package com.sec.generic.util;

import android.util.Log;
import com.sec.tima.keystore.util.Utility;
import java.io.ByteArrayInputStream;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;

/* loaded from: classes.dex */
public class CCMKeyCertUtils {
    public static boolean doesCCMSupportKeyAlgorithm(byte[] bArr, byte[] bArr2) {
        Certificate certificateFromBytes;
        PublicKey publicKey;
        boolean z;
        if (bArr != null && (certificateFromBytes = getCertificateFromBytes(bArr)) != null && (publicKey = certificateFromBytes.getPublicKey()) != null) {
            String algorithm = publicKey.getAlgorithm();
            Log.d("CCMKeyCertUtils", "Get algorithm from PublicKey: " + algorithm);
            if ("RSA".equals(algorithm)) {
                try {
                    return ((RSAPublicKey) publicKey).getModulus().bitLength() <= 2048;
                } catch (Exception e) {
                    return false;
                }
            }
            if (!"EC".equals(algorithm)) {
                return false;
            }
            try {
                ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
                if (Utility.isECCSupported()) {
                    z = ECHelperUtils.getCCMSupportedEllipticCurveName(eCPublicKey.getParams()) != null;
                } else {
                    Log.d("CCMKeyCertUtils", "ECC is not supported");
                    z = false;
                }
                return z;
            } catch (Exception e2) {
                return false;
            }
        }
        if (bArr2 == null) {
            return true;
        }
        boolean z2 = false;
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr2));
            z2 = true;
            Log.d("CCMKeyCertUtils", "Generate RSA PrivateKey: success");
            try {
                if (((RSAPrivateKey) generatePrivate).getModulus().bitLength() > 2048) {
                    return false;
                }
            } catch (Exception e3) {
                Log.d("CCMKeyCertUtils", "exception while accessing RSA private key");
                e3.printStackTrace();
                return false;
            }
        } catch (Exception e4) {
            Log.d("CCMKeyCertUtils", "PrivateKey key is not RSA: err msg " + e4.getMessage());
            e4.printStackTrace();
        }
        if (z2) {
            return true;
        }
        boolean z3 = false;
        try {
            KeyFactory.getInstance("EC").generatePrivate(new PKCS8EncodedKeySpec(bArr2));
            Log.d("CCMKeyCertUtils", "Generate EC PrivateKey: success");
            z3 = true;
        } catch (Exception e5) {
            Log.d("CCMKeyCertUtils", "PrivateKey key is not EC: err msg " + e5.getMessage());
            e5.printStackTrace();
        }
        return z3;
    }

    public static Certificate getCertificateFromBytes(byte[] bArr) {
        try {
            return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (CertificateException e) {
            Log.w("CCMKeyCertUtils", "getCertificateFromBytes(): " + e);
            return null;
        }
    }

    private static byte[] getECFormattedPrivateKey(ECPrivateKey eCPrivateKey, ECPublicKey eCPublicKey) {
        byte[] bArr;
        String cCMSupportedEllipticCurveName;
        if (eCPrivateKey == null || eCPublicKey == null) {
            Log.e("CCMKeyCertUtils", "Failed to import privatekey");
            return null;
        }
        try {
            cCMSupportedEllipticCurveName = ECHelperUtils.getCCMSupportedEllipticCurveName(eCPublicKey.getParams());
        } catch (Exception e) {
            Log.d("CCMKeyCertUtils", "Unable to format private key for ccm");
            e.printStackTrace();
            bArr = null;
        }
        if (cCMSupportedEllipticCurveName == null) {
            Log.e("CCMKeyCertUtils", "EC Name is null");
            return null;
        }
        byte[] bytes = cCMSupportedEllipticCurveName.getBytes();
        int fieldSize = ((eCPublicKey.getParams().getCurve().getField().getFieldSize() - 1) / 8) + 1;
        byte[] padByteArray = padByteArray(trimByteArray(eCPublicKey.getW().getAffineX().toByteArray()), fieldSize);
        byte[] padByteArray2 = padByteArray(trimByteArray(eCPublicKey.getW().getAffineY().toByteArray()), fieldSize);
        byte[] trimByteArray = trimByteArray(eCPrivateKey.getS().toByteArray());
        int length = bytes.length + padByteArray.length + padByteArray2.length + trimByteArray.length + 24;
        Log.d("CCMKeyCertUtils", "Output Length = " + length);
        ByteBuffer allocate = ByteBuffer.allocate(length);
        allocate.order(ByteOrder.LITTLE_ENDIAN);
        allocate.putInt(384);
        allocate.putInt(bytes.length);
        allocate.put(bytes);
        allocate.putInt(385);
        allocate.putInt(padByteArray.length + padByteArray2.length);
        allocate.put(padByteArray);
        allocate.put(padByteArray2);
        allocate.putInt(2);
        allocate.putInt(trimByteArray.length);
        allocate.put(trimByteArray);
        bArr = allocate.array();
        return bArr;
    }

