package io.getlime.security.powerauth.lib.generator;

import io.getlime.security.powerauth.lib.config.PowerAuthConfiguration;
import io.getlime.security.powerauth.lib.util.AESEncryptionUtils;
import java.nio.ByteBuffer;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:io/getlime/security/powerauth/lib/generator/KeyGenerator.class */
public class KeyGenerator {
    private final SecureRandom random = new SecureRandom();

    public KeyPair generateKeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDH", PowerAuthConfiguration.INSTANCE.getKeyConvertor().getProviderName());
            keyPairGenerator.initialize(new ECGenParameterSpec("secp256r1"));
            return keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            Logger.getLogger(getClass().getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }

    public SecretKey computeSharedKey(PrivateKey privateKey, PublicKey publicKey) throws InvalidKeyException {
        try {
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH", PowerAuthConfiguration.INSTANCE.getKeyConvertor().getProviderName());
            keyAgreement.init(privateKey);
            keyAgreement.doPhase(publicKey, true);
            return PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertBytesToSharedSecretKey(convert32Bto16B(keyAgreement.generateSecret()));
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            Logger.getLogger(getClass().getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }

    public byte[] convert32Bto16B(byte[] bArr) throws IllegalArgumentException {
        if (bArr.length != 32) {
            throw new IllegalArgumentException("Invalid byte array size, expected: 32, provided: " + bArr.length);
        }
        byte[] bArr2 = new byte[16];
        for (int i = 0; i < 16; i++) {
            bArr2[i] = (byte) (bArr[i] ^ bArr[i + 16]);
        }
        return bArr2;
    }

    public byte[] generateRandomBytes(int i) {
        byte[] bArr = new byte[i];
        this.random.nextBytes(bArr);
        return bArr;
    }

    public SecretKey generateRandomSecretKey() {
        return PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertBytesToSharedSecretKey(generateRandomBytes(16));
    }

    public SecretKey deriveSecretKey(SecretKey secretKey, long j) {
        try {
            return PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertBytesToSharedSecretKey(Arrays.copyOf(new AESEncryptionUtils().encrypt(ByteBuffer.allocate(16).putLong(0L).putLong(j).array(), new byte[16], secretKey), 16));
        } catch (InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) {
            Logger.getLogger(KeyGenerator.class.getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }

    public SecretKey deriveSecretKeyFromPassword(String str, byte[] bArr) {
        try {
            return new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1", PowerAuthConfiguration.INSTANCE.getKeyConvertor().getProviderName()).generateSecret(new PBEKeySpec(str.toCharArray(), bArr, PowerAuthConfiguration.PBKDF_ITERATIONS, 128)).getEncoded(), "AES/ECB/NoPadding");
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            Logger.getLogger(KeyGenerator.class.getName()).log(Level.SEVERE, (String) null, e);
            return null;
        }
    }
}
