package com.tencent.wnsnetsdk.security;

import com.tencent.thumbplayer.tmediacodec.codec.CodecError;
import com.tencent.wnsnetsdk.data.g;

/* loaded from: classes2.dex */
public class SecurityBuilder implements c {
    private static volatile boolean b = false;
    private static volatile boolean c = false;
    d a;
    private long d;
    private volatile SecurityState e = SecurityState.STATE_INIT;
    private g f = null;
    private byte[] g = null;
    private boolean h;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.tencent.wnsnetsdk.security.SecurityBuilder$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[SecurityState.values().length];
            a = iArr;
            try {
                iArr[SecurityState.STATE_0RTT_Handshake.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[SecurityState.STATE_1RTT_Handshake.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public enum SecurityState {
        STATE_INIT,
        STATE_0RTT_Handshake,
        STATE_0RTT_Handshake_Wait,
        STATE_0RTT_Data,
        STATE_1RTT_Handshake,
        STATE_1RTT_Handshake_Wait,
        STATE_1RTT_Data,
        STATE_End
    }

    public SecurityBuilder(byte[] bArr, d dVar, boolean z) {
        this.d = 0L;
        this.a = null;
        this.h = false;
        boolean z2 = b;
        if (!b && (z2 = b())) {
            boolean a = com.tencent.wnsnetsdk.b.c.a();
            com.tencent.wnsnetsdk.b.a.a();
            com.tencent.wnsnetsdk.f.b.b("SecurityBuilder", "load securityInfoFromDB:" + a);
        }
        if (!z2) {
            a(SecurityState.STATE_End);
            return;
        }
        this.h = z;
        if (z && c) {
            com.tencent.wnsnetsdk.f.b.b("SecurityBuilder", "debug env has hit error, just use normal certificates");
            this.h = false;
        }
        this.d = nativeCreateSecurityHandle(0, com.tencent.wnsnetsdk.b.a.a(0, this.h), bArr);
        this.a = dVar;
        com.tencent.wnsnetsdk.f.b.b("SecurityBuilder", "init nativeRef:" + this.d);
        c();
    }

    private com.tencent.wnsnetsdk.security.a.b a(com.tencent.wnsnetsdk.security.a.b bVar, boolean z) {
        bVar.b(z);
        com.tencent.wnsnetsdk.security.a.b nativeEncrypt = nativeEncrypt(this.d, bVar);
        if (f.b(nativeEncrypt)) {
            nativeEncrypt.h = e.a(nativeEncrypt.d.length, nativeEncrypt.d(), nativeEncrypt.e());
            return nativeEncrypt;
        }
        a(SecurityState.STATE_End);
        return f.a(702);
    }

    private void a(SecurityState securityState) {
        com.tencent.wnsnetsdk.f.b.b("SecurityBuilder", "securityState: old:" + this.e + " -->" + securityState);
        d dVar = this.a;
        if (dVar != null) {
            dVar.a(this.e, securityState);
        }
        a(this.e, securityState);
        this.e = securityState;
    }

    private void a(SecurityState securityState, SecurityState securityState2) {
        if (!((securityState != SecurityState.STATE_0RTT_Handshake_Wait || securityState2 == SecurityState.STATE_0RTT_Data) ? securityState == SecurityState.STATE_0RTT_Handshake && securityState2 != SecurityState.STATE_0RTT_Handshake_Wait : true) || this.f == null) {
            return;
        }
        com.tencent.wnsnetsdk.f.b.b("SecurityBuilder", "clear current psk as 0RTT state not invalid, clear:" + this.f);
        com.tencent.wnsnetsdk.b.c.a(this.f);
    }

    private com.tencent.wnsnetsdk.security.a.b b(com.tencent.wnsnetsdk.security.a.b bVar) {
        int i = AnonymousClass1.a[this.e.ordinal()];
        if (i == 1) {
            if (d()) {
                return c(bVar);
            }
            a(SecurityState.STATE_1RTT_Handshake);
            return d(bVar);
        }
        if (i == 2) {
            return d(bVar);
        }
        com.tencent.wnsnetsdk.f.b.e("SecurityBuilder", "invalid state[" + this.e + "] when hit consultCmd");
        return f.a(701);
    }

    public static synchronized boolean b() {
        synchronized (SecurityBuilder.class) {
            if (b) {
                return b;
            }
            try {
                System.loadLibrary("wnscrypt");
                b = true;
            } catch (UnsatisfiedLinkError e) {
                com.tencent.wnsnetsdk.f.b.b("SecurityBuilder", "System.loadLibrary UnsatisfiedLinkError failed", e);
                b = false;
            } catch (Throwable th) {
                com.tencent.wnsnetsdk.f.b.b("SecurityBuilder", "System.loadLibrary failed, throw", th);
                b = false;
            }
            return b;
        }
    }

    private com.tencent.wnsnetsdk.security.a.b c(com.tencent.wnsnetsdk.security.a.b bVar) {
        g gVar = this.f;
        if (!f.a(gVar)) {
            a(SecurityState.STATE_End);
            return f.a(708);
        }
        bVar.f = true;
        com.tencent.wnsnetsdk.security.a.b nativeEncrypt = nativeEncrypt(this.d, bVar);
        if (!f.b(nativeEncrypt)) {
            a(SecurityState.STATE_End);
            return f.a(702);
        }
        nativeEncrypt.h = e.a(null, 0, 0, null, gVar.g(), nativeEncrypt.e(), this.h);
        a(SecurityState.STATE_0RTT_Handshake_Wait);
        return nativeEncrypt;
    }

