package org.jmrtd;

import io.fabric.sdk.android.services.common.CommonUtils;
import io.fabric.sdk.android.services.network.HttpRequest;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.Provider;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECField;
import java.security.spec.ECFieldF2m;
import java.security.spec.ECFieldFp;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
import javax.crypto.spec.SecretKeySpec;
import net.sf.scuba.tlv.TLVOutputStream;
import net.sf.scuba.util.Hex;
import org.jmrtd.cbeff.ISO781611;
import org.jmrtd.lds.MRZInfo;
import org.jmrtd.lds.PACEInfo;
import org.jmrtd.lds.SecurityInfo;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.eac.EACObjectIdentifiers;
import org.spongycastle.asn1.pkcs.DHParameter;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.asn1.x9.X962NamedCurves;
import org.spongycastle.asn1.x9.X9ECParameters;
import org.spongycastle.crypto.params.DHParameters;
import org.spongycastle.jce.ECNamedCurveTable;
import org.spongycastle.jce.spec.ECNamedCurveParameterSpec;
import org.spongycastle.jce.spec.ECNamedCurveSpec;
import org.spongycastle.math.ec.ECCurve;
import org.spongycastle.math.ec.ECFieldElement;

/* loaded from: classes2.dex */
public class Util {
    public static final int ENC_MODE = 1;
    public static final int MAC_MODE = 2;
    public static final int PACE_MODE = 3;
    private static final Logger LOGGER = Logger.getLogger("org.jmrtd");
    private static final Provider BC_PROVIDER = JMRTDSecurityProvider.getBouncyCastleProvider();

    private Util() {
    }

    private static ECPoint add(ECPoint eCPoint, ECPoint eCPoint2, ECParameterSpec eCParameterSpec) {
        return fromBouncyCastleECPoint(toBouncyCastleECPoint(eCPoint, eCParameterSpec).add(toBouncyCastleECPoint(eCPoint2, eCParameterSpec)));
    }

    public static byte[] alignKeyDataToSize(byte[] bArr, int i) {
        byte[] bArr2 = new byte[i];
        if (bArr.length < i) {
            i = bArr.length;
        }
        System.arraycopy(bArr, bArr.length - i, bArr2, bArr2.length - i, i);
        return bArr2;
    }

    public static BigInteger computeAffineY(BigInteger bigInteger, ECParameterSpec eCParameterSpec) {
        ECCurve bouncyCastleECCurve = toBouncyCastleECCurve(eCParameterSpec);
        ECFieldElement a = bouncyCastleECCurve.getA();
        ECFieldElement b = bouncyCastleECCurve.getB();
        ECFieldElement fromBigInteger = bouncyCastleECCurve.fromBigInteger(bigInteger);
        return fromBigInteger.multiply(fromBigInteger).add(a).multiply(fromBigInteger).add(b).sqrt().toBigInteger();
    }

    public static byte[] computeKeySeed(String str, String str2, String str3, String str4, boolean z) throws GeneralSecurityException {
        byte[] bArr = {(byte) MRZInfo.checkDigit(str)};
        byte[] bArr2 = {(byte) MRZInfo.checkDigit(str2)};
        byte[] bArr3 = {(byte) MRZInfo.checkDigit(str3)};
        MessageDigest messageDigest = MessageDigest.getInstance(str4);
        messageDigest.update(getBytes(str));
        messageDigest.update(bArr);
        messageDigest.update(getBytes(str2));
        messageDigest.update(bArr2);
        messageDigest.update(getBytes(str3));
        messageDigest.update(bArr3);
        byte[] digest = messageDigest.digest();
        if (!z) {
            return digest;
        }
        byte[] bArr4 = new byte[16];
        System.arraycopy(digest, 0, bArr4, 0, 16);
        return bArr4;
    }

    public static byte[] computeKeySeedForBAC(String str, String str2, String str3) throws GeneralSecurityException {
        return computeKeySeed(str, str2, str3, CommonUtils.SHA1_INSTANCE, true);
    }

    public static byte[] computeKeySeedForPACE(String str, String str2, String str3) throws GeneralSecurityException {
        return computeKeySeed(str, str2, str3, CommonUtils.SHA1_INSTANCE, false);
    }

