package com.restokiosk.time2sync.ui.activity.auth.pick_business;

import android.content.Context;
import java.io.File;
import java.io.FileOutputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.util.Arrays;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.jce.interfaces.ECPrivateKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes5.dex */
public class UtilesECDSA {
    public static void KeyPairCreation(String str, String str2, boolean z, Context context) throws Exception {
        File filesDir = context.getFilesDir();
        if (!filesDir.exists()) {
            filesDir.mkdirs();
        }
        File file = new File(filesDir, str + ".key");
        if (z && file.exists()) {
            file.delete();
        }
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", BouncyCastleProvider.PROVIDER_NAME);
        keyPairGenerator.initialize(new ECGenParameterSpec("secp256r1"));
        byte[] byteArray = ((ECPrivateKey) keyPairGenerator.generateKeyPair().getPrivate()).getD().toByteArray();
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        fileOutputStream.write(byteArray);
        fileOutputStream.close();
    }

    private static byte[] convertDERToP1363(byte[] bArr) throws Exception {
        int length = bArr.length;
        if (bArr[0] != 48) {
            throw new IllegalArgumentException("Invalid DER signature format");
        }
        int i = (bArr[1] > Byte.MAX_VALUE ? 2 + (bArr[1] & 127) : 2) + 1;
        int i2 = i + 1;
        int i3 = bArr[i];
        int i4 = i2 + i3;
        int i5 = i4 + 1;
        int i6 = bArr[i4];
        int max = Math.max(i3, i6);
        byte[] bArr2 = new byte[max];
        byte[] bArr3 = new byte[max];
        System.arraycopy(bArr, i2, bArr2, max - i3, i3);
        System.arraycopy(bArr, i5, bArr3, max - i6, i6);
        byte[] bArr4 = new byte[bArr2.length + bArr3.length];
        System.arraycopy(bArr2, 0, bArr4, 0, bArr2.length);
        System.arraycopy(bArr3, 0, bArr4, bArr2.length, bArr3.length);
        return bArr4;
    }

    public static String getCertificateThumbprint(String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
        if (x509Certificate == null) {
            throw new Exception("❌ Certificate not found for alias: " + str);
        }
        byte[] digest = MessageDigest.getInstance("SHA-256").digest(x509Certificate.getEncoded());
        StringBuilder sb = new StringBuilder();
        for (byte b : digest) {
            sb.append(String.format("%02X", Byte.valueOf(b)));
        }
        String sb2 = sb.toString();
        System.out.println("🔍 Thumbprint for alias [" + str + "]: " + sb2);
        return sb2;
    }

    public static PrivateKey getPrivateKey(String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        KeyStore.Entry entry = keyStore.getEntry(str, null);
        if (entry instanceof KeyStore.PrivateKeyEntry) {
            return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
        }
        throw new Exception("No private key found for alias: " + str);
    }

    public static PublicKey getPublicKey(String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        ASN1Encodable certificate = Certificate.getInstance(keyStore.getCertificate(str));
        if (certificate != null) {
            return (PublicKey) certificate;
        }
        throw new Exception("Certificate not found for alias: " + str);
    }

    public static byte[] getSignature(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(str2, null);
        if (privateKey == null) {
            throw new Exception("Private key not found for alias: " + str2);
        }
        byte[] bytes = str.trim().getBytes(StandardCharsets.UTF_8);
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(privateKey);
        signature.update(bytes);
        return convertDERToP1363(signature.sign());
    }

    public static byte[] getSignatureBytes(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(str2, null);
        if (privateKey == null) {
            throw new Exception("Private key not found for alias: " + str2);
        }
        byte[] bytes = str.trim().getBytes(StandardCharsets.UTF_8);
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(privateKey);
        signature.update(bytes);
        return signature.sign();
    }

    private static byte[] hashData(byte[] bArr, int i, int i2, String str) throws Exception {
        MessageDigest messageDigest = MessageDigest.getInstance(str);
        messageDigest.update(Arrays.copyOfRange(bArr, i, i + i2));
        return messageDigest.digest();
    }

    public static byte[] signData(byte[] bArr, int i, int i2, String str, PrivateKey privateKey) throws Exception {
        if (bArr == null) {
            throw new NullPointerException("Data to sign cannot be null");
        }
        if (i < 0 || i >= bArr.length) {
            throw new IndexOutOfBoundsException("Offset is out of range");
        }
        if (i2 < 0 || i2 > bArr.length - i) {
            throw new IllegalArgumentException("Count is out of range");
        }
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("Hash algorithm must be specified");
        }
        return signHash(hashData(bArr, i, i2, str), privateKey, str);
    }

    private static byte[] signHash(byte[] bArr, PrivateKey privateKey, String str) throws Exception {
        Signature signature = Signature.getInstance(str);
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    public static boolean verifySignatureAndThumbprint(String str, byte[] bArr, String str2, String str3) throws Exception {
        String str4;
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str3);
        if (x509Certificate == null) {
            throw new Exception("❌ Certificate not found for alias: " + str3);
        }
        PublicKey publicKey = x509Certificate.getPublicKey();
        String algorithm = publicKey.getAlgorithm();
        System.out.println("🔎 Detected Key Algorithm: " + algorithm);
        if ("RSA".equalsIgnoreCase(algorithm)) {
            str4 = "SHA256withRSA";
        } else {
            if (!"EC".equalsIgnoreCase(algorithm)) {
                throw new Exception("❌ Unsupported key algorithm: " + algorithm);
            }
            str4 = "SHA256withECDSA";
        }
        Signature signature = Signature.getInstance(str4);
        signature.initVerify(publicKey);
        signature.update(str.getBytes(StandardCharsets.UTF_8));
        boolean verify = signature.verify(bArr);
        System.out.println("✅ Signature Valid: " + verify);
        String certificateThumbprint = getCertificateThumbprint(str3);
        System.out.println("🔍 Actual Thumbprint: " + certificateThumbprint);
        System.out.println("🔍 Expected Thumbprint: " + str2);
        boolean equalsIgnoreCase = str2.equalsIgnoreCase(certificateThumbprint);
        System.out.println("✅ Thumbprint Valid: " + equalsIgnoreCase);
        return verify && equalsIgnoreCase;
    }
}
