package com.amazon.accesspoint.security.statemachine.states;

import com.amazon.accesspoint.security.commons.databinder.NetworkContext;
import com.amazon.accesspoint.security.commons.utils.AuthenticationUtils;
import com.amazon.accesspoint.security.commons.utils.LoggerUtil;
import com.amazon.accesspoint.security.cryptography.SymmetricCryptographyUtils;
import com.amazon.accesspoint.security.exception.AuthenticationCoreException;
import com.amazon.accesspoint.security.exception.IOTDeviceException;
import com.amazon.accesspoint.security.message.SecurityMessageType;
import com.amazon.accesspoint.security.message.model.UserMessage;
import com.amazon.accesspoint.security.message.security.model.ChallengeRequestForMobile;
import com.amazon.accesspoint.security.message.security.model.ChallengeResponseFromMobile;
import com.amazon.accesspoint.security.message.security.model.SecurityMessage;
import com.amazon.accesspoint.security.network.exception.NetworkSendException;
import com.amazon.accesspoint.security.serializers.exception.SecuritySerializationException;
import com.amazon.accesspoint.security.status.NetworkConnectionStatus;
import com.amazon.rabbit.android.log.crash.CrashDetailKeys;
import com.google.common.util.concurrent.FutureCallback;
import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.SettableFuture;
import io.reactivex.subjects.PublishSubject;
import java.security.GeneralSecurityException;
import javax.crypto.SecretKey;
import lombok.Generated;
import lombok.NonNull;

/* loaded from: classes.dex */
public class Authenticated extends AbstractDataHandler {
    private static LoggerUtil log = LoggerUtil.getInstance();
    private final NetworkContext networkContext;
    private final PublishSubject<SecurityMessageType> securityMessageTypePublishSubject;
    private final PublishSubject<UserMessage> userMessagePublishSubject;

    @Generated
    /* loaded from: classes.dex */
    public static class AuthenticatedBuilder {

        @Generated
        private NetworkContext networkContext;

        @Generated
        private PublishSubject<SecurityMessageType> securityMessageTypePublishSubject;

        @Generated
        private PublishSubject<UserMessage> userMessagePublishSubject;

        @Generated
        AuthenticatedBuilder() {
        }

        @Generated
        public Authenticated build() {
            return new Authenticated(this.networkContext, this.userMessagePublishSubject, this.securityMessageTypePublishSubject);
        }

        @Generated
        public AuthenticatedBuilder networkContext(@NonNull NetworkContext networkContext) {
            if (networkContext == null) {
                throw new NullPointerException("networkContext is marked non-null but is null");
            }
            this.networkContext = networkContext;
            return this;
        }

        @Generated
        public AuthenticatedBuilder securityMessageTypePublishSubject(@NonNull PublishSubject<SecurityMessageType> publishSubject) {
            if (publishSubject == null) {
                throw new NullPointerException("securityMessageTypePublishSubject is marked non-null but is null");
            }
            this.securityMessageTypePublishSubject = publishSubject;
            return this;
        }

        @Generated
        public String toString() {
            return "Authenticated.AuthenticatedBuilder(networkContext=" + this.networkContext + ", userMessagePublishSubject=" + this.userMessagePublishSubject + ", securityMessageTypePublishSubject=" + this.securityMessageTypePublishSubject + CrashDetailKeys.CLOSED_PARENTHESIS;
        }

        @Generated
        public AuthenticatedBuilder userMessagePublishSubject(@NonNull PublishSubject<UserMessage> publishSubject) {
            if (publishSubject == null) {
                throw new NullPointerException("userMessagePublishSubject is marked non-null but is null");
            }
            this.userMessagePublishSubject = publishSubject;
            return this;
        }
    }

    public Authenticated(@NonNull NetworkContext networkContext, @NonNull PublishSubject<UserMessage> publishSubject, @NonNull PublishSubject<SecurityMessageType> publishSubject2) {
        super(networkContext);
        if (networkContext == null) {
            throw new NullPointerException("networkContext is marked non-null but is null");
        }
        if (publishSubject == null) {
            throw new NullPointerException("userMessagePublishSubject is marked non-null but is null");
        }
        if (publishSubject2 == null) {
            throw new NullPointerException("securityMessageTypePublishSubject is marked non-null but is null");
        }
        this.networkContext = networkContext;
        this.userMessagePublishSubject = publishSubject;
        this.securityMessageTypePublishSubject = publishSubject2;
    }

