package io.horizontalsystems.ethereumkit.spv.net.connection;

import io.horizontalsystems.ethereumkit.crypto.CryptoUtils;
import io.horizontalsystems.ethereumkit.crypto.ECIESEncryptedMessage;
import io.horizontalsystems.ethereumkit.crypto.ECKey;
import io.horizontalsystems.ethereumkit.spv.core.ExtensionsKt;
import io.horizontalsystems.ethereumkit.spv.helpers.RandomHelper;
import io.horizontalsystems.ethereumkit.spv.net.connection.messages.AuthAckMessage;
import io.horizontalsystems.ethereumkit.spv.net.connection.messages.AuthMessage;
import kotlin.Metadata;
import kotlin.collections.ArraysKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.ranges.IntRange;
import org.bitcoinj.uri.BitcoinURI;
import org.bouncycastle.crypto.digests.KeccakDigest;
import org.bouncycastle.math.ec.ECPoint;

/* compiled from: EncryptionHandshake.kt */
@Metadata(d1 = {"\u0000J\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\u0018\u0000 \u001c2\u00020\u0001:\u0002\u001c\u001dB%\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\u0006\u0010\b\u001a\u00020\t¢\u0006\u0002\u0010\nJ\u0018\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\fH\u0002J\u0006\u0010\u0014\u001a\u00020\fJ\b\u0010\u0015\u001a\u00020\fH\u0002J\u0010\u0010\u0016\u001a\u00020\f2\u0006\u0010\u0017\u001a\u00020\u0018H\u0002J\u000e\u0010\u0019\u001a\u00020\u00102\u0006\u0010\u001a\u001a\u00020\u001bR\u000e\u0010\u000b\u001a\u00020\fX\u0082\u000e¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\r\u001a\u00020\u0003X\u0082\u000e¢\u0006\u0002\n\u0000R\u000e\u0010\u000e\u001a\u00020\fX\u0082\u000e¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u001e"}, d2 = {"Lio/horizontalsystems/ethereumkit/spv/net/connection/EncryptionHandshake;", "", "myKey", "Lio/horizontalsystems/ethereumkit/crypto/ECKey;", "remotePublicKeyPoint", "Lorg/bouncycastle/math/ec/ECPoint;", "cryptoUtils", "Lio/horizontalsystems/ethereumkit/crypto/CryptoUtils;", "randomHelper", "Lio/horizontalsystems/ethereumkit/spv/helpers/RandomHelper;", "(Lio/horizontalsystems/ethereumkit/crypto/ECKey;Lorg/bouncycastle/math/ec/ECPoint;Lio/horizontalsystems/ethereumkit/crypto/CryptoUtils;Lio/horizontalsystems/ethereumkit/spv/helpers/RandomHelper;)V", "authMessagePacket", "", "ephemeralKey", "initiatorNonce", "agreeSecret", "Lio/horizontalsystems/ethereumkit/spv/net/connection/Secrets;", "authAckMessage", "Lio/horizontalsystems/ethereumkit/spv/net/connection/messages/AuthAckMessage;", "authAckMessagePacket", "createAuthMessage", "eip8padding", "encrypt", BitcoinURI.FIELD_MESSAGE, "Lio/horizontalsystems/ethereumkit/spv/net/connection/messages/AuthMessage;", "handleAuthAckMessage", "eciesEncryptedMessage", "Lio/horizontalsystems/ethereumkit/crypto/ECIESEncryptedMessage;", "Companion", "HandshakeError", "ethereumkit_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes8.dex */
public final class EncryptionHandshake {
    public static final int MAC_SIZE = 256;
    private byte[] authMessagePacket;
    private final CryptoUtils cryptoUtils;
    private ECKey ephemeralKey;
    private byte[] initiatorNonce;
    private final ECKey myKey;
    private final RandomHelper randomHelper;
    private final ECPoint remotePublicKeyPoint;

    /* compiled from: EncryptionHandshake.kt */
    @Metadata(d1 = {"\u0000\u0010\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0016\u0018\u00002\u00060\u0001j\u0002`\u0002:\u0001\u0004B\u0005¢\u0006\u0002\u0010\u0003¨\u0006\u0005"}, d2 = {"Lio/horizontalsystems/ethereumkit/spv/net/connection/EncryptionHandshake$HandshakeError;", "Ljava/lang/Exception;", "Lkotlin/Exception;", "()V", "InvalidAuthAckPayload", "ethereumkit_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes8.dex */
    public static class HandshakeError extends Exception {

