package com.dayside.fido.uaf.auth.crypto;

import com.dayside.fido.uaf.auth.common.AuthException;
import com.dayside.fido.uaf.util.Base64URLHelper;
import com.xshield.dc;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.openssl.jcajce.JcaPEMWriter;

/* loaded from: classes2.dex */
public class CryptoHelper {
    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    static {
        Security.insertProviderAt(new BouncyCastleProvider(), 1);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] decryptwithWrapKey(byte[] bArr, byte[] bArr2, byte[] bArr3) throws AuthException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, 0, bArr.length, dc.m470(1535910919));
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr3);
        } catch (Exception e) {
            e.printStackTrace();
            throw new AuthException("WrapKey로 데이타를 복호화하는데 실패함");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] encryptwithWrapKey(byte[] bArr, byte[] bArr2, byte[] bArr3) throws AuthException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, 0, bArr.length, dc.m470(1535910919));
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(1, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr3);
        } catch (Exception e) {
            e.printStackTrace();
            throw new AuthException("WrapKey로 데이타를 암호화하는데 실패함");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static KeyPair generateKeyPair(short s) throws AuthException {
        switch (s) {
            case 1:
            case 2:
                return SECP256R1.generateKey();
            case 3:
            case 4:
                return RSASSA_PSS_SHA256.generateKey();
            case 5:
            case 6:
                return SECP256K1.generateKey();
            default:
                throw new AuthException();
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static void generateRandom(byte[] bArr) throws AuthException {
        try {
            SecureRandom secureRandom = SecureRandom.getInstance(CryptoConst.ALG_SHA1PRNG);
            secureRandom.setSeed(System.currentTimeMillis());
            secureRandom.nextBytes(bArr);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new AuthException("Random 넘버 생성에 실패함");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] generateUserVerificationToken() throws AuthException {
        try {
            byte[] bArr = new byte[32];
            SecureRandom.getInstance(CryptoConst.ALG_SHA1PRNG).nextBytes(bArr);
            return bArr;
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new AuthException("사용자 검증 토큰 생성에 실패함");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] generateWrapKey() throws AuthException {
        byte[] bArr = new byte[32];
        generateRandom(bArr);
        return new SecretKeySpec(bArr, dc.m470(1535910919)).getEncoded();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String getPEMString(PublicKey publicKey) throws AuthException {
        StringWriter stringWriter = new StringWriter();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
        try {
            try {
                jcaPEMWriter.writeObject(publicKey);
                try {
                    jcaPEMWriter.close();
                } catch (IOException e) {
                    e.printStackTrace();
                }
                return stringWriter.toString();
            } catch (Throwable th) {
                try {
                    jcaPEMWriter.close();
                } catch (IOException e2) {
                    e2.printStackTrace();
                }
                throw th;
            }
        } catch (IOException e3) {
            e3.printStackTrace();
            throw new AuthException("PEM 포맷 문자열 변환에 실패함");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String getPEMString(X509Certificate x509Certificate) throws AuthException {
        StringWriter stringWriter = new StringWriter();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
        try {
            try {
                jcaPEMWriter.writeObject(x509Certificate);
                try {
                    jcaPEMWriter.close();
                } catch (IOException e) {
                    e.printStackTrace();
                }
                return stringWriter.toString();
            } catch (Throwable th) {
                try {
                    jcaPEMWriter.close();
                } catch (IOException e2) {
                    e2.printStackTrace();
                }
                throw th;
            }
        } catch (IOException e3) {
            e3.printStackTrace();
            throw new AuthException("PEM 포맷 문자열 변환에 실패함");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static PrivateKey getPrivateKeyfromBytes(byte[] bArr, short s) throws AuthException {
        switch (s) {
            case 1:
            case 2:
                return SECP256R1.getPrivateKey(bArr);
            case 3:
            case 4:
                return RSASSA_PSS_SHA256.getPrivateKey(bArr);
            case 5:
            case 6:
                return SECP256K1.getPrivateKey(bArr);
            default:
                throw new AuthException("서명 알고리즘이 FIDO에서 정의되지 않은 것임");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] getPublicKeyBytesfromPublicKey(PublicKey publicKey, short s, short s2) throws AuthException {
        switch (s2) {
            case 1:
            case 2:
                if (s == 256) {
                    return SECP256R1.getRawPublicKey(publicKey.getEncoded());
                }
                if (s == 257) {
                    return publicKey.getEncoded();
