package cz.seznam.sbrowser.tfa.core;

import android.text.TextUtils;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.WorkerThread;
import cz.seznam.sbrowser.analytics.Analytics;
import cz.seznam.sbrowser.spongycastle.asn1.ASN1Encodable;
import cz.seznam.sbrowser.spongycastle.asn1.ASN1InputStream;
import cz.seznam.sbrowser.spongycastle.asn1.ASN1Integer;
import cz.seznam.sbrowser.spongycastle.asn1.ASN1Primitive;
import cz.seznam.sbrowser.spongycastle.asn1.ASN1Sequence;
import java.io.ByteArrayInputStream;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.util.ArrayList;

/* loaded from: classes5.dex */
public class SigningHelper {
    static final String ALLOW = "ALLOW";
    static final String DENY = "DENY";
    static final String NO_SUFFIX = "";
    private static final String SIGNING_ALGORITHM = "SHA256withECDSA";

    @Retention(RetentionPolicy.SOURCE)
    /* loaded from: classes5.dex */
    public @interface SignatureSuffix {
    }

    private byte[] convertToProperForm(@NonNull BigInteger bigInteger) {
        String format = String.format("%064x", bigInteger);
        int length = format.length();
        byte[] bArr = new byte[length / 2];
        for (int i = 0; i < length; i += 2) {
            bArr[i / 2] = (byte) (Character.digit(format.charAt(i + 1), 16) + (Character.digit(format.charAt(i), 16) << 4));
        }
        return bArr;
    }

    @Nullable
    private String createSignature(@Nullable String str, String str2, boolean z) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        try {
            byte[] decodeFromBase64ToBytes = TfaUtils.decodeFromBase64ToBytes(concatSuffix(str, str2));
            KeyPair keyPair = new KeyPairManager().getKeyPair();
            if (keyPair == null) {
                return null;
            }
            byte[] signMsg = signMsg(keyPair.getPrivate(), decodeFromBase64ToBytes);
            if (z) {
                signMsg = convertFromAsn1Format(signMsg);
            }
            return TfaUtils.encodeToBase64(signMsg);
        } catch (Exception e) {
            Analytics.logNonFatalException(e);
            return null;
        }
    }

    @Nullable
    @WorkerThread
    public static String signChallenge(@NonNull String str, boolean z) {
        return new SigningHelper().createSignature(str, "", z);
    }

    @Nullable
    @WorkerThread
    public static String signChallenge(@NonNull String str, boolean z, boolean z2) {
        return new SigningHelper().createSignature(str, z ? ALLOW : DENY, z2);
    }

    public static byte[] signMsg(@NonNull PrivateKey privateKey, byte[] bArr) {
        Signature signature = Signature.getInstance(SIGNING_ALGORITHM);
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    public static boolean verify(@NonNull PublicKey publicKey, byte[] bArr, byte[] bArr2) {
        Signature signature = Signature.getInstance(SIGNING_ALGORITHM);
        signature.initVerify(publicKey);
        signature.update(bArr2);
        return signature.verify(bArr);
    }

    public String concatSuffix(@NonNull String str, String str2) {
        if (str2.equals("")) {
            return str;
        }
        byte[] bytes = str2.getBytes();
        byte[] decodeFromBase64ToBytes = TfaUtils.decodeFromBase64ToBytes(str);
        byte[] bArr = new byte[decodeFromBase64ToBytes.length + bytes.length];
        System.arraycopy(decodeFromBase64ToBytes, 0, bArr, 0, decodeFromBase64ToBytes.length);
        System.arraycopy(bytes, 0, bArr, decodeFromBase64ToBytes.length, bytes.length);
        return TfaUtils.encodeToBase64(bArr);
    }

    public byte[] convertFromAsn1Format(byte[] bArr) {
        ASN1Primitive readObject = new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
        ArrayList arrayList = new ArrayList();
        if (readObject instanceof ASN1Sequence) {
            for (ASN1Encodable aSN1Encodable : ((ASN1Sequence) readObject).toArray()) {
                ASN1Primitive aSN1Primitive = aSN1Encodable.toASN1Primitive();
                if (aSN1Primitive instanceof ASN1Integer) {
                    arrayList.add((ASN1Integer) aSN1Primitive);
                }
            }
        }
        byte[] convertToProperForm = convertToProperForm(((ASN1Integer) arrayList.get(0)).getPositiveValue());
        byte[] convertToProperForm2 = convertToProperForm(((ASN1Integer) arrayList.get(1)).getPositiveValue());
        byte[] bArr2 = new byte[64];
        System.arraycopy(convertToProperForm, 0, bArr2, 0, 32);
        System.arraycopy(convertToProperForm2, 0, bArr2, 32, 32);
        return bArr2;
    }
}
