package com.satispay.protocore.crypto;

import com.embedia.sync.OperatorList;
import com.google.common.base.Strings;
import com.satispay.protocore.dh.DHKeys;
import com.satispay.protocore.errors.ProtoCoreError;
import com.satispay.protocore.errors.ProtoCoreErrorType;
import com.satispay.protocore.log.ProtoLogger;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.StringReader;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DHPrivateKeySpec;
import javax.crypto.spec.DHPublicKeySpec;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import kotlin.time.DurationKt;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.openssl.PEMParser;
import org.spongycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.spongycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;

/* loaded from: classes3.dex */
public class Crypto {
    public static int[] DIGITS_POWER = {1, 10, 100, 1000, 10000, 100000, DurationKt.NANOS_IN_MILLIS, 10000000, 100000000};

    public static SSLSocketFactory buildSSLContext(X509Certificate x509Certificate, X509Certificate x509Certificate2, PrivateKey privateKey) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry("ca-certificate", x509Certificate);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore2.load(null, null);
            keyStore2.setCertificateEntry("certificate", x509Certificate2);
            keyStore2.setKeyEntry("private-key", privateKey, "".toCharArray(), new Certificate[]{x509Certificate2});
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore2, "".toCharArray());
            SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            return sSLContext.getSocketFactory();
        } catch (Exception unused) {
            ProtoLogger.error("***** ERROR GENERATING SSL CONTEXT");
            return null;
        }
    }

    public static X509Certificate certificateX509(String str) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(str.getBytes(Charset.forName("UTF-8")));
            Security.insertProviderAt(new BouncyCastleProvider(), 1);
            return (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(byteArrayInputStream);
        } catch (Exception unused) {
            ProtoLogger.error("!!! Error generating X509 certificate !!!");
            return null;
        }
    }

    public static byte[] generateKAuth(int i, byte[] bArr) throws ProtoCoreError {
        return pbkdf2WithHmacSha1(generateOtp(bArr, i * 2, 8), 128, CryptoDH.LOW).getEncoded();
    }

    public static byte[] generateKMaster(DHKeys dHKeys, BigInteger bigInteger) throws ProtoCoreError {
        byte[] bArr;
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("DH");
            KeyAgreement keyAgreement = KeyAgreement.getInstance("DH");
            keyAgreement.init(keyFactory.generatePrivate(new DHPrivateKeySpec(dHKeys.getPrivateKey(), dHKeys.getP(), dHKeys.getG())));
            keyAgreement.doPhase(keyFactory.generatePublic(new DHPublicKeySpec(bigInteger, dHKeys.getP(), dHKeys.getG())), true);
            bArr = MessageDigest.getInstance("SHA1").digest(keyAgreement.generateSecret());
        } catch (Exception e) {
            e.printStackTrace();
            bArr = null;
        }
        if (bArr != null) {
            return bArr;
        }
        ProtoCoreErrorType protoCoreErrorType = ProtoCoreErrorType.DH_ERROR;
        protoCoreErrorType.setMessage("kMaster is null");
        throw new ProtoCoreError(protoCoreErrorType);
    }

    public static byte[] generateKSess(int i, byte[] bArr) throws ProtoCoreError {
        return pbkdf2WithHmacSha1(generateOtp(bArr, (i * 2) - 1, 8), 128, CryptoDH.LOW).getEncoded();
    }

    public static String generateOtp(byte[] bArr, int i, int i2) throws ProtoCoreError {
        byte[] bArr2 = new byte[8];
        for (int i3 = 7; i3 >= 0; i3--) {
            bArr2[i3] = Integer.valueOf(i & 255).byteValue();
            i >>= 8;
        }
        byte[] hmacSha1Raw = CryptoUtils.hmacSha1Raw(bArr, bArr2);
        int intValue = Byte.valueOf(hmacSha1Raw[hmacSha1Raw.length - 1]).intValue() & 15;
        return Strings.padStart(Integer.valueOf(((Byte.valueOf(hmacSha1Raw[intValue + 3]).intValue() & 255) | (((Byte.valueOf(hmacSha1Raw[intValue + 2]).intValue() & 255) << 8) | (((Byte.valueOf(hmacSha1Raw[intValue]).intValue() & 127) << 24) | ((Byte.valueOf(hmacSha1Raw[intValue + 1]).intValue() & 255) << 16)))) % DIGITS_POWER[i2]).toString(), i2, '0');
    }

    public static PrivateKey getPrivateKey(String str) {
        try {
            BufferedReader bufferedReader = new BufferedReader(new StringReader(str));
            Security.insertProviderAt(new BouncyCastleProvider(), 1);
            PEMParser pEMParser = new PEMParser(bufferedReader);
            PKCS8EncryptedPrivateKeyInfo pKCS8EncryptedPrivateKeyInfo = (PKCS8EncryptedPrivateKeyInfo) pEMParser.readObject();
            pEMParser.close();
            return new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(pKCS8EncryptedPrivateKeyInfo.decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().build(OperatorList.Operator.TECNICO_CODE.toCharArray())));
        } catch (Exception unused) {
            ProtoLogger.error("!!! Error importing private key !!!");
            return null;
        }
    }

    public static PublicKey getPublicKey(String str) {
        try {
            BufferedReader bufferedReader = new BufferedReader(new StringReader(str));
            Security.insertProviderAt(new BouncyCastleProvider(), 1);
            PEMParser pEMParser = new PEMParser(bufferedReader);
            SubjectPublicKeyInfo subjectPublicKeyInfo = (SubjectPublicKeyInfo) pEMParser.readObject();
            pEMParser.close();
            return new JcaPEMKeyConverter().setProvider("BC").getPublicKey(subjectPublicKeyInfo);
        } catch (Exception unused) {
            ProtoLogger.error("!!! Error importing public key !!!");
            return null;
        }
    }

    public static SecretKey pbkdf2WithHmacSha1(String str, int i, int i2) throws ProtoCoreError {
        SecretKey secretKey;
        try {
            secretKey = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), str.getBytes(), i2, i));
        } catch (Exception e) {
            e.printStackTrace();
            secretKey = null;
        }
        if (secretKey != null) {
            return secretKey;
        }
        ProtoCoreErrorType protoCoreErrorType = ProtoCoreErrorType.DH_ERROR;
        protoCoreErrorType.setMessage("secretKey is null");
        throw new ProtoCoreError(protoCoreErrorType);
    }
}
