey = new SessionKey();
        SessionKey sessionKey2 = new SessionKey();
        HashSet hashSet = new HashSet();
        boolean z = false;
        if (consumeTag != null) {
            if (this._log.shouldLog(10)) {
                this._log.debug("Decrypting existing session encrypted with tag: " + sessionTag.toString() + ": key: " + consumeTag.toBase64() + ": " + bArr.length + " bytes ");
            }
            decryptNewSession = decryptExistingSession(bArr, consumeTag, privateKey, hashSet, sessionKey2, sessionKey);
            if (decryptNewSession != null) {
                this._context.statManager().updateFrequency("crypto.elGamalAES.decryptExistingSession");
                if (!hashSet.isEmpty() && this._log.shouldLog(10)) {
                    this._log.debug("ElG/AES decrypt success with " + sessionTag + ": found tags: " + hashSet);
                }
                z = true;
            } else {
                this._context.statManager().updateFrequency("crypto.elGamalAES.decryptFailed");
                if (this._log.shouldLog(30)) {
                    this._log.warn("ElG decrypt fail: known tag [" + sessionTag + "], failed decrypt");
                }
            }
        } else {
            if (this._log.shouldLog(10)) {
                this._log.debug("Key is NOT known for tag " + sessionTag);
            }
            decryptNewSession = decryptNewSession(bArr, privateKey, hashSet, sessionKey2, sessionKey);
            if (decryptNewSession != null) {
                this._context.statManager().updateFrequency("crypto.elGamalAES.decryptNewSession");
                if (!hashSet.isEmpty() && this._log.shouldLog(10)) {
                    this._log.debug("ElG decrypt success: found tags: " + hashSet);
                }
            } else {
                this._context.statManager().updateFrequency("crypto.elGamalAES.decryptFailed");
                if (this._log.shouldLog(30)) {
                    this._log.warn("ElG decrypt fail: unknown tag: " + sessionTag);
                }
            }
        }
        if (consumeTag != null || decryptNewSession == null) {
        }
        if (hashSet.isEmpty()) {
            return decryptNewSession;
        }
        if (sessionKey.getData() != null) {
            if (this._log.shouldLog(10)) {
                this._log.debug("Found key: " + sessionKey.toBase64() + " tags: " + hashSet + " wasExisting? " + z);
            }
            sessionKeyManager.tagsReceived(sessionKey, hashSet);
            return decryptNewSession;
        }
        if (sessionKey2.getData() == null) {
            return decryptNewSession;
        }
        if (this._log.shouldLog(10)) {
            this._log.debug("Used key: " + sessionKey2.toBase64() + " tags: " + hashSet + " wasExisting? " + z);
        }
        sessionKeyManager.tagsReceived(sessionKey2, hashSet);
        return decryptNewSession;
    }

