package com.robotemi.temimessaging.utils;

import android.util.Base64;
import android.util.Log;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import java.io.IOException;
import java.io.StringWriter;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemWriter;
import timber.log.Timber;

/* loaded from: classes2.dex */
public class EncryptionUtils {
    private static final String TAG = "EncryptionUtils";

    private EncryptionUtils() {
        throw new AssertionError();
    }

    public static KeyPair createKeyPair() {
        KeyPairGenerator keyPairGenerator;
        try {
            keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        } catch (NoSuchAlgorithmException e2) {
            Log.e(TAG, e2.getMessage());
            keyPairGenerator = null;
        }
        if (keyPairGenerator == null) {
            return null;
        }
        keyPairGenerator.initialize(2048);
        return keyPairGenerator.generateKeyPair();
    }

    public static String createPemForPublicKey(PublicKey publicKey) throws IOException {
        StringWriter stringWriter = new StringWriter();
        PemWriter pemWriter = new PemWriter(stringWriter);
        pemWriter.g(new PemObject("PUBLIC KEY", publicKey.getEncoded()));
        pemWriter.flush();
        pemWriter.close();
        Log.d(TAG, "Public key PEM - %s" + stringWriter.toString());
        return stringWriter.toString();
    }

    private static PrivateKey getPrivateKeyFromBase64(String str) {
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decode(str, 2));
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            if (keyFactory != null) {
                return keyFactory.generatePrivate(pKCS8EncodedKeySpec);
            }
            return null;
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e2) {
            Timber.d(e2, "EncryptionUtils:getPrivateKeyFromBase64: Couldn't convert string to private key", new Object[0]);
            return null;
        }
    }

    public static PublicKey getPublicKeyFromBase64(String str) {
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decode(removePem(str), 0)));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e2) {
            Timber.d(e2, "EncryptionUtils:getPublicKeyFromBase64: Couldn't convert string to public key", new Object[0]);
            return null;
        }
    }

    private static String removePem(String str) {
        return str.replace("-----BEGIN PUBLIC KEY-----\n", "").replace("-----END PUBLIC KEY-----", "");
    }

    public static String signWithPrivateKey(String str, String str2) {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(getPrivateKeyFromBase64(str2));
            signature.update(str.getBytes("UTF8"));
            return Base64.encodeToString(signature.sign(), 2);
        } catch (Exception e2) {
            Timber.d(e2, "EncryptionUtils:signWithPrivateKey failed", new Object[0]);
            Log.e(TAG, "Couldn't sign payload");
            return null;
        }
    }

    public static String validateMqttMessage(String str, PublicKey publicKey) {
        JsonObject l = new JsonParser().c(str).l();
        String n = l.u("request").n();
        if (verify(publicKey, l.u("signature").n(), n)) {
            return n;
        }
        return null;
    }

    public static boolean verify(PublicKey publicKey, String str, String str2) {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initVerify(publicKey);
            signature.update(str2.getBytes(StandardCharsets.UTF_8));
            return signature.verify(Base64.decode(str, 0));
        } catch (Exception e2) {
            Timber.d(e2, "EncryptionUtils:verify: failed to verify message", new Object[0]);
            return false;
        }
    }
}
