package org.ethereum.net.rlpx;

import com.google.common.base.Preconditions;
import com.google.common.base.Throwables;
import java.io.IOException;
import java.security.SecureRandom;
import javax.annotation.Nullable;
import org.ethereum.crypto.ECIESCoder;
import org.ethereum.crypto.ECKey;
import org.ethereum.crypto.SHA3Helper;
import org.ethereum.util.ByteUtil;
import org.spongycastle.crypto.InvalidCipherTextException;
import org.spongycastle.crypto.digests.SHA3Digest;
import org.spongycastle.math.ec.ECPoint;

/* loaded from: input_file:org/ethereum/net/rlpx/EncryptionHandshake.class */
public class EncryptionHandshake {
    public static final int NONCE_SIZE = 32;
    public static final int MAC_SIZE = 256;
    public static final int SECRET_SIZE = 32;
    private SecureRandom random;
    private boolean isInitiator;
    private ECKey ephemeralKey;
    private ECPoint remotePublicKey;
    private ECPoint remoteEphemeralKey;
    private byte[] initiatorNonce;
    private byte[] responderNonce;
    private Secrets secrets;

    /* loaded from: input_file:org/ethereum/net/rlpx/EncryptionHandshake$Secrets.class */
    public static class Secrets {
        byte[] aes;
        byte[] mac;
        byte[] token;
        SHA3Digest egressMac;
        SHA3Digest ingressMac;

        public byte[] getAes() {
            return this.aes;
        }

        public byte[] getMac() {
            return this.mac;
        }

        public byte[] getToken() {
            return this.token;
        }

        public SHA3Digest getIngressMac() {
            return this.ingressMac;
        }

        public SHA3Digest getEgressMac() {
            return this.egressMac;
        }
    }

    public EncryptionHandshake(ECPoint eCPoint) {
        this.random = new SecureRandom();
        this.remotePublicKey = eCPoint;
        this.ephemeralKey = new ECKey(this.random);
        this.initiatorNonce = new byte[32];
        this.random.nextBytes(this.initiatorNonce);
        this.isInitiator = true;
    }

    public EncryptionHandshake() {
        this.random = new SecureRandom();
        this.ephemeralKey = new ECKey(this.random);
        this.responderNonce = new byte[32];
        this.random.nextBytes(this.responderNonce);
        this.isInitiator = false;
    }

    public AuthInitiateMessage createAuthInitiate(@Nullable byte[] bArr, ECKey eCKey) {
        boolean z;
        AuthInitiateMessage authInitiateMessage = new AuthInitiateMessage();
        if (bArr == null) {
            z = false;
            bArr = ByteUtil.bigIntegerToBytes(this.remotePublicKey.multiply(eCKey.getPrivKey()).normalize().getXCoord().toBigInteger(), 32);
        } else {
            z = true;
        }
        authInitiateMessage.signature = this.ephemeralKey.sign(xor(bArr, this.initiatorNonce));
        authInitiateMessage.isTokenUsed = z;
        authInitiateMessage.ephemeralPublicHash = SHA3Helper.sha3(this.ephemeralKey.getPubKeyPoint().getEncoded(false), 1, 64);
        authInitiateMessage.publicKey = eCKey.getPubKeyPoint();
        authInitiateMessage.nonce = this.initiatorNonce;
        return authInitiateMessage;
    }

    private static byte[] xor(byte[] bArr, byte[] bArr2) {
        Preconditions.checkArgument(bArr.length == bArr2.length);
        byte[] bArr3 = new byte[bArr.length];
        for (int i = 0; i < bArr.length; i++) {
            bArr3[i] = (byte) (bArr[i] ^ bArr2[i]);
        }
        return bArr3;
    }

    public byte[] encryptAuthMessage(AuthInitiateMessage authInitiateMessage) {
        return ECIESCoder.encrypt(this.remotePublicKey, authInitiateMessage.encode());
    }

    public byte[] encryptAuthReponse(AuthResponseMessage authResponseMessage) {
        return ECIESCoder.encrypt(this.remotePublicKey, authResponseMessage.encode());
    }

    public AuthResponseMessage decryptAuthResponse(byte[] bArr, ECKey eCKey) {
        try {
            return AuthResponseMessage.decode(ECIESCoder.decrypt(eCKey.getPrivKey(), bArr));
        } catch (IOException | InvalidCipherTextException e) {
            throw Throwables.propagate(e);
        }
    }

