package com.ordyx.net;

import com.codename1.io.FileSystemStorage;
import com.codename1.system.NativeLookup;
import com.ordyx.one.KeyStore;
import com.ordyx.touchscreen.Storage;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import javabc.BigInteger;
import javabc.SecureRandom;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.BufferedAsymmetricBlockCipher;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.crypto.engines.DESedeEngine;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.params.DESedeParameters;
import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.crypto.signers.RSADigestSigner;
import org.bouncycastle.crypto.util.PublicKeyFactory;

/* loaded from: classes2.dex */
public class Security {
    protected static final String ASYNCHRONOUS_ALGORITHM = "RSA";
    protected static final String ASYNCHRONOUS_ALGORITHM_CIPHER = "RSA/ECB/PKCS1Padding";
    protected static final int ASYNCHRONOUS_KEY_SIZE = 2048;
    protected static final int HASH_DEFAULT_ITERATIONS = 1000;
    protected static final String KEY_STORE_TYPE = "jceks";
    protected static final int SALT_BYTES_SIZE = 8;
    protected static final String SIGNATURE_ALGORITHM = "MD5withRSA";
    public static final String SYNCHRONOUS_KEY_ALIAS_PREFIX = "ordyxKey";
    protected static final String SYNCHRONOUS_TRANSFORMATION = "DESede/ECB/PKCS5Padding";
    private static volatile Security security;
    protected AsymmetricCipherKeyPair keyPair;
    protected volatile DESedeParameters synchronousKey = null;
    private static final Object securityLock = new Object();
    private static final KeyStore keyStore = (KeyStore) NativeLookup.create(KeyStore.class);

    /* loaded from: classes2.dex */
    public interface KeyStoreManager {
        String getKeyAlias() throws KeyStoreManagerException;

        String getKeyPassword() throws KeyStoreManagerException;

        String getKeyStoreFilename();

        String getKeyStorePassword() throws KeyStoreManagerException;

        boolean isAuthenticated();

        void setKeyStoreManagerPassword(String str);
    }

    /* loaded from: classes2.dex */
    public static class KeyStoreManagerException extends Exception {
        public KeyStoreManagerException(String str) {
            super(str);
        }
    }

    /* loaded from: classes2.dex */
    public interface TrustedHostNames {
        boolean isTrustedHostName(String str);

        boolean verifySignature();
    }

    private Security() {
        this.keyPair = null;
        RSAKeyPairGenerator rSAKeyPairGenerator = new RSAKeyPairGenerator();
        rSAKeyPairGenerator.init(new RSAKeyGenerationParameters(BigInteger.valueOf(65537L), new SecureRandom(), 2048, 12));
        this.keyPair = rSAKeyPairGenerator.generateKeyPair();
    }

    public static byte[] decrypt(DESedeParameters dESedeParameters, byte[] bArr) throws Exception {
        PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new DESedeEngine());
        paddedBufferedBlockCipher.init(false, dESedeParameters);
        byte[] bArr2 = new byte[paddedBufferedBlockCipher.getOutputSize(bArr.length)];
        paddedBufferedBlockCipher.doFinal(bArr2, paddedBufferedBlockCipher.processBytes(bArr, 0, bArr.length, bArr2, 0));
        return bArr2;
    }

    public static byte[] encrypt(DESedeParameters dESedeParameters, byte[] bArr) throws Exception {
        PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new DESedeEngine());
        paddedBufferedBlockCipher.init(true, dESedeParameters);
        byte[] bArr2 = new byte[paddedBufferedBlockCipher.getOutputSize(bArr.length)];
        paddedBufferedBlockCipher.doFinal(bArr2, paddedBufferedBlockCipher.processBytes(bArr, 0, bArr.length, bArr2, 0));
        return bArr2;
    }

    public static byte[] encrypt(RSAKeyParameters rSAKeyParameters, byte[] bArr) throws Exception {
        BufferedAsymmetricBlockCipher bufferedAsymmetricBlockCipher = new BufferedAsymmetricBlockCipher(new RSAEngine());
        bufferedAsymmetricBlockCipher.init(true, rSAKeyParameters);
        bufferedAsymmetricBlockCipher.processBytes(bArr, 0, bArr.length);
        return bufferedAsymmetricBlockCipher.doFinal();
    }

    public static synchronized Security getInstance() {
        Security security2;
        synchronized (Security.class) {
            if (security == null) {
                security = new Security();
            }
            security2 = security;
        }
        return security2;
    }

    public static byte[] getSalt() throws Exception {
        byte[] bArr = new byte[8];
        SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
        return bArr;
    }

    private byte[] getSignatureData(String str) throws UnsupportedEncodingException {
        return str.getBytes("UTF8");
    }

    public byte[] decrypt(byte[] bArr) throws Exception {
        BufferedAsymmetricBlockCipher bufferedAsymmetricBlockCipher = new BufferedAsymmetricBlockCipher(new RSAEngine());
        bufferedAsymmetricBlockCipher.init(false, this.keyPair.getPrivate());
        bufferedAsymmetricBlockCipher.processBytes(bArr, 0, bArr.length);
        return bufferedAsymmetricBlockCipher.doFinal();
    }

    public AsymmetricKeyParameter generatePublicKey(byte[] bArr) throws IOException {
        return PublicKeyFactory.createKey(bArr);
    }

    public RSAKeyParameters generatePublicKey(BigInteger bigInteger, BigInteger bigInteger2) throws IOException {
        return new RSAKeyParameters(false, bigInteger, bigInteger2);
    }

    public RSAKeyParameters getPublicKey() {
        return (RSAKeyParameters) this.keyPair.getPublic();
    }

    public byte[] getSignature(String str) throws Exception {
        RSADigestSigner rSADigestSigner = new RSADigestSigner(new MD5Digest());
        byte[] signatureData = getSignatureData(str);
        rSADigestSigner.init(true, this.keyPair.getPrivate());
        rSADigestSigner.update(signatureData, 0, signatureData.length);
        return rSADigestSigner.generateSignature();
    }

    public DESedeParameters getSynchronousKey(String str, String str2, String str3, String str4) throws Exception {
        DESedeParameters dESedeParameters = this.synchronousKey;
        if (dESedeParameters == null) {
            synchronized (securityLock) {
                dESedeParameters = this.synchronousKey;
                if (dESedeParameters == null) {
                    FileSystemStorage fileSystemStorage = FileSystemStorage.getInstance();
                    byte[] bArr = null;
                    KeyStore keyStore2 = keyStore;
                    if (keyStore2.isSupported()) {
                        bArr = keyStore2.getSynchronousKey(Storage.getNativePath(fileSystemStorage.getAppHomePath() + str), str2, str3, str4);
                    }
                    if (bArr == null) {
                        throw new Exception("Key not found!!!");
                    }
                    DESedeParameters dESedeParameters2 = new DESedeParameters(bArr);
                    this.synchronousKey = dESedeParameters2;
                    dESedeParameters = dESedeParameters2;
                }
            }
        }
        return dESedeParameters;
    }

    public boolean verifySignature(byte[] bArr, CipherParameters cipherParameters, String str, TrustedHostNames trustedHostNames) throws Exception {
        if (trustedHostNames != null && !trustedHostNames.isTrustedHostName(str)) {
            return false;
        }
        RSADigestSigner rSADigestSigner = new RSADigestSigner(new MD5Digest());
        byte[] signatureData = getSignatureData(str);
        rSADigestSigner.init(false, cipherParameters);
        rSADigestSigner.update(signatureData, 0, signatureData.length);
        return rSADigestSigner.verifySignature(bArr);
    }
}
