package b.h.p.C;

import android.text.TextUtils;
import android.util.Base64;
import com.xiaomi.idm.security.network.Constants;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.OutputStreamWriter;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.concurrent.ThreadLocalRandom;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;

/* compiled from: CryptionUtil.java */
/* renamed from: b.h.p.C.k, reason: case insensitive filesystem */
/* loaded from: classes2.dex */
public class C0994k {

    /* renamed from: a, reason: collision with root package name */
    public static final String f10623a = "k";

    /* renamed from: b, reason: collision with root package name */
    public static final BouncyCastleProvider f10624b = new BouncyCastleProvider();

    /* renamed from: c, reason: collision with root package name */
    public static final ECParameterSpec f10625c = ECNamedCurveTable.getParameterSpec("prime256v1");

    /* renamed from: d, reason: collision with root package name */
    public static KeyPairGenerator f10626d;

    static {
        try {
            f10626d = KeyPairGenerator.getInstance("ECDH", f10624b);
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        }
    }

    public static int a(int i2, int i3) {
        return ThreadLocalRandom.current().nextInt(i2, i3 + 1);
    }

    public static String a(KeyPair keyPair, String str, String str2) {
        if (keyPair == null || TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            x.b(f10623a, "generateCsr:keyPair is null or uid or did is null", new Object[0]);
            return null;
        }
        String str3 = "idm." + str + Constants.LIST_ELEMENT_DIVIDER + str2;
        try {
            BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
            PKCS10CertificationRequest build = new JcaPKCS10CertificationRequestBuilder(new X500Principal("CN=" + str3), keyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256WITHECDSA").setProvider(bouncyCastleProvider).build(keyPair.getPrivate()));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new OutputStreamWriter(byteArrayOutputStream));
            jcaPEMWriter.writeObject(build);
            jcaPEMWriter.close();
            byteArrayOutputStream.close();
            return "-----BEGIN CERTIFICATE REQUEST-----\n" + Base64.encodeToString(build.getEncoded(), 0) + "\n-----END CERTIFICATE REQUEST-----";
        } catch (Exception e2) {
            x.b(f10623a, "generateCsr:" + e2.getMessage(), new Object[0]);
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x001f A[RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:12:0x0020 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.Key a(java.security.PublicKey r3, java.security.PrivateKey r4) {
        /*
            java.lang.String r0 = "ECDH"
            r1 = 0
            if (r3 == 0) goto L2c
            if (r4 != 0) goto L8
            goto L2c
        L8:
            org.bouncycastle.jce.provider.BouncyCastleProvider r2 = b.h.p.C.C0994k.f10624b     // Catch: java.lang.Exception -> L18
            javax.crypto.KeyAgreement r2 = javax.crypto.KeyAgreement.getInstance(r0, r2)     // Catch: java.lang.Exception -> L18
            r2.init(r4)     // Catch: java.lang.Exception -> L16
            r4 = 1
            r2.doPhase(r3, r4)     // Catch: java.lang.Exception -> L16
            goto L1d
        L16:
            r3 = move-exception
            goto L1a
        L18:
            r3 = move-exception
            r2 = r1
        L1a:
            r3.printStackTrace()
        L1d:
            if (r2 != 0) goto L20
            return r1
        L20:
            javax.crypto.SecretKey r1 = r2.generateSecret(r0)     // Catch: java.security.NoSuchAlgorithmException -> L25 java.security.InvalidKeyException -> L27
            goto L2b
        L25:
            r3 = move-exception
            goto L28
        L27:
            r3 = move-exception
        L28:
            r3.printStackTrace()
        L2b:
            return r1
        L2c:
            java.lang.String r3 = b.h.p.C.C0994k.f10623a
            r4 = 0
            java.lang.Object[] r4 = new java.lang.Object[r4]
            java.lang.String r0 = "generateSharedKey:publicKey or privateKey is null!"
            b.h.p.C.x.b(r3, r0, r4)
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: b.h.p.C.C0994k.a(java.security.PublicKey, java.security.PrivateKey):java.security.Key");
    }

    public static KeyPair a() {
        try {
            if (Security.getProvider("BC") == null) {
                Security.addProvider(f10624b);
            }
            f10626d.initialize(f10625c, new SecureRandom());
            return f10626d.generateKeyPair();
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static PublicKey a(String str) {
        CertificateFactory certificateFactory;
        if (TextUtils.isEmpty(str)) {
            x.b(f10623a, "getSolidPbs:deviceSignCert is null!", new Object[0]);
            return null;
        }
        try {
            certificateFactory = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e2) {
            e2.printStackTrace();
            certificateFactory = null;
        }
        if (certificateFactory == null) {
            return null;
        }
        try {
            return ((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(str.getBytes()))).getPublicKey();
        } catch (Exception e3) {
            e3.printStackTrace();
            return null;
        }
    }

