package com.huawei.iotplatform.security.e2esecurity.hichain.impl.service;

import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.content.pm.SigningInfo;
import android.os.Build;
import android.text.TextUtils;
import androidx.annotation.NonNull;
import com.huawei.iotplatform.security.common.util.CommonUtil;
import com.huawei.iotplatform.security.common.util.HashUtils;
import com.huawei.iotplatform.security.common.util.LogUtil;
import com.huawei.iotplatform.security.e2esecurity.hichain.adapter.utils.AuthInfoType;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.sdk.ReturnCode;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.CallerInfo;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.KeyStruct;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.structs.PublicKeyInfo;
import com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.utils.Serializer;
import com.huawei.iotplatform.security.e2esecurity.local.LocalHiLinkAssetMgmt;
import com.huawei.iotplatform.security.e2esecurity.local.assetexception.AssetNotFoundException;
import com.huawei.iotplatform.security.e2esecurity.local.assetexception.AssetUnknownException;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.atomic.AtomicInteger;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class KeyManagerImpl implements KeyManager {
    private static final int INIT_CAPACITY = 10;
    private static final String TAG = "KeyManagerImpl";
    private static final byte[] ACCESSOR_PK_IN_BYTES = {0, 0};
    private static final byte[] CONTROLLER_PK_IN_BYTES = {0, 1};
    private static final byte[] KEY_PAIR_IN_BYTES = {0, 2};
    private static final byte[] KEK_IN_BYTES = {0, 3};
    private static final byte[] DEK_IN_BYTES = {0, 4};
    private static KeyManagerImpl sInstance = new KeyManagerImpl();
    private Map<String, String> mOwnerInfos = new HashMap(10);
    private Map<String, AtomicInteger> mTrustPeerCounts = new HashMap(10);
    private Context mContext = null;

    private KeyManagerImpl() {
    }

    private int addTrustPeerNum(String str) {
        AtomicInteger atomicInteger = new AtomicInteger(1);
        AtomicInteger put = this.mTrustPeerCounts.put(str, atomicInteger);
        if (put == null) {
            return 1;
        }
        atomicInteger.set(put.get() + 1);
        return atomicInteger.intValue();
    }

    private int batchDelete(byte[] bArr, byte[] bArr2, byte[] bArr3, String str) {
        return 0;
    }

    private KeyStruct.OperationResult checkAndDeleteLocalInfo(byte[] bArr, String str, boolean z, byte[] bArr2) {
        return new KeyStruct.OperationResult();
    }

    public static synchronized KeyManagerImpl getInstance() {
        KeyManagerImpl keyManagerImpl;
        synchronized (KeyManagerImpl.class) {
            keyManagerImpl = sInstance;
        }
        return keyManagerImpl;
    }

    private String getOwnerJsonStr(String str) {
        String str2 = this.mOwnerInfos.get(str);
        if (str2 != null) {
            return str2;
        }
        String str3 = null;
        PackageManager packageManager = this.mContext.getPackageManager();
        if (str != null && packageManager != null) {
            try {
                PackageInfo packageInfo = packageManager.getPackageInfo(str, Build.VERSION.SDK_INT >= 28 ? 134217728 : 64);
                if (packageInfo != null) {
                    str3 = getPublicKeyByPackageInfo(packageInfo);
                }
            } catch (PackageManager.NameNotFoundException unused) {
                LogUtil.error(TAG, "getPackageInfo failed");
            }
        }
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("Package", str);
            if (str3 != null) {
                jSONObject.put("Pubkey", str3);
                this.mOwnerInfos.put(str, jSONObject.toString());
            }
            return jSONObject.toString();
        } catch (JSONException unused2) {
            LogUtil.error(TAG, "can't construct data owner's information string");
            return str2;
        }
    }

    private String getPublicKey(byte[] bArr) {
        try {
            return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr)).getPublicKey().toString();
        } catch (CertificateException unused) {
            LogUtil.error(TAG, "getPublicKey getInstance failed");
            return null;
        }
    }