    @Generated
    public static AuthenticatedBuilder builder() {
        return new AuthenticatedBuilder();
    }

    private byte[] createMessage(@NonNull byte[] bArr) throws SecuritySerializationException {
        if (bArr != null) {
            return AuthenticationUtils.createSecurityMessage(bArr, 1, this.networkContext.getSecuritySerializer());
        }
        throw new NullPointerException("responseFromMobile is marked non-null but is null");
    }

    private byte[] createMessageChallengeResponse(@NonNull ChallengeRequestForMobile challengeRequestForMobile) throws GeneralSecurityException, SecuritySerializationException {
        if (challengeRequestForMobile == null) {
            throw new NullPointerException("requestForMobile is marked non-null but is null");
        }
        return this.networkContext.getSecuritySerializer().serialize(ChallengeResponseFromMobile.builder().nonceEncryptedWithSSK(SymmetricCryptographyUtils.encrypt(challengeRequestForMobile.getRandomNonce(), this.networkContext.getSessionCredentialsWrapper().getSecondarySessionKey())).securityMessageType(SecurityMessageType.CHALLENGE_RESPONSE_FROM_MOBILE).version(1).build());
    }

    private UserMessage decryptUserMessage(@NonNull UserMessage userMessage) throws GeneralSecurityException {
        if (userMessage == null) {
            throw new NullPointerException("encryptedUserMessage is marked non-null but is null");
        }
        SecretKey secondarySessionKey = this.networkContext.getSessionCredentialsWrapper().getSecondarySessionKey();
        byte[] decrypt = SymmetricCryptographyUtils.decrypt(userMessage.getUserHeader(), secondarySessionKey);
        byte[] cloudPayload = userMessage.getCloudPayload();
        byte[] localPayload = userMessage.getLocalPayload();
        if (localPayload != null) {
            localPayload = SymmetricCryptographyUtils.decrypt(userMessage.getLocalPayload(), secondarySessionKey);
        }
        return new UserMessage(decrypt, cloudPayload, localPayload);
    }

    private FutureCallback<Void> getNetworkSendCallBack(final SettableFuture<Void> settableFuture) {
        return new FutureCallback<Void>() { // from class: com.amazon.accesspoint.security.statemachine.states.Authenticated.1
            @Override // com.google.common.util.concurrent.FutureCallback
            public void onFailure(Throwable th) {
                settableFuture.setException(new IOTDeviceException("Unable to send Message", th));
            }

            @Override // com.google.common.util.concurrent.FutureCallback
            public void onSuccess(Void r2) {
                Authenticated.this.securityMessageTypePublishSubject.onNext(SecurityMessageType.CHALLENGE_RESPONSE_FROM_MOBILE);
                settableFuture.set(null);
            }
        };
    }

    @Override // com.amazon.accesspoint.security.statemachine.states.AbstractDataHandler
    protected ListenableFuture<Void> handleSecurityMessage(SecurityMessage securityMessage) throws IOTDeviceException, AuthenticationCoreException {
        AuthenticationUtils.validateSecurityMessageType(SecurityMessageType.CHALLENGE_REQUEST_FOR_MOBILE, securityMessage.getSecurityMessageType());
        try {
            byte[] createMessage = createMessage(createMessageChallengeResponse((ChallengeRequestForMobile) securityMessage));
            log.info("Sending Challenge Response to device " + AuthenticationUtils.getHex(createMessage));
            SettableFuture<Void> create = SettableFuture.create();
            Futures.addCallback(this.networkContext.getNetworkConnection().send(createMessage), getNetworkSendCallBack(create));
            return create;
        } catch (NetworkSendException e) {
            throw new IOTDeviceException("Unable to send message", e);
        } catch (SecuritySerializationException e2) {
            throw new AuthenticationCoreException("Unable to Create Message for Device", e2);
        } catch (GeneralSecurityException e3) {
            throw new AuthenticationCoreException("Unable to Encrypt Challenge Message", e3);
        }
    }

    @Override // com.amazon.accesspoint.security.statemachine.states.AbstractDataHandler
    protected ListenableFuture<Void> handleUserMessage(UserMessage userMessage) throws AuthenticationCoreException {
        try {
            UserMessage decryptUserMessage = decryptUserMessage(userMessage);
            log.debug("Decrypted Local Payload is " + AuthenticationUtils.getHex(decryptUserMessage.getLocalPayload()));
            this.userMessagePublishSubject.onNext(decryptUserMessage);
            return null;
        } catch (GeneralSecurityException e) {
            throw new AuthenticationCoreException("Unable to decrypt User Message", e);
        }
    }

    @Override // com.amazon.accesspoint.security.statemachine.states.State
    public ListenableFuture<Void> networkStateChange(@NonNull NetworkConnectionStatus networkConnectionStatus) throws IOTDeviceException {
        if (networkConnectionStatus == null) {
            throw new NullPointerException("status is marked non-null but is null");
        }
        if (networkConnectionStatus != NetworkConnectionStatus.TERMINATED) {
            return null;
        }
        throw new IOTDeviceException("Device automatically disconnected", networkConnectionStatus.getReason());
    }
}
