package com.tmobile.tmoid.sdk.impl.inbound.dat;

import android.content.Context;
import android.util.Base64;
import com.tmobile.tmoid.sdk.impl.inbound.dat.utils.CryptoException;
import com.tmobile.tmoid.sdk.impl.inbound.dat.utils.CryptoUtils;
import com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage;
import com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorageException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHPrivateKeySpec;
import javax.crypto.spec.DHPublicKeySpec;
import timber.log.Timber;

/* loaded from: classes3.dex */
public class KeyPairHelper {
    public static DHPrivateKey decodeDHPrivateKey(String str, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException {
        if ("NODE_JS_COMPATIBLE".equals(str2)) {
            return (DHPrivateKey) KeyFactory.getInstance("DH").generatePrivate(new DHPrivateKeySpec(new BigInteger(CryptoUtils.bytesToHexString(Base64.decode(str, 2)), 16), CryptoUtils.MODP_GROUP14_P, CryptoUtils.MODP_GROUP14_G));
        }
        if ("HEX".equals(str2)) {
            return (DHPrivateKey) KeyFactory.getInstance("DH").generatePrivate(new DHPrivateKeySpec(new BigInteger(str, 16), CryptoUtils.MODP_GROUP14_P, CryptoUtils.MODP_GROUP14_G));
        }
        if ("BASE64".equals(str2)) {
            return CryptoUtils.decodeServerPrk(str);
        }
        throw new UnsupportedOperationException("Invalid Key Encoding:" + str2 + ", should be NODE_JS_COMPATIBLE|HEX|BASE64");
    }

    public static String encodeDHPrivateKey(DHPrivateKey dHPrivateKey, String str) {
        if ("NODE_JS_COMPATIBLE".equals(str)) {
            return new String(Base64.encode(CryptoUtils.hexStringToByteArray(xHexValue(dHPrivateKey)), 2));
        }
        if ("HEX".equals(str)) {
            return xHexValue(dHPrivateKey);
        }
        if ("BASE64".equals(str)) {
            return Base64.encodeToString(dHPrivateKey.getX().toByteArray(), 2);
        }
        throw new UnsupportedOperationException("Invalid Key Encoding:" + str + ", should be NODE_JS_COMPATIBLE|HEX|BASE64");
    }

    public static String xHexValue(DHPrivateKey dHPrivateKey) {
        String bigInteger = dHPrivateKey.getX().toString(16);
        if (bigInteger.length() % 2 == 0) {
            return bigInteger;
        }
        Timber.d("got private key with the first byte < 16", new Object[0]);
        return "0" + bigInteger;
    }

    private String yHexValue(DHPublicKey dHPublicKey) {
        String bigInteger = dHPublicKey.getY().toString(16);
        if (bigInteger.length() % 2 == 0) {
            return bigInteger;
        }
        Timber.d("got public key with the first byte < 16", new Object[0]);
        return "0" + bigInteger;
    }

    public DHPublicKey decodeDHPublicKey(String str, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException {
        if ("NODE_JS_COMPATIBLE".equals(str2)) {
            return (DHPublicKey) KeyFactory.getInstance("DH").generatePublic(new DHPublicKeySpec(new BigInteger(CryptoUtils.bytesToHexString(Base64.decode(str, 2)), 16), CryptoUtils.MODP_GROUP14_P, CryptoUtils.MODP_GROUP14_G));
        }
        if ("HEX".equals(str2)) {
            return (DHPublicKey) KeyFactory.getInstance("DH").generatePublic(new DHPublicKeySpec(new BigInteger(str, 16), CryptoUtils.MODP_GROUP14_P, CryptoUtils.MODP_GROUP14_G));
        }
        if ("BASE64".equals(str2)) {
            return CryptoUtils.decodeServerPuk(str);
        }
        throw new UnsupportedOperationException("Invalid Key Encoding:" + str2 + ", should be NODE_JS_COMPATIBLE|HEX|BASE64");
    }

    public String encodeDHPublicKey(DHPublicKey dHPublicKey, String str) {
        if ("NODE_JS_COMPATIBLE".equals(str)) {
            return Base64.encodeToString(CryptoUtils.hexStringToByteArray(yHexValue(dHPublicKey)), 2);
        }
        if ("HEX".equals(str)) {
            return yHexValue(dHPublicKey);
        }
        if ("BASE64".equals(str)) {
            return Base64.encodeToString(dHPublicKey.getY().toByteArray(), 2);
        }
        throw new UnsupportedOperationException("Invalid Key Encoding:" + str + ", should be NODE_JS_COMPATIBLE|HEX|BASE64");
    }

    public KeyPair generateNewDeviceKeys(Context context) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, SecureStorageException {
        SecureStorage secureStorage = getSecureStorage(context);
        Timber.d("no keys found, generating MODP14 DiffieHelman keys", new Object[0]);
        KeyPair generateDiffieHellmanModP14Keypair = CryptoUtils.generateDiffieHellmanModP14Keypair();
        Timber.v("PubK:" + CryptoUtils.puKToPem(generateDiffieHellmanModP14Keypair.getPublic()), new Object[0]);
        Timber.v("PrK:" + CryptoUtils.prKToPem(generateDiffieHellmanModP14Keypair.getPrivate()), new Object[0]);
        Timber.v("saving keys to secure storage...", new Object[0]);
        secureStorage.write("PUBK", generateDiffieHellmanModP14Keypair.getPublic().getEncoded());
        secureStorage.write("PRK", generateDiffieHellmanModP14Keypair.getPrivate().getEncoded());
        return generateDiffieHellmanModP14Keypair;
    }

    public PrivateKey getDevicePrivatekKey(Context context) throws CryptoException {
        try {
            SecureStorage secureStorage = getSecureStorage(context);
            return secureStorage.hasValueForKey("PRK") ? CryptoUtils.decodePrK(secureStorage.read("PRK")) : generateNewDeviceKeys(context).getPrivate();
        } catch (SecureStorageException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | InvalidKeySpecException e) {
            Timber.d(e, "while generating DiffieHellman MODP14 key", new Object[0]);
            throw new CryptoException(e);
        }
    }

    public PublicKey getDevicePublickKey(Context context) throws CryptoException {
        return getDevicePublickKey(false, context);
    }

    public PublicKey getDevicePublickKey(boolean z, Context context) throws CryptoException {
        try {
            KeyPairHelper keyPairHelper = new KeyPairHelper();
            SecureStorage secureStorage = keyPairHelper.getSecureStorage(context);
            return (z || !secureStorage.hasValueForKey("PUBK")) ? keyPairHelper.generateNewDeviceKeys(context).getPublic() : CryptoUtils.decodePubK(secureStorage.read("PUBK"));
        } catch (SecureStorageException | IllegalArgumentException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | ProviderException | InvalidKeySpecException e) {
            Timber.e("e, while generating DiffieHellman MODP14 key", new Object[0]);
            throw new CryptoException(e);
        }
    }

    public SecureStorage getSecureStorage(Context context) throws SecureStorageException {
        return new SecureStorage("sdk_dhkeypair", context);
    }

    public int keyBitSizeByAlgo(String str) {
        if ("aes-256-cbc".equalsIgnoreCase(str)) {
            return 256;
        }
        if ("aes-192-cbc".equalsIgnoreCase(str)) {
            return 192;
        }
        if ("aes-128-cbc".equalsIgnoreCase(str)) {
            return 128;
        }
        throw new UnsupportedOperationException("Algorithm " + str + " not supported");
    }
}
