package de.persosim.simulator.crypto;

import de.persosim.simulator.tlv.ConstructedTlvDataObject;
import de.persosim.simulator.tlv.PrimitiveTlvDataObject;
import de.persosim.simulator.tlv.TlvConstants;
import de.persosim.simulator.tlv.TlvTag;
import de.persosim.simulator.utils.HexString;
import de.persosim.simulator.utils.Utils;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECField;
import java.security.spec.ECFieldFp;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Arrays;
import org.globaltester.cryptoprovider.Crypto;
import org.globaltester.logging.BasicLogger;
import org.globaltester.logging.tags.LogLevel;

/* loaded from: classes6.dex */
public class DomainParameterSetEcdh implements DomainParameterSet, TlvConstants {
    public static final byte[] id_ecPublicKey = HexString.toByteArray("2A8648CE3D0201");
    public static final byte[] id_primeField = HexString.toByteArray("2A8648CE3D0101");
    protected ECParameterSpec ecParameterSpec;

    public DomainParameterSetEcdh() {
    }

    public DomainParameterSetEcdh(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3, BigInteger bigInteger4, BigInteger bigInteger5, BigInteger bigInteger6, int i) {
        this(new EllipticCurve(new ECFieldFp(bigInteger), bigInteger2, bigInteger3), new ECPoint(bigInteger4, bigInteger5), bigInteger6, i);
    }

    public DomainParameterSetEcdh(ECParameterSpec eCParameterSpec) {
        this.ecParameterSpec = eCParameterSpec;
    }

    public DomainParameterSetEcdh(EllipticCurve ellipticCurve, ECPoint eCPoint, BigInteger bigInteger, int i) {
        this(new ECParameterSpec(ellipticCurve, eCPoint, bigInteger, i));
    }

    public static ECPoint reconstructPoint(byte[] bArr) {
        if (bArr == null) {
            throw new NullPointerException("raw key material must not be null");
        }
        BasicLogger.log((Class<?>) DomainParameterSetEcdh.class, "raw public key EC point byte array is: " + HexString.encode(bArr), LogLevel.TRACE);
        if (bArr.length % 2 != 1) {
            throw new IllegalArgumentException("encoded public key EC point must be of uneven byte length");
        }
        switch (bArr[0]) {
            case 1:
                throw new IllegalArgumentException("encoding 0x01 of public key point is currently not supported");
            case 2:
                throw new IllegalArgumentException("encoding 0x02 of public key point is currently not supported");
            case 3:
                throw new IllegalArgumentException("encoding 0x03 of public key point is currently not supported");
            case 4:
                BasicLogger.log((Class<?>) DomainParameterSetEcdh.class, "leading byte 0x04 of public key point indicates uncompressed encoding", LogLevel.TRACE);
                int length = (bArr.length - 1) / 2;
                byte[] copyOfRange = Arrays.copyOfRange(bArr, 1, length + 1);
                byte[] copyOfRange2 = Arrays.copyOfRange(bArr, length + 1, bArr.length);
                BasicLogger.log((Class<?>) DomainParameterSetEcdh.class, "byte array x coordinate of public key EC point is: " + HexString.encode(copyOfRange), LogLevel.TRACE);
                BasicLogger.log((Class<?>) DomainParameterSetEcdh.class, "byte array y coordinate of public key EC point is: " + HexString.encode(copyOfRange2), LogLevel.TRACE);
                BigInteger bigInteger = new BigInteger(1, copyOfRange);
                BigInteger bigInteger2 = new BigInteger(1, copyOfRange2);
                BasicLogger.log((Class<?>) DomainParameterSetEcdh.class, "x coordinate of public key EC point is: " + bigInteger, LogLevel.TRACE);
                BasicLogger.log((Class<?>) DomainParameterSetEcdh.class, "y coordinate of public key EC point is: " + bigInteger2, LogLevel.TRACE);
                return new ECPoint(bigInteger, bigInteger2);
            default:
                throw new IllegalArgumentException("encoding indication of public key point is unknown (must be 0x01..04)");
        }
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public byte[] comp(PublicKey publicKey) {
        if (publicKey instanceof ECPublicKey) {
            return CryptoUtil.compressEcPublicKey((ECPublicKey) publicKey);
        }
        throw new IllegalArgumentException("public key must be an EC public key");
    }

