package com.opple.sig.oppleblesiglib.core;

import android.util.Log;
import com.opple.sig.oppleblesiglib.util.Arrays;
import com.opple.sig.oppleblesiglib.util.MeshLogger;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.KeyAgreement;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import okio.Utf8;
import org.spongycastle.crypto.InvalidCipherTextException;
import org.spongycastle.crypto.engines.AESEngine;
import org.spongycastle.crypto.engines.AESLightEngine;
import org.spongycastle.crypto.macs.CMac;
import org.spongycastle.crypto.modes.CCMBlockCipher;
import org.spongycastle.crypto.params.AEADParameters;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.jcajce.provider.digest.SHA256;
import org.spongycastle.jce.ECNamedCurveTable;
import org.spongycastle.jce.interfaces.ECPublicKey;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.jce.spec.ECNamedCurveParameterSpec;
import org.spongycastle.jce.spec.ECPublicKeySpec;
import org.spongycastle.util.BigIntegers;

/* loaded from: classes4.dex */
public final class Encipher {
    private static final byte[] SALT_INPUT_K2 = "smk2".getBytes();
    private static final byte[] SALT_INPUT_K3 = "smk3".getBytes();
    private static final byte[] SALT_INPUT_K4 = "smk4".getBytes();
    private static final byte[] SALT_K3_M = {105, 100, 54, 52, 1};
    private static final byte[] SALT_K4_M = {105, 100, 54, 1};
    private static final byte[] SALT_NKIK = "nkik".getBytes();
    private static final byte[] SALT_NKBK = "nkbk".getBytes();
    private static final byte[] SALT_NKPK = "nkpk".getBytes();
    private static final byte[] SALT_ID128 = "id128".getBytes();
    private static final byte[] NODE_IDENTITY_HASH_PADDING = {0, 0, 0, 0, 0, 0};
    private static final byte[] NODE_PRIVATE_IDENTITY_HASH_PADDING = {0, 0, 0, 0, 0};
    public static final byte[] PRCK = "prck".getBytes();
    public static final byte[] PRSK = "prsk".getBytes();
    public static final byte[] PRSN = "prsn".getBytes();
    public static final byte[] PRDK = "prdk".getBytes();
    public static final byte[] PRCK256 = "prck256".getBytes();
    private static final byte[] SALT_KEY_ZERO = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
    private static final byte[] SALT_KEY_ZERO_32 = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};

    public static byte[] OPPFASTPROV_ProDataDec(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[13];
        for (int i = 0; i < 13; i++) {
            bArr3[i] = (byte) (bArr[i] ^ bArr2[i]);
        }
        return bArr3;
    }

    public static byte[] OPPFASTPROV_ProDataEnc(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[13];
        for (int i = 0; i < 13; i++) {
            bArr3[i] = (byte) (bArr[i] ^ bArr2[i]);
        }
        return bArr3;
    }

    public static byte[] OppFastProvDevKeyGenerate(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[16];
        for (byte b = 0; b < 6; b = (byte) (b + 1)) {
            bArr3[b] = (byte) (bArr[b] ^ bArr2[b]);
        }
        for (byte b2 = 0; b2 < 6; b2 = (byte) (b2 + 1)) {
            int i = b2 + 6;
            bArr3[i] = (byte) ((bArr[b2] + b2) ^ bArr2[i]);
        }
        for (byte b3 = 0; b3 < 4; b3 = (byte) (b3 + 1)) {
            int i2 = b3 + 12;
            bArr3[i2] = (byte) (bArr[b3] + b3 + bArr2[i2]);
        }
        return bArr3;
    }