    public static long computeSendSequenceCounter(byte[] bArr, byte[] bArr2) {
        if (bArr == null || bArr.length != 8 || bArr2 == null || bArr2.length != 8) {
            throw new IllegalStateException("Wrong length input");
        }
        long j = 0;
        for (int i = 4; i < 8; i++) {
            j = (j << 8) + (bArr[i] & 255);
        }
        for (int i2 = 4; i2 < 8; i2++) {
            j = (j << 8) + (bArr2[i2] & 255);
        }
        return j;
    }

    public static PublicKey decodePublicKeyFromSmartCard(byte[] bArr, AlgorithmParameterSpec algorithmParameterSpec) {
        if (algorithmParameterSpec == null) {
            throw new IllegalArgumentException("Params cannot be null");
        }
        try {
            DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(bArr));
            if (algorithmParameterSpec instanceof ECParameterSpec) {
                if (dataInputStream.read() != 4) {
                    throw new IllegalArgumentException("Expected encoded public key to start with 0x04");
                }
                int length = (bArr.length - 1) / 2;
                byte[] bArr2 = new byte[length];
                byte[] bArr3 = new byte[length];
                dataInputStream.readFully(bArr2);
                dataInputStream.readFully(bArr3);
                dataInputStream.close();
                return KeyFactory.getInstance("EC").generatePublic(new ECPublicKeySpec(new ECPoint(os2i(bArr2), os2i(bArr3)), (ECParameterSpec) algorithmParameterSpec));
            }
            if (!(algorithmParameterSpec instanceof DHParameterSpec)) {
                throw new IllegalArgumentException("Expected ECParameterSpec or DHParameterSpec, found " + algorithmParameterSpec.getClass().getCanonicalName());
            }
            if (dataInputStream.read() != 4) {
                throw new IllegalArgumentException("Expected encoded public key to start with 0x04");
            }
            byte[] bArr4 = new byte[bArr.length - 1];
            dataInputStream.readFully(bArr4);
            dataInputStream.close();
            DHParameterSpec dHParameterSpec = (DHParameterSpec) algorithmParameterSpec;
            return KeyFactory.getInstance("DH").generatePublic(new DHPublicKeySpec(os2i(bArr4), dHParameterSpec.getP(), dHParameterSpec.getG()));
        } catch (IOException e) {
            LOGGER.severe("Exception: " + e.getMessage());
            throw new IllegalArgumentException(e.getMessage());
        } catch (GeneralSecurityException e2) {
            LOGGER.severe("Exception: " + e2.getMessage());
            throw new IllegalArgumentException(e2.getMessage());
        }
    }

    public static SecretKey deriveKey(byte[] bArr, int i) throws GeneralSecurityException {
        return deriveKey(bArr, "DESede", 128, i);
    }

    public static SecretKey deriveKey(byte[] bArr, String str, int i, int i2) throws GeneralSecurityException {
        return deriveKey(bArr, str, i, null, i2);
    }

    public static SecretKey deriveKey(byte[] bArr, String str, int i, byte[] bArr2, int i2) throws GeneralSecurityException {
        String inferDigestAlgorithmFromCipherAlgorithmForKeyDerivation = inferDigestAlgorithmFromCipherAlgorithmForKeyDerivation(str, i);
        LOGGER.info("DEBUG: key derivation uses digestAlg = " + inferDigestAlgorithmFromCipherAlgorithmForKeyDerivation);
        MessageDigest messageDigest = MessageDigest.getInstance(inferDigestAlgorithmFromCipherAlgorithmForKeyDerivation);
        messageDigest.reset();
        messageDigest.update(bArr);
        if (bArr2 != null) {
            messageDigest.update(bArr2);
        }
        messageDigest.update(new byte[]{0, 0, 0, (byte) i2});
        byte[] digest = messageDigest.digest();
        byte[] bArr3 = null;
        if ("DESede".equalsIgnoreCase(str) || "3DES".equalsIgnoreCase(str)) {
            switch (i) {
                case 112:
                case 128:
                    bArr3 = new byte[24];
                    System.arraycopy(digest, 0, bArr3, 0, 8);
                    System.arraycopy(digest, 8, bArr3, 8, 8);
                    System.arraycopy(digest, 0, bArr3, 16, 8);
                    break;
                default:
                    throw new IllegalArgumentException("KDF can only use DESede with 128-bit key length");
            }
        } else if ("AES".equalsIgnoreCase(str) || str.startsWith("AES")) {
            switch (i) {
                case 128:
                    bArr3 = new byte[16];
                    System.arraycopy(digest, 0, bArr3, 0, 16);
                    break;
                case 192:
                    bArr3 = new byte[24];
                    System.arraycopy(digest, 0, bArr3, 0, 24);
                    break;
                case 256:
                    bArr3 = new byte[32];
                    System.arraycopy(digest, 0, bArr3, 0, 32);
                    break;
                default:
                    throw new IllegalArgumentException("KDF can only use AES with 128-bit, 192-bit key or 256-bit length, found: " + i + "-bit key length");
            }
        }
        return new SecretKeySpec(bArr3, str);
    }

