package az.dpc.sima.sdk.lib;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Iterator;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import o.f.a.f1;
import o.f.c.s;
import o.f.c.t;

/* loaded from: classes.dex */
public class o {
    private final Context a;

    /* loaded from: classes.dex */
    public static class a implements o.f.c.j {
        private final InputStream a;

        /* renamed from: b, reason: collision with root package name */
        private final o.f.a.n f1740b;

        public a(InputStream inputStream) {
            this(new o.f.a.n(o.f.a.f2.f.F.C()), inputStream);
        }

        public a(o.f.a.n nVar, InputStream inputStream) {
            this.f1740b = nVar;
            this.a = inputStream;
        }

        @Override // o.f.c.c
        public void a(OutputStream outputStream) {
            e.l.c.e.a.c(this.a, outputStream);
            this.a.close();
        }

        @Override // o.f.c.j
        public o.f.a.n b() {
            return this.f1740b;
        }

        @Override // o.f.c.c
        public Object c() {
            return this.a;
        }
    }

    /* loaded from: classes.dex */
    public static class b implements e.l.c.h.o.c.c {
        private final String a;

        /* renamed from: b, reason: collision with root package name */
        private final PrivateKey f1741b;

        /* renamed from: c, reason: collision with root package name */
        private final X509Certificate f1742c;

        public b(PrivateKey privateKey, X509Certificate x509Certificate, String str) {
            this.a = str;
            this.f1741b = privateKey;
            this.f1742c = x509Certificate;
        }

        private o.f.c.f b(o.f.c.f fVar) {
            t e2 = fVar.e();
            ArrayList arrayList = new ArrayList();
            Iterator<s> it = e2.d().iterator();
            while (it.hasNext()) {
                arrayList.add(c(it.next()));
            }
            return o.f.c.f.f(fVar, new t(arrayList));
        }

        private s c(s sVar) {
            o.f.a.f2.b d2 = sVar.d();
            o.f.a.f fVar = new o.f.a.f();
            if (d2 != null) {
                fVar = d2.d();
            }
            fVar.a(new o.f.a.f2.a(o.f.a.q2.d.V0, new f1(o.f.a.s.s(new o.f.k.c(Base64.decode(this.a, 2)).a().a()))));
            return s.e(sVar, new o.f.a.f2.b(new o.f.a.f2.c(fVar)));
        }

        @Override // e.l.c.h.o.c.c
        public byte[] a(InputStream inputStream) {
            try {
                o.f.h.a a = new o.f.h.k.a("SHA256withECDSA").a(this.f1741b);
                o.f.c.g gVar = new o.f.c.g();
                gVar.b(new o.f.c.u.a(new o.f.h.k.b().b()).a(a, this.f1742c));
                gVar.a(new o.f.b.f.a(new ArrayList(Arrays.asList(this.f1742c))));
                o.f.c.f c2 = gVar.c(new a(inputStream), false);
                if (this.a != null) {
                    c2 = b(c2);
                }
                return c2.a();
            } catch (Exception e2) {
                throw new IOException(e2);
            }
        }
    }

    public o(Context context) {
        this.a = context;
        e.l.c.a.b.b(context);
    }

    private PublicKey b(ECPrivateKey eCPrivateKey) {
        o.f.f.c.c c2 = o.f.e.a.a.a.a.c(eCPrivateKey.getParams(), false);
        o.f.g.a.g j2 = c2.a().j(c2.b().u(eCPrivateKey.getS()).j(false));
        ECPoint eCPoint = new ECPoint(j2.e().t(), j2.f().t());
        o.f.f.c.a a2 = o.f.f.a.a("secp256r1");
        return KeyFactory.getInstance("EC").generatePublic(new ECPublicKeySpec(eCPoint, new o.f.f.c.b(a2.f(), a2.a(), a2.b(), a2.d(), a2.c(), a2.e())));
    }

