package com.intuit.idps.android;

import com.intuit.idps.android.exceptions.IDPSKeyWrapException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import sun.security.util.DerInputStream;
import sun.security.util.DerValue;

/* loaded from: classes6.dex */
public class IDPSKeyWrapper {
    public static final String GCM_MODE = "AES/GCM/NoPadding";
    public static final int TAG_LENGTH_BITS = 128;
    public static volatile SecureRandom secureRandom;

    static {
        Security.insertProviderAt(new BouncyCastleProvider(), 1);
    }

    public final int a(byte[] bArr) {
        return ByteBuffer.wrap(bArr, 2, 4).getInt();
    }

    public final byte[] b(int i10) {
        ByteBuffer allocate = ByteBuffer.allocate(6);
        allocate.put((byte) -38);
        allocate.put((byte) 1);
        allocate.putInt(i10);
        return allocate.array();
    }

    public final byte[] c() {
        if (secureRandom == null) {
            secureRandom = new SecureRandom();
        }
        byte[] bArr = new byte[32];
        secureRandom.nextBytes(bArr);
        return bArr;
    }

    public final boolean d(byte[] bArr) {
        return bArr != null && bArr.length >= 2 && bArr[0] == -38 && (bArr[1] == 1 || bArr[1] == 2);
    }

    public byte[] encryptAndWrap(byte[] bArr, byte[] bArr2, int i10) throws IDPSKeyWrapException {
        PublicKey generatePublic;
        if (bArr == null || bArr.length < 1) {
            throw new IDPSKeyWrapException("Plaintext cannot be empty");
        }
        if (bArr2 == null || bArr2.length < 1) {
            throw new IDPSKeyWrapException("Public key cannot be empty");
        }
        if (i10 <= 0) {
            throw new IDPSKeyWrapException("Version has to be a positive non-zero integer");
        }
        byte[] c10 = c();
        byte[] b10 = b(i10);
        try {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
                try {
                    generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(bArr2));
                } catch (InvalidKeySpecException unused) {
                    DerValue[] sequence = new DerInputStream(bArr2).getSequence(0);
                    if (sequence.length < 9) {
                        throw new IDPSKeyWrapException("Could not parse a PKCS1 public key.");
                    }
                    generatePublic = keyFactory.generatePublic(new RSAPublicKeySpec(sequence[1].getBigInteger(), sequence[2].getBigInteger()));
                }
                Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", BouncyCastleProvider.PROVIDER_NAME);
                cipher.init(1, generatePublic);
                byte[] doFinal = cipher.doFinal(c10, 0, c10.length);
                byte[] bArr3 = new byte[12];
                secureRandom.nextBytes(bArr3);
                GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr3);
                SecretKeySpec secretKeySpec = new SecretKeySpec(c10, "AES");
                Cipher cipher2 = Cipher.getInstance("AES/GCM/NoPadding", BouncyCastleProvider.PROVIDER_NAME);
                cipher2.init(1, secretKeySpec, gCMParameterSpec);
                byte[] doFinal2 = cipher2.doFinal(bArr, 0, bArr.length);
                byte[] bArr4 = new byte[b10.length + doFinal.length + 12 + doFinal2.length];
                System.arraycopy(b10, 0, bArr4, 0, b10.length);
                System.arraycopy(doFinal, 0, bArr4, b10.length, doFinal.length);
                System.arraycopy(bArr3, 0, bArr4, b10.length + doFinal.length, 12);
                System.arraycopy(doFinal2, 0, bArr4, b10.length + doFinal.length + 12, doFinal2.length);
                return bArr4;
            } catch (InvalidKeySpecException e10) {
                e = e10;
                e.printStackTrace();
                throw new IDPSKeyWrapException(e.getMessage());
            }
        } catch (IOException e11) {
            e = e11;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (InvalidAlgorithmParameterException e12) {
            e = e12;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (InvalidKeyException e13) {
            e = e13;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (NoSuchAlgorithmException e14) {
            e = e14;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (NoSuchProviderException e15) {
            e = e15;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (BadPaddingException e16) {
            e = e16;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (IllegalBlockSizeException e17) {
            e = e17;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (NoSuchPaddingException e18) {
            e = e18;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        }
    }

    public byte[] unwrapAndDecrypt(byte[] bArr, byte[] bArr2) throws IDPSKeyWrapException {
        PrivateKey generatePrivate;
        if (bArr == null || bArr.length < 1) {
            throw new IDPSKeyWrapException("Ciphertext cannot be empty");
        }
        if (bArr2 == null || bArr2.length < 1) {
            throw new IDPSKeyWrapException("Private key cannot be empty");
        }
        if (!d(bArr)) {
            throw new IDPSKeyWrapException("Not a IDPS encrypted ciphertext");
        }
        if (a(bArr) < 1) {
            throw new IDPSKeyWrapException("Version has to be a positive non-zero integer");
        }
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 262, bArr.length);
        try {
            try {
                KeyFactory keyFactory = KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
                Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", BouncyCastleProvider.PROVIDER_NAME);
                byte[] copyOfRange2 = Arrays.copyOfRange(bArr, 6, 262);
                try {
                    generatePrivate = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr2));
                } catch (InvalidKeySpecException unused) {
                    DerValue[] sequence = new DerInputStream(bArr2).getSequence(0);
                    if (sequence.length < 9) {
                        throw new IDPSKeyWrapException("Could not parse a PKCS1 private key.");
                    }
                    generatePrivate = keyFactory.generatePrivate(new RSAPrivateCrtKeySpec(sequence[1].getBigInteger(), sequence[2].getBigInteger(), sequence[3].getBigInteger(), sequence[4].getBigInteger(), sequence[5].getBigInteger(), sequence[6].getBigInteger(), sequence[7].getBigInteger(), sequence[8].getBigInteger()));
                }
                cipher.init(2, generatePrivate);
                byte[] doFinal = cipher.doFinal(copyOfRange2);
                byte[] copyOf = Arrays.copyOf(copyOfRange, 12);
                byte[] copyOfRange3 = Arrays.copyOfRange(copyOfRange, 12, copyOfRange.length);
                GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, copyOf);
                SecretKeySpec secretKeySpec = new SecretKeySpec(doFinal, "AES");
                Cipher cipher2 = Cipher.getInstance("AES/GCM/NoPadding", BouncyCastleProvider.PROVIDER_NAME);
                cipher2.init(2, secretKeySpec, gCMParameterSpec);
                return cipher2.doFinal(copyOfRange3);
            } catch (InvalidKeySpecException e10) {
                e = e10;
                e.printStackTrace();
                throw new IDPSKeyWrapException(e.getMessage());
            }
        } catch (IOException e11) {
            e = e11;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (ArrayIndexOutOfBoundsException e12) {
            e = e12;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (InvalidAlgorithmParameterException e13) {
            e = e13;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (InvalidKeyException e14) {
            e = e14;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (NoSuchAlgorithmException e15) {
            e = e15;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (NoSuchProviderException e16) {
            e = e16;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (BadPaddingException e17) {
            e = e17;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (IllegalBlockSizeException e18) {
            e = e18;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        } catch (NoSuchPaddingException e19) {
            e = e19;
            e.printStackTrace();
            throw new IDPSKeyWrapException(e.getMessage());
        }
    }
}
