package com.passwordbox.api.v0.crypto;

import com.google.gson.JsonObject;
import com.passwordbox.api.v0.crypto.lowlevel.SJCLCryptoUtils;
import com.passwordbox.api.v0.crypto.schemes.AuthenticationTokenScheme;
import com.passwordbox.api.v0.crypto.schemes.KEKDerivationScheme;
import com.passwordbox.api.v0.models.local.KeyMaterial;
import com.passwordbox.api.v0.utils.json.JsonUtils;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import org.spongycastle.crypto.AsymmetricCipherKeyPair;
import org.spongycastle.crypto.CryptoException;
import org.spongycastle.crypto.digests.SHA1Digest;
import org.spongycastle.crypto.digests.SHA256Digest;
import org.spongycastle.crypto.encodings.PKCS1Encoding;
import org.spongycastle.crypto.engines.RSAEngine;
import org.spongycastle.crypto.generators.RSAKeyPairGenerator;
import org.spongycastle.crypto.params.AsymmetricKeyParameter;
import org.spongycastle.crypto.params.RSAKeyGenerationParameters;
import org.spongycastle.crypto.params.RSAKeyParameters;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.encoders.Hex;

/* loaded from: classes.dex */
public class SimpleCryptoUtils {
    private static final int DEFAULT_RSA_KEY_SIZE_IN_BITS = 2048;
    private static final String DEFAULT_RSA_PUBLIC_EXPONENT = "3";
    private static final int LOCAL_STORAGE_CEK_DERIVATION_ITERATION_COUNT = 10000;
    private static final int LOCAL_STORAGE_KEK_DERIVATION_ITERATION_COUNT = 1000;
    private static final int LOCAL_STORAGE_KEY_SIZE_IN_BYTES = 32;
    protected static final AuthenticationTokenScheme AUTH_TOKEN_SCHEME_LATEST_VERSION = AuthenticationTokenScheme.AUTH_TOKEN_SCHEME_VERSION_1;
    protected static final KEKDerivationScheme KEK_DERIVATION_SCHEME_LATEST_VERSION = KEKDerivationScheme.KEK_DERIVATION_SCHEME_VERSION_1;

    public static String decryptData(String str, String str2) {
        return SJCLCryptoUtils.decryptFromPackedStringUsingDerivedKeyOrPassword(str, str2);
    }

    public static String decryptData(String str, byte[] bArr) {
        return SJCLCryptoUtils.decryptFromPackedStringUsingDerivedKey(str, bArr);
    }

    public static String decryptSharedSecret(String str, AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
        return CommonCryptoUtils.getStringFromBytes(decryptSharedSecret(Hex.a(str), asymmetricCipherKeyPair));
    }

    public static byte[] decryptSharedSecret(byte[] bArr, AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
        PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
        pKCS1Encoding.a(false, asymmetricCipherKeyPair.b);
        int a = pKCS1Encoding.a();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        for (int i = 0; i < bArr.length; i += a) {
            try {
                byteArrayOutputStream.write(pKCS1Encoding.a(bArr, i, Math.min(a, bArr.length - (i * a))));
            } catch (IOException e) {
                throw new CryptoException("Unable to decrypt shared secret", e);
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    public static String deriveAuthenticationToken(String str, String str2) {
        return deriveAuthenticationToken(str, str2, AUTH_TOKEN_SCHEME_LATEST_VERSION);
    }

    public static String deriveAuthenticationToken(String str, String str2, AuthenticationTokenScheme authenticationTokenScheme) {
        switch (authenticationTokenScheme) {
            case AUTH_TOKEN_SCHEME_VERSION_0:
                return Hex.a(CommonCryptoUtils.getSHA1DigestFromString(str2));
            case AUTH_TOKEN_SCHEME_VERSION_1:
                return Hex.a(CommonCryptoUtils.deriveKeyUsingPBKDF2(new SHA256Digest(), CommonCryptoUtils.getBytesFromString(str2), CommonCryptoUtils.getBytesFromString(Hex.a(CommonCryptoUtils.getSHA1DigestFromString(str))), AuthenticationTokenScheme.AUTH_TOKEN_SCHEME_VERSION_1.getIterationCount(), AuthenticationTokenScheme.AUTH_TOKEN_SCHEME_VERSION_1.getAuthTokenLengthInBytes()));
            default:
                throw new UnsupportedOperationException("Unknown auth token scheme");
        }
    }

    public static byte[] deriveKeyEncryptionKey(String str, String str2) {
        return deriveKeyEncryptionKey(str, str2, KEK_DERIVATION_SCHEME_LATEST_VERSION);
    }

    public static byte[] deriveKeyEncryptionKey(String str, String str2, KEKDerivationScheme kEKDerivationScheme) {
        return deriveKeyEncryptionKey(str, kEKDerivationScheme.getSchemeName(), str2, kEKDerivationScheme.getClientSideDerivationIterationCount(), kEKDerivationScheme.getServerSideDerivationIterationCount());
    }

