package org.whispersystems.libsignal;

import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.Iterator;
import java.util.LinkedList;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.whispersystems.libsignal.ecc.Curve;
import org.whispersystems.libsignal.ecc.ECKeyPair;
import org.whispersystems.libsignal.ecc.ECPublicKey;
import org.whispersystems.libsignal.protocol.CiphertextMessage;
import org.whispersystems.libsignal.protocol.PreKeySignalMessage;
import org.whispersystems.libsignal.protocol.SignalMessage;
import org.whispersystems.libsignal.ratchet.ChainKey;
import org.whispersystems.libsignal.ratchet.MessageKeys;
import org.whispersystems.libsignal.ratchet.RootKey;
import org.whispersystems.libsignal.state.IdentityKeyStore;
import org.whispersystems.libsignal.state.PreKeyStore;
import org.whispersystems.libsignal.state.SessionRecord;
import org.whispersystems.libsignal.state.SessionState;
import org.whispersystems.libsignal.state.SessionStore;
import org.whispersystems.libsignal.state.SignalProtocolStore;
import org.whispersystems.libsignal.state.SignedPreKeyStore;
import org.whispersystems.libsignal.util.Pair;
import org.whispersystems.libsignal.util.guava.Optional;

/* loaded from: classes2.dex */
public class SessionCipher {
    public static final Object SESSION_LOCK = new Object();
    private final IdentityKeyStore identityKeyStore;
    private final PreKeyStore preKeyStore;
    private final SignalProtocolAddress remoteAddress;
    private final SessionBuilder sessionBuilder;
    private final SessionStore sessionStore;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class NullDecryptionCallback implements DecryptionCallback {
        private NullDecryptionCallback() {
        }

        @Override // org.whispersystems.libsignal.DecryptionCallback
        public void handlePlaintext(byte[] bArr) {
        }
    }

    public SessionCipher(SessionStore sessionStore, PreKeyStore preKeyStore, SignedPreKeyStore signedPreKeyStore, IdentityKeyStore identityKeyStore, SignalProtocolAddress signalProtocolAddress) {
        this.sessionStore = sessionStore;
        this.preKeyStore = preKeyStore;
        this.identityKeyStore = identityKeyStore;
        this.remoteAddress = signalProtocolAddress;
        this.sessionBuilder = new SessionBuilder(sessionStore, preKeyStore, signedPreKeyStore, identityKeyStore, signalProtocolAddress);
    }

    public SessionCipher(SignalProtocolStore signalProtocolStore, SignalProtocolAddress signalProtocolAddress) {
        this(signalProtocolStore, signalProtocolStore, signalProtocolStore, signalProtocolStore, signalProtocolAddress);
    }

    private byte[] decrypt(SessionRecord sessionRecord, SignalMessage signalMessage) throws DuplicateMessageException, LegacyMessageException, InvalidMessageException {
        byte[] decrypt;
        synchronized (SESSION_LOCK) {
            Iterator<SessionState> it = sessionRecord.getPreviousSessionStates().iterator();
            LinkedList linkedList = new LinkedList();
            try {
                SessionState sessionState = new SessionState(sessionRecord.getSessionState());
                decrypt = decrypt(sessionState, signalMessage);
                sessionRecord.setState(sessionState);
            } catch (InvalidMessageException e) {
                linkedList.add(e);
                while (it.hasNext()) {
                    try {
                        SessionState sessionState2 = new SessionState(it.next());
                        byte[] decrypt2 = decrypt(sessionState2, signalMessage);
                        it.remove();
                        sessionRecord.promoteState(sessionState2);
                        return decrypt2;
                    } catch (InvalidMessageException e2) {
                        linkedList.add(e2);
                    }
                }
                throw new InvalidMessageException("No valid sessions.", linkedList);
            }
        }
        return decrypt;
    }

    private byte[] decrypt(SessionState sessionState, SignalMessage signalMessage) throws InvalidMessageException, DuplicateMessageException, LegacyMessageException {
        if (!sessionState.hasSenderChain()) {
            throw new InvalidMessageException("Uninitialized session!");
        }
        if (signalMessage.getMessageVersion() != sessionState.getSessionVersion()) {
            throw new InvalidMessageException(String.format("Message version %d, but session version %d", Integer.valueOf(signalMessage.getMessageVersion()), Integer.valueOf(sessionState.getSessionVersion())));
        }
        ECPublicKey senderRatchetKey = signalMessage.getSenderRatchetKey();
        MessageKeys orCreateMessageKeys = getOrCreateMessageKeys(sessionState, senderRatchetKey, getOrCreateChainKey(sessionState, senderRatchetKey), signalMessage.getCounter());
        signalMessage.verifyMac(sessionState.getRemoteIdentityKey(), sessionState.getLocalIdentityKey(), orCreateMessageKeys.getMacKey());
        byte[] plaintext = getPlaintext(orCreateMessageKeys, signalMessage.getBody());
        sessionState.clearUnacknowledgedPreKeyMessage();
        return plaintext;
    }

