package b7;

import android.text.TextUtils;
import android.util.Base64;
import com.google.common.collect.t4;
import com.xiaomi.miconnect.security.network.Constants;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.OutputStreamWriter;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;
import n.h1;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;

/* loaded from: classes2.dex */
public final class k {

    /* renamed from: a, reason: collision with root package name */
    public static final BouncyCastleProvider f4725a = new BouncyCastleProvider();

    /* renamed from: b, reason: collision with root package name */
    public static final ECNamedCurveParameterSpec f4726b = ECNamedCurveTable.getParameterSpec("prime256v1");

    public static byte[] a(Key key, byte[] bArr) {
        if (key == null || bArr == null) {
            y.d("k", "decypt:shareKey or encryptedData is null", new Object[0]);
            return null;
        }
        byte[] decode = Base64.decode(bArr, 0);
        try {
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(2, key);
            return cipher.doFinal(decode);
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static byte[] b(PrivateKey privateKey, String str) {
        if (privateKey == null || TextUtils.isEmpty(str)) {
            y.d("k", "ecdsaSign:private Key is null or data is null", new Object[0]);
            return null;
        }
        try {
            Signature signature = Signature.getInstance("ECDSA", new BouncyCastleProvider());
            signature.initSign(privateKey);
            signature.update(str.getBytes());
            return signature.sign();
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static boolean c(PublicKey publicKey, byte[] bArr, byte[] bArr2) {
        if (bArr == null) {
            y.d("k", "ecdsaVerify:publicKey or hash or signature is null!", new Object[0]);
            return false;
        }
        try {
            Signature signature = Signature.getInstance("ECDSA", new BouncyCastleProvider());
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (Exception e2) {
            e2.printStackTrace();
            return false;
        }
    }

    public static byte[] d(Key key, byte[] bArr) {
        byte[] bArr2 = null;
        try {
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(1, key);
            bArr2 = cipher.doFinal(bArr);
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return Base64.encode(bArr2, 0);
    }

    public static String e(KeyPair keyPair, String str, String str2, int i10) {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            y.d("k", "generateCsr:keyPair is null or uid or did is null", new Object[0]);
            return null;
        }
        StringBuilder b10 = t4.b("idm.", str, Constants.LIST_ELEMENT_DIVIDER, str2, Constants.LIST_ELEMENT_DIVIDER);
        b10.append(i10);
        String sb = b10.toString();
        try {
            BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
            PKCS10CertificationRequest build = new JcaPKCS10CertificationRequestBuilder(new X500Principal("CN=" + sb), keyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256WITHECDSA").setProvider(bouncyCastleProvider).build(keyPair.getPrivate()));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new OutputStreamWriter(byteArrayOutputStream));
            jcaPEMWriter.writeObject(build);
            jcaPEMWriter.close();
            byteArrayOutputStream.close();
            return "-----BEGIN CERTIFICATE REQUEST-----\n" + Base64.encodeToString(build.getEncoded(), 0) + "\n-----END CERTIFICATE REQUEST-----";
        } catch (Exception e2) {
            y.d("k", h1.a(e2, androidx.appcompat.widget.p0.b("generateCsr:")), new Object[0]);
            return null;
        }
    }

    public static KeyPair f() {
        try {
            if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
                Security.addProvider(f4725a);
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDH", f4725a);
            keyPairGenerator.initialize(f4726b, new SecureRandom());
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static X509Certificate g(String str) {
        CertificateFactory certificateFactory;
        if (TextUtils.isEmpty(str)) {
            y.d("k", "deviceSignCert is null!", new Object[0]);
            return null;
        }
        try {
            certificateFactory = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e2) {
            e2.printStackTrace();
            certificateFactory = null;
        }
        if (certificateFactory == null) {
            return null;
        }
        try {
            return (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(str.getBytes()));
        } catch (Exception e10) {
            e10.printStackTrace();
            return null;
        }
    }

    public static PublicKey h(byte[] bArr) {
        if (bArr == null) {
            y.d("k", "getDecodedPublicKey:encodedPublickey is null", new Object[0]);
            return null;
        }
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        try {
            return KeyFactory.getInstance("ECDH", bouncyCastleProvider).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static PublicKey i(X509Certificate x509Certificate) {
        y.b("k", "get solid public key...", new Object[0]);
        if (x509Certificate != null) {
            return x509Certificate.getPublicKey();
        }
        return null;
    }

    public static String j(X509Certificate x509Certificate) {
        String name;
        y.b("k", "get solid public uid...", new Object[0]);
        if (x509Certificate == null || (name = x509Certificate.getSubjectX500Principal().getName()) == null) {
            return null;
        }
        try {
            return name.split("\\.")[1];
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static boolean k(X509Certificate x509Certificate) {
        return l(x509Certificate, new Date());
    }

    public static boolean l(X509Certificate x509Certificate, Date date) {
        y.b("k", "is cert valid until " + date + " ?", new Object[0]);
        if (x509Certificate == null) {
            y.b("k", "x509Certificate is null", new Object[0]);
            return false;
        }
        try {
            return date.before(x509Certificate.getNotAfter());
        } catch (Exception e2) {
            e2.printStackTrace();
            return false;
        }
    }

    public static boolean m(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        PublicKey publicKey;
        if (x509Certificate == null || x509Certificate2 == null || (publicKey = x509Certificate.getPublicKey()) == null) {
            return false;
        }
        try {
            x509Certificate2.verify(publicKey);
            return true;
        } catch (Exception e2) {
            e2.printStackTrace();
            return false;
        }
    }
}
