package com.semaconnect.hce;

import com.semaconnect.common.Bytes;
import com.semaconnect.common.Utils;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class VasProtocol {
    private static final String ENCRYPT_ALGO = "AES/GCM/NoPadding";
    private static final int TAG_LENGTH_BIT = 128;
    protected byte[] merchantId;
    protected byte[] sharedInfo;
    private static final byte[] PARTY_A_ID = Bytes.fromAscii("SemaConnect encrypted NFC message");
    private static final byte[] IV = Bytes.fromHex("00000000000000000000000000000000");

    public VasProtocol(String str) throws NoSuchAlgorithmException {
        this.merchantId = MessageDigest.getInstance("SHA-256").digest(Bytes.fromAscii(str));
        this.sharedInfo = generateSharedInfo(Bytes.fromAscii("id-aes256-GCM"), PARTY_A_ID, this.merchantId);
    }

    public static byte[] cipher(byte[] bArr, byte[] bArr2, int i) throws BadPaddingException, IllegalBlockSizeException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        Cipher cipher = Cipher.getInstance(ENCRYPT_ALGO);
        cipher.init(i, secretKeySpec, new GCMParameterSpec(128, IV));
        return cipher.doFinal(bArr2);
    }

    public static byte[] decrypt(byte[] bArr, byte[] bArr2) throws BadPaddingException, IllegalBlockSizeException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException {
        return cipher(bArr, bArr2, 2);
    }

    public static byte[] deriveKey(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update(bArr);
        messageDigest.update(new byte[]{0, 0, 0, 1});
        messageDigest.update(bArr2);
        return messageDigest.digest();
    }

    public static byte[] encrypt(byte[] bArr, byte[] bArr2) throws BadPaddingException, IllegalBlockSizeException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException {
        return cipher(bArr, bArr2, 1);
    }

    public static KeyPair generateEphemeralKeyPair() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
        keyPairGenerator.initialize(256);
        for (int i = 0; i < 64; i++) {
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            if (!((ECPublicKey) generateKeyPair.getPublic()).getW().getAffineY().testBit(0)) {
                return generateKeyPair;
            }
        }
        return null;
    }

    public static byte[] generateSharedInfo(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return Bytes.concat(new byte[]{13}, bArr, bArr2, bArr3);
    }

    public static byte[] generateSharedSecret(ECPrivateKey eCPrivateKey, ECPublicKey eCPublicKey) throws NoSuchAlgorithmException, InvalidKeyException {
        KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
        keyAgreement.init(eCPrivateKey);
        keyAgreement.doPhase(eCPublicKey, true);
        return keyAgreement.generateSecret();
    }

    public byte[] decode(ECPrivateKey eCPrivateKey, byte[] bArr) throws NoSuchAlgorithmException, InvalidParameterSpecException, InvalidKeySpecException, InvalidKeyException, IllegalBlockSizeException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException {
        Bytes.slice(bArr, 0, 4);
        byte[] slice = Bytes.slice(bArr, 4, 36);
        return decrypt(deriveKey(generateSharedSecret(eCPrivateKey, Utils.getPublicKeyFromBytes(slice, (byte) 0)), this.sharedInfo), Bytes.slice(bArr, 36, -1));
    }

    public byte[] encode(ECPublicKey eCPublicKey, KeyPair keyPair, byte[] bArr) throws BadPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, NoSuchPaddingException, InvalidAlgorithmParameterException {
        byte[] deriveKey = deriveKey(generateSharedSecret((ECPrivateKey) keyPair.getPrivate(), eCPublicKey), this.sharedInfo);
        return Bytes.concat(Bytes.slice(MessageDigest.getInstance("SHA-256").digest(Utils.getCompressedPublicKey(eCPublicKey)), 0, 4), Utils.getCompressedPublicKey((ECPublicKey) keyPair.getPublic()), encrypt(deriveKey, bArr));
    }

    public byte[] encode(ECPublicKey eCPublicKey, byte[] bArr) throws NoSuchAlgorithmException, IllegalBlockSizeException, InvalidKeyException, NoSuchPaddingException, BadPaddingException, InvalidAlgorithmParameterException {
        return encode(eCPublicKey, generateEphemeralKeyPair(), bArr);
    }
}
