package com.wt.poclite.service;

import android.util.Base64;
import com.goterl.lazysodium.LazySodiumAndroid;
import com.goterl.lazysodium.SodiumAndroid;
import com.goterl.lazysodium.utils.Key;
import com.goterl.lazysodium.utils.KeyPair;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.concurrent.locks.ReentrantLock;
import kotlin.Unit;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt;
import roboguice.util.Ln;

/* compiled from: PkiModel.kt */
/* loaded from: classes.dex */
public final class PkiModel {
    public static final PkiModel INSTANCE = new PkiModel();
    private static final LazySodiumAndroid lazySodium;
    private static final ReentrantLock lock;
    private static KeyPair myKeyPair;
    private static final Map publicKeysForUser;
    private static final Map sharedKeysByUser;

    static {
        LazySodiumAndroid lazySodiumAndroid = new LazySodiumAndroid(new SodiumAndroid());
        lazySodium = lazySodiumAndroid;
        publicKeysForUser = new LinkedHashMap();
        sharedKeysByUser = new LinkedHashMap();
        lock = new ReentrantLock();
        byte[] randomBytesBuf = lazySodiumAndroid.randomBytesBuf(32);
        Intrinsics.checkNotNullExpressionValue(randomBytesBuf, "randomBytesBuf(...)");
        byte[] randomBytesBuf2 = lazySodiumAndroid.randomBytesBuf(32);
        Intrinsics.checkNotNullExpressionValue(randomBytesBuf2, "randomBytesBuf(...)");
        if (lazySodiumAndroid.cryptoBoxKeypair(randomBytesBuf, randomBytesBuf2)) {
            myKeyPair = new KeyPair(Key.fromBytes(randomBytesBuf), Key.fromBytes(randomBytesBuf2));
        }
    }

    private PkiModel() {
    }

    private final byte[] getSharedKeyForUser(String str) {
        ReentrantLock reentrantLock = lock;
        reentrantLock.lock();
        try {
            Map map = sharedKeysByUser;
            byte[] bArr = (byte[]) map.get(str);
            if (bArr != null) {
                return bArr;
            }
            Key key = (Key) publicKeysForUser.get(str);
            if (key == null) {
                Ln.e("No public key for user " + str, new Object[0]);
                return null;
            }
            byte[] bArr2 = new byte[32];
            KeyPair keyPair = myKeyPair;
            if (keyPair == null) {
                Ln.e("XXX No key pair", new Object[0]);
                return null;
            }
            lazySodium.cryptoBoxBeforeNm(bArr2, key.getAsBytes(), keyPair.getSecretKey().getAsBytes());
            map.put(str, bArr2);
            return bArr2;
        } finally {
            reentrantLock.unlock();
        }
    }

    public final byte[] decryptBytes(byte[] messageBytes, byte[] nonce, String fromUser) {
        Intrinsics.checkNotNullParameter(messageBytes, "messageBytes");
        Intrinsics.checkNotNullParameter(nonce, "nonce");
        Intrinsics.checkNotNullParameter(fromUser, "fromUser");
        if (messageBytes.length < 16) {
            Ln.e("Message too short", new Object[0]);
            return null;
        }
        byte[] sharedKeyForUser = getSharedKeyForUser(fromUser);
        if (sharedKeyForUser == null) {
            return null;
        }
        byte[] bArr = new byte[messageBytes.length - 16];
        if (lazySodium.cryptoBoxOpenEasyAfterNm(bArr, messageBytes, messageBytes.length, nonce, sharedKeyForUser)) {
            return bArr;
        }
        Ln.e("Decryption failed", new Object[0]);
        return null;
    }

    public final PkiMessage encryptBytes(byte[] messageBytes, int i, String targetUser) {
        Intrinsics.checkNotNullParameter(messageBytes, "messageBytes");
        Intrinsics.checkNotNullParameter(targetUser, "targetUser");
        if (!PTTPrefs.INSTANCE.hasE2ee()) {
            Ln.i("e2ee not available", new Object[0]);
            return null;
        }
        byte[] sharedKeyForUser = getSharedKeyForUser(targetUser);
        if (sharedKeyForUser == null) {
            return null;
        }
        byte[] bArr = new byte[i + 16];
        LazySodiumAndroid lazySodiumAndroid = lazySodium;
        byte[] nonce = lazySodiumAndroid.nonce(24);
        if (lazySodiumAndroid.cryptoBoxEasyAfterNm(bArr, messageBytes, i, nonce, sharedKeyForUser)) {
            Intrinsics.checkNotNull(nonce);
            return new PkiMessage(bArr, nonce);
        }
        Ln.e("Encryption failed", new Object[0]);
        return null;
    }

    public final String getMyPublicKeyAsBase64() {
        Key publicKey;
        byte[] asBytes;
        KeyPair keyPair = myKeyPair;
        if (keyPair == null || (publicKey = keyPair.getPublicKey()) == null || (asBytes = publicKey.getAsBytes()) == null) {
            return null;
        }
        String encodeToString = Base64.encodeToString(asBytes, 1);
        Intrinsics.checkNotNullExpressionValue(encodeToString, "encodeToString(...)");
        return StringsKt.trimEnd(encodeToString).toString();
    }

    public final boolean hasPublicKey(String username) {
        Intrinsics.checkNotNullParameter(username, "username");
        ReentrantLock reentrantLock = lock;
        reentrantLock.lock();
        try {
            return publicKeysForUser.containsKey(username);
        } finally {
            reentrantLock.unlock();
        }
    }

    public final void removePublicKeyForUser(String username) {
        Intrinsics.checkNotNullParameter(username, "username");
        ReentrantLock reentrantLock = lock;
        reentrantLock.lock();
        try {
            publicKeysForUser.remove(username);
        } finally {
            reentrantLock.unlock();
        }
    }

    public final void savePublicKeyForUser(String username, String publicKey) {
        Intrinsics.checkNotNullParameter(username, "username");
        Intrinsics.checkNotNullParameter(publicKey, "publicKey");
        Key fromBytes = Key.fromBytes(Base64.decode(publicKey, 1));
        ReentrantLock reentrantLock = lock;
        reentrantLock.lock();
        try {
            Map map = publicKeysForUser;
            if (!Intrinsics.areEqual(map.get(username), fromBytes)) {
                map.put(username, fromBytes);
                sharedKeysByUser.remove(username);
            }
            Unit unit = Unit.INSTANCE;
            reentrantLock.unlock();
        } catch (Throwable th) {
            reentrantLock.unlock();
            throw th;
        }
    }
}