    public static byte[] deriveKeyEncryptionKey(String str, String str2, String str3, int i, int i2) {
        if (!str2.equalsIgnoreCase(KEK_DERIVATION_SCHEME_LATEST_VERSION.getSchemeName())) {
            throw new UnsupportedOperationException("The KEK derivation scheme " + str2 + " is not supported.");
        }
        byte[] bytesFromString = CommonCryptoUtils.getBytesFromString(str);
        byte[] bytesFromString2 = CommonCryptoUtils.getBytesFromString(str3);
        byte[] bytesFromString3 = CommonCryptoUtils.getBytesFromString(Hex.a(CommonCryptoUtils.deriveKeyUsingPBKDF2(new SHA1Digest(), bytesFromString, bytesFromString2, 1, 64)));
        if (i > 0) {
            bytesFromString3 = CommonCryptoUtils.getBytesFromString(Hex.a(CommonCryptoUtils.deriveKeyUsingPBKDF2(new SHA256Digest(), bytesFromString3, bytesFromString2, i, 64)));
        }
        return CommonCryptoUtils.deriveKeyUsingPBKDF2(new SHA1Digest(), Arrays.b(CommonCryptoUtils.getBytesFromString(Hex.a(CommonCryptoUtils.deriveKeyUsingPBKDF2(new SHA256Digest(), bytesFromString3, bytesFromString2, i2, 32))), bytesFromString), bytesFromString2, 1, 64);
    }

    public static byte[] deriveLocalStorageCEK(byte[] bArr, String str) {
        return CommonCryptoUtils.deriveKeyUsingPBKDF2(new SHA256Digest(), CommonCryptoUtils.getBytesFromString(str), bArr, LOCAL_STORAGE_CEK_DERIVATION_ITERATION_COUNT, 32);
    }

    public static byte[] deriveLocalStorageCEKUsingPincode(byte[] bArr, String str) {
        return CommonCryptoUtils.deriveKeyUsingSCrypt(bArr, str);
    }

    public static String encryptData(String str, String str2) {
        return encryptData(str, null, Hex.a(str2));
    }

    public static String encryptData(String str, String str2, byte[] bArr) {
        return SJCLCryptoUtils.encryptToPackedStringUsingDerivedKey(str, str2, bArr);
    }

    public static String encryptSharedSecret(String str, String str2) {
        JsonObject asJsonObject = JsonUtils.createJsonParser().parse(str2).getAsJsonObject();
        return Hex.a(encryptSharedSecret(CommonCryptoUtils.getBytesFromString(str), new RSAKeyParameters(false, new BigInteger(asJsonObject.get(KeyMaterial.RSA_MODULUS).getAsString(), 16), new BigInteger(asJsonObject.get(KeyMaterial.RSA_PUBLIC_EXP).getAsString(), 16))));
    }

    public static byte[] encryptSharedSecret(byte[] bArr, AsymmetricKeyParameter asymmetricKeyParameter) {
        PKCS1Encoding pKCS1Encoding = new PKCS1Encoding(new RSAEngine());
        pKCS1Encoding.a(true, asymmetricKeyParameter);
        int a = pKCS1Encoding.a();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        for (int i = 0; i < bArr.length; i += a) {
            try {
                byteArrayOutputStream.write(pKCS1Encoding.a(bArr, i, Math.min(a, bArr.length - (i * a))));
            } catch (IOException e) {
                throw new CryptoException("Unable to encrypt shared secret", e);
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    public static byte[] generateFreshContentEncryptionKey() {
        return CommonCryptoUtils.generateRandomBytes(KEK_DERIVATION_SCHEME_LATEST_VERSION.getContentEncryptionKeyLengthInBytes());
    }

    public static byte[] generateFreshKEKDerivationSalt() {
        return CommonCryptoUtils.generateRandomBytes(KEK_DERIVATION_SCHEME_LATEST_VERSION.getKekDerivationSaltLengthInBytes());
    }

    public static AsymmetricCipherKeyPair generateFreshRSAKeyPair() {
        RSAKeyPairGenerator rSAKeyPairGenerator = new RSAKeyPairGenerator();
        rSAKeyPairGenerator.a = new RSAKeyGenerationParameters(new BigInteger(DEFAULT_RSA_PUBLIC_EXPONENT, 10), CommonCryptoUtils.DEFAULT_SECURE_RANDOM);
        return rSAKeyPairGenerator.a();
    }

    public static byte[] generateMagicalPixieDust(String str, byte[] bArr) {
        return CommonCryptoUtils.deriveKeyUsingPBKDF2(new SHA256Digest(), Arrays.b(new byte[]{-50, 115, 126, 102, -115, -63, Byte.MAX_VALUE, 89, -31, -9, 61, -110, 44, -29, 70, 45, -20, 7, 70, -107, -17, 32, 119, 54, 86, -74, 38, 122, -50, 71, 119, -84}, CommonCryptoUtils.getBytesFromString(str)), bArr, 1000, 32);
    }
}
