package io.getlime.security.powerauth.crypto.server.activation;

import com.google.common.io.BaseEncoding;
import io.getlime.security.powerauth.crypto.client.activation.PowerAuthClientActivation;
import io.getlime.security.powerauth.crypto.lib.config.PowerAuthConfiguration;
import io.getlime.security.powerauth.crypto.lib.generator.IdentifierGenerator;
import io.getlime.security.powerauth.crypto.lib.generator.KeyGenerator;
import io.getlime.security.powerauth.crypto.lib.util.AESEncryptionUtils;
import io.getlime.security.powerauth.crypto.lib.util.HMACHashUtilities;
import io.getlime.security.powerauth.crypto.lib.util.SignatureUtils;
import java.io.UnsupportedEncodingException;
import java.nio.ByteBuffer;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.SecretKey;

/* loaded from: input_file:io/getlime/security/powerauth/crypto/server/activation/PowerAuthServerActivation.class */
public class PowerAuthServerActivation {
    private final IdentifierGenerator identifierGenerator = new IdentifierGenerator();
    private final SignatureUtils signatureUtils = new SignatureUtils();

    public String generateActivationId() {
        return this.identifierGenerator.generateActivationId();
    }

    public String generateActivationIdShort() {
        return this.identifierGenerator.generateActivationIdShort();
    }

    public String generateActivationOTP() {
        return this.identifierGenerator.generateActivationOTP();
    }

    public KeyPair generateServerKeyPair() {
        return new KeyGenerator().generateKeyPair();
    }

    public byte[] generateActivationSignature(String str, String str2, PrivateKey privateKey) throws InvalidKeyException {
        try {
            return this.signatureUtils.computeECDSASignature((str + "-" + str2).getBytes("UTF-8"), privateKey);
        } catch (UnsupportedEncodingException | SignatureException e) {
            Logger.getLogger(PowerAuthServerActivation.class.getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }

    public byte[] generateActivationNonce() {
        return new KeyGenerator().generateRandomBytes(16);
    }

    public boolean validateApplicationSignature(String str, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) {
        try {
            return Arrays.equals(new HMACHashUtilities().hash(bArr4, (str + "&" + BaseEncoding.base64().encode(bArr) + "&" + BaseEncoding.base64().encode(bArr2) + "&" + BaseEncoding.base64().encode(bArr3)).getBytes("UTF-8")), bArr5);
        } catch (UnsupportedEncodingException e) {
            Logger.getLogger(PowerAuthClientActivation.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            return false;
        }
    }

    public PublicKey decryptDevicePublicKey(byte[] bArr, String str, PrivateKey privateKey, PublicKey publicKey, String str2, byte[] bArr2) {
        try {
            SecretKey deriveSecretKeyFromPassword = new KeyGenerator().deriveSecretKeyFromPassword(str2, str.getBytes("UTF-8"));
            if (publicKey == null) {
                return PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertBytesToPublicKey(new AESEncryptionUtils().decrypt(bArr, bArr2, deriveSecretKeyFromPassword));
            }
            SecretKey computeSharedKey = new KeyGenerator().computeSharedKey(privateKey, publicKey);
            AESEncryptionUtils aESEncryptionUtils = new AESEncryptionUtils();
            return PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertBytesToPublicKey(aESEncryptionUtils.decrypt(aESEncryptionUtils.decrypt(bArr, bArr2, computeSharedKey), bArr2, deriveSecretKeyFromPassword));
        } catch (UnsupportedEncodingException | InvalidKeyException | InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException e) {
            Logger.getLogger(PowerAuthServerActivation.class.getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }

    public byte[] encryptServerPublicKey(PublicKey publicKey, PublicKey publicKey2, PrivateKey privateKey, String str, String str2, byte[] bArr) throws InvalidKeyException {
        try {
            byte[] convertPublicKeyToBytes = PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertPublicKeyToBytes(publicKey);
            KeyGenerator keyGenerator = new KeyGenerator();
            SecretKey computeSharedKey = keyGenerator.computeSharedKey(privateKey, publicKey2);
            SecretKey deriveSecretKeyFromPassword = keyGenerator.deriveSecretKeyFromPassword(str, str2.getBytes("UTF-8"));
            AESEncryptionUtils aESEncryptionUtils = new AESEncryptionUtils();
            return aESEncryptionUtils.encrypt(aESEncryptionUtils.encrypt(convertPublicKeyToBytes, bArr, deriveSecretKeyFromPassword), bArr, computeSharedKey);
        } catch (UnsupportedEncodingException | BadPaddingException | IllegalBlockSizeException e) {
            Logger.getLogger(PowerAuthServerActivation.class.getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }

    public byte[] encryptedStatusBlob(byte b, long j, byte b2, byte b3, SecretKey secretKey) throws InvalidKeyException {
        try {
            byte[] array = ByteBuffer.allocate(32).putInt(-557785391).put(b).putLong(j).put(b2).put(b3).put(new KeyGenerator().generateRandomBytes(17)).array();
            return new AESEncryptionUtils().encrypt(array, new byte[16], secretKey, "AES/CBC/NoPadding");
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            Logger.getLogger(PowerAuthServerActivation.class.getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }

    public byte[] computeServerDataSignature(String str, byte[] bArr, PrivateKey privateKey) throws InvalidKeyException, UnsupportedEncodingException {
        try {
            return this.signatureUtils.computeECDSASignature((BaseEncoding.base64().encode(str.getBytes("UTF-8")) + "&" + BaseEncoding.base64().encode(bArr)).getBytes("UTF-8"), privateKey);
        } catch (SignatureException e) {
            Logger.getLogger(PowerAuthServerActivation.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            return null;
        }
    }

    public int computeDevicePublicKeyFingerprint(PublicKey publicKey) {
        try {
            byte[] digest = MessageDigest.getInstance("SHA-256").digest(PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertPublicKeyToBytes(publicKey));
            if (digest.length < 4) {
                throw new IndexOutOfBoundsException();
            }
            return (ByteBuffer.wrap(digest).getInt(digest.length - 4) & Integer.MAX_VALUE) % ((int) Math.pow(10.0d, 8.0d));
        } catch (NoSuchAlgorithmException e) {
            Logger.getLogger(PowerAuthServerActivation.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            return 0;
        }
    }
}