        /* compiled from: EncryptionHandshake.kt */
        @Metadata(d1 = {"\u0000\f\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018\u00002\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002¨\u0006\u0003"}, d2 = {"Lio/horizontalsystems/ethereumkit/spv/net/connection/EncryptionHandshake$HandshakeError$InvalidAuthAckPayload;", "Lio/horizontalsystems/ethereumkit/spv/net/connection/EncryptionHandshake$HandshakeError;", "()V", "ethereumkit_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
        /* loaded from: classes8.dex */
        public static final class InvalidAuthAckPayload extends HandshakeError {
        }
    }

    public EncryptionHandshake(ECKey myKey, ECPoint remotePublicKeyPoint, CryptoUtils cryptoUtils, RandomHelper randomHelper) {
        Intrinsics.checkNotNullParameter(myKey, "myKey");
        Intrinsics.checkNotNullParameter(remotePublicKeyPoint, "remotePublicKeyPoint");
        Intrinsics.checkNotNullParameter(cryptoUtils, "cryptoUtils");
        Intrinsics.checkNotNullParameter(randomHelper, "randomHelper");
        this.myKey = myKey;
        this.remotePublicKeyPoint = remotePublicKeyPoint;
        this.cryptoUtils = cryptoUtils;
        this.randomHelper = randomHelper;
        this.initiatorNonce = randomHelper.randomBytes(32);
        this.ephemeralKey = randomHelper.randomECKey();
        this.authMessagePacket = new byte[0];
    }

    private final Secrets agreeSecret(AuthAckMessage authAckMessage, byte[] authAckMessagePacket) {
        byte[] ecdhAgree = this.cryptoUtils.ecdhAgree(this.ephemeralKey, authAckMessage.getEphemPublicKeyPoint());
        CryptoUtils cryptoUtils = this.cryptoUtils;
        byte[] sha3 = cryptoUtils.sha3(ArraysKt.plus(ecdhAgree, cryptoUtils.sha3(ArraysKt.plus(authAckMessage.getNonce(), this.initiatorNonce))));
        byte[] sha32 = this.cryptoUtils.sha3(ArraysKt.plus(ecdhAgree, sha3));
        byte[] sha33 = this.cryptoUtils.sha3(ArraysKt.plus(ecdhAgree, sha32));
        byte[] sha34 = this.cryptoUtils.sha3(sha3);
        KeccakDigest keccakDigest = new KeccakDigest(256);
        keccakDigest.update(ExtensionsKt.xor(sha33, authAckMessage.getNonce()), 0, sha33.length);
        byte[] bArr = this.authMessagePacket;
        keccakDigest.update(bArr, 0, bArr.length);
        KeccakDigest keccakDigest2 = new KeccakDigest(256);
        keccakDigest2.update(ExtensionsKt.xor(sha33, this.initiatorNonce), 0, sha33.length);
        keccakDigest2.update(authAckMessagePacket, 0, authAckMessagePacket.length);
        return new Secrets(sha32, sha33, sha34, keccakDigest, keccakDigest2);
    }

    private final byte[] eip8padding() {
        return this.randomHelper.randomBytes(new IntRange(200, 300));
    }

    private final byte[] encrypt(AuthMessage message) {
        return this.cryptoUtils.eciesEncrypt(this.remotePublicKeyPoint, ArraysKt.plus(message.encoded(), eip8padding())).encoded();
    }

    public final byte[] createAuthMessage() {
        byte[] encrypt = encrypt(new AuthMessage(this.cryptoUtils.ellipticSign(ExtensionsKt.xor(this.cryptoUtils.ecdhAgree(this.myKey, this.remotePublicKeyPoint), this.initiatorNonce), this.ephemeralKey.getPrivateKey()), this.myKey.getPublicKeyPoint(), this.initiatorNonce));
        this.authMessagePacket = encrypt;
        return encrypt;
    }

    public final Secrets handleAuthAckMessage(ECIESEncryptedMessage eciesEncryptedMessage) {
        Intrinsics.checkNotNullParameter(eciesEncryptedMessage, "eciesEncryptedMessage");
        try {
            return agreeSecret(new AuthAckMessage(this.cryptoUtils.eciesDecrypt(this.myKey.getPrivateKey(), eciesEncryptedMessage)), eciesEncryptedMessage.encoded());
        } catch (Exception unused) {
            throw new HandshakeError.InvalidAuthAckPayload();
        }
    }
}