    public static byte[] OppFastProvisionSessionKeyGenerate(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[16];
        for (byte b = 0; b < 4; b = (byte) (b + 1)) {
            bArr3[b] = (byte) (bArr[b] ^ bArr2[b]);
        }
        for (byte b2 = 0; b2 < 4; b2 = (byte) (b2 + 1)) {
            bArr3[b2 + 4] = (byte) (bArr[5 - b2] + bArr2[4 - b2]);
        }
        for (byte b3 = 0; b3 < 4; b3 = (byte) (b3 + 1)) {
            bArr3[b3 + 8] = (byte) (bArr[b3] ^ bArr3[b3]);
        }
        for (byte b4 = 0; b4 < 4; b4 = (byte) (b4 + 1)) {
            bArr3[b4 + 12] = (byte) (bArr[b4] ^ bArr3[b4 + 4]);
        }
        return bArr3;
    }

    public static byte[] aes(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length];
        KeyParameter keyParameter = new KeyParameter(bArr2);
        AESLightEngine aESLightEngine = new AESLightEngine();
        aESLightEngine.init(true, keyParameter);
        aESLightEngine.processBlock(bArr, 0, bArr3, 0);
        return bArr3;
    }

    public static byte[] aesCmac(byte[] bArr, byte[] bArr2) {
        KeyParameter keyParameter = new KeyParameter(bArr2);
        CMac cMac = new CMac(new AESEngine());
        cMac.init(keyParameter);
        cMac.update(bArr, 0, bArr.length);
        byte[] bArr3 = new byte[16];
        cMac.doFinal(bArr3, 0);
        return bArr3;
    }

    public static byte[][] calculateNetKeyK2(byte[] bArr) {
        return k2(bArr, new byte[]{0});
    }

    public static byte[] ccm(byte[] bArr, byte[] bArr2, byte[] bArr3, int i, boolean z) {
        Log.d("ccm---", bArr2.length + "");
        byte[] bArr4 = new byte[bArr.length + (z ? i : -i)];
        CCMBlockCipher cCMBlockCipher = new CCMBlockCipher(new AESEngine());
        cCMBlockCipher.init(z, new AEADParameters(new KeyParameter(bArr2), i * 8, bArr3));
        cCMBlockCipher.processBytes(bArr, 0, bArr.length, bArr4, bArr.length);
        try {
            cCMBlockCipher.doFinal(bArr4, 0);
            return bArr4;
        } catch (InvalidCipherTextException unused) {
            return null;
        }
    }

    public static X509Certificate checkCertificate(byte[] bArr) {
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
            MeshLogger.d("certificate info: " + x509Certificate.toString());
            if (x509Certificate.getVersion() != 3) {
                MeshLogger.d("version check err");
                return null;
            }
            x509Certificate.checkValidity();
            x509Certificate.getSubjectAlternativeNames();
            x509Certificate.getExtendedKeyUsage();
            Signature signature = Signature.getInstance(x509Certificate.getSigAlgName(), BouncyCastleProvider.PROVIDER_NAME);
            signature.initVerify(x509Certificate);
            signature.update(x509Certificate.getTBSCertificate());
            if (signature.verify(x509Certificate.getSignature())) {
                System.out.println("signature validation pass");
                return x509Certificate;
            }
            System.out.println("signature validation failed");
            return null;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static X509Certificate checkCertificateByCa(byte[] bArr, byte[] bArr2) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(bArr));
            MeshLogger.d("certificate info: " + x509Certificate.toString());
            if (x509Certificate.getVersion() != 3) {
                MeshLogger.d("version check err");
                return null;
            }
            x509Certificate.checkValidity();
            x509Certificate.getSubjectAlternativeNames();
            x509Certificate.getExtendedKeyUsage();
            x509Certificate.verify(((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(bArr2))).getPublicKey());
            MeshLogger.d("signature validation pass");
            return x509Certificate;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static byte[] decryptOnlineStatus(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[4];
        System.arraycopy(bArr, 0, bArr3, 0, 4);
        byte[] bArr4 = new byte[2];
        System.arraycopy(bArr, bArr.length - 2, bArr4, 0, 2);
        int length = (bArr.length - 4) - 2;
        byte[] bArr5 = new byte[length];
        System.arraycopy(bArr, 4, bArr5, 0, length);
        byte[] bArr6 = new byte[16];
        byte[] bArr7 = new byte[16];
        System.arraycopy(bArr3, 0, bArr7, 1, 4);
        for (int i = 0; i < length; i++) {
            int i2 = i & 15;
            if (i2 == 0) {
                bArr6 = aes(bArr7, bArr2);
                bArr7[0] = (byte) (bArr7[0] + 1);
            }
            bArr5[i] = (byte) (bArr6[i2] ^ bArr5[i]);
        }
        byte[] bArr8 = new byte[16];
        System.arraycopy(bArr3, 0, bArr8, 0, 4);
        bArr8[4] = (byte) length;
        byte[] aes = aes(bArr8, bArr2);
        for (int i3 = 0; i3 < length; i3++) {
            int i4 = i3 & 15;
            aes[i4] = (byte) (aes[i4] ^ bArr5[i3]);
            if (i4 == 15 || i3 == length - 1) {
                aes = aes(aes, bArr2);
            }
        }
        for (int i5 = 0; i5 < 2; i5++) {
            if (bArr4[i5] != aes[i5]) {
                return null;
            }
        }
        System.arraycopy(bArr5, 0, bArr, 4, length);
        return bArr;
    }

