package com.hidglobal.ia.b.b.d;

import com.hidglobal.ia.activcastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
import com.hidglobal.ia.cryptocomply.cert.X509v3CertificateBuilder;
import com.hidglobal.ia.cryptocomply.operator.ContentSigner;
import com.safelogic.cryptocomply.asn1.ASN1InputStream;
import com.safelogic.cryptocomply.asn1.ASN1ObjectIdentifier;
import com.safelogic.cryptocomply.asn1.pkcs.PKCSObjectIdentifiers;
import com.safelogic.cryptocomply.asn1.x500.X500Name;
import com.safelogic.cryptocomply.asn1.x509.AlgorithmIdentifier;
import com.safelogic.cryptocomply.asn1.x509.Extension;
import com.safelogic.cryptocomply.asn1.x509.SubjectKeyIdentifier;
import com.safelogic.cryptocomply.asn1.x509.SubjectPublicKeyInfo;
import com.safelogic.cryptocomply.asn1.x509.Time;
import com.safelogic.cryptocomply.asn1.x9.ECNamedCurveTable;
import com.safelogic.cryptocomply.asn1.x9.X9ECParameters;
import com.safelogic.cryptocomply.crypto.KDFCalculator;
import com.safelogic.cryptocomply.crypto.fips.FipsDRBG;
import com.safelogic.cryptocomply.crypto.fips.FipsKDF;
import com.safelogic.cryptocomply.jcajce.provider.CryptoComplyFipsProvider;
import com.safelogic.cryptocomply.util.encoders.Base64;
import com.safelogic.cryptocomply.util.encoders.Hex;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.ECFieldFp;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.EllipticCurve;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import javax.security.auth.x500.X500Principal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes2.dex */
public final class a extends c {
    private static volatile a b;
    private static final Logger d = LoggerFactory.getLogger((Class<?>) c.class);
    private Provider e;

    private a() {
    }

    private Object a(KeyPair keyPair, String str, int i, String str2) throws Exception {
        Calendar calendar = Calendar.getInstance();
        calendar.add(1, i);
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"));
        X500Name x500Name = new X500Name(str);
        ASN1InputStream aSN1InputStream = new ASN1InputStream(keyPair.getPublic().getEncoded());
        try {
            X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(x500Name, BigInteger.valueOf(1L), new Time(new Date()), new Time(calendar.getTime()), x500Name, SubjectPublicKeyInfo.getInstance(aSN1InputStream.readObject()));
            final Signature signature = Signature.getInstance("SHA512withRSA", str2);
            signature.initSign(keyPair.getPrivate());
            return x509v3CertificateBuilder.build(new ContentSigner(this, signature, new OutputStream(this) { // from class: com.hidglobal.ia.b.b.d.a.5
                @Override // java.io.OutputStream
                public final void write(int i2) throws IOException {
                    try {
                        signature.update((byte) i2);
                    } catch (SignatureException e) {
                        throw new IOException(e.getMessage(), e);
                    }
                }

                @Override // java.io.OutputStream
                public final void write(byte[] bArr) throws IOException {
                    try {
                        signature.update(bArr, 0, bArr.length);
                    } catch (SignatureException e) {
                        throw new IOException(e.getMessage(), e);
                    }
                }

                @Override // java.io.OutputStream
                public final void write(byte[] bArr, int i2, int i3) throws IOException {
                    try {
                        signature.update(bArr, i2, i3);
                    } catch (SignatureException e) {
                        throw new IOException(e.getMessage(), e);
                    }
                }
            }, algorithmIdentifier) { // from class: com.hidglobal.ia.b.b.d.a.3
            }).getEncoded();
        } finally {
            aSN1InputStream.close();
        }
    }

    private static byte[] c(Certificate certificate) {
        Logger logger;
        StringBuilder sb;
        byte[] bArr = null;
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(certificate.getPublicKey().getEncoded()));
            try {
                byte[] bytes = SubjectPublicKeyInfo.getInstance(aSN1InputStream.readObject()).getPublicKeyData().getBytes();
                MessageDigest messageDigest = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA1, "CCJ");
                messageDigest.update(bytes, 0, bytes.length);
                bArr = messageDigest.digest();
                aSN1InputStream.close();
            } catch (Throwable th) {
                try {
                    throw th;
                } catch (Throwable th2) {
                    try {
                        aSN1InputStream.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                    throw th2;
                }
            }
        } catch (IOException e) {
            e = e;
            logger = d;
            sb = new StringBuilder("IOException: ");
            sb.append(e.getMessage());
            logger.error(sb.toString());
            return bArr;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            logger = d;
            sb = new StringBuilder("NoSuchAlgorithmException: ");
            sb.append(e.getMessage());
            logger.error(sb.toString());
            return bArr;
        } catch (NoSuchProviderException e3) {
            e = e3;
            logger = d;
            sb = new StringBuilder("NoSuchProviderException: ");
            sb.append(e.getMessage());
            logger.error(sb.toString());
            return bArr;
        }
        return bArr;
    }

    public static c d() {
        if (b == null) {
            b = new a();
        }
        return b;
    }

