package com.sap.csi.authenticator.crypto;

import android.util.Base64;
import com.sap.csi.authenticator.SharedConst;
import com.sap.csi.authenticator.otp.Base32;
import com.sap.csi.authenticator.otp.TypeConverter;
import com.sap.csi.authenticator.secstore.model.Account;
import com.sap.csi.authenticator.ui.config.json.model.EncryptedKeyStorageEntry;
import com.sap.csi.authenticator.util.Common;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class CryptoUtil {
    public static final String LOCATION = CryptoUtil.class.getSimpleName();
    private static final int RANDOM_BYTES = 32;

    public static String decrypt(String str, String str2, String str3, byte[] bArr) throws UnsupportedEncodingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchPaddingException {
        IvParameterSpec ivParameterSpec = new IvParameterSpec(Base64.decode(str, 2));
        Cipher cipher = Cipher.getInstance(str3);
        cipher.init(2, new SecretKeySpec(bArr, "AES"), ivParameterSpec);
        return new String(TypeConverter.toHexString(cipher.doFinal(Base64.decode(str2, 2))));
    }

    public static Map<String, String> decryptKeyStorageEntries(Set<EncryptedKeyStorageEntry> set, byte[] bArr) throws InvalidKeyException, NoSuchAlgorithmException, UnsupportedEncodingException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchPaddingException {
        HashMap hashMap = new HashMap();
        if (set != null) {
            for (EncryptedKeyStorageEntry encryptedKeyStorageEntry : set) {
                String str = encryptedKeyStorageEntry.name;
                String str2 = encryptedKeyStorageEntry.iv;
                String str3 = encryptedKeyStorageEntry.algorithm;
                String str4 = encryptedKeyStorageEntry.encryptedData;
                int parseInt = Integer.parseInt(encryptedKeyStorageEntry.keySizeBits);
                byte[] hmac = hmac(bArr, Base64.decode(encryptedKeyStorageEntry.keySeed, 2), encryptedKeyStorageEntry.keyGenerationAlgorithm);
                if (parseInt < 256) {
                    byte[] bArr2 = new byte[parseInt / 8];
                    System.arraycopy(hmac, 0, bArr2, 0, bArr2.length);
                    hmac = bArr2;
                }
                hashMap.put(str, decrypt(str2, str4, str3, hmac));
            }
        }
        return hashMap;
    }

    public static String generateSignature(Account account, String str) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException {
        String[] split = str.split("&|;");
        Arrays.sort(split);
        StringBuilder sb = new StringBuilder();
        for (String str2 : split) {
            if (Common.getUrlPlaceholder(str2, SharedConst.URL_SIGNATURE_NAME) == null) {
                sb.append(str2).append('&');
            }
        }
        if (sb.length() > 1) {
            sb.deleteCharAt(sb.length() - 1);
        }
        byte[] bArr = new byte[32];
        byte[] bytes = sb.toString().getBytes(SharedConst.ENCODING_UTF_8);
        SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
        return TypeConverter.byteArrayToHEXString(bArr) + TypeConverter.byteArrayToHEXString(hmac(account.getSecret(), bArr, bytes, Common.getAlgorithmEquivalent(account.getAlgorithm())));
    }

    public static byte[] hmac(byte[] bArr, byte[] bArr2, String str) throws NoSuchAlgorithmException, InvalidKeyException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, str);
        Mac mac = Mac.getInstance(secretKeySpec.getAlgorithm());
        mac.init(secretKeySpec);
        return mac.doFinal(bArr2);
    }

    public static byte[] hmac(byte[] bArr, byte[] bArr2, byte[] bArr3, String str) throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
        return hmac(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(Base32.encode(bArr).toCharArray(), bArr2, 1000, 256)).getEncoded(), bArr3, str);
    }
}