    private Cipher getCipher(int i, SecretKeySpec secretKeySpec, IvParameterSpec ivParameterSpec) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(i, secretKeySpec, ivParameterSpec);
            return cipher;
        } catch (InvalidAlgorithmParameterException | java.security.InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new AssertionError(e);
        }
    }

    private byte[] getCiphertext(MessageKeys messageKeys, byte[] bArr) {
        try {
            return getCipher(1, messageKeys.getCipherKey(), messageKeys.getIv()).doFinal(bArr);
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            throw new AssertionError(e);
        }
    }

    private ChainKey getOrCreateChainKey(SessionState sessionState, ECPublicKey eCPublicKey) throws InvalidMessageException {
        try {
            if (sessionState.hasReceiverChain(eCPublicKey)) {
                return sessionState.getReceiverChainKey(eCPublicKey);
            }
            Pair<RootKey, ChainKey> createChain = sessionState.getRootKey().createChain(eCPublicKey, sessionState.getSenderRatchetKeyPair());
            ECKeyPair generateKeyPair = Curve.generateKeyPair();
            Pair<RootKey, ChainKey> createChain2 = createChain.first().createChain(eCPublicKey, generateKeyPair);
            sessionState.setRootKey(createChain2.first());
            sessionState.addReceiverChain(eCPublicKey, createChain.second());
            sessionState.setPreviousCounter(Math.max(sessionState.getSenderChainKey().getIndex() - 1, 0));
            sessionState.setSenderChain(generateKeyPair, createChain2.second());
            return createChain.second();
        } catch (InvalidKeyException e) {
            throw new InvalidMessageException(e);
        }
    }

    private MessageKeys getOrCreateMessageKeys(SessionState sessionState, ECPublicKey eCPublicKey, ChainKey chainKey, int i) throws InvalidMessageException, DuplicateMessageException {
        if (chainKey.getIndex() <= i) {
            if (i - chainKey.getIndex() > 2000) {
                throw new InvalidMessageException("Over 2000 messages into the future!");
            }
            while (chainKey.getIndex() < i) {
                sessionState.setMessageKeys(eCPublicKey, chainKey.getMessageKeys());
                chainKey = chainKey.getNextChainKey();
            }
            sessionState.setReceiverChainKey(eCPublicKey, chainKey.getNextChainKey());
            return chainKey.getMessageKeys();
        }
        if (sessionState.hasMessageKeys(eCPublicKey, i)) {
            return sessionState.removeMessageKeys(eCPublicKey, i);
        }
        throw new DuplicateMessageException("Received message with old counter: " + chainKey.getIndex() + " , " + i);
    }

    private byte[] getPlaintext(MessageKeys messageKeys, byte[] bArr) throws InvalidMessageException {
        try {
            return getCipher(2, messageKeys.getCipherKey(), messageKeys.getIv()).doFinal(bArr);
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            throw new InvalidMessageException(e);
        }
    }

    public byte[] decrypt(PreKeySignalMessage preKeySignalMessage) throws DuplicateMessageException, LegacyMessageException, InvalidMessageException, InvalidKeyIdException, InvalidKeyException, UntrustedIdentityException {
        return decrypt(preKeySignalMessage, new NullDecryptionCallback());
    }

    public byte[] decrypt(PreKeySignalMessage preKeySignalMessage, DecryptionCallback decryptionCallback) throws DuplicateMessageException, LegacyMessageException, InvalidMessageException, InvalidKeyIdException, InvalidKeyException, UntrustedIdentityException {
        byte[] decrypt;
        synchronized (SESSION_LOCK) {
            SessionRecord loadSession = this.sessionStore.loadSession(this.remoteAddress);
            Optional<Integer> process = this.sessionBuilder.process(loadSession, preKeySignalMessage);
            decrypt = decrypt(loadSession, preKeySignalMessage.getWhisperMessage());
            decryptionCallback.handlePlaintext(decrypt);
            this.sessionStore.storeSession(this.remoteAddress, loadSession);
            if (process.isPresent()) {
                this.preKeyStore.removePreKey(process.get().intValue());
            }
        }
        return decrypt;
    }

