package com.passwordbox.api.v0.crypto.lowlevel;

import com.google.gson.JsonObject;
import com.passwordbox.api.v0.crypto.CommonCryptoUtils;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import org.spongycastle.crypto.CipherParameters;
import org.spongycastle.crypto.CryptoException;
import org.spongycastle.crypto.PBEParametersGenerator;
import org.spongycastle.crypto.digests.SHA256Digest;
import org.spongycastle.crypto.engines.AESFastEngine;
import org.spongycastle.crypto.generators.PKCS5S2ParametersGenerator;
import org.spongycastle.crypto.modes.CCMBlockCipher;
import org.spongycastle.crypto.modes.SICBlockCipher;
import org.spongycastle.crypto.params.AEADParameters;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.crypto.params.ParametersWithIV;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.encoders.Base64;
import org.spongycastle.util.encoders.Hex;

/* loaded from: classes.dex */
public class SJCLCryptoUtils {
    private static final int BITS_PER_BYTES = 8;
    private static final byte[] CURRENT_SJCL_CIPHER_VERSION_NUMBER = {0, 4};
    private static final int DEFAULT_AES_CCM_IV_SIZE_IN_BITS = 128;
    private static final int DEFAULT_AES_CCM_IV_SIZE_IN_BYTES = 16;
    private static final int DEFAULT_AES_CTR_IV_SIZE_IN_BITS = 64;
    private static final int DEFAULT_AES_CTR_IV_SIZE_IN_BYTES = 8;
    private static final int DEFAULT_KEY_DERIVATION_ITERATION_COUNT = 1000;
    private static final int DEFAULT_KEY_SIZE_IN_BITS = 256;
    private static final int DEFAULT_KEY_SIZE_IN_BYTES = 32;
    private static final int DEFAULT_TAG_SIZE_IN_BITS = 64;
    private static final int DEFAULT_TAG_SIZE_IN_BYTES = 8;
    private static final String JSON_ASSOCIATED_DATA_KEY = "adata";
    private static final String JSON_CIPHERTEXT_KEY = "ct";
    private static final String JSON_IV_KEY = "iv";
    private static final String JSON_KEY_DERIVATION_ITERATION_COUNT_KEY = "iter";
    private static final String JSON_KEY_DERIVATION_SALT_KEY = "salt";
    private static final String JSON_KEY_SIZE_KEY = "ks";
    private static final String JSON_MODE_KEY = "mode";
    private static final String JSON_TAG_SIZE_KEY = "ts";
    private static final String SUPPORTED_CIPHER_BLOCK_MODE_OF_OPERATION = "ccm";

    static byte[] computeNonce(byte[] bArr, byte[] bArr2) {
        int length = bArr.length;
        int length2 = bArr2.length - 8;
        int i = 2;
        while (i < 4 && (length2 >>> (i * 8)) != 0) {
            i++;
        }
        if (i < 15 - length) {
            i = 15 - length;
        }
        return Arrays.a(bArr, 15 - i);
    }

    public static String decryptFromJSONObjectUsingDerivedKey(JsonObject jsonObject, byte[] bArr) {
        if (jsonObject == null || bArr == null) {
            throw new IllegalArgumentException();
        }
        if (!jsonObject.get(JSON_MODE_KEY).getAsString().equals(SUPPORTED_CIPHER_BLOCK_MODE_OF_OPERATION)) {
            throw new UnsupportedOperationException("Can only decrypt CCM mode encrypted data - Legacy \"Veness\" mode not supported");
        }
        byte[] a = Base64.a(jsonObject.get(JSON_IV_KEY).getAsString());
        byte[] a2 = Base64.a(jsonObject.get(JSON_CIPHERTEXT_KEY).getAsString());
        if (jsonObject.get(JSON_ASSOCIATED_DATA_KEY) != null) {
            throw new UnsupportedOperationException("Associated data not supported at this point");
        }
        return decryptUsingAES_CCM(a2, null, bArr, a, jsonObject.get(JSON_TAG_SIZE_KEY) != null ? jsonObject.get(JSON_TAG_SIZE_KEY).getAsInt() : 64);
    }

