package com.amazon.whispercloak.jpake.ec;

import com.amazon.identity.auth.device.api.MAPAccountManager;
import java.math.BigInteger;
import java.security.SecureRandom;
import java.util.Arrays;
import org.spongycastle.crypto.CryptoException;
import org.spongycastle.crypto.Digest;
import org.spongycastle.crypto.agreement.jpake.JPAKEUtil;
import org.spongycastle.crypto.digests.SHA256Digest;
import org.spongycastle.math.ec.ECPoint;
import org.spongycastle.util.BigIntegers;
import org.spongycastle.util.Strings;

/* loaded from: classes11.dex */
public class ECJPAKEParticipant {
    private ECPoint mB;
    private State mGenerateState;
    private final ECJPAKEPrimeOrderGroup mGroup;
    private ECPoint mGx1;
    private ECPoint mGx2;
    private ECPoint mGx3;
    private ECPoint mGx4;
    private final Digest mMessageDigest;
    private final String mParticipantId;
    private String mPartnerParticipantId;
    private char[] mPassword;
    private final SecureRandom mRandom;
    private State mValidateState;
    private BigInteger mX1;
    private BigInteger mX2;
    private BigInteger mX2s;
    private final ECJPAKEZeroKnowledgeProofFactory mZeroKnowledgeProofFactory;

    /* loaded from: classes11.dex */
    private enum State {
        INITIALIZED,
        ROUND_1_COMPLETE,
        ROUND_2_COMPLETE,
        KEY_CALCULATED,
        ROUND_3_COMPLETE
    }

    public ECJPAKEParticipant(String str, char[] cArr, ECJPAKEPrimeOrderGroup eCJPAKEPrimeOrderGroup) {
        this(str, cArr, eCJPAKEPrimeOrderGroup, new SHA256Digest(), new SecureRandom());
    }

    public ECJPAKEParticipant(String str, char[] cArr, ECJPAKEPrimeOrderGroup eCJPAKEPrimeOrderGroup, Digest digest, SecureRandom secureRandom) {
        JPAKEUtil.validateNotNull(str, "participantId");
        JPAKEUtil.validateNotNull(cArr, MAPAccountManager.KEY_AMAZON_ACCOUNT_PASSWORD);
        JPAKEUtil.validateNotNull(eCJPAKEPrimeOrderGroup, "group");
        JPAKEUtil.validateNotNull(digest, "messageDigest");
        JPAKEUtil.validateNotNull(secureRandom, "random");
        if (cArr.length == 0) {
            throw new IllegalArgumentException("Password must not be empty.");
        }
        this.mParticipantId = str;
        this.mPassword = Arrays.copyOf(cArr, cArr.length);
        this.mGroup = eCJPAKEPrimeOrderGroup;
        this.mMessageDigest = digest;
        this.mRandom = secureRandom;
        this.mZeroKnowledgeProofFactory = new ECJPAKEZeroKnowledgeProofFactory(eCJPAKEPrimeOrderGroup, secureRandom, digest);
        this.mGenerateState = State.INITIALIZED;
        this.mValidateState = State.INITIALIZED;
    }

    private BigInteger calculateDigest(BigInteger bigInteger) {
        byte[] asUnsignedByteArray = BigIntegers.asUnsignedByteArray(bigInteger);
        this.mMessageDigest.reset();
        this.mMessageDigest.update(asUnsignedByteArray, 0, asUnsignedByteArray.length);
        byte[] bArr = new byte[this.mMessageDigest.getDigestSize()];
        this.mMessageDigest.doFinal(bArr, 0);
        return BigIntegers.fromUnsignedByteArray(bArr);
    }

    private static void validateParticipantIdsDiffer(String str, String str2) throws CryptoException {
        if (str.equals(str2)) {
            throw new CryptoException("Both participants are using the same ID (" + str + ").");
        }
    }

    private static void validateParticipantIdsMatch(String str, String str2) throws CryptoException {
        if (str.equals(str2)) {
            return;
        }
        throw new CryptoException("Received payload from participant with ID (" + str2 + "); expected (" + str + ").");
    }