    public byte[] decrypt(SignalMessage signalMessage) throws InvalidMessageException, DuplicateMessageException, LegacyMessageException, NoSessionException, UntrustedIdentityException {
        return decrypt(signalMessage, new NullDecryptionCallback());
    }

    public byte[] decrypt(SignalMessage signalMessage, DecryptionCallback decryptionCallback) throws InvalidMessageException, DuplicateMessageException, LegacyMessageException, NoSessionException, UntrustedIdentityException {
        byte[] decrypt;
        synchronized (SESSION_LOCK) {
            if (!this.sessionStore.containsSession(this.remoteAddress)) {
                throw new NoSessionException("No session for: " + this.remoteAddress);
            }
            SessionRecord loadSession = this.sessionStore.loadSession(this.remoteAddress);
            decrypt = decrypt(loadSession, signalMessage);
            if (!this.identityKeyStore.isTrustedIdentity(this.remoteAddress, loadSession.getSessionState().getRemoteIdentityKey(), IdentityKeyStore.Direction.RECEIVING)) {
                throw new UntrustedIdentityException(this.remoteAddress.getName(), loadSession.getSessionState().getRemoteIdentityKey());
            }
            this.identityKeyStore.saveIdentity(this.remoteAddress, loadSession.getSessionState().getRemoteIdentityKey());
            decryptionCallback.handlePlaintext(decrypt);
            this.sessionStore.storeSession(this.remoteAddress, loadSession);
        }
        return decrypt;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r6v3, types: [org.whispersystems.libsignal.protocol.PreKeySignalMessage] */
    public CiphertextMessage encrypt(byte[] bArr) throws UntrustedIdentityException {
        SignalMessage signalMessage;
        synchronized (SESSION_LOCK) {
            SessionRecord loadSession = this.sessionStore.loadSession(this.remoteAddress);
            SessionState sessionState = loadSession.getSessionState();
            ChainKey senderChainKey = sessionState.getSenderChainKey();
            MessageKeys messageKeys = senderChainKey.getMessageKeys();
            ECPublicKey senderRatchetKey = sessionState.getSenderRatchetKey();
            int previousCounter = sessionState.getPreviousCounter();
            int sessionVersion = sessionState.getSessionVersion();
            signalMessage = new SignalMessage(sessionVersion, messageKeys.getMacKey(), senderRatchetKey, senderChainKey.getIndex(), previousCounter, getCiphertext(messageKeys, bArr), sessionState.getLocalIdentityKey(), sessionState.getRemoteIdentityKey());
            if (sessionState.hasUnacknowledgedPreKeyMessage()) {
                SessionState.UnacknowledgedPreKeyMessageItems unacknowledgedPreKeyMessageItems = sessionState.getUnacknowledgedPreKeyMessageItems();
                signalMessage = new PreKeySignalMessage(sessionVersion, sessionState.getLocalRegistrationId(), unacknowledgedPreKeyMessageItems.getPreKeyId(), unacknowledgedPreKeyMessageItems.getSignedPreKeyId(), unacknowledgedPreKeyMessageItems.getBaseKey(), sessionState.getLocalIdentityKey(), signalMessage);
            }
            sessionState.setSenderChainKey(senderChainKey.getNextChainKey());
            if (!this.identityKeyStore.isTrustedIdentity(this.remoteAddress, sessionState.getRemoteIdentityKey(), IdentityKeyStore.Direction.SENDING)) {
                throw new UntrustedIdentityException(this.remoteAddress.getName(), sessionState.getRemoteIdentityKey());
            }
            this.identityKeyStore.saveIdentity(this.remoteAddress, sessionState.getRemoteIdentityKey());
            this.sessionStore.storeSession(this.remoteAddress, loadSession);
        }
        return signalMessage;
    }

    public int getRemoteRegistrationId() {
        int remoteRegistrationId;
        synchronized (SESSION_LOCK) {
            remoteRegistrationId = this.sessionStore.loadSession(this.remoteAddress).getSessionState().getRemoteRegistrationId();
        }
        return remoteRegistrationId;
    }

    public int getSessionVersion() {
        int sessionVersion;
        synchronized (SESSION_LOCK) {
            if (!this.sessionStore.containsSession(this.remoteAddress)) {
                throw new IllegalStateException(String.format("No session for (%s)!", this.remoteAddress));
            }
            sessionVersion = this.sessionStore.loadSession(this.remoteAddress).getSessionState().getSessionVersion();
        }
        return sessionVersion;
    }
}