    public static byte[] encodePublicKeyDataObject(String str, PublicKey publicKey) throws InvalidKeyException {
        return encodePublicKeyDataObject(str, publicKey, true);
    }

    public static byte[] encodePublicKeyDataObject(String str, PublicKey publicKey, boolean z) throws InvalidKeyException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TLVOutputStream tLVOutputStream = new TLVOutputStream(byteArrayOutputStream);
        try {
            tLVOutputStream.writeTag(32585);
            if (publicKey instanceof DHPublicKey) {
                DHPublicKey dHPublicKey = (DHPublicKey) publicKey;
                DHParameterSpec params = dHPublicKey.getParams();
                BigInteger p = params.getP();
                int l = params.getL();
                BigInteger g = params.getG();
                BigInteger y = dHPublicKey.getY();
                tLVOutputStream.write(new ASN1ObjectIdentifier(str).getEncoded());
                if (!z) {
                    tLVOutputStream.writeTag(129);
                    tLVOutputStream.writeValue(i2os(p));
                    tLVOutputStream.writeTag(130);
                    tLVOutputStream.writeValue(i2os(BigInteger.valueOf(l)));
                    tLVOutputStream.writeTag(ISO781611.CREATION_DATE_AND_TIME_TAG);
                    tLVOutputStream.writeValue(i2os(g));
                }
                tLVOutputStream.writeTag(132);
                tLVOutputStream.writeValue(i2os(y));
            } else {
                if (!(publicKey instanceof ECPublicKey)) {
                    throw new InvalidKeyException("Unsupported public key: " + publicKey.getClass().getCanonicalName());
                }
                ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
                ECParameterSpec params2 = eCPublicKey.getParams();
                BigInteger prime = getPrime(params2);
                EllipticCurve curve = params2.getCurve();
                BigInteger a = curve.getA();
                BigInteger b = curve.getB();
                ECPoint generator = params2.getGenerator();
                BigInteger order = params2.getOrder();
                int cofactor = params2.getCofactor();
                ECPoint w = eCPublicKey.getW();
                tLVOutputStream.write(new ASN1ObjectIdentifier(str).getEncoded());
                if (!z) {
                    tLVOutputStream.writeTag(129);
                    tLVOutputStream.writeValue(i2os(prime));
                    tLVOutputStream.writeTag(130);
                    tLVOutputStream.writeValue(i2os(a));
                    tLVOutputStream.writeTag(ISO781611.CREATION_DATE_AND_TIME_TAG);
                    tLVOutputStream.writeValue(i2os(b));
                    tLVOutputStream.writeTag(132);
                    tLVOutputStream.write(i2os(generator.getAffineX()));
                    tLVOutputStream.write(i2os(generator.getAffineY()));
                    tLVOutputStream.writeValueEnd();
                    tLVOutputStream.writeTag(133);
                    tLVOutputStream.writeValue(i2os(order));
                }
                tLVOutputStream.writeTag(ISO781611.CREATOR_OF_BIOMETRIC_REFERENCE_DATA);
                tLVOutputStream.writeValue(publicKeyECPointToOS(w));
                if (!z) {
                    tLVOutputStream.writeTag(ISO781611.FORMAT_OWNER_TAG);
                    tLVOutputStream.writeValue(i2os(BigInteger.valueOf(cofactor)));
                }
            }
            tLVOutputStream.writeValueEnd();
            tLVOutputStream.flush();
            tLVOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            LOGGER.severe("Exception: " + e.getMessage());
            throw new IllegalStateException("Error in encoding public key");
        }
    }