    public static String decryptFromPackedStringUsingDerivedKey(String str, byte[] bArr) {
        if (str == null || bArr == null) {
            throw new IllegalArgumentException();
        }
        byte[] a = Base64.a(str);
        byte b = a[1];
        if (b >= 0 && b < 4) {
            return decryptUsingAES_CTR(Arrays.a(a, 8, a.length), bArr, Arrays.b(Arrays.a(a, 0, 8), new byte[8]));
        }
        if (b != 4) {
            throw new UnsupportedOperationException("Unsupported cipher version");
        }
        if (bArr.length > 32) {
            bArr = Arrays.a(bArr, 0, 32);
        }
        return decryptUsingAES_CCM(Arrays.a(a, 18, a.length), new byte[0], bArr, Arrays.a(a, 2, 18), 64);
    }

    public static String decryptFromPackedStringUsingDerivedKeyOrPassword(String str, String str2) {
        int packedStringEncryptionScheme = packedStringEncryptionScheme(str);
        if (packedStringEncryptionScheme >= 0 && packedStringEncryptionScheme < 4) {
            return decryptFromPackedStringUsingDerivedKey(str, venessCompatibleKeyDerivationFunction(str2));
        }
        if (packedStringEncryptionScheme == 4) {
            return decryptFromPackedStringUsingDerivedKey(str, Hex.a(str2));
        }
        throw new UnsupportedOperationException("Unsupported cipher version");
    }

    static String decryptUsingAES_CCM(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, int i) {
        AEADParameters aEADParameters = new AEADParameters(new KeyParameter(bArr3), i, computeNonce(bArr4, bArr), bArr2);
        CCMBlockCipher cCMBlockCipher = new CCMBlockCipher(new AESFastEngine());
        cCMBlockCipher.a(false, (CipherParameters) aEADParameters);
        byte[] bArr5 = new byte[cCMBlockCipher.a(bArr.length)];
        cCMBlockCipher.a(bArr, bArr.length);
        cCMBlockCipher.a(bArr5);
        return CommonCryptoUtils.getStringFromBytes(bArr5);
    }

    static String decryptUsingAES_CTR(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        ParametersWithIV parametersWithIV = new ParametersWithIV(new KeyParameter(bArr2), bArr3);
        SICBlockCipher sICBlockCipher = new SICBlockCipher(new AESFastEngine());
        sICBlockCipher.a(false, parametersWithIV);
        int length = bArr.length;
        int a = sICBlockCipher.a();
        byte[] bArr4 = new byte[length];
        for (int i = 0; i < length; i += a) {
            int i2 = length - i;
            if (i2 >= a) {
                sICBlockCipher.a(bArr, i, bArr4, i);
            } else {
                byte[] bArr5 = new byte[a];
                byte[] bArr6 = new byte[a];
                System.arraycopy(bArr, i, bArr5, 0, i2);
                sICBlockCipher.a(bArr5, 0, bArr6, 0);
                System.arraycopy(bArr6, 0, bArr4, i, i2);
            }
        }
        return CommonCryptoUtils.getStringFromBytes(bArr4);
    }

    public static byte[] deriveContentEncryptionKeyFromPassword(String str, byte[] bArr, int i, int i2) {
        PKCS5S2ParametersGenerator pKCS5S2ParametersGenerator = new PKCS5S2ParametersGenerator(new SHA256Digest());
        pKCS5S2ParametersGenerator.a(PBEParametersGenerator.a(str.toCharArray()), bArr, i);
        return ((KeyParameter) pKCS5S2ParametersGenerator.b(i2)).a;
    }