                }
                throw new AuthException("공개키 포맷이 FIDO에서 정의되지 않은 것임");
            case 3:
            case 4:
                if (s == 258) {
                    return RSASSA_PSS_SHA256.getRawPublicKey(publicKey.getEncoded());
                }
                if (s == 259) {
                    return RSASSA_PSS_SHA256.getDerPublicKey(publicKey.getEncoded());
                }
                throw new AuthException("공개키 포맷이 FIDO에서 정의되지 않은 것임");
            case 5:
            case 6:
                if (s == 256) {
                    return SECP256K1.getRawPublicKey(publicKey.getEncoded());
                }
                if (s == 257) {
                    return publicKey.getEncoded();
                }
                throw new AuthException("공개키 포맷이 FIDO에서 정의되지 않은 것임");
            default:
                throw new AuthException("서명 알고리즘이 FIDO에서 정의되지 않은 것임");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static PublicKey getPublicKeyfromBytes(byte[] bArr, short s, short s2) throws AuthException {
        switch (s2) {
            case 1:
            case 2:
                if (s == 256) {
                    return SECP256R1.getPublicKeyfromRaw(bArr);
                }
                if (s == 257) {
                    return SECP256R1.getPublicKeyfromRaw(SECP256R1.getRawPublicKey(bArr));
                }
                throw new AuthException("공개키 포맷이 FIDO에서 정의되지 않은 것임");
            case 3:
            case 4:
                if (s == 258) {
                    return RSASSA_PSS_SHA256.getPublicKeyfromRaw(bArr);
                }
                if (s == 259) {
                    return RSASSA_PSS_SHA256.getPublicKeyfromDer(bArr);
                }
                throw new AuthException("공개키 포맷이 FIDO에서 정의되지 않은 것임");
            case 5:
            case 6:
                if (s == 256) {
                    return SECP256K1.getPublicKeyfromRaw(bArr);
                }
                if (s == 257) {
                    return SECP256K1.getPublicKeyfromRaw(SECP256K1.getRawPublicKey(bArr));
                }
                throw new AuthException("공개키 포맷이 FIDO에서 정의되지 않은 것임");
            default:
                throw new AuthException("서명 알고리즘이 FIDO에서 정의되지 않은 것임");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static X509Certificate getX509Certificate(byte[] bArr) throws AuthException {
        try {
            return (X509Certificate) CertificateFactory.getInstance(CryptoConst.CERT_X509).generateCertificate(new ByteArrayInputStream(bArr));
        } catch (CertificateException e) {
            e.printStackTrace();
            throw new AuthException("인증서 바이트 배열로부터 X.509 인증서 생성에 실패함");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] hashWithSHA256(byte[] bArr) throws AuthException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(CryptoConst.ALG_SHA_256);
            messageDigest.update(bArr);
            return messageDigest.digest();
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new AuthException("SHA256 알고리즘이 존재하지 않아 해시 생성에 실패함");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String hmacWithSHA256(String str, String str2) throws AuthException {
        String m473 = dc.m473(-179571030);
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(str2.getBytes("UTF-8"), m473);
            Mac mac = Mac.getInstance(m473);
            mac.init(secretKeySpec);
            return Base64URLHelper.encodeToString(mac.doFinal(str.getBytes()));
        } catch (Exception e) {
            e.printStackTrace();
            throw new AuthException("SHA256으로 HMAC을 구하는데 실패함");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] sign(PrivateKey privateKey, byte[] bArr, short s) throws AuthException {
        switch (s) {
            case 1:
                return CryptoCommon.sign_SECP256R1_ECDSA_SHA256_RAW_Signature(bArr, privateKey);
            case 2:
                return CryptoCommon.sign_SECP256R1_ECDSA_SHA256_DER_Signature(bArr, privateKey);
            case 3:
                return CryptoCommon.sign_RSASSA_PSS_SHA256_RAW_Signature(bArr, privateKey);
            case 4:
                return CryptoCommon.sign_RSASSA_PSS_SHA256_DER_Signature(bArr, privateKey);
            case 5:
                return CryptoCommon.sign_SECP256K1_ECDSA_SHA256_RAW_Signature(bArr, privateKey);
            case 6:
                return CryptoCommon.sign_SECP256K1_ECDSA_SHA256_DER_Signature(bArr, privateKey);
            default:
                throw new AuthException("서명 알고리즘이 FIDO에서 정의되지 않은 것임");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static boolean verify(byte[] bArr, byte[] bArr2, PublicKey publicKey, short s) throws AuthException {
        switch (s) {
            case 1:
                return CryptoCommon.verify_SECP256R1_ECDSA_SHA256_RAW_Signature(bArr, bArr2, publicKey);
            case 2:
                return CryptoCommon.verify_SECP256R1_ECDSA_SHA256_DER_Signature(bArr, bArr2, publicKey);
            case 3:
                return CryptoCommon.verify_RSASSA_PSS_SHA256_RAW_Signature(bArr, bArr2, publicKey);
            case 4:
                return CryptoCommon.verify_RSASSA_PSS_SHA256_DER_Signature(bArr, bArr2, publicKey);
            case 5:
                return CryptoCommon.verify_SECP256K1_ECDSA_SHA256_RAW_Signature(bArr, bArr2, publicKey);
            case 6:
                return CryptoCommon.verify_SECP256K1_ECDSA_SHA256_DER_Signature(bArr, bArr2, publicKey);
            default:
                throw new AuthException("서명 알고리즘이 FIDO에서 정의되지 않은 것임");
        }
    }
}
