package morpho.ccmid.api.network;

import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.spec.IvParameterSpec;
import l01.a;
import morpho.ccmid.api.error.exceptions.CcmidException;
import morpho.ccmid.api.error.exceptions.CcmidSRPHandshakeException;
import morpho.ccmid.api.network.SRPKeys;
import morpho.ccmid.sdk.data.RoamingCryptoContext;
import org.spongycastle.crypto.CryptoException;
import org.spongycastle.crypto.agreement.srp.SRP6Util;
import org.spongycastle.crypto.digests.SHA256Digest;

/* loaded from: classes3.dex */
public final class CryptoContext extends BaseCrypto implements Serializable {
    public static final String SHA1_PRNG = "SHA1PRNG";
    private static final long serialVersionUID = -3700109032482068257L;
    private BigInteger A;
    private BigInteger B;
    private byte[] K;
    private BigInteger N;

    /* renamed from: a, reason: collision with root package name */
    private BigInteger f35476a;
    private String cloudcardServerUrl;
    private CcmidException failureReason;

    /* renamed from: g, reason: collision with root package name */
    private BigInteger f35477g;
    private byte[] identity;
    private SRPKeys.Key key;

    /* renamed from: m1, reason: collision with root package name */
    private byte[] f35478m1;
    private byte[] password;
    private CryptoContext precedentSRPContext;
    private RoamingCryptoContext roamingCryptoContext = null;
    private byte[] serverSalt;
    private String srpKey;
    private SRPType srpType;
    private SRPStatus status;

    /* renamed from: x, reason: collision with root package name */
    private BigInteger f35479x;

    /* loaded from: classes3.dex */
    public enum SRPStatus {
        INITIATED,
        CHALLENGING,
        VERIFIED,
        FAILURE
    }

    @Deprecated
    public CryptoContext(String str, SRPType sRPType, String str2, byte[] bArr, CryptoContext cryptoContext) {
        try {
            init(str, sRPType, str2, bArr, cryptoContext, SRPKeys.DEFAULT_STR, SRPKeys.DEFAULT);
        } catch (Exception unused) {
            setStatus(SRPStatus.FAILURE);
        }
    }

    public CryptoContext(String str, SRPType sRPType, String str2, byte[] bArr, CryptoContext cryptoContext, String str3) {
        try {
            init(str, sRPType, str2, bArr, cryptoContext, str3, str3 != null ? SRPKeys.get(str3) : SRPKeys.DEFAULT);
        } catch (Exception unused) {
            setStatus(SRPStatus.FAILURE);
        }
    }

    private SecureRandom getSecureRandom() throws NoSuchAlgorithmException {
        return SecureRandom.getInstance(SHA1_PRNG);
    }

    private void init(String str, SRPType sRPType, String str2, byte[] bArr, CryptoContext cryptoContext, String str3, SRPKeys.Key key) throws UnsupportedEncodingException, NoSuchAlgorithmException {
        this.cloudcardServerUrl = str;
        this.srpType = sRPType;
        this.identity = str2.getBytes("UTF-8");
        this.password = bArr;
        this.precedentSRPContext = cryptoContext;
        this.N = key.getN();
        this.f35477g = key.getG();
        SecureRandom secureRandom = getSecureRandom();
        new SHA256Digest();
        BigInteger a12 = SRP6Util.a(this.N, secureRandom);
        this.f35476a = a12;
        this.A = this.f35477g.modPow(a12, this.N);
        this.key = key;
        this.srpKey = str3;
        setStatus(SRPStatus.INITIATED);
    }

    public BigInteger calculateSecret(BigInteger bigInteger) throws CryptoException {
        this.B = SRP6Util.c(this.N, bigInteger);
        BigInteger b12 = SRP6Util.b(new SHA256Digest(), this.N, this.A, this.B);
        SHA256Digest sHA256Digest = new SHA256Digest();
        BigInteger bigInteger2 = this.N;
        BigInteger b13 = SRP6Util.b(sHA256Digest, bigInteger2, bigInteger2, this.f35477g);
        return this.B.subtract(this.f35477g.modPow(this.f35479x, this.N).multiply(b13).mod(this.N)).mod(this.N).modPow(b12.multiply(this.f35479x).add(this.f35476a), this.N);
    }