    public static byte[] encodePublicKeyForSmartCard(PublicKey publicKey) throws InvalidKeyException {
        if (publicKey == null) {
            throw new IllegalArgumentException("Cannot encode null public key");
        }
        if (!(publicKey instanceof ECPublicKey)) {
            if (publicKey instanceof DHPublicKey) {
                return i2os(((DHPublicKey) publicKey).getY());
            }
            throw new InvalidKeyException("Unsupported public key: " + publicKey.getClass().getCanonicalName());
        }
        ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(publicKeyECPointToOS(eCPublicKey.getW()));
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            byteArrayOutputStream.close();
            return byteArray;
        } catch (IOException e) {
            throw new IllegalStateException("Internal error writing to memory: " + e.getMessage());
        }
    }

    private static ECPoint fromBouncyCastleECPoint(org.spongycastle.math.ec.ECPoint eCPoint) {
        org.spongycastle.math.ec.ECPoint normalize = eCPoint.normalize();
        if (!normalize.isValid()) {
            LOGGER.warning("point not valid");
        }
        return new ECPoint(normalize.getAffineXCoord().toBigInteger(), normalize.getAffineYCoord().toBigInteger());
    }

    public static byte[] generateAuthenticationToken(String str, SecretKey secretKey, PublicKey publicKey) throws GeneralSecurityException {
        Mac mac = Mac.getInstance(inferMacAlgorithmFromCipherAlgorithm(PACEInfo.toCipherAlgorithm(str)), BC_PROVIDER);
        byte[] encodePublicKeyDataObject = encodePublicKeyDataObject(str, publicKey);
        mac.init(secretKey);
        byte[] doFinal = mac.doFinal(encodePublicKeyDataObject);
        byte[] bArr = new byte[8];
        System.arraycopy(doFinal, 0, bArr, 0, bArr.length);
        return bArr;
    }

    private static byte[] getBytes(String str) {
        byte[] bytes = str.getBytes();
        try {
            return str.getBytes(HttpRequest.CHARSET_UTF8);
        } catch (UnsupportedEncodingException e) {
            LOGGER.severe("Exception: " + e.getMessage());
            return bytes;
        }
    }

    public static String getCurveName(ECParameterSpec eCParameterSpec) {
        ECNamedCurveSpec namedCurveSpec = toNamedCurveSpec(eCParameterSpec);
        if (namedCurveSpec == null) {
            return null;
        }
        return namedCurveSpec.getName();
    }

    public static String getDetailedPublicKeyAlgorithm(PublicKey publicKey) {
        String curveName;
        String algorithm = publicKey.getAlgorithm();
        return publicKey instanceof RSAPublicKey ? algorithm + " [" + ((RSAPublicKey) publicKey).getModulus().bitLength() + " bit]" : (!(publicKey instanceof ECPublicKey) || (curveName = getCurveName(((ECPublicKey) publicKey).getParams())) == null) ? algorithm : algorithm + " [" + curveName + "]";
    }

    public static BigInteger getPrime(AlgorithmParameterSpec algorithmParameterSpec) {
        if (algorithmParameterSpec == null) {
            throw new IllegalArgumentException("Parameters null");
        }
        if (algorithmParameterSpec instanceof DHParameterSpec) {
            return ((DHParameterSpec) algorithmParameterSpec).getP();
        }
        if (!(algorithmParameterSpec instanceof ECParameterSpec)) {
            throw new IllegalArgumentException("Unsupported agreement algorithm, was expecting DHParameterSpec or ECParameterSpec, found " + algorithmParameterSpec.getClass().getCanonicalName());
        }
        ECField field = ((ECParameterSpec) algorithmParameterSpec).getCurve().getField();
        if (field instanceof ECFieldFp) {
            return ((ECFieldFp) field).getP();
        }
        throw new IllegalStateException("Was expecting prime field of type ECFieldFp, found " + field.getClass().getCanonicalName());
    }