    private String getPublicKeyByPackageInfo(PackageInfo packageInfo) {
        Signature[] signatureArr;
        if (Build.VERSION.SDK_INT >= 28) {
            SigningInfo signingInfo = packageInfo.signingInfo;
            signatureArr = signingInfo != null ? signingInfo.getApkContentsSigners() : null;
        } else {
            signatureArr = packageInfo.signatures;
        }
        if (signatureArr == null || signatureArr.length <= 0) {
            return null;
        }
        return getPublicKey(signatureArr[0].toByteArray());
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public KeyStruct.OperationResult addAuthInfo(@NonNull CallerInfo callerInfo, int i, @NonNull byte[] bArr, @NonNull byte[] bArr2) {
        LogUtil.debug(TAG, "start add authInfo");
        KeyStruct.OperationResult operationResult = new KeyStruct.OperationResult();
        operationResult.setAdditionalInfo(bArr);
        if (LocalHiLinkAssetMgmt.getInstance().addAuthInfo(bArr, i, bArr2)) {
            operationResult.setResult(0);
        } else {
            operationResult.setResult(1);
        }
        return operationResult;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public KeyStruct.OperationResult deleteAuthInfo(@NonNull CallerInfo callerInfo, int i, @NonNull byte[] bArr, byte[] bArr2) {
        LogUtil.debug(TAG, "start delete authInfo");
        KeyStruct.OperationResult operationResult = new KeyStruct.OperationResult();
        operationResult.setAdditionalInfo(bArr);
        if (LocalHiLinkAssetMgmt.getInstance().deleteAuthInfo(bArr)) {
            operationResult.setResult(0);
        } else {
            operationResult.setResult(1);
        }
        return operationResult;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public int deleteLocalDataAll(@NonNull CallerInfo callerInfo, @NonNull byte[] bArr) {
        int i;
        LogUtil.debug(TAG, "start delete register and bound info");
        if (callerInfo == null) {
            return ReturnCode.INVALID_PARAMETERS;
        }
        byte[] serviceId = callerInfo.getServiceId();
        String ownerJsonStr = getOwnerJsonStr(callerInfo.getPackageName());
        int i2 = 0;
        KeyStruct.OperationResult checkAndDeleteLocalInfo = checkAndDeleteLocalInfo(HashUtils.sha256(CommonUtil.concatenateAll(serviceId, KEY_PAIR_IN_BYTES, bArr)), ownerJsonStr, false, KEY_PAIR_IN_BYTES);
        if (checkAndDeleteLocalInfo.getResult() == -268435452) {
            return 0;
        }
        if (checkAndDeleteLocalInfo.getResult() != 0) {
            LogUtil.error(TAG, "delete auth key pair fail");
            return 1;
        }
        LogUtil.debug(TAG, "delete auth key pair ok");
        if (CommonUtil.bytesToInt(checkAndDeleteLocalInfo.getAdditionalInfo()) != 0) {
            if (checkAndDeleteLocalInfo(HashUtils.sha256(CommonUtil.concatenateAll(serviceId, KEK_IN_BYTES, bArr)), null, false, KEK_IN_BYTES).getResult() != 0) {
                LogUtil.warn(TAG, "delete KEK_IN_BYTES fail");
                i = 2;
            } else {
                i = 0;
            }
            if (checkAndDeleteLocalInfo(HashUtils.sha256(CommonUtil.concatenateAll(serviceId, DEK_IN_BYTES, bArr)), ownerJsonStr, true, DEK_IN_BYTES).getResult() != 0) {
                LogUtil.warn(TAG, "delete DEK_IN_BYTES fail");
                i2 = 2;
            } else {
                LogUtil.debug(TAG, "delete DEK_IN_BYTES ok");
                i2 = i;
            }
        }
        if (batchDelete(serviceId, ACCESSOR_PK_IN_BYTES, bArr, ownerJsonStr) != 0) {
            LogUtil.warn(TAG, "delete bound accessories fail");
            i2 = 2;
        } else {
            LogUtil.debug(TAG, "delete bound accessories ok");
        }
        if (batchDelete(serviceId, CONTROLLER_PK_IN_BYTES, bArr, ownerJsonStr) != 0) {
            LogUtil.warn(TAG, "delete bound controllers fail");
            return 2;
        }
        LogUtil.debug(TAG, "delete bound controllers ok");
        return i2;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public KeyStruct.OperationResult exportAuthInfoBlob(@NonNull CallerInfo callerInfo, @NonNull byte[] bArr, @NonNull byte[] bArr2, int i, int i2) {
        byte[] bArr3;
        if (i2 == AuthInfoType.LITE_AUTH_INFO.getValue()) {
            bArr3 = LocalHiLinkAssetMgmt.getInstance().exportAuthInfo(bArr2, AuthInfoType.LITE_AUTH_INFO);
        } else if (i2 == AuthInfoType.SIGNED_AUTH_INFO.getValue()) {
            bArr3 = LocalHiLinkAssetMgmt.getInstance().exportAuthInfo(bArr2, AuthInfoType.SIGNED_AUTH_INFO);
        } else {
            LogUtil.error(TAG, "export not support auth info type");
            bArr3 = null;
        }
        KeyStruct.OperationResult operationResult = new KeyStruct.OperationResult();
        if (CommonUtil.isEmpty(bArr3)) {
            operationResult.setResult(1);
        } else {
            operationResult.setAdditionalInfo(bArr3);
            operationResult.setResult(0);
        }
        return operationResult;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public KeyStruct.OperationResult getAuthInfo(@NonNull CallerInfo callerInfo, int i, @NonNull byte[] bArr) {
        LogUtil.debug(TAG, "start get bound public key");
        KeyStruct.OperationResult operationResult = new KeyStruct.OperationResult();
