package com.amazon.whisperjoin.provisionerSDK.devices.security;

import com.amazon.whispercloak.SecureChannel;
import com.amazon.whispercloak.SecureChannelImpl;
import com.amazon.whisperjoin.common.sharedtypes.cryptography.AesGcmEncryptionProvider;
import com.amazon.whisperjoin.common.sharedtypes.cryptography.AuthenticatedEcdheKeyExchangeRequest;
import com.amazon.whisperjoin.common.sharedtypes.cryptography.EncryptionProvider;
import com.amazon.whisperjoin.common.sharedtypes.devices.PeripheralDeviceDetails;
import com.amazon.whisperjoin.common.sharedtypes.devices.interfaces.PeripheralDevice;
import com.amazon.whisperjoin.common.sharedtypes.exceptions.TrustProviderInitailizationFailedEception;
import com.amazon.whisperjoin.common.sharedtypes.utility.Serializer;
import com.amazon.whisperjoin.common.sharedtypes.utility.WJLog;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.DSSClient;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.data.FinalizeEcdheAuthenticationSessionRequest;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.data.FinalizeEcdheAuthenticationSessionResponse;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.data.StartEcdheAuthenticationSessionRequest;
import com.amazon.whisperjoin.devicesetupserviceandroidclient.data.StartEcdheAuthenticationSessionResponse;
import java.util.concurrent.ExecutionException;
import org.spongycastle.util.encoders.Base64;

/* loaded from: classes10.dex */
public class AuthenticatedEcdheTrustNegotiator implements TrustNegotiator {
    private static final String TAG = AuthenticatedEcdheTrustNegotiator.class.getSimpleName();
    private final DSSClient mDSSClient;
    private final Serializer mSerializer;

    public AuthenticatedEcdheTrustNegotiator(DSSClient dSSClient, Serializer serializer) {
        if (dSSClient == null) {
            throw new IllegalArgumentException("DSSClient can not be null");
        }
        if (serializer == null) {
            throw new IllegalArgumentException("Serializer can not be null");
        }
        this.mDSSClient = dSSClient;
        this.mSerializer = serializer;
    }

    private static byte[] convertPEMtoDER(String str) {
        String[] split = str.split("\n");
        return Base64.decode(split[1] + split[2]);
    }

    @Override // com.amazon.whisperjoin.provisionerSDK.devices.security.TrustNegotiator
    public EncryptionProvider start(PeripheralDevice peripheralDevice) throws TrustProviderInitailizationFailedEception {
        return start(peripheralDevice, new SecureChannelImpl());
    }

    EncryptionProvider start(PeripheralDevice peripheralDevice, SecureChannel secureChannel) throws TrustProviderInitailizationFailedEception {
        if (peripheralDevice == null) {
            throw new IllegalArgumentException("PeripheralDevice can not be null");
        }
        if (secureChannel == null) {
            throw new IllegalArgumentException("SecureChannel can not be null");
        }
        PeripheralDeviceDetails peripheralDeviceDetails = peripheralDevice.getPeripheralDeviceDetails();
        try {
            StartEcdheAuthenticationSessionResponse blockingGet = this.mDSSClient.startEcdheAuthenticationSession(new StartEcdheAuthenticationSessionRequest.Builder().setNonce(peripheralDeviceDetails.getClientNonce()).setProductIndex(peripheralDeviceDetails.getProductIndex()).setAuthMaterialIndex(peripheralDeviceDetails.getDeviceIdentity()).setSoftwareVersionIndex(peripheralDeviceDetails.getSoftwareVersion()).createRequest()).blockingGet();
            WJLog.d(TAG, "Handling response from DSS - Start Auth Session.");
            AuthenticatedEcdheKeyExchangeRequest authenticatedEcdheKeyExchangeRequest = new AuthenticatedEcdheKeyExchangeRequest(convertPEMtoDER(blockingGet.getProvisionerEcdhePublicKeyPemEncoded()), Base64.decode(blockingGet.getEcdsaSignatureBase64Encoded()));
            WJLog.d(TAG, "Exchanging Keys with Provisionable");
            byte[] executeCommand = peripheralDevice.executeCommand("EXCHANGE_AUTHENTICATED_ECDHE_KEY", this.mSerializer.serialize(authenticatedEcdheKeyExchangeRequest));
            WJLog.d(TAG, "Finalize Auth Session via DSS");
            FinalizeEcdheAuthenticationSessionResponse blockingGet2 = this.mDSSClient.finalizeEcdheAuthenticationSession(new FinalizeEcdheAuthenticationSessionRequest(blockingGet.getContinuationToken(), executeCommand)).blockingGet();
            WJLog.d(TAG, "Auth Session Finalized creating encryption provider with new shared secret.");
            return new AesGcmEncryptionProvider(secureChannel.getCipher(), blockingGet2.getSessionKeyDEREncoded(), this.mSerializer);
        } catch (InterruptedException e) {
            WJLog.e(TAG, "Interrupted Exception Occurred", e);
            throw new TrustProviderInitailizationFailedEception(e);
        } catch (RuntimeException e2) {
            WJLog.e(TAG, "RuntimeException Occurred", e2);
            if (e2.getCause() != null) {
                throw new TrustProviderInitailizationFailedEception(e2.getCause());
            }
            throw new TrustProviderInitailizationFailedEception(e2);
        } catch (ExecutionException e3) {
            WJLog.e(TAG, "Execution Exception Occurred", e3);
            throw new TrustProviderInitailizationFailedEception(e3);
        } catch (Exception e4) {
            WJLog.e(TAG, "An exception occurred", e4);
            throw new TrustProviderInitailizationFailedEception(e4);
        }
    }
}
