package com.twofours.surespot.encryption;

import android.os.AsyncTask;
import com.google.common.cache.CacheLoader;
import com.twofours.surespot.IdentityController;
import com.twofours.surespot.SurespotApplication;
import com.twofours.surespot.SurespotIdentity;
import com.twofours.surespot.common.SurespotLog;
import com.twofours.surespot.common.Utils;
import com.twofours.surespot.network.IAsyncCallback;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.spongycastle.crypto.engines.AESLightEngine;
import org.spongycastle.crypto.modes.GCMBlockCipher;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.crypto.params.ParametersWithIV;
import org.spongycastle.jce.ECNamedCurveTable;
import org.spongycastle.jce.interfaces.ECPrivateKey;
import org.spongycastle.jce.interfaces.ECPublicKey;
import org.spongycastle.jce.spec.ECParameterSpec;
import org.spongycastle.jce.spec.ECPrivateKeySpec;
import org.spongycastle.jce.spec.ECPublicKeySpec;

/* loaded from: classes.dex */
public class EncryptionController {
    private static final int AES_KEY_LENGTH = 32;
    private static final int BUFFER_SIZE = 1024;
    private static final int IV_LENGTH = 16;
    private static final int SALT_LENGTH = 16;
    private static final String TAG = "EncryptionController";
    private static ECParameterSpec curve = ECNamedCurveTable.getParameterSpec("secp521r1");
    private static SecureRandom mSecureRandom = new SecureRandom();

    private static byte[] derive(String str, byte[] bArr) {
        try {
            return SecretKeyFactory.getInstance("PBEWITHSHA-256AND256BITAES-CBC-BC", "SC").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, 1000, 32)).getEncoded();
        } catch (Exception e) {
            SurespotLog.e(TAG, e, "deriveKey", new Object[0]);
            return null;
        }
    }

    private static byte[][] derive(String str) {
        byte[][] bArr = new byte[2];
        byte[] bArr2 = null;
        byte[] bArr3 = new byte[16];
        new SecureRandom().nextBytes(bArr3);
        try {
            bArr2 = SecretKeyFactory.getInstance("PBEWITHSHA-256AND256BITAES-CBC-BC", "SC").generateSecret(new PBEKeySpec(str.toCharArray(), bArr3, 1000, 32)).getEncoded();
        } catch (Exception e) {
            SurespotLog.e(TAG, e, "deriveKey", new Object[0]);
        }
        bArr[0] = bArr3;
        bArr[1] = bArr2;
        return bArr;
    }

    public static String encodePublicKey(ECPublicKey eCPublicKey) {
        return new String(Utils.base64Encode(eCPublicKey.getQ().getEncoded()));
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [com.twofours.surespot.encryption.EncryptionController$1] */
    public static void generateKeyPair(final IAsyncCallback<KeyPair> iAsyncCallback) {
        new AsyncTask<Void, Void, KeyPair>() { // from class: com.twofours.surespot.encryption.EncryptionController.1
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public KeyPair doInBackground(Void... voidArr) {
                try {
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDH", "SC");
                    keyPairGenerator.initialize((AlgorithmParameterSpec) EncryptionController.curve, new SecureRandom());
                    return keyPairGenerator.generateKeyPair();
                } catch (Exception e) {
                    SurespotLog.w(EncryptionController.TAG, "generateKeyPair", e);
                    return null;
                }
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public void onPostExecute(KeyPair keyPair) {
                IAsyncCallback.this.handleResponse(keyPair);
            }
        }.execute(new Void[0]);
    }

    public static byte[] generateSharedSecretSync(String str) {
        SurespotIdentity identity = IdentityController.getIdentity(SurespotApplication.getContext());
        if (identity == null) {
            return null;
        }
        try {
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH", "SC");
            keyAgreement.init(identity.getKeyPair().getPrivate());
            keyAgreement.doPhase(SurespotApplication.getCachingService().getPublickey(str), true);
            byte[] generateSecret = keyAgreement.generateSecret();
            SurespotLog.d(TAG, str + " shared Key: " + new String(Utils.base64Encode(new BigInteger(generateSecret).toByteArray())), new Object[0]);
            return generateSecret;
        } catch (CacheLoader.InvalidCacheLoadException e) {
            SurespotLog.v(TAG, "generateSharedSecretSync", e);
            return null;
        } catch (Exception e2) {
            SurespotLog.w(TAG, "generateSharedSecretSync", e2);
            return null;
        }
    }

    public static ECPrivateKey recreatePrivateKey(String str) {
        try {
            return KeyFactory.getInstance("ECDH", "SC").generatePrivate(new ECPrivateKeySpec(new BigInteger(Utils.base64Decode(str)), curve));
        } catch (Exception e) {
            SurespotLog.w(TAG, "recreatePrivateKey", e);
            return null;
        }
    }

