package com.isprint.fido.uaf.safetrust.crypto;

import android.hardware.fingerprint.FingerprintManager;
import com.dynatrace.android.agent.AdkSettings;
import com.isprint.fido.uaf.core.util.RandomUtils;
import com.isprint.fido.uaf.rpclient.bo.OpObject;
import com.isprint.fido.uaf.rpclient.error.FidoException;
import com.isprint.fido.uaf.rpclient.ui.LocalSharedPreference;
import com.isprint.fido.uaf.rpclient.utils.KHAccessToken;
import com.isprint.fido.uaf.rpclient.utils.RawKeyHandle;
import com.isprint.fido.uaf.safetrust.Asn1Object;
import com.isprint.fido.uaf.utils.codec.binary.Base64;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.interfaces.ECPrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.DLSequence;
import org.spongycastle.asn1.sec.SECNamedCurves;
import org.spongycastle.asn1.x9.X9ECParameters;
import org.spongycastle.crypto.CipherParameters;
import org.spongycastle.crypto.params.ECDomainParameters;
import org.spongycastle.crypto.params.ECKeyParameters;
import org.spongycastle.crypto.params.ECPrivateKeyParameters;
import org.spongycastle.crypto.params.ECPublicKeyParameters;
import org.spongycastle.crypto.signers.ECDSASigner;
import org.spongycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes2.dex */
public class NamedCurve {
    private static final Provider BC;
    public static final String PRIKEY_TAG_PREFIX = "ecdsa_pri.";
    public static final String PUBKEY_TAG_PREFIX = "ecdsa_pub.";
    public String priKeyTag;
    public String pubKeyTag;
    private byte[] pubkey_RAW;

    static {
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        BC = bouncyCastleProvider;
        Security.addProvider(bouncyCastleProvider);
    }

    public NamedCurve() {
        long currentTimeMillis = System.currentTimeMillis();
        this.pubKeyTag = "ecdsa_pub." + currentTimeMillis;
        this.priKeyTag = "ecdsa_pri." + currentTimeMillis;
    }

    public static byte[] asUnsignedByteArray(BigInteger bigInteger) {
        byte[] byteArray = bigInteger.toByteArray();
        if (byteArray[0] == 0) {
            int length = byteArray.length - 1;
            System.arraycopy(byteArray, 1, new byte[length], 0, length);
        }
        return byteArray;
    }

    public static boolean checkHKAccessToken(OpObject opObject) throws Exception {
        LocalSharedPreference localSharedPreference = opObject.getmLocalSharedPreference();
        return new RawKeyHandle().unwrapKeyHandler(opObject.context, localSharedPreference.getData(LocalSharedPreference.KEY_HANDLER), new KHAccessToken(opObject.context).genToken(new String(Base64.decodeBase64(localSharedPreference.getData(LocalSharedPreference.APP_ID)))), opObject) != null;
    }

    public static boolean checkHKAccessToken(OpObject opObject, String str) throws Exception {
        return new RawKeyHandle().unwrapKeyHandler(opObject.context, opObject.getmLocalSharedPreference().getData(LocalSharedPreference.KEY_HANDLER), new KHAccessToken(opObject.context).genToken(str), opObject) != null;
    }

    public static boolean checkSignature(PublicKey publicKey, byte[] bArr, byte[] bArr2) throws InvalidKeyException, NoSuchAlgorithmException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withECDSA", BC);
        signature.initVerify(publicKey);
        signature.update(bArr);
        return signature.verify(bArr2);
    }

    public static BigInteger[] decodeToBigIntegerArray(byte[] bArr) throws IOException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
        DLSequence dLSequence = (DLSequence) aSN1InputStream.readObject();
        ASN1Integer aSN1Integer = (ASN1Integer) dLSequence.getObjectAt(0);
        ASN1Integer aSN1Integer2 = (ASN1Integer) dLSequence.getObjectAt(1);
        aSN1InputStream.close();
        return new BigInteger[]{aSN1Integer.getPositiveValue(), aSN1Integer2.getPositiveValue()};
    }

