package com.alibaba.encdb.ra2;

import com.alibaba.encdb.EncdbSDK;
import com.alibaba.encdb.common.Utils;
import com.alibaba.encdb.ra2.constants.RaConstants;
import com.alibaba.encdb.ra2.exception.RaException;
import com.alibaba.encdb.ra2.result.DcapRemoteAttestationResultEnum;
import com.alibaba.encdb.ra2.sps.SpsClient;
import com.alibaba.encdb.ra2.sps.SpsRemoteServerClient;
import com.alibaba.encdb.sdZ.st;
import com.aliyun.encdb.mysql.jdbc.external.com.google.protobuf.ByteString;
import io.grpc.sdZ.sdZ.sh;
import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.util.ArrayList;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/alibaba/encdb/ra2/DcapRemoteAttestation.class */
public class DcapRemoteAttestation {
    private static Logger logger = LoggerFactory.getLogger(DcapRemoteAttestation.class);
    private int spsPort;
    private DcapRemoteAttestationResultEnum raStatus;
    private String spsAddr = null;
    private String pccsAddr = null;
    private EncdbSDK crypto = null;
    private SpsClient spsclient = null;
    private String requestId = "1";
    private String raChallenge = "dcapRemoteAttestation";

    public String getSpsAddr() {
        return this.spsAddr;
    }

    public void setSpsAddr(String str) {
        this.spsAddr = str;
    }

    public int getSpsPort() {
        return this.spsPort;
    }

    public void setSpsPort(int i) {
        this.spsPort = i;
    }

    public String getPccsAddr() {
        return this.pccsAddr;
    }

    public void setPccsAddr(String str) {
        this.pccsAddr = str;
    }

    public EncdbSDK getCrypto() {
        return this.crypto;
    }

    public void setCrypto(EncdbSDK encdbSDK) {
        this.crypto = encdbSDK;
    }

    public String getRequestId() {
        return this.requestId;
    }

    public void setRequestId(String str) {
        this.requestId = str;
    }

    public String getRaChallenge() {
        return this.raChallenge;
    }

    public void setRaChallenge(String str) {
        this.raChallenge = str;
    }

    public static DcapRemoteAttestation newInstance() {
        return new DcapRemoteAttestation();
    }

    private DcapRemoteAttestation() {
    }

    private boolean doRemoteAttestation(byte[] bArr) throws Exception {
        this.raStatus = DcapRemoteAttestationResultEnum.DCAP_RA_FAILED;
        st enclavePublicKey = this.crypto.getKeyManager().getEnclavePublicKey(this.requestId, this.raChallenge);
        new st();
        st s = enclavePublicKey.s(RaConstants.Platform_Public_Key);
        String st = enclavePublicKey.st(RaConstants.Public_Key_Ra_Type);
        byte[] base64ToBytes = Utils.base64ToBytes(enclavePublicKey.st(RaConstants.Quote_Base64));
        s.st(RaConstants.Encrypt_Public_Key_Pem);
        if (!st.equals(RaConstants.PublicKey_Ra_Type_Default_Value)) {
            throw new RaException("raType is not SGX-DCAP");
        }
        SpsRemoteServerClient spsRemoteServerClient = new SpsRemoteServerClient(this.spsAddr, this.spsPort);
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(ByteString.copyFrom(base64ToBytes));
            sh doQuoteVerification = spsRemoteServerClient.doQuoteVerification(arrayList);
            spsRemoteServerClient.shutdown();
            if (doQuoteVerification == null) {
                throw new RaException("doQuoteVerification error");
            }
            if (doQuoteVerification.mo4046s() != 0) {
                throw new RaException("Error in quote verification:" + doQuoteVerification.mo4039sh().toString());
            }
            this.raStatus = DcapRemoteAttestationResultEnum.DCAP_RA_SUCCESS;
            if (bArr == null || this.crypto.getKeyManager().importMasterEncryptionKey(bArr, false)) {
                return true;
            }
            throw new RaException("Error in MEK_PROVISION");
        } catch (Throwable th) {
            spsRemoteServerClient.shutdown();
            throw th;
        }
    }

    public boolean doRemoteAttestationWithMek(byte[] bArr) throws Exception {
        if (bArr == null) {
            throw new RaException("Mek is null");
        }
        return doRemoteAttestation(bArr);
    }