    public static byte[] generateBeaconKey(byte[] bArr) {
        byte[] generateSalt = generateSalt(SALT_NKBK);
        byte[] bArr2 = SALT_ID128;
        ByteBuffer allocate = ByteBuffer.allocate(bArr2.length + 1);
        allocate.put(bArr2);
        allocate.put((byte) 1);
        return k1(bArr, generateSalt, allocate.array());
    }

    public static byte[] generateECDH(byte[] bArr, PrivateKey privateKey) {
        try {
            BigInteger fromUnsignedByteArray = BigIntegers.fromUnsignedByteArray(bArr, 0, 32);
            BigInteger fromUnsignedByteArray2 = BigIntegers.fromUnsignedByteArray(bArr, 32, 32);
            ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec("secp256r1");
            ECPublicKey eCPublicKey = (ECPublicKey) KeyFactory.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME).generatePublic(new ECPublicKeySpec(parameterSpec.getCurve().validatePoint(fromUnsignedByteArray, fromUnsignedByteArray2), parameterSpec));
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME);
            keyAgreement.init(privateKey);
            keyAgreement.doPhase(eCPublicKey, true);
            return keyAgreement.generateSecret();
        } catch (IllegalArgumentException | InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static byte[] generateIdentityKey(byte[] bArr) {
        byte[] generateSalt = generateSalt(SALT_NKIK);
        byte[] bArr2 = SALT_ID128;
        ByteBuffer allocate = ByteBuffer.allocate(bArr2.length + 1);
        allocate.put(bArr2);
        allocate.put((byte) 1);
        return k1(bArr, generateSalt, allocate.array());
    }

    public static KeyPair generateKeyPair() {
        try {
            ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec("P-256");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME);
            keyPairGenerator.initialize(parameterSpec);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception unused) {
            MeshLogger.log("generate key pair err!");
            return null;
        }
    }

    public static byte[] generateNodeIdentityHash(byte[] bArr, byte[] bArr2, int i) {
        byte[] bArr3 = NODE_IDENTITY_HASH_PADDING;
        ByteBuffer order = ByteBuffer.allocate(bArr3.length + bArr2.length + 2).order(ByteOrder.BIG_ENDIAN);
        order.put(bArr3);
        order.put(bArr2);
        order.putShort((short) i);
        byte[] aes = aes(order.array(), bArr);
        ByteBuffer allocate = ByteBuffer.allocate(8);
        allocate.put(aes, 8, 8);
        return allocate.array();
    }