    public static JsonObject encryptToJSONObjectUsingDerivedKey(String str, String str2, byte[] bArr) {
        if (str == null || bArr == null) {
            throw new IllegalArgumentException();
        }
        return encryptToJSONObjectUsingDerivedKey(str, str2, null, bArr, CommonCryptoUtils.generateRandomBytes(16));
    }

    public static JsonObject encryptToJSONObjectUsingDerivedKey(String str, String str2, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        byte[] bytesFromString = CommonCryptoUtils.getBytesFromString(str);
        AEADParameters aEADParameters = new AEADParameters(new KeyParameter(bArr2), 64, computeNonce(bArr3, bytesFromString), str2 != null ? CommonCryptoUtils.getBytesFromString(str2) : null);
        CCMBlockCipher cCMBlockCipher = new CCMBlockCipher(new AESFastEngine());
        cCMBlockCipher.a(true, (CipherParameters) aEADParameters);
        byte[] bArr4 = new byte[cCMBlockCipher.a(bytesFromString.length)];
        cCMBlockCipher.a(bytesFromString, bytesFromString.length);
        cCMBlockCipher.a(bArr4);
        JsonObject jsonObject = new JsonObject();
        jsonObject.addProperty(JSON_CIPHERTEXT_KEY, Base64.a(bArr4));
        jsonObject.addProperty(JSON_IV_KEY, Base64.a(bArr3));
        jsonObject.addProperty(JSON_TAG_SIZE_KEY, (Number) 64);
        jsonObject.addProperty(JSON_KEY_SIZE_KEY, (Number) 256);
        jsonObject.addProperty(JSON_MODE_KEY, SUPPORTED_CIPHER_BLOCK_MODE_OF_OPERATION);
        if (str2 != null) {
            throw new UnsupportedOperationException("Associated data not supported at this point");
        }
        if (bArr != null) {
            jsonObject.addProperty(JSON_KEY_DERIVATION_SALT_KEY, Base64.a(bArr));
            jsonObject.addProperty(JSON_KEY_DERIVATION_ITERATION_COUNT_KEY, (Number) 1000);
        }
        return jsonObject;
    }

    public static String encryptToPackedStringUsingDerivedKey(String str, String str2, byte[] bArr) {
        if (str == null || bArr == null) {
            throw new IllegalArgumentException();
        }
        return encryptToPackedStringUsingDerivedKey(str, str2, bArr, CommonCryptoUtils.generateRandomBytes(16));
    }

    static String encryptToPackedStringUsingDerivedKey(String str, String str2, byte[] bArr, byte[] bArr2) {
        if (bArr.length > 32) {
            bArr = Arrays.a(bArr, 0, 32);
        }
        JsonObject encryptToJSONObjectUsingDerivedKey = encryptToJSONObjectUsingDerivedKey(str, str2, null, bArr, bArr2);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(CURRENT_SJCL_CIPHER_VERSION_NUMBER);
            byteArrayOutputStream.write(bArr2);
            byteArrayOutputStream.write(Base64.a(encryptToJSONObjectUsingDerivedKey.get(JSON_CIPHERTEXT_KEY).getAsString()));
            return Base64.a(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            throw new CryptoException("Unable to write to encrypted data buffer", e);
        }
    }

    private static int packedStringEncryptionScheme(String str) {
        if (str == null) {
            throw new IllegalArgumentException();
        }
        return Base64.a(str)[1];
    }

    static byte[] venessCompatibleKeyDerivationFunction(String str) {
        byte[] a = Arrays.a(Arrays.b(CommonCryptoUtils.getBytesFromString(str), new byte[32]), 0, 32);
        AESFastEngine aESFastEngine = new AESFastEngine();
        aESFastEngine.a(true, (CipherParameters) new KeyParameter(a));
        byte[] bArr = new byte[aESFastEngine.a()];
        aESFastEngine.a(a, 0, bArr, 0);
        return Arrays.b(bArr, bArr);
    }
}