    public static RawKeyHandle getRawKeyHandle(OpObject opObject) throws Exception {
        LocalSharedPreference localSharedPreference = opObject.getmLocalSharedPreference();
        String data = localSharedPreference.getData(LocalSharedPreference.KEY_HANDLER);
        String data2 = localSharedPreference.getData(LocalSharedPreference.APP_ID);
        return new RawKeyHandle().unwrapKeyHandler(opObject.context, data, new KHAccessToken(opObject.context).genToken(new String(Base64.decodeBase64(data2))), opObject);
    }

    public static byte[] mSignAndFromatToRS(OpObject opObject, KeyPair keyPair, byte[] bArr) throws Exception {
        LocalSharedPreference localSharedPreference = opObject.getmLocalSharedPreference();
        String data = localSharedPreference.getData(LocalSharedPreference.PRIVATE_KEY);
        if (!"".equals(data)) {
            opObject.setKeyPair(null);
            return Asn1.toRawSignatureBytes(signAndFromatToRS(KeyCodec.getPrivKeyECDSA(Base64.decodeBase64(new String(opObject.getDecryptoObject().getCipher().doFinal(Base64.decodeBase64(data))))), bArr));
        }
        FingerprintManager.CryptoObject encryptoObject = opObject.getEncryptoObject();
        if (encryptoObject != null && opObject.getKeyPair() != null) {
            localSharedPreference.storeData(LocalSharedPreference.PRIVATE_KEY, Base64.encodeBase64URLSafeString(encryptoObject.getCipher().doFinal(Base64.encodeBase64URLSafeString(opObject.getKeyPair().getPrivate().getEncoded()).getBytes())));
            opObject.setKeyPair(null);
        }
        return null;
    }

    public static BigInteger[] mSignAndFromatToRS(FingerprintManager.CryptoObject cryptoObject, KeyPair keyPair, KeyPair keyPair2, byte[] bArr) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableEntryException, SignatureException {
        keyPair.getPrivate();
        keyPair2.getPrivate();
        Signature signature = cryptoObject.getSignature();
        signature.update(bArr);
        byte[] sign = signature.sign();
        for (int i = 0; i < sign.length; i++) {
            byte b = sign[i];
            byte b2 = sign[i];
            byte b3 = sign[i];
            byte b4 = sign[i];
            byte b5 = sign[i];
            byte b6 = sign[i];
            byte b7 = sign[i];
            byte b8 = sign[i];
        }
        return Asn1.transformRawSignature(signatureDERToRAW(sign));
    }