    byte[] decryptAESBlock(byte[] bArr, int i, int i2, SessionKey sessionKey, byte[] bArr2, byte[] bArr3, Set<SessionTag> set, SessionKey sessionKey2) throws DataFormatException {
        int i3;
        byte[] bArr4 = new byte[i2];
        this._context.aes().decrypt(bArr, i, bArr4, 0, sessionKey, bArr2, i2);
        SessionKey sessionKey3 = null;
        try {
            long fromLong = DataHelper.fromLong(bArr4, 0, 2);
            if (fromLong < 0 || fromLong > 200) {
                throw new Exception("Invalid number of session tags");
            }
            ArrayList arrayList = fromLong > 0 ? new ArrayList((int) fromLong) : null;
            int i4 = 0 + 2;
            if (32 * fromLong > bArr4.length - 2) {
                throw new Exception("# tags: " + fromLong + " is too many for " + (bArr4.length - 2));
            }
            for (int i5 = 0; i5 < fromLong; i5++) {
                byte[] bArr5 = new byte[32];
                System.arraycopy(bArr4, i4, bArr5, 0, 32);
                i4 += 32;
                arrayList.add(new SessionTag(bArr5));
            }
            long fromLong2 = DataHelper.fromLong(bArr4, i4, 4);
            int i6 = i4 + 4;
            if (fromLong2 < 0 || fromLong2 > ((bArr4.length - i6) - 32) - 1) {
                throw new Exception("Invalid size of payload (" + fromLong2 + ", remaining " + (bArr4.length - i6) + ")");
            }
            int i7 = i6 + 32;
            int i8 = i7 + 1;
            try {
                if (bArr4[i7] == 1) {
                    byte[] bArr6 = new byte[32];
                    System.arraycopy(bArr4, i8, bArr6, 0, 32);
                    i3 = i8 + 32;
                    SessionKey sessionKey4 = new SessionKey();
                    try {
                        sessionKey4.setData(bArr6);
                        sessionKey3 = sessionKey4;
                    } catch (Exception e) {
                        e = e;
                        if (this._log.shouldLog(30)) {
                            this._log.warn("Unable to decrypt AES block", e);
                        }
                        return null;
                    }
                } else {
                    i3 = i8;
                }
                byte[] bArr7 = new byte[(int) fromLong2];
                System.arraycopy(bArr4, i3, bArr7, 0, (int) fromLong2);
                int i9 = i3 + ((int) fromLong2);
                byte[] acquire = SimpleByteCache.acquire(32);
                this._context.sha().calculateHash(bArr7, 0, (int) fromLong2, acquire, 0);
                boolean eq = DataHelper.eq(bArr4, i6, acquire, 0, 32);
                SimpleByteCache.release(acquire);
                if (!eq) {
                    throw new Exception("Hash does not match");
                }
                if (arrayList != null) {
                    set.addAll(arrayList);
                }
                if (sessionKey3 == null) {
                    return bArr7;
                }
                sessionKey2.setData(sessionKey3.getData());
                return bArr7;
            } catch (Exception e2) {
                e = e2;
            }
        } catch (Exception e3) {
            e = e3;
        }
    }

    public byte[] encrypt(byte[] bArr, PublicKey publicKey, SessionKey sessionKey, long j) {
        return encrypt(bArr, publicKey, sessionKey, null, null, null, j);
    }

    public byte[] encrypt(byte[] bArr, PublicKey publicKey, SessionKey sessionKey, Set<SessionTag> set, long j) {
        return encrypt(bArr, publicKey, sessionKey, set, null, null, j);
    }

    public byte[] encrypt(byte[] bArr, PublicKey publicKey, SessionKey sessionKey, Set<SessionTag> set, SessionTag sessionTag, long j) {
        return encrypt(bArr, publicKey, sessionKey, set, sessionTag, null, j);
    }

    public byte[] encrypt(byte[] bArr, PublicKey publicKey, SessionKey sessionKey, Set<SessionTag> set, SessionTag sessionTag, SessionKey sessionKey2, long j) {
        if (sessionTag == null) {
            if (this._log.shouldLog(20)) {
                this._log.info("Current tag is null, encrypting as new session");
            }
            this._context.statManager().updateFrequency("crypto.elGamalAES.encryptNewSession");
            return encryptNewSession(bArr, publicKey, sessionKey, set, sessionKey2, j);
        }
        this._context.statManager().updateFrequency("crypto.elGamalAES.encryptExistingSession");
        byte[] encryptExistingSession = encryptExistingSession(bArr, publicKey, sessionKey, set, sessionTag, sessionKey2, j);
        if (!this._log.shouldLog(10)) {
            return encryptExistingSession;
        }
        this._log.debug("Existing session encrypted with tag: " + sessionTag.toString() + ": " + encryptExistingSession.length + " bytes and key: " + sessionKey.toBase64());
        return encryptExistingSession;
    }

    final byte[] encryptAESBlock(byte[] bArr, SessionKey sessionKey, byte[] bArr2, Set<SessionTag> set, SessionKey sessionKey2, long j) {
        return encryptAESBlock(bArr, sessionKey, bArr2, set, sessionKey2, j, 0);
    }
}