    public static ECPublicKey recreatePublicKey(String str) {
        if (str != null) {
            try {
                return KeyFactory.getInstance("ECDH", "SC").generatePublic(new ECPublicKeySpec(curve.getCurve().decodePoint(Utils.base64Decode(str)), curve));
            } catch (Exception e) {
                SurespotLog.w(TAG, "recreatePublicKey", e);
            }
        }
        return null;
    }

    public static void runDecryptTask(final String str, final String str2, final InputStream inputStream, final OutputStream outputStream) {
        SurespotApplication.THREAD_POOL_EXECUTOR.execute(new Runnable() { // from class: com.twofours.surespot.encryption.EncryptionController.3
            @Override // java.lang.Runnable
            public void run() {
                int read;
                byte[] bArr = new byte[1024];
                try {
                    byte[] base64Decode = Utils.base64Decode(str2);
                    SurespotLog.w(EncryptionController.TAG, str + " decrypt iv: " + new String(Utils.base64Encode(base64Decode)), new Object[0]);
                    BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
                    Cipher.getInstance("AES/GCM/NoPadding", "SC").init(2, new SecretKeySpec(SurespotApplication.getCachingService().getSharedSecret(str), 0, 32, "AES"), new IvParameterSpec(base64Decode));
                    while (true) {
                        read = bufferedInputStream.read(bArr);
                        if (read == -1 || Thread.interrupted()) {
                            break;
                        } else {
                            outputStream.write(bArr, 0, read);
                        }
                    }
                    SurespotLog.v(EncryptionController.TAG, "read/write " + read + " bytes", new Object[0]);
                    inputStream.close();
                    bufferedInputStream.close();
                    outputStream.close();
                } catch (CacheLoader.InvalidCacheLoadException e) {
                    SurespotLog.v(EncryptionController.TAG, "decryptTask", e);
                } catch (Exception e2) {
                    SurespotLog.w(EncryptionController.TAG, "decryptTask", e2);
                }
            }
        });
    }

    public static String runEncryptTask(final String str, final InputStream inputStream, final OutputStream outputStream) {
        final byte[] bArr = new byte[16];
        mSecureRandom.nextBytes(bArr);
        SurespotApplication.THREAD_POOL_EXECUTOR.execute(new Runnable() { // from class: com.twofours.surespot.encryption.EncryptionController.2
            @Override // java.lang.Runnable
            public void run() {
                int read;
                byte[] bArr2 = new byte[1024];
                try {
                    SurespotLog.w(EncryptionController.TAG, str + " encrypt iv: " + new String(Utils.base64Encode(bArr)), new Object[0]);
                    Cipher.getInstance("AES/GCM/NoPadding", "SC").init(1, new SecretKeySpec(SurespotApplication.getCachingService().getSharedSecret(str), 0, 32, "AES"), new IvParameterSpec(bArr));
                    BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(outputStream);
                    while (true) {
                        read = inputStream.read(bArr2);
                        if (read == -1 || Thread.interrupted()) {
                            break;
                        } else {
                            bufferedOutputStream.write(bArr2, 0, read);
                        }
                    }
                    SurespotLog.v(EncryptionController.TAG, "read/write " + read + " bytes", new Object[0]);
                    inputStream.close();
                    bufferedOutputStream.close();
                    outputStream.close();
                } catch (CacheLoader.InvalidCacheLoadException e) {
                    SurespotLog.v(EncryptionController.TAG, "symmetricBase64Encrypt", e);
                } catch (Exception e2) {
                    SurespotLog.w(EncryptionController.TAG, "symmetricBase64Encrypt", e2);
                }
            }
        });
        return new String(Utils.base64Encode(bArr));
    }

    public static String symmetricDecrypt(String str, String str2, String str3) {
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESLightEngine());
        try {
            byte[] base64Decode = Utils.base64Decode(str3);
            byte[] base64Decode2 = Utils.base64Decode(str2);
            byte[] sharedSecret = SurespotApplication.getCachingService().getSharedSecret(str);
            if (sharedSecret == null) {
                return null;
            }
            ParametersWithIV parametersWithIV = new ParametersWithIV(new KeyParameter(sharedSecret, 0, 32), base64Decode2);
            try {
                gCMBlockCipher.reset();
                gCMBlockCipher.init(false, parametersWithIV);
                byte[] bArr = new byte[gCMBlockCipher.getOutputSize(base64Decode.length)];
                int processBytes = gCMBlockCipher.processBytes(base64Decode, 0, base64Decode.length, bArr, 0);
                int doFinal = processBytes + gCMBlockCipher.doFinal(bArr, processBytes);
                return new String(bArr);
            } catch (Exception e) {
                e = e;
                SurespotLog.w(TAG, "symmetricDecryptSync", e);
                return null;
            }
        } catch (Exception e2) {
            e = e2;
        }
    }