    public boolean doRemoteAttestationWithoutMek() throws Exception {
        return doRemoteAttestation(null);
    }

    private void doRemoteAttestationForTest(String str) throws Exception {
        this.raStatus = DcapRemoteAttestationResultEnum.DCAP_RA_FAILED;
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(new File(str)));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[2048];
        while (true) {
            int read = bufferedInputStream.read(bArr);
            if (read == -1) {
                break;
            } else {
                byteArrayOutputStream.write(bArr, 0, read);
            }
        }
        byteArrayOutputStream.flush();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        SpsRemoteServerClient spsRemoteServerClient = new SpsRemoteServerClient(this.spsAddr, this.spsPort);
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(ByteString.copyFrom(byteArray));
            sh doQuoteVerification = spsRemoteServerClient.doQuoteVerification(arrayList);
            spsRemoteServerClient.shutdown();
            if (doQuoteVerification.mo4046s() == 0) {
                logger.debug("qv success");
            } else {
                logger.debug("qv fail");
            }
        } catch (Throwable th) {
            spsRemoteServerClient.shutdown();
            throw th;
        }
    }

    public void doRemoteAttestationWithoutMekForTest(String str) throws Exception {
        doRemoteAttestationForTest(str);
    }

    public boolean doRemoteAttestationForTestA() throws Exception {
        this.raStatus = DcapRemoteAttestationResultEnum.DCAP_RA_FAILED;
        st enclavePublicKey = this.crypto.getKeyManager().getEnclavePublicKey(this.requestId, this.raChallenge);
        new st();
        st s = enclavePublicKey.s(RaConstants.Platform_Public_Key);
        String st = enclavePublicKey.st(RaConstants.Public_Key_Ra_Type);
        byte[] base64ToBytes = Utils.base64ToBytes(enclavePublicKey.st(RaConstants.Quote_Base64));
        logger.debug("待校验的 Base64 quote for RA:");
        logger.debug("-----------------------");
        logger.debug(Utils.bytesTobase64(base64ToBytes));
        logger.debug("-----------------------");
        s.st(RaConstants.Encrypt_Public_Key_Pem);
        if (!st.equals(RaConstants.PublicKey_Ra_Type_Default_Value)) {
            throw new RaException("raType is not SGX-DCAP");
        }
        SpsRemoteServerClient spsRemoteServerClient = new SpsRemoteServerClient(this.spsAddr, this.spsPort);
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(ByteString.copyFrom(base64ToBytes));
            sh doQuoteVerification = spsRemoteServerClient.doQuoteVerification(arrayList);
            spsRemoteServerClient.shutdown();
            if (doQuoteVerification == null) {
                throw new RaException("doQuoteVerification error");
            }
            if (doQuoteVerification.mo4046s() != 0) {
                throw new RaException("Error in quote verification:" + doQuoteVerification.mo4039sh().toString());
            }
            this.raStatus = DcapRemoteAttestationResultEnum.DCAP_RA_SUCCESS;
            return true;
        } catch (Throwable th) {
            spsRemoteServerClient.shutdown();
            throw th;
        }
    }

    public boolean doRemoteAttestationForTestB(String str) throws Exception {
        this.raStatus = DcapRemoteAttestationResultEnum.DCAP_RA_FAILED;
        logger.debug("待校验的 Base64 quote for RA:");
        logger.debug("-----------------------");
        logger.debug(str);
        logger.debug("-----------------------");
        SpsRemoteServerClient spsRemoteServerClient = new SpsRemoteServerClient(this.spsAddr, this.spsPort);
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(ByteString.copyFrom(Utils.base64ToBytes(str)));
            sh doQuoteVerification = spsRemoteServerClient.doQuoteVerification(arrayList);
            spsRemoteServerClient.shutdown();
            if (doQuoteVerification == null) {
                throw new RaException("doQuoteVerification error");
            }
            if (doQuoteVerification.mo4046s() != 0) {
                throw new RaException("Error in quote verification:" + doQuoteVerification.mo4039sh().toString());
            }
            this.raStatus = DcapRemoteAttestationResultEnum.DCAP_RA_SUCCESS;
            return true;
        } catch (Throwable th) {
            spsRemoteServerClient.shutdown();
            throw th;
        }
    }
}