    public BigInteger calculateKeyingMaterial() {
        if (this.mGenerateState != State.ROUND_2_COMPLETE) {
            throw new IllegalStateException("Must follow round 2 payload creation for " + this.mParticipantId);
        }
        if (this.mValidateState != State.ROUND_2_COMPLETE) {
            throw new IllegalStateException("Must follow round 2 payload validation for " + this.mParticipantId);
        }
        BigInteger calculateDigest = calculateDigest(this.mB.subtract(this.mGx4.multiply(this.mX2s)).multiply(this.mX2).normalize().getXCoord().toBigInteger());
        Arrays.fill(this.mPassword, (char) 0);
        this.mPassword = null;
        this.mX1 = null;
        this.mX2 = null;
        this.mX2s = null;
        this.mB = null;
        this.mGenerateState = State.KEY_CALCULATED;
        return calculateDigest;
    }

    public ECJPAKERound1Payload createRound1PayloadToSend() {
        if (this.mGenerateState != State.INITIALIZED) {
            throw new IllegalStateException("Round 1 payload already created for " + this.mParticipantId);
        }
        this.mX1 = BigIntegers.createRandomInRange(BigInteger.ONE, this.mGroup.getN().subtract(BigInteger.ONE), this.mRandom);
        this.mX2 = BigIntegers.createRandomInRange(BigInteger.ONE, this.mGroup.getN().subtract(BigInteger.ONE), this.mRandom);
        this.mGx1 = this.mGroup.getG().multiply(this.mX1);
        this.mGx2 = this.mGroup.getG().multiply(this.mX2);
        ECJPAKEZeroKnowledgeProof generate = this.mZeroKnowledgeProofFactory.generate(this.mParticipantId, this.mGroup.getG(), this.mX1, this.mGx1);
        ECJPAKEZeroKnowledgeProof generate2 = this.mZeroKnowledgeProofFactory.generate(this.mParticipantId, this.mGroup.getG(), this.mX2, this.mGx2);
        this.mGenerateState = State.ROUND_1_COMPLETE;
        return new ECJPAKERound1Payload(this.mParticipantId, this.mGx1, this.mGx2, generate, generate2);
    }

    public ECJPAKERound2Payload createRound2PayloadToSend() {
        if (this.mGenerateState != State.ROUND_1_COMPLETE) {
            throw new IllegalStateException("Must follow round 1 payload creation for " + this.mParticipantId);
        }
        if (this.mValidateState != State.ROUND_1_COMPLETE && this.mValidateState != State.ROUND_2_COMPLETE) {
            throw new IllegalStateException("Must follow round 1 or round 2 payload validation for " + this.mParticipantId);
        }
        this.mX2s = this.mX2.multiply(new BigInteger(Strings.toUTF8ByteArray(this.mPassword))).mod(this.mGroup.getN());
        ECPoint add = this.mGx1.add(this.mGx3).add(this.mGx4);
        ECPoint multiply = add.multiply(this.mX2s);
        ECJPAKEZeroKnowledgeProof generate = this.mZeroKnowledgeProofFactory.generate(this.mParticipantId, add, this.mX2s, multiply);
        this.mGenerateState = State.ROUND_2_COMPLETE;
        return new ECJPAKERound2Payload(this.mParticipantId, multiply, generate);
    }

    public ECJPAKERound3Payload createRound3PayloadToSend(BigInteger bigInteger) {
        if (this.mGenerateState != State.KEY_CALCULATED) {
            throw new IllegalStateException("Must follow key material calculation for " + this.mParticipantId);
        }
        JPAKEUtil.validateNotNull(bigInteger, "keyingMaterial");
        BigInteger calculateMacTag = JPAKEUtil.calculateMacTag(this.mParticipantId, this.mPartnerParticipantId, new BigInteger(1, this.mGx1.getEncoded(false)), new BigInteger(1, this.mGx2.getEncoded(false)), new BigInteger(1, this.mGx3.getEncoded(false)), new BigInteger(1, this.mGx4.getEncoded(false)), bigInteger, this.mMessageDigest);
        if (this.mValidateState == State.ROUND_3_COMPLETE) {
            this.mGx1 = null;
            this.mGx2 = null;
            this.mGx3 = null;
            this.mGx4 = null;
        }
        this.mGenerateState = State.ROUND_3_COMPLETE;
        return new ECJPAKERound3Payload(this.mParticipantId, calculateMacTag);
    }