    private static SubjectKeyIdentifier e(Certificate certificate) {
        SubjectKeyIdentifier subjectKeyIdentifier = null;
        if (certificate instanceof X509Certificate) {
            byte[] extensionValue = ((X509Certificate) certificate).getExtensionValue(Extension.subjectKeyIdentifier.getId());
            if (extensionValue != null) {
                try {
                    ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
                    try {
                        ASN1InputStream aSN1InputStream2 = new ASN1InputStream(new ByteArrayInputStream(aSN1InputStream.readObject().getOctets()));
                        try {
                            subjectKeyIdentifier = SubjectKeyIdentifier.getInstance(aSN1InputStream2.readObject());
                            aSN1InputStream2.close();
                            aSN1InputStream.close();
                        } finally {
                        }
                    } finally {
                    }
                } catch (Exception e) {
                    d.error("Exception", e.getMessage());
                }
            }
        }
        return subjectKeyIdentifier;
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final String a() {
        if (this.e == null) {
            this.e = new CryptoComplyFipsProvider("C:DEFRND[SHA512];ENABLE{All};", new SecureRandom());
        }
        return this.e.getName();
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final byte[] a(String str, int i, int i2, byte[] bArr, byte[] bArr2, int i3) throws com.hidglobal.ia.a.c.d {
        FipsKDF.PRF prf;
        if (i != -1) {
            prf = str.equalsIgnoreCase("CMAC_AES") ? FipsKDF.PRF.AES_CMAC : null;
            if (str.equalsIgnoreCase("HMAC_SHA256")) {
                prf = FipsKDF.PRF.SHA256_HMAC;
            }
            if (str.equalsIgnoreCase("HMAC_SHA384")) {
                prf = FipsKDF.PRF.SHA384_HMAC;
            }
            if (prf == null) {
                throw new com.hidglobal.ia.a.c.d("Unsupported algorithme");
            }
        } else {
            prf = FipsKDF.PRF.AES_CMAC;
        }
        KDFCalculator createKDFCalculator = new FipsKDF.CounterModeFactory().createKDFCalculator(FipsKDF.COUNTER_MODE.withPRFAndR(prf, 32).using(bArr2, (byte[]) null, bArr));
        byte[] bArr3 = new byte[i3];
        createKDFCalculator.generateBytes(bArr3, 0, i3);
        return bArr3;
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final Provider b() {
        if (this.e == null) {
            this.e = new CryptoComplyFipsProvider("C:DEFRND[SHA512];ENABLE{All};", new SecureRandom());
        }
        return this.e;
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final char[] b(KeyPair keyPair, String str, int i, String str2) throws Exception {
        return d.e((byte[]) a(keyPair, str, 100, str2));
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final String c(KeyPair keyPair, String str, String str2, String str3) throws Exception {
        String replace = str.replace('+', '-').replace('/', '_');
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("1.2.840.113549.1.1.13", PKCSObjectIdentifiers.sha512WithRSAEncryption);
            hashMap.put("1.2.840.113549.1.1.10", PKCSObjectIdentifiers.id_RSASSA_PSS);
            hashMap.put("1.2.840.113549.1.1.11", PKCSObjectIdentifiers.sha256WithRSAEncryption);
            if (hashMap.get(str2) != null) {
                return Base64.toBase64String(new j(new AlgorithmIdentifier((ASN1ObjectIdentifier) hashMap.get(str2)), new X500Principal(replace).getEncoded(), keyPair).d());
            }
            throw new com.hidglobal.ia.a.c.d("SignatureAlgorithm dose not exit");
        } catch (Throwable th) {
            d.debug("Failed to generate certificate : ", th.getMessage());
            throw new com.hidglobal.ia.a.c.d(th.getMessage());
        }
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final SecureRandom c() {
        if (this.e == null) {
            this.e = new CryptoComplyFipsProvider("C:DEFRND[SHA512];ENABLE{All};", new SecureRandom());
        }
        Security.insertProviderAt(this.e, 1);
        SecureRandom secureRandom = new SecureRandom();
        Security.removeProvider(a());
        if (this.e == null) {
            this.e = new CryptoComplyFipsProvider("C:DEFRND[SHA512];ENABLE{All};", new SecureRandom());
        }
        Security.addProvider(this.e);
        return secureRandom;
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final SecureRandom c(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, NoSuchProviderException {
        return FipsDRBG.SHA512.fromEntropySource(c(), false).setSecurityStrength(256).setPersonalizationString(bArr).setEntropyBitsRequired(256).build(bArr2, false);
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final ECParameterSpec c(String str) {
        X9ECParameters byName = ECNamedCurveTable.getByName(str);
        return new ECParameterSpec(new EllipticCurve(new ECFieldFp(byName.getCurve().getField().getCharacteristic()), byName.getCurve().getA().toBigInteger(), byName.getCurve().getB().toBigInteger(), byName.getSeed()), new ECPoint(byName.getG().getAffineXCoord().toBigInteger(), byName.getG().getAffineYCoord().toBigInteger()), byName.getN(), byName.getH().intValue());
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final char[] c(byte[] bArr) {
        return Hex.toHexString(bArr).toCharArray();
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final byte[] d(Certificate certificate) {
        SubjectKeyIdentifier e = e(certificate);
        return e != null ? e.getKeyIdentifier() : c(certificate);
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final byte[] e(String str) {
        return Base64.decode(str);
    }

    @Override // com.hidglobal.ia.b.b.d.c
    public final byte[] e(byte[] bArr) {
        return Base64.encode(bArr);
    }
}
