package com.oplus.ndsf.pocsecuritylib;

import com.oplus.statistics.util.AccountUtil;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public class PocSecurity {
    private static final String AES = "AES";
    private static final int ECPOINT_X_Y_LENGTH = 32;
    private static final String GCM_CIPHER_ALGORITHM = "AES/GCM/NoPadding";
    private static final int IV_LENGTH = 12;
    private static final int KEYSPEC_LENGTH = 64;
    public static final String KEY_ALGORITHM_EC = "EC";
    private static final int LENGTH_TAG = 128;
    private static final int SEC_KEY_LEN = 16;
    private static Logger log = Logger.getLogger("PocSecurity");
    private SecretKeySpec mKey = null;
    private byte[] mIv = null;
    private KeyPair mKeyPair = null;
    private byte[] mPublicKey = null;
    private byte[] mPrivateKey = null;

    public PocSecurity() {
        genKeyPair();
    }

    private String byteArray2HexString(byte[] bArr) {
        if (bArr == null || bArr.length < 1) {
            log.info("byteArray2HexString byteArray invalid");
            return null;
        }
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            String hexString = Integer.toHexString(b & 255);
            if (hexString.length() < 2) {
                sb.append(AccountUtil.SSOID_DEFAULT);
            }
            sb.append(hexString);
        }
        log.info("byteArray2HexString:" + sb.toString().toLowerCase() + " length:" + sb.toString().toLowerCase().length());
        return sb.toString().toLowerCase();
    }

    private byte[] digest(String str, byte[]... bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            for (byte[] bArr2 : bArr) {
                messageDigest.update(bArr2);
            }
            return messageDigest.digest();
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            return null;
        }
    }

    private void genKeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM_EC);
            keyPairGenerator.initialize(new ECGenParameterSpec("secp256r1"));
            this.mKeyPair = keyPairGenerator.genKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
    }

    private byte[] generateSecreKey(PublicKey publicKey, PrivateKey privateKey) {
        try {
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
            keyAgreement.init(privateKey);
            keyAgreement.doPhase(publicKey, true);
            return keyAgreement.generateSecret();
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            e.printStackTrace();
            return null;
        }
    }

    private byte[] getAndFormatRawPublicKey(ECPublicKey eCPublicKey) {
        BigInteger affineX = eCPublicKey.getW().getAffineX();
        BigInteger affineY = eCPublicKey.getW().getAffineY();
        byte[] bArr = new byte[64];
        byte[] byteArray = affineX.toByteArray();
        if (byteArray.length == 33) {
            System.arraycopy(byteArray, 1, bArr, 0, 32);
        } else {
            System.arraycopy(byteArray, 0, bArr, 32 - byteArray.length, byteArray.length);
        }
        byte[] byteArray2 = affineY.toByteArray();
        if (byteArray2.length == 33) {
            System.arraycopy(byteArray2, 1, bArr, 32, 32);
        } else {
            System.arraycopy(byteArray2, 0, bArr, 64 - byteArray2.length, byteArray2.length);
        }
        return bArr;
    }

    private PublicKey keySpecToPublicKey(byte[] bArr) {
        if (this.mKeyPair == null) {
            log.severe("keySpecToPublicKey mKeyPair == null");
            return null;
        }
        if (bArr.length != 64) {
            log.severe("keySpecToPublicKey invalid keySpec.length");
            return null;
        }
        try {
            return KeyFactory.getInstance(KEY_ALGORITHM_EC).generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(1, Arrays.copyOfRange(bArr, 0, bArr.length / 2)), new BigInteger(1, Arrays.copyOfRange(bArr, bArr.length / 2, bArr.length))), ((ECPublicKey) this.mKeyPair.getPublic()).getParams()));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            e.printStackTrace();
            return null;
        }
    }

    public byte[] decrypt(byte[] bArr) {
        try {
            if (this.mIv != null && this.mKey != null) {
                Cipher cipher = Cipher.getInstance(GCM_CIPHER_ALGORITHM);
                cipher.init(2, this.mKey, new GCMParameterSpec(128, this.mIv));
                return cipher.doFinal(bArr);
            }
            log.severe("decrypt mIv == null || mKey == null failed");
            return null;
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            e.printStackTrace();
            return null;
        }
    }

    public boolean deriveKey(byte[] bArr) {
        PublicKey keySpecToPublicKey = keySpecToPublicKey(bArr);
        if (keySpecToPublicKey == null) {
            log.severe("deriveKey keySpecToPublicKey failed");
            return false;
        }
        KeyPair keyPair = this.mKeyPair;
        if (keyPair == null) {
            log.severe("deriveKey mKeyPair == null");
            return false;
        }
        byte[] generateSecreKey = generateSecreKey(keySpecToPublicKey, keyPair.getPrivate());
        if (generateSecreKey == null) {
            log.severe("deriveKey generateSecreKey failed");
            return false;
        }
        byte[] digest = digest("SHA-256", generateSecreKey);
        if (digest == null) {
            log.severe("deriveKey digest failed");
            return false;
        }
        this.mKey = new SecretKeySpec(Arrays.copyOfRange(digest, 0, 16), AES);
        this.mIv = Arrays.copyOfRange(digest, 16, 28);
        return true;
    }

    public byte[] encrypt(byte[] bArr) {
        try {
            if (this.mIv != null && this.mKey != null) {
                Cipher cipher = Cipher.getInstance(GCM_CIPHER_ALGORITHM);
                cipher.init(1, this.mKey, new GCMParameterSpec(128, this.mIv));
                return cipher.doFinal(bArr);
            }
            log.severe("encrypt mIv == null || mKey == null failed");
            return null;
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            e.printStackTrace();
            return null;
        }
    }

    public byte[] genKeySpec() {
        KeyPair keyPair = this.mKeyPair;
        if (keyPair == null) {
            return null;
        }
        ECPublicKey eCPublicKey = (ECPublicKey) keyPair.getPublic();
        if (eCPublicKey == null) {
            log.severe("genKeySpec ecPublicKey == null");
            return null;
        }
        byte[] andFormatRawPublicKey = getAndFormatRawPublicKey(eCPublicKey);
        log.info("keySpec string:" + byteArray2HexString(andFormatRawPublicKey));
        return andFormatRawPublicKey;
    }
}