    public AuthInitiateMessage decryptAuthInitiate(byte[] bArr, ECKey eCKey) {
        try {
            return AuthInitiateMessage.decode(ECIESCoder.decrypt(eCKey.getPrivKey(), bArr));
        } catch (IOException | InvalidCipherTextException e) {
            throw Throwables.propagate(e);
        }
    }

    public AuthResponseMessage handleAuthResponse(ECKey eCKey, byte[] bArr, byte[] bArr2) {
        AuthResponseMessage decryptAuthResponse = decryptAuthResponse(bArr2, eCKey);
        this.remoteEphemeralKey = decryptAuthResponse.ephemeralPublicKey;
        this.responderNonce = decryptAuthResponse.nonce;
        agreeSecret(bArr, bArr2);
        return decryptAuthResponse;
    }

    private void agreeSecret(byte[] bArr, byte[] bArr2) {
        byte[] bigIntegerToBytes = ByteUtil.bigIntegerToBytes(this.remoteEphemeralKey.multiply(this.ephemeralKey.getPrivKey()).normalize().getXCoord().toBigInteger(), 32);
        byte[] sha3 = SHA3Helper.sha3(bigIntegerToBytes, SHA3Helper.sha3(this.responderNonce, this.initiatorNonce));
        byte[] sha32 = SHA3Helper.sha3(bigIntegerToBytes, sha3);
        this.secrets = new Secrets();
        this.secrets.aes = sha32;
        this.secrets.mac = SHA3Helper.sha3(bigIntegerToBytes, sha32);
        this.secrets.token = SHA3Helper.sha3(sha3);
        SHA3Digest sHA3Digest = new SHA3Digest(256);
        sHA3Digest.update(xor(this.secrets.mac, this.responderNonce), 0, this.secrets.mac.length);
        byte[] bArr3 = new byte[32];
        new SHA3Digest(sHA3Digest).doFinal(bArr3, 0);
        sHA3Digest.update(bArr, 0, bArr.length);
        new SHA3Digest(sHA3Digest).doFinal(bArr3, 0);
        SHA3Digest sHA3Digest2 = new SHA3Digest(256);
        sHA3Digest2.update(xor(this.secrets.mac, this.initiatorNonce), 0, this.secrets.mac.length);
        new SHA3Digest(sHA3Digest2).doFinal(bArr3, 0);
        sHA3Digest2.update(bArr2, 0, bArr2.length);
        new SHA3Digest(sHA3Digest2).doFinal(bArr3, 0);
        if (this.isInitiator) {
            this.secrets.egressMac = sHA3Digest;
            this.secrets.ingressMac = sHA3Digest2;
        } else {
            this.secrets.egressMac = sHA3Digest2;
            this.secrets.ingressMac = sHA3Digest;
        }
    }

    public byte[] handleAuthInitiate(byte[] bArr, ECKey eCKey) {
        byte[] encryptAuthReponse = encryptAuthReponse(makeAuthInitiate(bArr, eCKey));
        agreeSecret(bArr, encryptAuthReponse);
        return encryptAuthReponse;
    }

    AuthResponseMessage makeAuthInitiate(byte[] bArr, ECKey eCKey) {
        AuthInitiateMessage decryptAuthInitiate = decryptAuthInitiate(bArr, eCKey);
        this.initiatorNonce = decryptAuthInitiate.nonce;
        this.remotePublicKey = decryptAuthInitiate.publicKey;
        ECKey recoverFromSignature = ECKey.recoverFromSignature(recIdFromSignatureV(decryptAuthInitiate.signature.v), decryptAuthInitiate.signature, xor(ByteUtil.bigIntegerToBytes(this.remotePublicKey.multiply(eCKey.getPrivKey()).normalize().getXCoord().toBigInteger(), 32), this.initiatorNonce), false);
        if (recoverFromSignature == null) {
            throw new RuntimeException("failed to recover signatue from message");
        }
        this.remoteEphemeralKey = recoverFromSignature.getPubKeyPoint();
        AuthResponseMessage authResponseMessage = new AuthResponseMessage();
        authResponseMessage.isTokenUsed = decryptAuthInitiate.isTokenUsed;
        authResponseMessage.ephemeralPublicKey = this.ephemeralKey.getPubKeyPoint();
        authResponseMessage.nonce = this.responderNonce;
        return authResponseMessage;
    }

    public static byte recIdFromSignatureV(int i) {
        if (i >= 31) {
            i -= 4;
        }
        return (byte) (i - 27);
    }

    public Secrets getSecrets() {
        return this.secrets;
    }

    public ECPoint getRemotePublicKey() {
        return this.remotePublicKey;
    }

    public boolean isInitiator() {
        return this.isInitiator;
    }
}
