package io.getlime.security.powerauth.client.activation;

import com.google.common.io.BaseEncoding;
import io.getlime.security.powerauth.lib.config.PowerAuthConfiguration;
import io.getlime.security.powerauth.lib.generator.KeyGenerator;
import io.getlime.security.powerauth.lib.model.ActivationStatusBlobInfo;
import io.getlime.security.powerauth.lib.util.AESEncryptionUtils;
import io.getlime.security.powerauth.lib.util.HMACHashUtilities;
import io.getlime.security.powerauth.lib.util.SignatureUtils;
import io.getlime.security.powerauth.server.activation.PowerAuthServerActivation;
import java.io.UnsupportedEncodingException;
import java.nio.ByteBuffer;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.SecretKey;

/* loaded from: input_file:io/getlime/security/powerauth/client/activation/PowerAuthClientActivation.class */
public class PowerAuthClientActivation {
    private final SignatureUtils signatureUtils = new SignatureUtils();

    public boolean verifyActivationDataSignature(String str, String str2, byte[] bArr, PublicKey publicKey) throws InvalidKeyException {
        try {
            return this.signatureUtils.validateECDSASignature((str + "-" + str2).getBytes("UTF-8"), bArr, publicKey);
        } catch (UnsupportedEncodingException | SignatureException e) {
            Logger.getLogger(PowerAuthClientActivation.class.getName()).log(Level.SEVERE, (String) null, e);
            return false;
        }
    }

    public KeyPair generateDeviceKeyPair() {
        return new KeyGenerator().generateKeyPair();
    }

    public byte[] generateActivationNonce() {
        return new KeyGenerator().generateRandomBytes(16);
    }

    public byte[] computeApplicationSignature(String str, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        try {
            return new HMACHashUtilities().hash(bArr4, (str + "&" + BaseEncoding.base64().encode(bArr) + "&" + BaseEncoding.base64().encode(bArr2) + "&" + BaseEncoding.base64().encode(bArr3)).getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            Logger.getLogger(PowerAuthClientActivation.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            return null;
        }
    }

    public byte[] encryptDevicePublicKey(PublicKey publicKey, PrivateKey privateKey, PublicKey publicKey2, String str, String str2, byte[] bArr) throws InvalidKeyException {
        try {
            KeyGenerator keyGenerator = new KeyGenerator();
            SecretKey deriveSecretKeyFromPassword = keyGenerator.deriveSecretKeyFromPassword(str, str2.getBytes("UTF-8"));
            byte[] convertPublicKeyToBytes = PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertPublicKeyToBytes(publicKey);
            SecretKey computeSharedKey = keyGenerator.computeSharedKey(privateKey, publicKey2);
            AESEncryptionUtils aESEncryptionUtils = new AESEncryptionUtils();
            return aESEncryptionUtils.encrypt(aESEncryptionUtils.encrypt(convertPublicKeyToBytes, bArr, deriveSecretKeyFromPassword), bArr, computeSharedKey);
        } catch (UnsupportedEncodingException | BadPaddingException | IllegalBlockSizeException e) {
            Logger.getLogger(PowerAuthClientActivation.class.getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }

    public boolean verifyServerDataSignature(String str, byte[] bArr, byte[] bArr2, PublicKey publicKey) throws InvalidKeyException, UnsupportedEncodingException {
        try {
            return this.signatureUtils.validateECDSASignature((BaseEncoding.base64().encode(str.getBytes("UTF-8")) + "&" + BaseEncoding.base64().encode(bArr)).getBytes("UTF-8"), bArr2, publicKey);
        } catch (SignatureException e) {
            Logger.getLogger(PowerAuthClientActivation.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            return false;
        }
    }

    public PublicKey decryptServerPublicKey(byte[] bArr, PrivateKey privateKey, PublicKey publicKey, String str, String str2, byte[] bArr2) throws InvalidKeyException {
        try {
            KeyGenerator keyGenerator = new KeyGenerator();
            SecretKey computeSharedKey = keyGenerator.computeSharedKey(privateKey, publicKey);
            SecretKey deriveSecretKeyFromPassword = keyGenerator.deriveSecretKeyFromPassword(str, str2.getBytes("UTF-8"));
            AESEncryptionUtils aESEncryptionUtils = new AESEncryptionUtils();
            return PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertBytesToPublicKey(aESEncryptionUtils.decrypt(aESEncryptionUtils.decrypt(bArr, bArr2, computeSharedKey), bArr2, deriveSecretKeyFromPassword));
        } catch (UnsupportedEncodingException | InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException e) {
            Logger.getLogger(PowerAuthClientActivation.class.getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }

    public int computeDevicePublicKeyFingerprint(PublicKey publicKey) {
        try {
            byte[] digest = MessageDigest.getInstance("SHA-256").digest(PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertPublicKeyToBytes(publicKey));
            if (digest.length < 4) {
                throw new IndexOutOfBoundsException();
            }
            return (ByteBuffer.wrap(digest).getInt(digest.length - 4) & Integer.MAX_VALUE) % ((int) Math.pow(10.0d, 8.0d));
        } catch (NoSuchAlgorithmException e) {
            Logger.getLogger(PowerAuthServerActivation.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            return 0;
        }
    }

    public ActivationStatusBlobInfo getStatusFromEncryptedBlob(byte[] bArr, SecretKey secretKey) throws InvalidKeyException {
        try {
            if (bArr.length != 32) {
                ActivationStatusBlobInfo activationStatusBlobInfo = new ActivationStatusBlobInfo();
                activationStatusBlobInfo.setActivationStatus((byte) 5);
                activationStatusBlobInfo.setCounter(0L);
                activationStatusBlobInfo.setFailedAttempts((byte) 0);
                activationStatusBlobInfo.setMaxFailedAttempts((byte) 5);
                activationStatusBlobInfo.setValid(false);
                return activationStatusBlobInfo;
            }
            byte[] decrypt = new AESEncryptionUtils().decrypt(bArr, new byte[16], secretKey, "AES/CBC/NoPadding");
            ActivationStatusBlobInfo activationStatusBlobInfo2 = new ActivationStatusBlobInfo();
            ByteBuffer wrap = ByteBuffer.wrap(decrypt);
            activationStatusBlobInfo2.setValid(wrap.getInt(0) == -557785391);
            activationStatusBlobInfo2.setActivationStatus(wrap.get(4));
            activationStatusBlobInfo2.setCounter(wrap.getLong(5));
            activationStatusBlobInfo2.setFailedAttempts(wrap.get(13));
            activationStatusBlobInfo2.setMaxFailedAttempts(wrap.get(14));
            return activationStatusBlobInfo2;
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            Logger.getLogger(PowerAuthClientActivation.class.getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }
}