    public byte[] computeClientChallengeM1() {
        MessageDigest a12 = a.a();
        this.f35478m1 = new byte[a12.getDigestLength()];
        byte[] asUnsignedByteArray = SRPUtil.asUnsignedByteArray(this.A);
        byte[] asUnsignedByteArray2 = SRPUtil.asUnsignedByteArray(this.B);
        a12.update(asUnsignedByteArray, 0, asUnsignedByteArray.length);
        a12.update(asUnsignedByteArray2, 0, asUnsignedByteArray2.length);
        byte[] bArr = this.K;
        a12.update(bArr, 0, bArr.length);
        byte[] digest = a12.digest();
        this.f35478m1 = digest;
        if (digest.length != a12.getDigestLength()) {
            throw new SecurityException("Failed to validate client challenge");
        }
        setStatus(SRPStatus.CHALLENGING);
        return this.f35478m1;
    }

    public void computeSessionKey(byte[] bArr, BigInteger bigInteger) throws SecurityException, CryptoException {
        this.serverSalt = bArr;
        MessageDigest a12 = a.a();
        this.f35479x = SRPUtil.calculateX(a12, this.identity, this.password, bArr, this.N);
        BigInteger calculateSecret = calculateSecret(bigInteger);
        a12.reset();
        byte[] asUnsignedByteArray = SRPUtil.asUnsignedByteArray(calculateSecret);
        a12.update(asUnsignedByteArray, 0, asUnsignedByteArray.length);
        byte[] digest = a12.digest();
        this.K = digest;
        if (digest.length != a12.getDigestLength()) {
            throw new SecurityException("Failed to generate Shared secret");
        }
    }

    public byte[] decryptData(byte[] bArr, boolean z3) throws GeneralSecurityException {
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, 8);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, 8, bArr.length);
        return z3 ? a.b(2, BaseCrypto.generateKeys(this.K).f3a, copyOfRange2, new IvParameterSpec(copyOfRange)) : a.b(2, this.K, copyOfRange2, new IvParameterSpec(copyOfRange));
    }

    public byte[] encryptData(byte[] bArr, boolean z3) throws GeneralSecurityException {
        byte[] seed = SecureRandom.getSeed(8);
        byte[] b12 = z3 ? a.b(1, BaseCrypto.generateKeys(this.K).f3a, bArr, new IvParameterSpec(seed)) : a.b(1, this.K, bArr, new IvParameterSpec(seed));
        byte[] bArr2 = new byte[b12.length + 8];
        System.arraycopy(seed, 0, bArr2, 0, 8);
        System.arraycopy(b12, 0, bArr2, 8, b12.length);
        return bArr2;
    }

    public BigInteger getA() {
        return this.A;
    }

    public CcmidException getFailureReason() {
        return this.failureReason;
    }

    public byte[] getIdentity() {
        return this.identity;
    }

    public byte[] getK() {
        return this.K;
    }

    public SRPKeys.Key getKey() {
        return this.key;
    }

    public byte[] getM1() {
        return this.f35478m1;
    }

    public byte[] getPassword() {
        return this.password;
    }

    public CryptoContext getPrecedentSRPContext() {
        return this.precedentSRPContext;
    }

    public RoamingCryptoContext getRoamingCryptoContext() {
        return this.roamingCryptoContext;
    }

    public SRPType getSRPType() {
        return this.srpType;
    }

    public byte[] getServerSalt() {
        return this.serverSalt;
    }

    public String getServerUrl() {
        return this.cloudcardServerUrl;
    }

    public String getSrpKey() {
        return this.srpKey;
    }

    public SRPStatus getStatus() {
        return this.status;
    }

    public void setFailureReason(CcmidException ccmidException) {
        this.failureReason = ccmidException;
    }

    public void setKey(SRPKeys.Key key) {
        this.key = key;
    }

    public void setRoamingCryptoContext(RoamingCryptoContext roamingCryptoContext) {
        this.roamingCryptoContext = roamingCryptoContext;
    }

    public void setStatus(SRPStatus sRPStatus) {
        this.status = sRPStatus;
    }

    public void verifyServerChallenge(byte[] bArr) throws CcmidSRPHandshakeException {
        MessageDigest a12 = a.a();
        byte[] asUnsignedByteArray = SRPUtil.asUnsignedByteArray(this.A);
        int i11 = 0;
        a12.update(asUnsignedByteArray, 0, asUnsignedByteArray.length);
        byte[] bArr2 = this.f35478m1;
        a12.update(bArr2, 0, bArr2.length);
        byte[] bArr3 = this.K;
        a12.update(bArr3, 0, bArr3.length);
        byte[] digest = a12.digest();
        if (digest.length != a12.getDigestLength()) {
            throw new SecurityException("Failed to generate server challenge");
        }
        if (bArr.length != digest.length) {
            throw new CcmidSRPHandshakeException("Server challenge size mismatch");
        }
        while (i11 < digest.length && digest[i11] == bArr[i11]) {
            i11++;
        }
        if (i11 != digest.length) {
            throw new CcmidSRPHandshakeException("Server challenge verification failed");
        }
    }
}