    public static byte[] sign(byte[] bArr, PrivateKey privateKey) throws Exception {
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    public static BigInteger[] signAndFromatToRS(PrivateKey privateKey, byte[] bArr) {
        X9ECParameters byName = SECNamedCurves.getByName("secp256r1");
        ECDomainParameters eCDomainParameters = new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN(), byName.getH());
        if (privateKey == null) {
            throw new IllegalStateException("This ECKey does not have the private key necessary for signing.");
        }
        ECDSASigner eCDSASigner = new ECDSASigner();
        eCDSASigner.init(true, new ECPrivateKeyParameters(((ECPrivateKey) privateKey).getS(), eCDomainParameters));
        return eCDSASigner.generateSignature(bArr);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private static byte[] signatureDERToRAW(byte[] bArr) {
        int i;
        int i2;
        if (bArr == 0) {
            return null;
        }
        try {
            if (bArr[0] != 48) {
                return null;
            }
            if (bArr[1] == -127) {
                i = bArr[2];
                i2 = 3;
            } else if (bArr[1] == -126) {
                i = bArr[2] << (bArr[3] + 8);
                i2 = 4;
            } else {
                i = bArr[1];
                i2 = 2;
            }
            byte[] bArr2 = new byte[i];
            if (i + i2 > bArr.length) {
                return null;
            }
            System.arraycopy(bArr, i2, bArr2, 0, i);
            byte[] bArr3 = new byte[64];
            if (bArr2[0] != 2) {
                return null;
            }
            if (bArr2[1] == 32) {
                System.arraycopy(bArr2, 2, bArr3, 0, 32);
            } else {
                if (bArr2[1] > 31) {
                    if (bArr2[1] == 33) {
                        System.arraycopy(bArr2, 3, bArr3, 0, 32);
                    }
                    return null;
                }
                System.arraycopy(bArr2, 34 - bArr2[1], bArr3, 32 - bArr2[1], bArr2[1]);
            }
            int i3 = bArr2[1] + 2;
            if (bArr2[i3] != 2) {
                return null;
            }
            int i4 = i3 + 1;
            if (bArr2[i4] == 32) {
                System.arraycopy(bArr2, i3 + 2, bArr3, 32, 32);
            } else {
                if (bArr2[i4] > 31) {
                    if (bArr2[i4] == 33) {
                        System.arraycopy(bArr2, i3 + 3, bArr3, 32, 32);
                    }
                    return null;
                }
                System.arraycopy(bArr2, ((i3 + 2) + 32) - bArr2[1], bArr3, 64 - bArr2[1], bArr2[1]);
            }
            return bArr3;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static boolean verify(PublicKey publicKey, byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException, UnsupportedEncodingException {
        Signature signature = Signature.getInstance("SHA256withECDSA", org.bouncycastle.jce.provider.BouncyCastleProvider.PROVIDER_NAME);
        signature.initVerify(publicKey);
        signature.update(bArr);
        return signature.verify(bArr2);
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, BigInteger[] bigIntegerArr) throws Exception {
        ECDSASigner eCDSASigner = new ECDSASigner();
        X9ECParameters byName = SECNamedCurves.getByName("secp256r1");
        ECDomainParameters eCDomainParameters = new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN(), byName.getH());
        eCDSASigner.init(false, new ECPublicKeyParameters(eCDomainParameters.getCurve().decodePoint(bArr), eCDomainParameters));
        return eCDSASigner.verifySignature(bArr2, bigIntegerArr[0].abs(), bigIntegerArr[1].abs());
    }

    public BigInteger[] generateSignature(byte[] bArr, CipherParameters cipherParameters) {
        BigInteger bigInteger;
        BigInteger mod;
        BigInteger mod2;
        BigInteger bigInteger2 = new BigInteger(1, bArr);
        ECKeyParameters eCKeyParameters = (ECKeyParameters) cipherParameters;
        BigInteger n = eCKeyParameters.getParameters().getN();
        do {
            int bitLength = n.bitLength();
            while (true) {
                bigInteger = new BigInteger(bitLength, RandomUtils.getSecureRandom());
                if (!bigInteger.equals(AdkSettings.PLATFORM_TYPE_MOBILE)) {
                    mod = eCKeyParameters.getParameters().getG().multiply(bigInteger).getX().toBigInteger().mod(n);
                    if (!mod.equals(AdkSettings.PLATFORM_TYPE_MOBILE)) {
                        break;
                    }
                }
            }
            mod2 = bigInteger.modInverse(n).multiply(bigInteger2.add(((ECPrivateKeyParameters) cipherParameters).getD().multiply(mod))).mod(n);
        } while (mod2.equals(AdkSettings.PLATFORM_TYPE_MOBILE));
        return new BigInteger[]{mod, mod2};
    }

    public PrivateKey getPrivateKey(byte[] bArr) throws Exception {
        return KeyFactory.getInstance("ECDSA", "SC").generatePrivate(new PKCS8EncodedKeySpec(bArr));
    }

    public byte[] getPubkey_DER() {
        try {
            byte[] bArr = new byte[66];
            if (this.pubkey_RAW == null) {
                LocalSharedPreference.getSettingsParam(LocalSharedPreference.PUBLIC_KEY);
            }
            System.arraycopy(this.pubkey_RAW, this.pubkey_RAW.length - 65, bArr, 1, 65);
            if (bArr[0] != 0 || bArr[1] != 4) {
                throw new FidoException("Invalid X9.62 public key format! When created by vSE, it should be 67-bytes");
            }
            return new Asn1Object().addSubObject(new Asn1Object().addSubObject(new Asn1Object(6, new byte[]{42, -122, 72, -50, 61, 2, 1})).addSubObject(new Asn1Object(6, new byte[]{42, -122, 72, -50, 61, 3, 1, 7}))).addSubObject(new Asn1Object(3, bArr)).toDER();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
}