    public static byte[] getRawECDSASignature(byte[] bArr, int i) throws IOException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            Enumeration objects = aSN1InputStream.readObject().getObjects();
            while (objects.hasMoreElements()) {
                byteArrayOutputStream.write(alignKeyDataToSize(((ASN1Integer) objects.nextElement()).getValue().toByteArray(), i));
            }
            byteArrayOutputStream.flush();
            return byteArrayOutputStream.toByteArray();
        } finally {
            aSN1InputStream.close();
            byteArrayOutputStream.close();
        }
    }

    public static byte[] i2os(BigInteger bigInteger) {
        int length = bigInteger.toString(16).length();
        if (length % 2 != 0) {
            length++;
        }
        return i2os(bigInteger, length / 2);
    }

    public static byte[] i2os(BigInteger bigInteger, int i) {
        BigInteger valueOf = BigInteger.valueOf(256L);
        byte[] bArr = new byte[i];
        for (int i2 = 0; i2 < i; i2++) {
            BigInteger mod = bigInteger.mod(valueOf);
            bigInteger = bigInteger.divide(valueOf);
            bArr[(i - 1) - i2] = (byte) mod.intValue();
        }
        return bArr;
    }

    public static String inferDigestAlgorithmFromCipherAlgorithmForKeyDerivation(String str, int i) {
        if (str == null) {
            throw new IllegalArgumentException();
        }
        if ("DESede".equals(str) || "AES-128".equals(str)) {
            return CommonUtils.SHA1_INSTANCE;
        }
        if ("AES".equals(str) && i == 128) {
            return CommonUtils.SHA1_INSTANCE;
        }
        if ("AES-256".equals(str) || "AES-192".equals(str)) {
            return "SHA-256";
        }
        if ("AES".equals(str) && (i == 192 || i == 256)) {
            return "SHA-256";
        }
        throw new IllegalArgumentException("Unsupported cipher algorithm or key length \"" + str + "\", " + i);
    }

    public static String inferDigestAlgorithmFromSignatureAlgorithm(String str) {
        if (str == null) {
            throw new IllegalArgumentException();
        }
        String upperCase = str.toUpperCase();
        String str2 = upperCase.contains("WITH") ? upperCase.split("WITH")[0] : null;
        if ("SHA1".equalsIgnoreCase(str2)) {
            str2 = CommonUtils.SHA1_INSTANCE;
        }
        if ("SHA224".equalsIgnoreCase(str2)) {
            str2 = "SHA-224";
        }
        if ("SHA256".equalsIgnoreCase(str2)) {
            str2 = "SHA-256";
        }
        if ("SHA384".equalsIgnoreCase(str2)) {
            str2 = "SHA-384";
        }
        return "SHA512".equalsIgnoreCase(str2) ? "SHA-512" : str2;
    }

    public static String inferKeyAgreementAlgorithm(PublicKey publicKey) {
        if (publicKey instanceof ECPublicKey) {
            return "ECDH";
        }
        if (publicKey instanceof DHPublicKey) {
            return "DH";
        }
        throw new IllegalArgumentException("Unsupported public key: " + publicKey);
    }

    public static String inferMacAlgorithmFromCipherAlgorithm(String str) throws InvalidAlgorithmParameterException {
        if (str == null) {
            throw new IllegalArgumentException("Cannot infer MAC algorithm from cipher algoruthm null");
        }
        if (str.startsWith("DESede")) {
            return "ISO9797Alg3Mac";
        }
        if (str.startsWith("AES")) {
            return "AESCMAC";
        }
        throw new InvalidAlgorithmParameterException("Cannot infer MAC algorithm from cipher algorithm \"" + str + "\"");
    }