    private void c() {
        g b2 = com.tencent.wnsnetsdk.b.c.b();
        if (!f.a(b2)) {
            a(SecurityState.STATE_1RTT_Handshake);
        } else {
            this.f = b2;
            a(SecurityState.STATE_0RTT_Handshake);
        }
    }

    private com.tencent.wnsnetsdk.security.a.b d(com.tencent.wnsnetsdk.security.a.b bVar) {
        com.tencent.wnsnetsdk.security.a.a nativeGeneratePubKey = nativeGeneratePubKey(this.d);
        if (nativeGeneratePubKey == null) {
            com.tencent.wnsnetsdk.f.b.e("SecurityBuilder", "process1RTTHandshake#nativeGeneratePubKey handshakeNativeData == null");
            a(SecurityState.STATE_End);
            return f.a(705);
        }
        if (nativeGeneratePubKey.a == 0 && nativeGeneratePubKey.e != null && nativeGeneratePubKey.d != null) {
            this.g = nativeGeneratePubKey.e;
            bVar.a(e.a(nativeGeneratePubKey.e, nativeGeneratePubKey.b, nativeGeneratePubKey.c, nativeGeneratePubKey.d, null, null, this.h));
            a(SecurityState.STATE_1RTT_Handshake_Wait);
            return bVar;
        }
        com.tencent.wnsnetsdk.f.b.e("SecurityBuilder", "process1RTTHandshake#nativeGeneratePubKey retCode = " + nativeGeneratePubKey.a);
        a(SecurityState.STATE_End);
        return f.a(705);
    }

    private boolean d() {
        byte[] e = e();
        if (e == null) {
            return false;
        }
        g gVar = this.f;
        int nativeSetPSK = nativeSetPSK(this.d, e, gVar.a(), gVar.b());
        if (nativeSetPSK == 0) {
            return true;
        }
        com.tencent.wnsnetsdk.f.b.e("SecurityBuilder", "fail to set psk to native as ret:" + nativeSetPSK);
        return false;
    }

    private byte[] e() {
        g gVar = this.f;
        if (f.a(gVar) && !gVar.c()) {
            com.tencent.wnsnetsdk.security.a.b bVar = new com.tencent.wnsnetsdk.security.a.b();
            bVar.e = CodecError.CONFIG_ILLEGAL;
            bVar.b = (int) gVar.h();
            bVar.f = true;
            bVar.d = gVar.e();
            bVar.c = gVar.f();
            com.tencent.wnsnetsdk.security.a.b nativeDecrypt = nativeDecrypt(this.d, bVar);
            if (nativeDecrypt == null) {
                com.tencent.wnsnetsdk.f.b.e("SecurityBuilder", "fail to decode psk when decryptData == null");
                return null;
            }
            if (nativeDecrypt.a == 0 && nativeDecrypt.d != null) {
                return nativeDecrypt.d;
            }
            com.tencent.wnsnetsdk.f.b.e("SecurityBuilder", "fail to decode psk when ret:" + nativeDecrypt.a);
        }
        return null;
    }

    @Override // com.tencent.wnsnetsdk.security.c
    public com.tencent.wnsnetsdk.security.a.b a(com.tencent.wnsnetsdk.security.a.b bVar) {
        if (!b) {
            com.tencent.wnsnetsdk.f.b.e("SecurityBuilder", "fail to call encrypt while not load so");
            return f.a(709);
        }
        if (!f.a(bVar)) {
            com.tencent.wnsnetsdk.f.b.e("SecurityBuilder", "fail to call encrypt while data == null");
            return f.a(710);
        }
        if (bVar.g) {
            return b(bVar);
        }
        if (this.e != SecurityState.STATE_0RTT_Handshake_Wait && this.e != SecurityState.STATE_0RTT_Data) {
            if (this.e == SecurityState.STATE_1RTT_Data) {
                return a(bVar, false);
            }
            com.tencent.wnsnetsdk.f.b.e("SecurityBuilder", "fail to call encrypt while in invalid state:" + this.e);
            return f.a(701);
        }
        return a(bVar, true);
    }

    @Override // com.tencent.wnsnetsdk.security.c
    public boolean a() {
        return this.e == SecurityState.STATE_0RTT_Handshake_Wait || this.e == SecurityState.STATE_0RTT_Data;
    }

    protected void finalize() {
        try {
            com.tencent.wnsnetsdk.f.b.b("SecurityBuilder", "finalize, nativeRef:" + this.d);
            if (this.d != 0) {
                nativeClose(this.d);
            }
        } catch (Throwable unused) {
        }
    }

    public native int nativeClose(long j);

    public native long nativeCreateSecurityHandle(int i, byte[] bArr, byte[] bArr2);

    public native com.tencent.wnsnetsdk.security.a.b nativeDecrypt(long j, com.tencent.wnsnetsdk.security.a.b bVar);

    public native com.tencent.wnsnetsdk.security.a.b nativeEncrypt(long j, com.tencent.wnsnetsdk.security.a.b bVar);

    public native com.tencent.wnsnetsdk.security.a.a nativeGeneratePubKey(long j);

    public native byte[] nativeGetPSK(long j);

    public native int nativeOnRecvServerPubKey(long j, com.tencent.wnsnetsdk.security.a.a aVar);

    public native int nativeSetPSK(long j, byte[] bArr, byte[] bArr2, byte[] bArr3);

    public native byte[] nativeSignData(long j, byte[] bArr, byte[] bArr2);

    public native int nativeUpdateVerifyKey(long j, byte[] bArr);

    public native int nativeVerifyData(long j, byte[] bArr, byte[] bArr2);
}