    public ECPublicKey computePublicKey(ECPrivateKey eCPrivateKey, Provider provider) {
        return reconstructPublicKey(computePublicPoint(eCPrivateKey.getS()), provider);
    }

    public ECPoint computePublicPoint(BigInteger bigInteger) {
        return CryptoUtil.scalarPointMultiplication(getCurve(), getGenerator(), bigInteger);
    }

    public byte[] encodePoint(ECPoint eCPoint, byte b) {
        if (isOnCurve(eCPoint)) {
            return CryptoUtil.encode(eCPoint, getPublicPointReferenceLengthL(), b);
        }
        return null;
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public byte[] encodePrivateKey(PrivateKey privateKey) {
        if (privateKey instanceof ECPrivateKey) {
            return Utils.toUnsignedByteArray(((ECPrivateKey) privateKey).getS());
        }
        throw new IllegalArgumentException("key pair must be ECDH");
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public byte[] encodePublicKey(PublicKey publicKey) {
        return encodePublicKey(publicKey, (byte) -1);
    }

    public byte[] encodePublicKey(PublicKey publicKey, byte b) {
        if (publicKey instanceof ECPublicKey) {
            return encodePoint(((ECPublicKey) publicKey).getW(), b);
        }
        throw new IllegalArgumentException("invalid public ECDH key");
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        return getAlgorithmIdentifier().equals(((DomainParameterSetEcdh) obj).getAlgorithmIdentifier());
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public ConstructedTlvDataObject getAlgorithmIdentifier() {
        PrimitiveTlvDataObject primitiveTlvDataObject = new PrimitiveTlvDataObject(TlvConstants.TAG_INTEGER, new byte[]{1});
        ConstructedTlvDataObject constructedTlvDataObject = new ConstructedTlvDataObject(TlvConstants.TAG_SEQUENCE);
        constructedTlvDataObject.addTlvDataObject(new PrimitiveTlvDataObject(TlvConstants.TAG_OID, id_primeField));
        constructedTlvDataObject.addTlvDataObject(new PrimitiveTlvDataObject(TlvConstants.TAG_INTEGER, getPrime().toByteArray()));
        ConstructedTlvDataObject constructedTlvDataObject2 = new ConstructedTlvDataObject(TlvConstants.TAG_SEQUENCE);
        constructedTlvDataObject2.addTlvDataObject(new PrimitiveTlvDataObject(TlvConstants.TAG_OCTET_STRING, getCurve().getA().toByteArray()));
        constructedTlvDataObject2.addTlvDataObject(new PrimitiveTlvDataObject(TlvConstants.TAG_OCTET_STRING, getCurve().getB().toByteArray()));
        PrimitiveTlvDataObject primitiveTlvDataObject2 = new PrimitiveTlvDataObject(TlvConstants.TAG_OCTET_STRING, CryptoUtil.encode(getGenerator(), getPublicPointReferenceLengthL(), (byte) -1));
        PrimitiveTlvDataObject primitiveTlvDataObject3 = new PrimitiveTlvDataObject(TlvConstants.TAG_INTEGER, getOrder().toByteArray());
        PrimitiveTlvDataObject primitiveTlvDataObject4 = new PrimitiveTlvDataObject(TlvConstants.TAG_INTEGER, BigInteger.valueOf(getCofactor()).toByteArray());
        ConstructedTlvDataObject constructedTlvDataObject3 = new ConstructedTlvDataObject(TlvConstants.TAG_SEQUENCE);
        constructedTlvDataObject3.addTlvDataObject(primitiveTlvDataObject);
        constructedTlvDataObject3.addTlvDataObject(constructedTlvDataObject);
        constructedTlvDataObject3.addTlvDataObject(constructedTlvDataObject2);
        constructedTlvDataObject3.addTlvDataObject(primitiveTlvDataObject2);
        constructedTlvDataObject3.addTlvDataObject(primitiveTlvDataObject3);
        constructedTlvDataObject3.addTlvDataObject(primitiveTlvDataObject4);
        ConstructedTlvDataObject constructedTlvDataObject4 = new ConstructedTlvDataObject(TlvConstants.TAG_SEQUENCE);
        constructedTlvDataObject4.addTlvDataObject(new PrimitiveTlvDataObject(TlvConstants.TAG_OID, id_ecPublicKey));
        constructedTlvDataObject4.addTlvDataObject(constructedTlvDataObject3);
        return constructedTlvDataObject4;
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public ECParameterSpec getAlgorithmParameterSpec() {
        return this.ecParameterSpec;
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public TlvTag getAuthenticationTokenPublicKeyTag() {
        return TAG_86;
    }