    public static String symmetricDecryptSyncPK(String str, String str2, String str3, String str4) {
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESLightEngine());
        try {
            byte[] base64Decode = Utils.base64Decode(str4);
            byte[] base64Decode2 = Utils.base64Decode(str2);
            byte[] derive = derive(str, Utils.base64Decode(str3));
            if (derive == null) {
                return null;
            }
            ParametersWithIV parametersWithIV = new ParametersWithIV(new KeyParameter(derive, 0, 32), base64Decode2);
            try {
                gCMBlockCipher.reset();
                gCMBlockCipher.init(false, parametersWithIV);
                byte[] bArr = new byte[gCMBlockCipher.getOutputSize(base64Decode.length)];
                int processBytes = gCMBlockCipher.processBytes(base64Decode, 0, base64Decode.length, bArr, 0);
                int doFinal = processBytes + gCMBlockCipher.doFinal(bArr, processBytes);
                return new String(bArr);
            } catch (Exception e) {
                e = e;
                SurespotLog.w(TAG, "symmetricDecryptSync", e);
                return null;
            }
        } catch (Exception e2) {
            e = e2;
        }
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [com.twofours.surespot.encryption.EncryptionController$4] */
    public static void symmetricEncrypt(final String str, final String str2, final IAsyncCallback<String[]> iAsyncCallback) {
        new AsyncTask<Void, Void, String[]>() { // from class: com.twofours.surespot.encryption.EncryptionController.4
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public String[] doInBackground(Void... voidArr) {
                GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESLightEngine());
                byte[] bArr = new byte[gCMBlockCipher.getUnderlyingCipher().getBlockSize() - 1];
                EncryptionController.mSecureRandom.nextBytes(bArr);
                try {
                    ParametersWithIV parametersWithIV = new ParametersWithIV(new KeyParameter(SurespotApplication.getCachingService().getSharedSecret(str), 0, 32), bArr);
                    gCMBlockCipher.reset();
                    gCMBlockCipher.init(true, parametersWithIV);
                    byte[] bytes = str2.getBytes();
                    byte[] bArr2 = new byte[gCMBlockCipher.getOutputSize(bytes.length)];
                    int processBytes = gCMBlockCipher.processBytes(bytes, 0, bytes.length, bArr2, 0);
                    int doFinal = processBytes + gCMBlockCipher.doFinal(bArr2, processBytes);
                    return new String[]{new String(Utils.base64Encode(bArr)), new String(Utils.base64Encode(bArr2))};
                } catch (CacheLoader.InvalidCacheLoadException e) {
                    SurespotLog.v(EncryptionController.TAG, "symmetricEncrypt", e);
                    return null;
                } catch (Exception e2) {
                    SurespotLog.w(EncryptionController.TAG, "symmetricEncrypt", e2);
                    return null;
                }
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public void onPostExecute(String[] strArr) {
                iAsyncCallback.handleResponse(strArr);
            }
        }.execute(new Void[0]);
    }

    public static String[] symmetricEncryptSyncPK(String str, String str2) {
        GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESLightEngine());
        byte[] bArr = new byte[gCMBlockCipher.getUnderlyingCipher().getBlockSize() - 1];
        mSecureRandom.nextBytes(bArr);
        try {
            byte[][] derive = derive(str);
            ParametersWithIV parametersWithIV = new ParametersWithIV(new KeyParameter(derive[1], 0, 32), bArr);
            gCMBlockCipher.reset();
            gCMBlockCipher.init(true, parametersWithIV);
            byte[] bytes = str2.getBytes();
            byte[] bArr2 = new byte[gCMBlockCipher.getOutputSize(bytes.length)];
            int processBytes = gCMBlockCipher.processBytes(bytes, 0, bytes.length, bArr2, 0);
            int doFinal = processBytes + gCMBlockCipher.doFinal(bArr2, processBytes);
            return new String[]{new String(Utils.base64Encode(bArr)), new String(Utils.base64Encode(derive[0])), new String(Utils.base64Encode(bArr2))};
        } catch (CacheLoader.InvalidCacheLoadException e) {
            SurespotLog.v(TAG, "symmetricEncrypt", e);
            return null;
        } catch (Exception e2) {
            SurespotLog.w(TAG, "symmetricEncrypt", e2);
            return null;
        }
    }
}