    private static byte[] g(String str) {
        if (str.length() % 2 != 0) {
            str = "0" + str;
        }
        int length = str.length() / 2;
        byte[] bArr = new byte[length];
        for (int i2 = 0; i2 < length; i2++) {
            int i3 = i2 * 2;
            bArr[i2] = (byte) Integer.parseInt(str.substring(i3, i3 + 2), 16);
        }
        return bArr;
    }

    public PrivateKey a(byte[] bArr, String str, byte[] bArr2) {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        Key key = keyStore.getKey("encryption-key", null);
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, 12);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, 12, bArr.length);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, key);
        byte[] doFinal = cipher.doFinal(copyOfRange2);
        SecretKey c2 = c(str, bArr2);
        Cipher cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
        cipher2.init(2, c2, new GCMParameterSpec(128, copyOfRange));
        return KeyFactory.getInstance("EC").generatePrivate(new PKCS8EncodedKeySpec(cipher2.doFinal(doFinal)));
    }

    public SecretKey c(String str, byte[] bArr) {
        return new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2withHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, 1024, 256)).getEncoded(), "AES");
    }

    public byte[] d(byte[] bArr, String str, byte[] bArr2) {
        SecretKey c2 = c(str, bArr2);
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(1, c2);
        byte[] doFinal = cipher.doFinal(bArr);
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        PublicKey publicKey = keyStore.getCertificate("encryption-key").getPublicKey();
        Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher2.init(1, publicKey);
        return e.f.b.a.a.a(cipher.getIV(), cipher2.doFinal(doFinal));
    }

    public String e(PrivateKey privateKey, String str, String str2, String str3, String str4) {
        PublicKey b2 = b((ECPrivateKey) privateKey);
        o.f.i.c.a aVar = new o.f.i.c.a(new X500Principal(String.format("C=AZ, CN=%s, SURNAME=%s, GIVENNAME=%s, SERIALNUMBER=%s", str4, str3, str2, str)), b2);
        o.f.a.w2.e eVar = new o.f.a.w2.e();
        eVar.b(new o.f.a.n("1.3.6.1.4.1.311.20.2"), true, g("1E2400510043004400690067006900740061006C005300690067006E00610074007500720065"));
        eVar.a(o.f.a.w2.c.i1, false, new o.f.b.f.c().c(b2));
        aVar.a(o.f.a.q2.d.h0, eVar.c());
        return Base64.encodeToString(aVar.b(new o.f.h.k.a("SHA256withECDSA").a(privateKey)).a(), 2);
    }

    public PrivateKey f() {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
        keyPairGenerator.initialize(new ECGenParameterSpec("secp256r1"));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        KeyGenParameterSpec.Builder encryptionPaddings = new KeyGenParameterSpec.Builder("encryption-key", 3).setKeySize(2048).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding");
        if (Build.VERSION.SDK_INT >= 28 && this.a.getPackageManager().hasSystemFeature("android.hardware.strongbox_keystore")) {
            encryptionPaddings.setIsStrongBoxBacked(true);
        }
        keyPairGenerator2.initialize(encryptionPaddings.build());
        keyPairGenerator2.generateKeyPair();
        return generateKeyPair.getPrivate();
    }

    public void h() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        keyStore.deleteEntry("encryption-key");
    }

    public void i(PrivateKey privateKey, byte[] bArr, String str, byte[] bArr2, File file) {
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        File createTempFile = File.createTempFile("unsigned", "pdf");
        o.a.a.a.a.b(createTempFile, bArr2);
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        try {
            e.l.c.h.b K = e.l.c.h.b.K(createTempFile);
            try {
                b bVar = new b(privateKey, x509Certificate, str);
                e.l.c.h.o.c.b bVar2 = new e.l.c.h.o.c.b();
                bVar2.d(e.l.c.h.o.c.b.h1);
                bVar2.i(e.l.c.h.o.c.b.m1);
                bVar2.f("SİMA");
                bVar2.e("AZE");
                bVar2.g("SİMA client signature");
                bVar2.h(Calendar.getInstance());
                K.a(bVar2, bVar);
                K.S(fileOutputStream);
                K.close();
                fileOutputStream.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                fileOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