    public static PublicKey a(byte[] bArr) {
        if (bArr == null) {
            x.b(f10623a, "getDecodedPublicKey:encodedPublickey is null", new Object[0]);
            return null;
        }
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        try {
            return KeyFactory.getInstance("ECDH", bouncyCastleProvider).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static boolean a(String str, String str2) {
        CertificateFactory certificateFactory;
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            x.b(f10623a, "verifySign:the certs both can't be null:err!", new Object[0]);
            return false;
        }
        new BouncyCastleProvider();
        PublicKey publicKey = null;
        try {
            certificateFactory = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e2) {
            e2.printStackTrace();
            certificateFactory = null;
        }
        if (certificateFactory == null) {
            return false;
        }
        try {
            publicKey = ((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(str.getBytes()))).getPublicKey();
        } catch (CertificateException e3) {
            e3.printStackTrace();
        }
        if (publicKey == null) {
            return false;
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(str2.getBytes()));
            if (x509Certificate == null) {
                return false;
            }
            try {
                x509Certificate.verify(publicKey);
                return true;
            } catch (Exception e4) {
                e4.printStackTrace();
                return false;
            }
        } catch (Exception e5) {
            e5.printStackTrace();
            return false;
        }
    }

    public static boolean a(String str, Date date) {
        if (TextUtils.isEmpty(str)) {
            x.b(f10623a, "isValidExpiredTimeNow:deviceSignCert is null", new Object[0]);
            return false;
        }
        CertificateFactory certificateFactory = null;
        try {
            certificateFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        if (certificateFactory == null) {
            return false;
        }
        try {
            ((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(str.getBytes()))).checkValidity(date);
            return true;
        } catch (CertificateExpiredException e3) {
            e3.printStackTrace();
            return false;
        } catch (CertificateNotYetValidException e4) {
            e4.printStackTrace();
            return true;
        } catch (CertificateException e5) {
            e5.printStackTrace();
            return false;
        } catch (Exception e6) {
            e6.printStackTrace();
            return false;
        }
    }

    public static boolean a(PublicKey publicKey, byte[] bArr, byte[] bArr2) {
        if (publicKey == null || bArr == null || bArr2 == null) {
            x.b(f10623a, "ecdsaVerify:publicKey or hash or signature is null!", new Object[0]);
            return false;
        }
        try {
            Signature signature = Signature.getInstance("ECDSA", new BouncyCastleProvider());
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (Exception e2) {
            e2.printStackTrace();
            return false;
        }
    }

    public static byte[] a(Key key, byte[] bArr) {
        if (key == null || bArr == null) {
            x.b(f10623a, "decypt:shareKey or encryptedData is null", new Object[0]);
            return null;
        }
        byte[] decode = Base64.decode(bArr, 0);
        try {
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(2, key);
            return cipher.doFinal(decode);
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static byte[] a(PrivateKey privateKey, String str) {
        if (privateKey == null || TextUtils.isEmpty(str)) {
            x.b(f10623a, "ecdsaSign:private Key is null or data is null", new Object[0]);
            return null;
        }
        try {
            Signature signature = Signature.getInstance("ECDSA", new BouncyCastleProvider());
            signature.initSign(privateKey);
            signature.update(str.getBytes());
            return signature.sign();
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static String b(String str) {
        CertificateFactory certificateFactory;
        if (TextUtils.isEmpty(str)) {
            x.b(f10623a, "getSolidUid:deviceSignCert is null!", new Object[0]);
            return null;
        }
        try {
            certificateFactory = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e2) {
            e2.printStackTrace();
            certificateFactory = null;
        }
        if (certificateFactory == null) {
            return null;
        }
        try {
            String name = ((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(str.getBytes()))).getSubjectX500Principal().getName();
            if (name == null) {
                return null;
            }
            try {
                return name.split("\\.")[1];
            } catch (Exception e3) {
                e3.printStackTrace();
                return null;
            }
        } catch (Exception e4) {
            e4.printStackTrace();
            return null;
        }
    }

    public static byte[] b(Key key, byte[] bArr) {
        if (key == null || bArr == null) {
            x.b(f10623a, "encypt:sharedKey is null or sig1 is null", new Object[0]);
        }
        byte[] bArr2 = null;
        try {
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(1, key);
            bArr2 = cipher.doFinal(bArr);
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return Base64.encode(bArr2, 0);
    }

    public static boolean c(String str) {
        return a(str, new Date());
    }
}