    public static byte[] generatePrivateBeaconKey(byte[] bArr) {
        byte[] generateSalt = generateSalt(SALT_NKPK);
        byte[] bArr2 = SALT_ID128;
        ByteBuffer allocate = ByteBuffer.allocate(bArr2.length + 1);
        allocate.put(bArr2);
        allocate.put((byte) 1);
        return k1(bArr, generateSalt, allocate.array());
    }

    public static byte[] generatePrivateNodeIdentityHash(byte[] bArr, byte[] bArr2, int i) {
        byte[] bArr3 = NODE_PRIVATE_IDENTITY_HASH_PADDING;
        ByteBuffer order = ByteBuffer.allocate(bArr3.length + bArr2.length + 3).order(ByteOrder.BIG_ENDIAN);
        order.put(bArr3).put((byte) 3);
        order.put(bArr2);
        order.putShort((short) i);
        byte[] aes = aes(order.array(), bArr);
        ByteBuffer allocate = ByteBuffer.allocate(8);
        allocate.put(aes, 8, 8);
        return allocate.array();
    }

    public static byte[] generateSalt(byte[] bArr) {
        return aesCmac(bArr, SALT_KEY_ZERO);
    }

    public static byte[] getAu8SessionNonce(byte[] bArr) {
        byte[] bArr2 = new byte[16];
        for (byte b = 0; b < 16; b = (byte) (b + 1)) {
            bArr2[b] = (byte) (bArr[b] ^ 204);
        }
        return bArr2;
    }

    /* JADX WARN: Removed duplicated region for block: B:12:0x0043  */
    /* JADX WARN: Removed duplicated region for block: B:7:0x003c  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static byte[] getPublicKeyInCert(java.security.cert.X509Certificate r7) {
        /*
            java.security.PublicKey r7 = r7.getPublicKey()
            java.security.interfaces.ECPublicKey r7 = (java.security.interfaces.ECPublicKey) r7
            java.security.spec.ECPoint r0 = r7.getW()
            java.math.BigInteger r0 = r0.getAffineX()
            byte[] r0 = r0.toByteArray()
            int r1 = r0.length
            r2 = 1
            r3 = 0
            r4 = 32
            if (r1 <= r4) goto L20
            byte[] r1 = new byte[r4]
            java.lang.System.arraycopy(r0, r2, r1, r3, r4)
        L1e:
            r0 = r1
            goto L2d
        L20:
            int r1 = r0.length
            if (r1 >= r4) goto L2d
            byte[] r1 = new byte[r4]
            int r5 = r0.length
            int r5 = 32 - r5
            int r6 = r0.length
            java.lang.System.arraycopy(r0, r3, r1, r5, r6)
            goto L1e
        L2d:
            java.security.spec.ECPoint r7 = r7.getW()
            java.math.BigInteger r7 = r7.getAffineY()
            byte[] r7 = r7.toByteArray()
            int r1 = r7.length
            if (r1 <= r4) goto L43
            byte[] r1 = new byte[r4]
            java.lang.System.arraycopy(r7, r2, r1, r3, r4)
        L41:
            r7 = r1
            goto L4f
        L43:
            int r1 = r7.length
            if (r1 >= r4) goto L4f
            byte[] r1 = new byte[r4]
            int r2 = r7.length
            int r4 = r4 - r2
            int r2 = r7.length
            java.lang.System.arraycopy(r7, r3, r1, r4, r2)
            goto L41
        L4f:
            int r1 = r0.length
            int r2 = r7.length
            int r1 = r1 + r2
            byte[] r1 = new byte[r1]
            int r2 = r0.length
            java.lang.System.arraycopy(r0, r3, r1, r3, r2)
            int r0 = r0.length
            int r2 = r7.length
            java.lang.System.arraycopy(r7, r3, r1, r0, r2)
            java.lang.StringBuilder r7 = new java.lang.StringBuilder
            java.lang.String r0 = "public key in cert: "
            r7.<init>(r0)
            java.lang.String r0 = com.opple.sig.oppleblesiglib.util.Arrays.bytesToHexString(r1)
            r7.append(r0)
            java.lang.String r7 = r7.toString()
            com.opple.sig.oppleblesiglib.util.MeshLogger.d(r7)
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.opple.sig.oppleblesiglib.core.Encipher.getPublicKeyInCert(java.security.cert.X509Certificate):byte[]");
    }

