package app.fedilab.android.mastodon.helper;

import android.content.Context;
import android.content.SharedPreferences;
import androidx.preference.PreferenceManager;
import app.fedilab.android.mastodon.client.entities.api.Notification;
import app.fedilab.android.mastodon.client.entities.app.StatusCache;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import kotlin.io.encoding.Base64;
import org.spongycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class ECDHFedilab {
    private static final byte[] P256_HEAD = {48, 89, 48, 19, 6, 7, 42, -122, 72, -50, Base64.padSymbol, 2, 1, 6, 8, 42, -122, 72, -50, Base64.padSymbol, 3, 1, 7, 3, 66, 0};
    public static final String kp_public = "kp_public";
    public static final String name = "prime256v1";
    public static final String peer_public = "peer_public";
    private final byte[] authKey;
    private final String encodedAuthKey;
    private final String encodedPublicKey;
    private final KeyPairGenerator kpg;
    PrivateKey privateKey;
    private final PublicKey publicKey;
    private final String pushAccountID;
    private String pushPrivateKe;
    private final String pushPrivateKey;
    private final String pushPublicKey;
    private final String slug;

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public ECDHFedilab(Context context, String str) throws Exception {
        if (str == null) {
            throw new Exception("slug cannot be null");
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            this.kpg = keyPairGenerator;
            keyPairGenerator.initialize(new ECGenParameterSpec("prime256v1"));
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PublicKey publicKey = generateKeyPair.getPublic();
            this.publicKey = publicKey;
            this.privateKey = generateKeyPair.getPrivate();
            this.encodedPublicKey = android.util.Base64.encodeToString(serializeRawPublicKey(publicKey), 11);
            byte[] bArr = new byte[16];
            this.authKey = bArr;
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.nextBytes(bArr);
            byte[] bArr2 = new byte[16];
            secureRandom.nextBytes(bArr2);
            String encodeToString = android.util.Base64.encodeToString(this.privateKey.getEncoded(), 11);
            this.pushPrivateKey = encodeToString;
            String encodeToString2 = android.util.Base64.encodeToString(publicKey.getEncoded(), 11);
            this.pushPublicKey = encodeToString2;
            String encodeToString3 = android.util.Base64.encodeToString(bArr, 11);
            this.encodedAuthKey = encodeToString3;
            String encodeToString4 = android.util.Base64.encodeToString(bArr2, 11);
            this.pushAccountID = encodeToString4;
            SharedPreferences.Editor edit = PreferenceManager.getDefaultSharedPreferences(context).edit();
            edit.putString("pushPrivateKey" + str, encodeToString);
            edit.putString("pushPublicKey" + str, encodeToString2);
            edit.putString("encodedAuthKey" + str, encodeToString3);
            edit.putString("pushAccountID" + str, encodeToString4);
            edit.apply();
            this.slug = str;
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new RuntimeException(e);
        }
    }

    public static Notification decryptNotification(Context context, String str, byte[] bArr) {
        SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(context);
        String string = defaultSharedPreferences.getString("pushPrivateKey" + str, null);
        String string2 = defaultSharedPreferences.getString("pushPublicKey" + str, null);
        String string3 = defaultSharedPreferences.getString("encodedAuthKey" + str, null);
        defaultSharedPreferences.getString("pushAccountID" + str, null);
        PublicKey deserializeRawPublicKey = deserializeRawPublicKey(android.util.Base64.decode(getServerKey(context, str), 8));
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("EC");
            PrivateKey generatePrivate = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(android.util.Base64.decode(string, 8)));
            keyFactory.generatePublic(new X509EncodedKeySpec(android.util.Base64.decode(string2, 8)));
            byte[] decode = android.util.Base64.decode(string3, 8);
            try {
                KeyAgreement keyAgreement = KeyAgreement.getInstance(ECDH.KEGEN_ALG);
                keyAgreement.init(generatePrivate);
                keyAgreement.doPhase(deserializeRawPublicKey, true);
                try {
                    try {
                        SecretKeySpec secretKeySpec = new SecretKeySpec(deriveKey(decode, keyAgreement.generateSecret(), "Content-Encoding: auth\u0000".getBytes(StandardCharsets.UTF_8), 32), "AES");
                        byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, 12);
                        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, 12, bArr.length);
                        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
                        cipher.init(2, secretKeySpec, new GCMParameterSpec(128, copyOfRange));
                        byte[] doFinal = cipher.doFinal(copyOfRange2);
                        return StatusCache.restoreNotificationFromString(new String(doFinal, 2, doFinal.length - 2, StandardCharsets.UTF_8));
                    } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
                        e.printStackTrace();
                        return null;
                    }
                } catch (InvalidKeyException | NoSuchAlgorithmException e2) {
                    e2.printStackTrace();
                    return null;
                }
            } catch (InvalidKeyException | NoSuchAlgorithmException e3) {
                e3.printStackTrace();
                return null;
            }
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e4) {
            e4.printStackTrace();
            return null;
        }
    }

    private static byte[] deriveKey(byte[] bArr, byte[] bArr2, byte[] bArr3, int i) throws NoSuchAlgorithmException, InvalidKeyException {
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(new SecretKeySpec(bArr, "HmacSHA256"));
        mac.init(new SecretKeySpec(mac.doFinal(bArr2), "HmacSHA256"));
        mac.update(bArr3);
        byte[] doFinal = mac.doFinal(new byte[]{1});
        return doFinal.length <= i ? doFinal : Arrays.copyOfRange(doFinal, 0, i);
    }

    protected static PublicKey deserializeRawPublicKey(byte[] bArr) {
        if (bArr.length != 65 && bArr.length != 64) {
            return null;
        }
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("EC");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(P256_HEAD);
            if (bArr.length == 64) {
                byteArrayOutputStream.write(4);
            }
            byteArrayOutputStream.write(bArr);
            return keyFactory.generatePublic(new X509EncodedKeySpec(byteArrayOutputStream.toByteArray()));
        } catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static String getServerKey(Context context, String str) {
        return PreferenceManager.getDefaultSharedPreferences(context).getString("server_key" + str, null);
    }

    private static byte[] serializeRawPublicKey(PublicKey publicKey) {
        ECPoint w = ((ECPublicKey) publicKey).getW();
        byte[] byteArray = w.getAffineX().toByteArray();
        byte[] byteArray2 = w.getAffineY().toByteArray();
        if (byteArray.length > 32) {
            byteArray = Arrays.copyOfRange(byteArray, byteArray.length - 32, byteArray.length);
        }
        if (byteArray2.length > 32) {
            byteArray2 = Arrays.copyOfRange(byteArray2, byteArray2.length - 32, byteArray2.length);
        }
        byte[] bArr = new byte[65];
        bArr[0] = 4;
        System.arraycopy(byteArray, 0, bArr, 33 - byteArray.length, byteArray.length);
        System.arraycopy(byteArray2, 0, bArr, 65 - byteArray2.length, byteArray2.length);
        return bArr;
    }

    public String getAuthKey() {
        return this.encodedAuthKey;
    }

    public String getPublicKey() {
        return this.encodedPublicKey;
    }
}
