package com.cbreactnativempcsdk;

import android.content.SharedPreferences;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.google.android.gms.stats.CodePackage;
import com.google.gson.Gson;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import mpc.EncryptionKey;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: classes.dex */
public class EciesEncryptionKey implements EncryptionKey {
    private PrivateKey key;
    private PublicKey publicKey;

    public EciesEncryptionKey(String str, SharedPreferences sharedPreferences) throws GeneralSecurityException, IOException {
        KeyGenParameterSpec build = Build.VERSION.SDK_INT >= 24 ? new KeyGenParameterSpec.Builder(str, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setUserAuthenticationRequired(false).setRandomizedEncryptionRequired(false).setInvalidatedByBiometricEnrollment(false).build() : new KeyGenParameterSpec.Builder(str, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setDigests("NONE").setUserAuthenticationRequired(false).setRandomizedEncryptionRequired(false).build();
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        SecretKey secretKey = (SecretKey) keyStore.getKey(build.getKeystoreAlias(), null);
        if (secretKey != null) {
            byte[] decode = Base64.decode(sharedPreferences.getString("pkblob", ""), 2);
            byte[] decode2 = Base64.decode(sharedPreferences.getString("publickey", ""), 2);
            KeyFactory keyFactory = KeyFactory.getInstance("EC", "AndroidOpenSSL");
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, secretKey, new GCMParameterSpec(128, Arrays.copyOf(decode, 12)));
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("EC");
            algorithmParameters.init(new ECGenParameterSpec("secp256r1"));
            this.key = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(cipher.doFinal(Arrays.copyOfRange(decode, 12, decode.length))));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(new byte[]{0});
            byteArrayOutputStream.write(Arrays.copyOfRange(decode2, 27, 59));
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            byteArrayOutputStream2.write(new byte[]{0});
            byteArrayOutputStream2.write(Arrays.copyOfRange(decode2, 59, 91));
            this.publicKey = (ECPublicKey) keyFactory.generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(byteArrayOutputStream.toByteArray()), new BigInteger(byteArrayOutputStream2.toByteArray())), (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class)));
            return;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(build);
        SecretKey generateKey = keyGenerator.generateKey();
        SharedPreferences.Editor edit = sharedPreferences.edit();
        ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec("prime256v1");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
        keyPairGenerator.initialize(eCGenParameterSpec);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Cipher cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
        byte[] bArr = new byte[12];
        new SecureRandom().nextBytes(bArr);
        cipher2.init(1, generateKey, new GCMParameterSpec(128, bArr));
        byte[] doFinal = cipher2.doFinal(generateKeyPair.getPrivate().getEncoded());
        ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
        byteArrayOutputStream3.write(bArr);
        byteArrayOutputStream3.write(doFinal);
        edit.putString("pkblob", Base64.encodeToString(byteArrayOutputStream3.toByteArray(), 2));
        edit.putString("publickey", Base64.encodeToString(generateKeyPair.getPublic().getEncoded(), 2));
        edit.commit();
        this.key = generateKeyPair.getPrivate();
        this.publicKey = generateKeyPair.getPublic();
    }

    @Override // mpc.EncryptionKey
    public byte[] eciesDecrypt(String str, byte[] bArr) throws Exception {
        try {
            CryptoBlob cryptoBlob = (CryptoBlob) new Gson().fromJson(new String(Base64.decode(str, 2)), CryptoBlob.class);
            KeyFactory keyFactory = KeyFactory.getInstance("EC", "AndroidOpenSSL");
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH", "AndroidOpenSSL");
            keyAgreement.init(this.key);
            byte[] decode = Base64.decode(cryptoBlob.getEphemeralPublicKey().getBlob(), 2);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(new byte[]{0});
            byteArrayOutputStream.write(Arrays.copyOfRange(decode, 1, 33));
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            byteArrayOutputStream2.write(new byte[]{0});
            byteArrayOutputStream2.write(Arrays.copyOfRange(decode, 33, 65));
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("EC");
            algorithmParameters.init(new ECGenParameterSpec("secp256r1"));
            keyAgreement.doPhase((ECPublicKey) keyFactory.generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(byteArrayOutputStream.toByteArray()), new BigInteger(byteArrayOutputStream2.toByteArray())), (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class))), true);
            byte[] generateSecret = keyAgreement.generateSecret();
            if (generateSecret.length != 32) {
                byte[] bArr2 = new byte[32];
                Arrays.fill(bArr2, (byte) 0);
                for (int length = 32 - generateSecret.length; length < 32; length++) {
                    bArr2[length] = generateSecret[length - (32 - generateSecret.length)];
                }
                generateSecret = bArr2;
            }
            MessageDigest messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256);
            messageDigest.update(generateSecret);
            byte[] digest = messageDigest.digest();
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            SecretKeySpec secretKeySpec = new SecretKeySpec(digest, "AES");
            byte[] decode2 = Base64.decode(cryptoBlob.getCiphertext(), 2);
            cipher.init(2, secretKeySpec, new GCMParameterSpec(128, Arrays.copyOfRange(decode2, 0, 12)));
            return cipher.doFinal(Arrays.copyOfRange(decode2, 12, decode2.length));
        } catch (Exception e) {
            e.printStackTrace();
            return new byte[0];
        }
    }

    @Override // mpc.EncryptionKey
    public String encryptionPublicKeyBase64() {
        return Base64.encodeToString(Arrays.copyOfRange(this.publicKey.getEncoded(), 26, 91), 2);
    }
}