    public ECJPAKEPrimeOrderGroup getGroup() {
        return this.mGroup;
    }

    public void validateRound1PayloadReceived(ECJPAKERound1Payload eCJPAKERound1Payload) throws CryptoException {
        if (this.mValidateState != State.INITIALIZED) {
            throw new IllegalStateException("Validation already attempted for round 1 payload for " + this.mParticipantId);
        }
        JPAKEUtil.validateNotNull(eCJPAKERound1Payload, "round1PayloadReceived");
        validateParticipantIdsDiffer(this.mParticipantId, eCJPAKERound1Payload.getParticipantId());
        this.mPartnerParticipantId = eCJPAKERound1Payload.getParticipantId();
        this.mGx3 = eCJPAKERound1Payload.getGx1();
        this.mGx4 = eCJPAKERound1Payload.getGx2();
        this.mZeroKnowledgeProofFactory.validate(this.mPartnerParticipantId, this.mGroup.getG(), eCJPAKERound1Payload.getGx1(), eCJPAKERound1Payload.getKnowledgeProofForX1());
        this.mZeroKnowledgeProofFactory.validate(this.mPartnerParticipantId, this.mGroup.getG(), eCJPAKERound1Payload.getGx2(), eCJPAKERound1Payload.getKnowledgeProofForX2());
        this.mValidateState = State.ROUND_1_COMPLETE;
    }

    public void validateRound2PayloadReceived(ECJPAKERound2Payload eCJPAKERound2Payload) throws CryptoException {
        if (this.mGenerateState != State.ROUND_1_COMPLETE && this.mGenerateState != State.ROUND_2_COMPLETE) {
            throw new IllegalStateException("Must follow round 1 or round 2 payload creation for " + this.mParticipantId);
        }
        if (this.mValidateState != State.ROUND_1_COMPLETE) {
            throw new IllegalStateException("Must follow round 1 payload validation for " + this.mParticipantId);
        }
        JPAKEUtil.validateNotNull(eCJPAKERound2Payload, "round2PayloadReceived");
        validateParticipantIdsDiffer(this.mParticipantId, eCJPAKERound2Payload.getParticipantId());
        validateParticipantIdsMatch(this.mPartnerParticipantId, eCJPAKERound2Payload.getParticipantId());
        this.mZeroKnowledgeProofFactory.validate(this.mPartnerParticipantId, this.mGx1.add(this.mGx2).add(this.mGx3), eCJPAKERound2Payload.getA(), eCJPAKERound2Payload.getKnowledgeProofForX2s());
        this.mB = eCJPAKERound2Payload.getA();
        this.mValidateState = State.ROUND_2_COMPLETE;
    }

    public void validateRound3PayloadReceived(ECJPAKERound3Payload eCJPAKERound3Payload, BigInteger bigInteger) throws CryptoException {
        if (this.mGenerateState != State.KEY_CALCULATED && this.mGenerateState != State.ROUND_3_COMPLETE) {
            throw new IllegalStateException("Must follow key material calculation for " + this.mParticipantId);
        }
        if (this.mValidateState != State.ROUND_2_COMPLETE) {
            throw new IllegalStateException("Must follow round 2 payload validation for " + this.mParticipantId);
        }
        JPAKEUtil.validateNotNull(eCJPAKERound3Payload, "round3PayloadReceived");
        JPAKEUtil.validateNotNull(bigInteger, "keyingMaterial");
        validateParticipantIdsDiffer(this.mParticipantId, eCJPAKERound3Payload.getParticipantId());
        validateParticipantIdsMatch(this.mPartnerParticipantId, eCJPAKERound3Payload.getParticipantId());
        JPAKEUtil.validateMacTag(this.mParticipantId, this.mPartnerParticipantId, new BigInteger(1, this.mGx1.getEncoded(false)), new BigInteger(1, this.mGx2.getEncoded(false)), new BigInteger(1, this.mGx3.getEncoded(false)), new BigInteger(1, this.mGx4.getEncoded(false)), bigInteger, this.mMessageDigest, eCJPAKERound3Payload.getMacTag());
        if (this.mGenerateState == State.ROUND_3_COMPLETE) {
            this.mGx1 = null;
            this.mGx2 = null;
            this.mGx3 = null;
            this.mGx4 = null;
        }
        this.mValidateState = State.ROUND_3_COMPLETE;
    }
}
