package org.bouncycastle.mls.codec;

import java.io.IOException;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.mls.GroupKeySet;
import org.bouncycastle.mls.KeyGeneration;
import org.bouncycastle.mls.KeyScheduleEpoch;
import org.bouncycastle.mls.TreeKEM.LeafIndex;
import org.bouncycastle.mls.codec.MLSInputStream;
import org.bouncycastle.mls.codec.MLSOutputStream;
import org.bouncycastle.mls.crypto.MlsCipherSuite;
import org.bouncycastle.util.Arrays;

/* loaded from: input_file:org/bouncycastle/mls/codec/PrivateMessage.class */
public class PrivateMessage implements MLSInputStream.Readable, MLSOutputStream.Writable {
    byte[] group_id;
    long epoch;
    ContentType content_type;
    byte[] authenticated_data;
    byte[] encrypted_sender_data;
    byte[] ciphertext;

    public PrivateMessage(byte[] bArr, long j, ContentType contentType, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        this.group_id = bArr;
        this.epoch = j;
        this.content_type = contentType;
        this.authenticated_data = bArr2;
        this.encrypted_sender_data = bArr3;
        this.ciphertext = bArr4;
    }

    PrivateMessage(MLSInputStream mLSInputStream) throws IOException {
        this.group_id = mLSInputStream.readOpaque();
        this.epoch = ((Long) mLSInputStream.read(Long.TYPE)).longValue();
        this.content_type = ContentType.values()[((Byte) mLSInputStream.read(Byte.TYPE)).byteValue()];
        this.authenticated_data = mLSInputStream.readOpaque();
        this.encrypted_sender_data = mLSInputStream.readOpaque();
        this.ciphertext = mLSInputStream.readOpaque();
    }

    public static PrivateMessage protect(AuthenticatedContent authenticatedContent, MlsCipherSuite mlsCipherSuite, GroupKeySet groupKeySet, byte[] bArr, int i) throws IOException, IllegalAccessException, InvalidCipherTextException {
        LeafIndex leafIndex = authenticatedContent.content.sender.sender;
        byte[] bArr2 = new byte[4];
        KeyGeneration keyGeneration = groupKeySet.get(authenticatedContent.content.contentType, leafIndex, bArr2);
        byte[] seal = mlsCipherSuite.getAEAD().seal(keyGeneration.key, keyGeneration.nonce, MLSOutputStream.encode(new PrivateContentAAD(authenticatedContent.content.group_id, authenticatedContent.content.epoch, authenticatedContent.content.contentType, authenticatedContent.content.authenticated_data)), serializeContentPt(authenticatedContent.content, authenticatedContent.auth, i));
        SenderData senderData = new SenderData(authenticatedContent.content.sender.sender, keyGeneration.generation, bArr2);
        SenderDataAAD senderDataAAD = new SenderDataAAD(authenticatedContent.content.group_id, authenticatedContent.content.epoch, authenticatedContent.content.contentType);
        KeyGeneration senderDataKeys = KeyScheduleEpoch.senderDataKeys(mlsCipherSuite, (byte[]) bArr.clone(), seal);
        return new PrivateMessage(authenticatedContent.content.group_id, authenticatedContent.content.epoch, authenticatedContent.content.contentType, authenticatedContent.content.authenticated_data, (byte[]) mlsCipherSuite.getAEAD().seal(senderDataKeys.key, senderDataKeys.nonce, MLSOutputStream.encode(senderDataAAD), MLSOutputStream.encode(senderData)).clone(), (byte[]) seal.clone());
    }

    public AuthenticatedContent unprotect(MlsCipherSuite mlsCipherSuite, GroupKeySet groupKeySet, byte[] bArr) throws Exception {
        KeyGeneration senderDataKeys = KeyScheduleEpoch.senderDataKeys(mlsCipherSuite, (byte[]) bArr.clone(), (byte[]) this.ciphertext.clone());
        SenderData senderData = (SenderData) MLSInputStream.decode(mlsCipherSuite.getAEAD().open(senderDataKeys.key, senderDataKeys.nonce, MLSOutputStream.encode(new SenderDataAAD(this.group_id, this.epoch, this.content_type)), this.encrypted_sender_data), SenderData.class);
        if (!groupKeySet.hasLeaf(senderData.sender)) {
            return null;
        }
        KeyGeneration keyGeneration = groupKeySet.get(this.content_type, senderData.sender, senderData.generation, senderData.reuseGuard);
        byte[] open = mlsCipherSuite.getAEAD().open(keyGeneration.key, keyGeneration.nonce, MLSOutputStream.encode(new PrivateContentAAD(this.group_id, this.epoch, this.content_type, this.authenticated_data)), this.ciphertext);
        groupKeySet.erase(this.content_type, senderData.sender, senderData.generation);
        FramedContent framedContent = new FramedContent(this.group_id, this.epoch, Sender.forMember(senderData.sender), this.authenticated_data, null, this.content_type, null, null);
        FramedContentAuthData framedContentAuthData = new FramedContentAuthData(this.content_type, null, null);
        deserializeContentPt(open, framedContent, framedContentAuthData);
        return new AuthenticatedContent(WireFormat.mls_private_message, framedContent, framedContentAuthData);
    }

    @Override // org.bouncycastle.mls.codec.MLSOutputStream.Writable
    public void writeTo(MLSOutputStream mLSOutputStream) throws IOException {
        mLSOutputStream.writeOpaque(this.group_id);
        mLSOutputStream.write(Long.valueOf(this.epoch));
        mLSOutputStream.write(this.content_type);
        mLSOutputStream.writeOpaque(this.authenticated_data);
        mLSOutputStream.writeOpaque(this.encrypted_sender_data);
        mLSOutputStream.writeOpaque(this.ciphertext);
    }

    private void deserializeContentPt(byte[] bArr, FramedContent framedContent, FramedContentAuthData framedContentAuthData) throws IOException {
        MLSInputStream mLSInputStream = new MLSInputStream(bArr);
        switch (this.content_type) {
            case APPLICATION:
                framedContent.application_data = mLSInputStream.readOpaque();
                break;
            case PROPOSAL:
                framedContent.proposal = (Proposal) mLSInputStream.read(Proposal.class);
                break;
            case COMMIT:
                framedContent.commit = (Commit) mLSInputStream.read(Commit.class);
                break;
        }
        framedContentAuthData.signature = mLSInputStream.readOpaque();
        switch (this.content_type) {
            case APPLICATION:
            case PROPOSAL:
            default:
                return;
            case COMMIT:
                framedContentAuthData.confirmation_tag = mLSInputStream.readOpaque();
                return;
        }
    }

    private static byte[] serializeContentPt(FramedContent framedContent, FramedContentAuthData framedContentAuthData, int i) throws IOException {
        MLSOutputStream mLSOutputStream = new MLSOutputStream();
        switch (framedContent.contentType) {
            case APPLICATION:
                mLSOutputStream.writeOpaque(framedContent.application_data);
                break;
            case PROPOSAL:
                mLSOutputStream.write(framedContent.proposal);
                break;
            case COMMIT:
                mLSOutputStream.write(framedContent.commit);
                break;
        }
        mLSOutputStream.writeOpaque(framedContentAuthData.signature);
        switch (framedContent.contentType) {
            case COMMIT:
                mLSOutputStream.writeOpaque(framedContentAuthData.confirmation_tag);
                break;
        }
        return Arrays.concatenate(mLSOutputStream.toByteArray(), new byte[i]);
    }
}