    public int getCofactor() {
        return this.ecParameterSpec.getCofactor();
    }

    public EllipticCurve getCurve() {
        return this.ecParameterSpec.getCurve();
    }

    public ECPoint getGenerator() {
        return this.ecParameterSpec.getGenerator();
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public String getKeyAgreementAlgorithm() {
        return "ECDH";
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public ECParameterSpec getKeySpec() {
        return this.ecParameterSpec;
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public BigInteger getOrder() {
        return this.ecParameterSpec.getOrder();
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public BigInteger getPrime() {
        ECField field = this.ecParameterSpec.getCurve().getField();
        if (field instanceof ECFieldFp) {
            return ((ECFieldFp) field).getP();
        }
        throw new IllegalArgumentException("ECDH domain parameter set's curve does not provide a prime finite field");
    }

    public ECPrivateKeySpec getPrivateKeySpec(BigInteger bigInteger) {
        return new ECPrivateKeySpec(bigInteger, this.ecParameterSpec);
    }

    public byte[] getProjectedRepresentation(ECPoint eCPoint) {
        return CryptoUtil.getProjectedRepresentation(eCPoint, getPublicPointReferenceLengthL(), true);
    }

    public byte[] getProjectedRepresentation(ECPoint eCPoint, boolean z) {
        return CryptoUtil.getProjectedRepresentation(eCPoint, getPublicPointReferenceLengthL(), z);
    }

    public ECPublicKeySpec getPublicKeySpec(ECPoint eCPoint) {
        return new ECPublicKeySpec(eCPoint, this.ecParameterSpec);
    }

    public int getPublicPointReferenceLengthL() {
        return CryptoUtil.getPublicPointReferenceLengthL(getPrime());
    }

    public DomainParameterSetEcdh getUpdatedDomainParameterSet(ECPoint eCPoint) {
        return new DomainParameterSetEcdh(this.ecParameterSpec.getCurve(), eCPoint, getOrder(), this.ecParameterSpec.getCofactor());
    }

    public int hashCode() {
        return getAlgorithmIdentifier().hashCode();
    }

    public boolean isOnCurve(ECPoint eCPoint) {
        BigInteger add = BigInteger.ONE.add(BigInteger.ONE);
        BigInteger add2 = add.add(BigInteger.ONE);
        BigInteger prime = getPrime();
        EllipticCurve curve = this.ecParameterSpec.getCurve();
        BigInteger a = curve.getA();
        BigInteger b = curve.getB();
        BigInteger affineX = eCPoint.getAffineX();
        BigInteger affineY = eCPoint.getAffineY();
        BigInteger modPow = affineY.modPow(add, prime);
        BigInteger mod = affineX.modPow(add2, prime).add(a.multiply(affineX)).add(b).mod(prime);
        boolean z = modPow.compareTo(mod) == 0;
        if (!z) {
            BasicLogger.log(getClass(), "point not on curve - x: " + HexString.encode(affineX), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "point not on curve - y: " + HexString.encode(affineY), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "point not on curve - p: " + HexString.encode(prime), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "point not on curve - " + HexString.encode(modPow) + " != " + HexString.encode(mod), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "point not on curve - x: " + affineX, LogLevel.DEBUG);
            BasicLogger.log(getClass(), "point not on curve - y: " + affineY, LogLevel.DEBUG);
            BasicLogger.log(getClass(), "point not on curve - p: " + prime, LogLevel.DEBUG);
            BasicLogger.log(getClass(), "point not on curve - " + modPow + " != " + mod, LogLevel.DEBUG);
        }
        return z;
    }