    public static String inferProtocolIdentifier(PublicKey publicKey) {
        String algorithm = publicKey.getAlgorithm();
        if ("EC".equals(algorithm) || "ECDH".equals(algorithm)) {
            return SecurityInfo.ID_PK_ECDH_OID;
        }
        if ("DH".equals(algorithm)) {
            return SecurityInfo.ID_PK_DH_OID;
        }
        throw new IllegalArgumentException("Wrong key type. Was expecting ECDH or DH public key.");
    }

    public static boolean isValid(ECPoint eCPoint, ECParameterSpec eCParameterSpec) {
        return toBouncyCastleECPoint(eCPoint, eCParameterSpec).isValid();
    }

    public static AlgorithmParameterSpec mapNonceGM(byte[] bArr, byte[] bArr2, AlgorithmParameterSpec algorithmParameterSpec) {
        if (algorithmParameterSpec == null) {
            throw new IllegalArgumentException("Unsupported parameters for mapping nonce");
        }
        if (algorithmParameterSpec instanceof ECParameterSpec) {
            ECParameterSpec eCParameterSpec = (ECParameterSpec) algorithmParameterSpec;
            BigInteger os2i = os2i(bArr2);
            return mapNonceGMWithECDH(os2i(bArr), new ECPoint(os2i, computeAffineY(os2i, eCParameterSpec)), eCParameterSpec);
        }
        if (!(algorithmParameterSpec instanceof DHParameterSpec)) {
            throw new IllegalArgumentException("Unsupported parameters for mapping nonce, expected ECParameterSpec or DHParameterSpec, found " + algorithmParameterSpec.getClass().getCanonicalName());
        }
        return mapNonceGMWithDH(os2i(bArr), os2i(bArr2), (DHParameterSpec) algorithmParameterSpec);
    }

    private static DHParameterSpec mapNonceGMWithDH(BigInteger bigInteger, BigInteger bigInteger2, DHParameterSpec dHParameterSpec) {
        BigInteger p = dHParameterSpec.getP();
        return new DHParameterSpec(p, dHParameterSpec.getG().modPow(bigInteger, p).multiply(bigInteger2).mod(p), dHParameterSpec.getL());
    }

    private static ECParameterSpec mapNonceGMWithECDH(BigInteger bigInteger, ECPoint eCPoint, ECParameterSpec eCParameterSpec) {
        ECPoint generator = eCParameterSpec.getGenerator();
        EllipticCurve curve = eCParameterSpec.getCurve();
        BigInteger a = curve.getA();
        BigInteger b = curve.getB();
        BigInteger p = ((ECFieldFp) curve.getField()).getP();
        BigInteger order = eCParameterSpec.getOrder();
        int cofactor = eCParameterSpec.getCofactor();
        ECPoint add = add(multiply(bigInteger, generator, eCParameterSpec), eCPoint, eCParameterSpec);
        if (!toBouncyCastleECPoint(add, eCParameterSpec).isValid()) {
            LOGGER.info("ephemeralGenerator is not a valid point");
        }
        return new ECParameterSpec(new EllipticCurve(new ECFieldFp(p), a, b), add, order, cofactor);
    }

    public static AlgorithmParameterSpec mapNonceIM(byte[] bArr, byte[] bArr2, byte[] bArr3, AlgorithmParameterSpec algorithmParameterSpec) {
        return null;
    }

    public static ECPoint multiply(BigInteger bigInteger, ECPoint eCPoint, ECParameterSpec eCParameterSpec) {
        return fromBouncyCastleECPoint(toBouncyCastleECPoint(eCPoint, eCParameterSpec).multiply(bigInteger));
    }

    public static ECPoint normalize(ECPoint eCPoint, ECParameterSpec eCParameterSpec) {
        return fromBouncyCastleECPoint(toBouncyCastleECPoint(eCPoint, eCParameterSpec).normalize());
    }

    public static BigInteger os2fe(byte[] bArr, BigInteger bigInteger) {
        return os2i(bArr).mod(bigInteger);
    }

    public static BigInteger os2i(byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException();
        }
        return os2i(bArr, 0, bArr.length);
    }