        byte[] peerPublicKey = LocalHiLinkAssetMgmt.getInstance().getPeerPublicKey(bArr);
        if (!CommonUtil.isEmpty(peerPublicKey)) {
            operationResult.setResult(0);
            operationResult.setAdditionalInfo(peerPublicKey);
        } else if (i == 1) {
            operationResult.setResult(ReturnCode.NOT_TRUST_CONTROLLER);
        } else {
            operationResult.setResult(ReturnCode.NOT_TRUST_ACCESSORY);
        }
        return operationResult;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public KeyStruct.PubKeyInfo getLocalPubKeyInfo(@NonNull CallerInfo callerInfo, @NonNull byte[] bArr, @NonNull byte[] bArr2) {
        LogUtil.debug(TAG, "get local publicKey info");
        KeyStruct.PubKeyInfo pubKeyInfo = new KeyStruct.PubKeyInfo();
        byte[] hiLinkIdPublicKey = LocalHiLinkAssetMgmt.getInstance().getHiLinkIdPublicKey();
        if (CommonUtil.isEmpty(hiLinkIdPublicKey)) {
            LogUtil.error(TAG, "has not register yet");
            pubKeyInfo.setResult(ReturnCode.NOT_REGISTERED);
            return pubKeyInfo;
        }
        PublicKeyInfo publicKeyInfo = new PublicKeyInfo();
        publicKeyInfo.setAuthId(bArr);
        publicKeyInfo.setPublicKey(hiLinkIdPublicKey);
        byte[] bArr3 = new byte[0];
        try {
            byte[] serializeToBytes = Serializer.serializeToBytes(publicKeyInfo);
            pubKeyInfo.setInfo(serializeToBytes);
            KeyStruct.OperationResult sign = sign(callerInfo, bArr, CommonUtil.concatenateAll(bArr2, serializeToBytes));
            if (sign.getResult() == 0) {
                LogUtil.debug(TAG, "sign public key info ok");
                pubKeyInfo.setResult(0);
                pubKeyInfo.setPublicKeySignature(sign.getAdditionalInfo());
            }
            return pubKeyInfo;
        } catch (JSONException unused) {
            LogUtil.error(TAG, "can't generate message to sign");
            pubKeyInfo.setResult(1);
            pubKeyInfo.setInfo(bArr3);
            return pubKeyInfo;
        }
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public int importAuthInfo(@NonNull CallerInfo callerInfo, @NonNull byte[] bArr, int i, @NonNull byte[] bArr2) {
        boolean z;
        if (i == AuthInfoType.LITE_AUTH_INFO.getValue()) {
            z = LocalHiLinkAssetMgmt.getInstance().importAuthInfo(bArr2, AuthInfoType.LITE_AUTH_INFO);
        } else if (i == AuthInfoType.SIGNED_AUTH_INFO.getValue()) {
            z = LocalHiLinkAssetMgmt.getInstance().importAuthInfo(bArr2, AuthInfoType.SIGNED_AUTH_INFO);
        } else {
            LogUtil.error(TAG, "import not support auth info type");
            z = false;
        }
        return z ? 0 : 1;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public void init(@NonNull Context context) {
        this.mContext = context;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public boolean isRegistered(@NonNull CallerInfo callerInfo, @NonNull byte[] bArr) {
        return LocalHiLinkAssetMgmt.getInstance().isRegistered(bArr);
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public boolean isTrustPeer(@NonNull CallerInfo callerInfo, @NonNull byte[] bArr, int i, boolean z) {
        return LocalHiLinkAssetMgmt.getInstance().isTrustPeer(bArr);
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public List<String> listTrustPeers(@NonNull CallerInfo callerInfo, int i, boolean z, @NonNull byte[] bArr, boolean z2) {
        LogUtil.debug(TAG, "start query trust peer list");
        ArrayList arrayList = new ArrayList(10);
        for (String str : LocalHiLinkAssetMgmt.getInstance().listAllAuthId()) {
            if (!TextUtils.isEmpty(str)) {
                arrayList.add(CommonUtil.toHexString(CommonUtil.stringToBytes8859(str)));
            }
        }
        LogUtil.debug(TAG, "listTrustPeers finished");
        return arrayList;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public KeyStruct.OperationResult register(@NonNull CallerInfo callerInfo, @NonNull byte[] bArr, int i, String str) {
        KeyStruct.OperationResult operationResult = new KeyStruct.OperationResult();
        operationResult.setResult(0);
        return operationResult;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public KeyStruct.OperationResult sign(@NonNull CallerInfo callerInfo, @NonNull byte[] bArr, @NonNull byte[] bArr2) {
        LogUtil.debug(TAG, "start sign operation");
        KeyStruct.OperationResult operationResult = new KeyStruct.OperationResult();
        try {
            byte[] sign = LocalHiLinkAssetMgmt.getInstance().sign(bArr, bArr2);
            operationResult.setResult(0);
            operationResult.setAdditionalInfo(sign);
        } catch (AssetNotFoundException | AssetUnknownException unused) {
            operationResult.setResult(ReturnCode.NOT_REGISTERED);
        }
        return operationResult;
    }

    @Override // com.huawei.iotplatform.security.e2esecurity.hichain.impl.service.interfaces.KeyManager
    public int verify(@NonNull CallerInfo callerInfo, int i, @NonNull byte[] bArr, @NonNull byte[] bArr2, @NonNull byte[] bArr3) {
        LogUtil.info(TAG, "start signature verification");
        return LocalHiLinkAssetMgmt.getInstance().verifyPeerSignature(bArr, bArr2, bArr3) ? 0 : 1;
    }
}