    public ECPoint performEcdhKeyAgreement(ECPublicKey eCPublicKey, ECPrivateKey eCPrivateKey) {
        ECPoint scalarPointMultiplication = CryptoUtil.scalarPointMultiplication(getCurve(), getOrder(), eCPublicKey.getW(), eCPrivateKey.getS());
        BasicLogger.log((Class<?>) CryptoUtil.class, "result H of ECDH key agreement is", LogLevel.TRACE);
        BasicLogger.log((Class<?>) CryptoUtil.class, "H.x: " + HexString.encode(scalarPointMultiplication.getAffineX()), LogLevel.TRACE);
        BasicLogger.log((Class<?>) CryptoUtil.class, "H.y: " + HexString.encode(scalarPointMultiplication.getAffineY()), LogLevel.TRACE);
        return scalarPointMultiplication;
    }

    public ECPrivateKey reconstructPrivateKey(BigInteger bigInteger) {
        try {
            return (ECPrivateKey) KeyFactory.getInstance(getKeyAgreementAlgorithm(), Crypto.getCryptoProvider()).generatePrivate(new ECPrivateKeySpec(bigInteger, this.ecParameterSpec));
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException("invalid key agreement algorithm");
        } catch (InvalidKeySpecException e2) {
            throw new IllegalArgumentException("invalid public ECDH key");
        }
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public ECPrivateKey reconstructPrivateKey(byte[] bArr) {
        BigInteger bigInteger = new BigInteger(1, bArr);
        if (bigInteger.compareTo(getPrime()) >= 0) {
            throw new IllegalArgumentException("private key is greater than or equal to prime");
        }
        return reconstructPrivateKey(bigInteger);
    }

    public ECPublicKey reconstructPublicKey(ECPoint eCPoint, Provider provider) {
        if (!isOnCurve(eCPoint)) {
            BasicLogger.log(getClass(), "EC point is NOT on curve", LogLevel.ERROR);
            throw new IllegalArgumentException("public key data does not represent a point on the used curve");
        }
        BasicLogger.log(getClass(), "EC point is on curve", LogLevel.TRACE);
        try {
            return (ECPublicKey) KeyFactory.getInstance(getKeyAgreementAlgorithm(), provider).generatePublic(new ECPublicKeySpec(eCPoint, this.ecParameterSpec));
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException("invalid key agreement algorithm");
        } catch (InvalidKeySpecException e2) {
            throw new IllegalArgumentException("invalid public ECDH key");
        }
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public ECPublicKey reconstructPublicKey(byte[] bArr) {
        return reconstructPublicKey(bArr, Crypto.getCryptoProvider());
    }

    public ECPublicKey reconstructPublicKey(byte[] bArr, String str) {
        return reconstructPublicKey(bArr, Security.getProvider(str));
    }