    public static byte[] getStaticOOBInCert(X509Certificate x509Certificate) {
        byte[] extensionValue = x509Certificate.getExtensionValue("2.25.234763379998062148653007332685657680359");
        if (extensionValue == null || extensionValue.length < 16) {
            MeshLogger.d("static oob in cert not found");
            return null;
        }
        byte[] bArr = new byte[16];
        System.arraycopy(extensionValue, extensionValue.length - 16, bArr, 0, 16);
        MeshLogger.d("static oob in cert: " + Arrays.bytesToHexString(bArr));
        return bArr;
    }

    public static byte[] hMacSha256(byte[] bArr, byte[] bArr2) {
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(bArr2, "HmacSHA256"));
            return mac.doFinal(bArr);
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static byte[] k1(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return aesCmac(bArr3, aesCmac(bArr, bArr2));
    }

    public static byte[][] k2(byte[] bArr, byte[] bArr2) {
        byte[] aesCmac = aesCmac(bArr, generateSalt(SALT_INPUT_K2));
        ByteBuffer allocate = ByteBuffer.allocate(bArr2.length + 0 + 1);
        allocate.put(new byte[0]);
        allocate.put(bArr2);
        allocate.put((byte) 1);
        byte[] aesCmac2 = aesCmac(allocate.array(), aesCmac);
        ByteBuffer allocate2 = ByteBuffer.allocate(aesCmac2.length + bArr2.length + 1);
        allocate2.put(aesCmac2);
        allocate2.put(bArr2);
        allocate2.put((byte) 2);
        byte[] aesCmac3 = aesCmac(allocate2.array(), aesCmac);
        ByteBuffer allocate3 = ByteBuffer.allocate(aesCmac3.length + bArr2.length + 1);
        allocate3.put(aesCmac3);
        allocate3.put(bArr2);
        allocate3.put((byte) 3);
        return new byte[][]{aesCmac2, aesCmac3, aesCmac(allocate3.array(), aesCmac)};
    }

    public static byte[] k3(byte[] bArr) {
        byte[] aesCmac = aesCmac(SALT_K3_M, aesCmac(bArr, generateSalt(SALT_INPUT_K3)));
        byte[] bArr2 = new byte[8];
        System.arraycopy(aesCmac, aesCmac.length - 8, bArr2, 0, 8);
        return bArr2;
    }

    public static byte k4(byte[] bArr) {
        return (byte) (aesCmac(SALT_K4_M, aesCmac(bArr, generateSalt(SALT_INPUT_K4)))[15] & Utf8.REPLACEMENT_BYTE);
    }

    public static byte[] k5(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        return hMacSha256(bArr3, hMacSha256(bArr, bArr2));
    }

    public static byte[] oppleCcm(byte[] bArr, byte[] bArr2, byte[] bArr3, int i, boolean z) {
        Log.d("ccm---", bArr2.length + "");
        byte[] bArr4 = new byte[bArr.length + (z ? i : -i)];
        CCMBlockCipher cCMBlockCipher = new CCMBlockCipher(new AESEngine());
        cCMBlockCipher.init(z, new AEADParameters(new KeyParameter(bArr2), i * 8, bArr3));
        cCMBlockCipher.processBytes(bArr, 0, bArr.length, bArr4, bArr.length);
        try {
            cCMBlockCipher.doFinal(bArr4, 0);
            return bArr4;
        } catch (InvalidCipherTextException unused) {
            return null;
        }
    }

    public static byte[] s2(byte[] bArr) {
        return hMacSha256(bArr, SALT_KEY_ZERO_32);
    }

    public static byte[] sha256(byte[] bArr) {
        return new SHA256.Digest().digest(bArr);
    }
}
