package com.assaabloy.seos.access.grapefruit;

import com.assaabloy.seos.access.crypto.EccKeyPair;
import com.assaabloy.seos.access.internal.util.FluentOutputStream;
import com.bumptech.glide.load.Key;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.util.Arrays;
import org.bouncycastle.asn1.sec.SECNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.engines.AESEngine;
import org.bouncycastle.crypto.modes.GCMBlockCipher;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.KDFParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.util.BigIntegers;

/* loaded from: classes.dex */
public class GrapefruitEncryption {
    private static final int AES_KEY_LENGTH = 32;
    private static final int GCM_IV_LENGTH = 12;
    private static final X9ECParameters P256 = SECNamedCurves.getByName(EccKeyPair.CURVE);
    private static final byte[] OTHER_INFO_ALGORITHM_ID = "id-aes256-GCM".getBytes(Charset.forName(Key.STRING_CHARSET_NAME));
    private static final byte[] OTHER_INFO_PARTY_U_INFO = "Apple".getBytes(Charset.forName(Key.STRING_CHARSET_NAME));

    private static ECPrivateKeyParameters composeEccPrivateKey(byte[] bArr) {
        X9ECParameters x9ECParameters = P256;
        ECDomainParameters eCDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
        return new ECPrivateKeyParameters(new BigInteger(1, bArr), new ECDomainParameters(eCDomainParameters.getCurve(), eCDomainParameters.getG(), eCDomainParameters.getN()));
    }

    private static ECPublicKeyParameters publicKeyParams(byte[] bArr) {
        X9ECParameters x9ECParameters = P256;
        ECDomainParameters eCDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
        return new ECPublicKeyParameters(eCDomainParameters.getCurve().decodePoint(bArr), new ECDomainParameters(eCDomainParameters.getCurve(), eCDomainParameters.getG(), eCDomainParameters.getN()));
    }

    public byte[] applyKdf(byte[] bArr, byte[] bArr2) {
        ConcatenationKDFGenerator concatenationKDFGenerator = new ConcatenationKDFGenerator(new SHA256Digest());
        concatenationKDFGenerator.init(new KDFParameters(bArr, bArr2));
        byte[] bArr3 = new byte[32];
        concatenationKDFGenerator.generateBytes(bArr3, 0, 32);
        return bArr3;
    }

    public byte[] encrypt(byte[] bArr, byte[] bArr2) {
        try {
            GCMBlockCipher gCMBlockCipher = new GCMBlockCipher(new AESEngine());
            gCMBlockCipher.init(true, new ParametersWithIV(new KeyParameter(bArr), new byte[12]));
            byte[] bArr3 = new byte[gCMBlockCipher.getOutputSize(bArr2.length)];
            int processBytes = gCMBlockCipher.processBytes(bArr2, 0, bArr2.length, bArr3, 0);
            return Arrays.copyOf(bArr3, processBytes + gCMBlockCipher.doFinal(bArr3, processBytes));
        } catch (InvalidCipherTextException e) {
            throw new RuntimeException("Data encryption failed", e);
        }
    }

    public byte[] otherInfo(byte[] bArr) {
        FluentOutputStream fluentOutputStream = new FluentOutputStream();
        byte[] bArr2 = OTHER_INFO_ALGORITHM_ID;
        return fluentOutputStream.write((byte) bArr2.length).write(bArr2).write(OTHER_INFO_PARTY_U_INFO).write(bArr).toByteArray();
    }

    public byte[] rawEcdh(byte[] bArr, byte[] bArr2) {
        ECDHBasicAgreement eCDHBasicAgreement = new ECDHBasicAgreement();
        eCDHBasicAgreement.init(composeEccPrivateKey(bArr));
        return BigIntegers.asUnsignedByteArray(32, eCDHBasicAgreement.calculateAgreement(publicKeyParams(bArr2)));
    }
}