    public ECPublicKey reconstructPublicKey(byte[] bArr, Provider provider) {
        int publicPointReferenceLengthL = getPublicPointReferenceLengthL();
        BasicLogger.log(getClass(), "reference length l is: " + publicPointReferenceLengthL + " bytes", LogLevel.TRACE);
        int i = (publicPointReferenceLengthL * 2) + 1;
        if (bArr.length != i) {
            throw new IllegalArgumentException("public key data length mismatches expected length of " + i + " bytes according to domain parameters");
        }
        return reconstructPublicKey(reconstructPoint(bArr), provider);
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        EllipticCurve curve = getCurve();
        BigInteger a = curve.getA();
        BigInteger b = curve.getB();
        BigInteger prime = getPrime();
        BigInteger order = getOrder();
        int cofactor = getCofactor();
        ECPoint generator = getGenerator();
        int publicPointReferenceLengthL = CryptoUtil.getPublicPointReferenceLengthL(prime);
        sb.append("************ elliptic curve domain parameters ************");
        sb.append("\nCurve parameter A : " + HexString.encode(a));
        sb.append("\nCurve parameter B : " + HexString.encode(b));
        sb.append("\nPrime field p     : " + HexString.encode(prime));
        sb.append("\nOrder of generator: " + HexString.encode(order));
        sb.append("\nCo-factor h       : " + cofactor);
        sb.append("\nGenerator G       : " + HexString.encode(CryptoUtil.encode(generator, publicPointReferenceLengthL, (byte) 1)));
        sb.append("\nGenerator G.x     :   " + HexString.encode(generator.getAffineX()));
        char[] cArr = new char[(publicPointReferenceLengthL * 2) + 2];
        Arrays.fill(cArr, ' ');
        sb.append("\nGenerator G.y     : " + new String(cArr) + HexString.encode(generator.getAffineY()));
        sb.append("\n**********************************************************");
        return sb.toString();
    }

    @Override // de.persosim.simulator.crypto.DomainParameterSet
    public KeySpec[] updateKeySpec(KeyPair keyPair) {
        try {
            ECPublicKey eCPublicKey = (ECPublicKey) keyPair.getPublic();
            ECPrivateKey eCPrivateKey = (ECPrivateKey) keyPair.getPrivate();
            EllipticCurve curve = this.ecParameterSpec.getCurve();
            ECPoint generator = eCPrivateKey.getParams().getGenerator();
            ECPoint generator2 = this.ecParameterSpec.getGenerator();
            BigInteger a = curve.getA();
            BigInteger b = curve.getB();
            BigInteger prime = getPrime();
            BigInteger affineX = generator.getAffineX();
            BigInteger affineY = generator.getAffineY();
            BigInteger affineX2 = generator2.getAffineX();
            BigInteger affineY2 = generator2.getAffineY();
            if (affineX2.equals(affineX) && affineY2.equals(affineY)) {
                throw new IllegalArgumentException("ECDH unmapped and mapped generator g of group G are identical!");
            }
            BigInteger order = getOrder();
            int cofactor = this.ecParameterSpec.getCofactor();
            BigInteger s = eCPrivateKey.getS();
            ECPoint w = eCPublicKey.getW();
            BigInteger affineX3 = w.getAffineX();
            BigInteger affineY3 = w.getAffineY();
            ECPoint scalarPointMultiplication = CryptoUtil.scalarPointMultiplication(curve, getOrder(), generator2, s);
            BigInteger affineX4 = scalarPointMultiplication.getAffineX();
            BigInteger affineY4 = scalarPointMultiplication.getAffineY();
            BasicLogger.log(getClass(), "ECDH ephemeral private key d is                    : " + HexString.encode(s), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH ephemeral public point w.x under unmapped g is: " + HexString.encode(affineX3), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH ephemeral public point w.y under unmapped g is: " + HexString.encode(affineY3), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH ephemeral public point w.x under mapped g is  : " + HexString.encode(affineX4), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH ephemeral public point w.y under mapped g is  : " + HexString.encode(affineY4), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH curve's first coefficient A is                : " + HexString.encode(a), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH curve's second coefficient B is               : " + HexString.encode(b), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH original generator g.x of group G is          : " + HexString.encode(affineX), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH original generator g.y of group G is          : " + HexString.encode(affineY), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH mapped generator g.x of group G is            : " + HexString.encode(affineX2), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH mapped generator g.y of group G is            : " + HexString.encode(affineY2), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH prime modulus p of group G is                 : " + HexString.encode(prime), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH order of group G is                           : " + HexString.encode(order), LogLevel.DEBUG);
            BasicLogger.log(getClass(), "ECDH cofactor is                                   : " + cofactor, LogLevel.DEBUG);
            return new KeySpec[]{getPrivateKeySpec(s), getPublicKeySpec(scalarPointMultiplication)};
        } catch (ClassCastException e) {
            throw new IllegalArgumentException("key pair must be EC");
        }
    }
}