    public static byte[] getFormattedPrivateKey(PrivateKey privateKey, PublicKey publicKey) {
        Log.d("CCMKeyCertUtils", "entering getFormattedPrivateKey");
        if ((privateKey instanceof RSAPrivateKey) && (publicKey instanceof RSAPublicKey)) {
            return getRSAFormattedPrivateKey((RSAPrivateKey) privateKey, (RSAPublicKey) publicKey);
        }
        if ((privateKey instanceof ECPrivateKey) && (publicKey instanceof ECPublicKey)) {
            return getECFormattedPrivateKey((ECPrivateKey) privateKey, (ECPublicKey) publicKey);
        }
        Log.d("CCMKeyCertUtils", "null from getFormattedPrivateKey");
        return null;
    }

    public static PrivateKey getPrivateKeyFromBytes(byte[] bArr) {
        PrivateKey privateKey = null;
        boolean z = false;
        try {
            privateKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr));
            Log.d("CCMKeyCertUtils", "key is RSA");
            z = true;
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new AssertionError(e);
        } catch (InvalidKeySpecException e2) {
            Log.d("CCMKeyCertUtils", "RSA InvalidKeySpecException ==> not a (valid) RSA key, maybe EC");
        }
        if (privateKey != null && z) {
            return privateKey;
        }
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance("EC").generatePrivate(new PKCS8EncodedKeySpec(bArr));
            Log.d("CCMKeyCertUtils", "key is EC");
            return generatePrivate;
        } catch (NoSuchAlgorithmException e3) {
            Log.d("CCMKeyCertUtils", "neither RSA nor EC succeeded");
            e3.printStackTrace();
            throw new AssertionError(e3);
        } catch (InvalidKeySpecException e4) {
            Log.d("CCMKeyCertUtils", "EC InvalidKeySpecException ==> not a (valid) EC key");
            Log.d("CCMKeyCertUtils", "neither RSA nor EC succeeded");
            throw new AssertionError(e4);
        }
    }

    private static byte[] getRSAFormattedPrivateKey(RSAPrivateKey rSAPrivateKey, RSAPublicKey rSAPublicKey) {
        byte[] bArr;
        if (rSAPrivateKey == null || rSAPublicKey == null) {
            Log.e("CCMKeyCertUtils", "Failed to import privatekey");
            return null;
        }
        try {
            byte[] trimByteArray = trimByteArray(rSAPrivateKey.getModulus().toByteArray());
            byte[] trimByteArray2 = trimByteArray(rSAPrivateKey.getPrivateExponent().toByteArray());
            byte[] trimByteArray3 = trimByteArray(rSAPublicKey.getPublicExponent().toByteArray());
            int length = trimByteArray.length + trimByteArray2.length + trimByteArray3.length + 24;
            Log.d("CCMKeyCertUtils", "Output Length = " + length);
            ByteBuffer allocate = ByteBuffer.allocate(length);
            allocate.order(ByteOrder.LITTLE_ENDIAN);
            allocate.putInt(288);
            allocate.putInt(trimByteArray.length);
            allocate.put(trimByteArray);
            allocate.putInt(290);
            allocate.putInt(trimByteArray3.length);
            allocate.put(trimByteArray3);
            allocate.putInt(291);
            allocate.putInt(trimByteArray2.length);
            allocate.put(trimByteArray2);
            bArr = allocate.array();
        } catch (Exception e) {
            Log.d("CCMKeyCertUtils", "Unable to format private key for ccm");
            e.printStackTrace();
            bArr = null;
        }
        return bArr;
    }

    private static byte[] padByteArray(byte[] bArr, int i) {
        if (bArr == null) {
            return null;
        }
        if (bArr.length >= i) {
            return bArr;
        }
        byte[] bArr2 = new byte[i];
        System.arraycopy(bArr, 0, bArr2, i - bArr.length, bArr.length);
        return bArr2;
    }

    private static byte[] trimByteArray(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        if (bArr[0] != 0) {
            return bArr;
        }
        byte[] bArr2 = new byte[bArr.length - 1];
        System.arraycopy(bArr, 1, bArr2, 0, bArr.length - 1);
        return bArr2;
    }
}