    public static BigInteger os2i(byte[] bArr, int i, int i2) {
        if (bArr == null) {
            throw new IllegalArgumentException();
        }
        BigInteger bigInteger = BigInteger.ZERO;
        BigInteger valueOf = BigInteger.valueOf(256L);
        BigInteger bigInteger2 = bigInteger;
        for (int i3 = i; i3 < i + i2; i3++) {
            bigInteger2 = bigInteger2.multiply(valueOf).add(BigInteger.valueOf(bArr[i3] & 255));
        }
        return bigInteger2;
    }

    public static byte[] padWithCAN(byte[] bArr, int i) {
        return padWithCAN(bArr, 0, bArr.length, i);
    }

    public static byte[] padWithCAN(byte[] bArr, int i, int i2, int i3) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(bArr, i, i2);
        byteArrayOutputStream.write(-128);
        while (byteArrayOutputStream.size() % i3 != 0) {
            byteArrayOutputStream.write(0);
        }
        return byteArrayOutputStream.toByteArray();
    }

    public static byte[] padWithMRZ(byte[] bArr) {
        return padWithMRZ(bArr, 0, bArr.length);
    }

    public static byte[] padWithMRZ(byte[] bArr, int i, int i2) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(bArr, i, i2);
        byteArrayOutputStream.write(-128);
        while (byteArrayOutputStream.size() % 8 != 0) {
            byteArrayOutputStream.write(0);
        }
        return byteArrayOutputStream.toByteArray();
    }

    public static byte[] publicKeyECPointToOS(ECPoint eCPoint) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        BigInteger affineX = eCPoint.getAffineX();
        BigInteger affineY = eCPoint.getAffineY();
        try {
            byteArrayOutputStream.write(4);
            byteArrayOutputStream.write(i2os(affineX));
            byteArrayOutputStream.write(i2os(affineY));
            byteArrayOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new IllegalStateException(e.getMessage());
        }
    }

    public static PublicKey reconstructPublicKey(PublicKey publicKey) {
        if (!(publicKey instanceof ECPublicKey)) {
            return publicKey;
        }
        try {
            ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
            ECPoint w = eCPublicKey.getW();
            ECParameterSpec explicitECParameterSpec = toExplicitECParameterSpec(eCPublicKey.getParams());
            if (explicitECParameterSpec == null) {
                return publicKey;
            }
            return KeyFactory.getInstance("EC", BC_PROVIDER).generatePublic(new ECPublicKeySpec(w, explicitECParameterSpec));
        } catch (Exception e) {
            LOGGER.warning("Could not make public key param spec explicit");
            return publicKey;
        }
    }

    public static byte[] recoverMessage(int i, byte[] bArr) {
        if (bArr == null || bArr.length < 1) {
            throw new IllegalArgumentException("Plaintext too short to recover message");
        }
        if (((bArr[0] & 192) ^ 64) != 0) {
            throw new NumberFormatException("Could not get M1");
        }
        if (((bArr[bArr.length - 1] & PassportService.SF_DG15) ^ 12) != 0) {
            throw new NumberFormatException("Could not get M1");
        }
        if (((bArr[bArr.length - 1] & 255) ^ 188) != 0) {
            throw new NumberFormatException("Could not get M1");
        }
        int i2 = 0;
        while (i2 < bArr.length && ((bArr[i2] & PassportService.SF_DG15) ^ 10) != 0) {
            i2++;
        }
        int i3 = i2 + 1;
        int length = ((bArr.length - 1) - i) - i3;
        if (length <= 0) {
            throw new NumberFormatException("Could not get M1");
        }
        if ((bArr[0] & 32) == 0) {
            throw new NumberFormatException("Could not get M1");
        }
        byte[] bArr2 = new byte[length];
        System.arraycopy(bArr, i3, bArr2, 0, length);
        return bArr2;
    }

    private static ECCurve toBouncyCastleECCurve(ECParameterSpec eCParameterSpec) {
        EllipticCurve curve = eCParameterSpec.getCurve();
        ECField field = curve.getField();
        if (!(field instanceof ECFieldFp)) {
            throw new IllegalArgumentException("Only prime field supported (for now), found " + field.getClass().getCanonicalName());
        }
        int cofactor = eCParameterSpec.getCofactor();
        return new ECCurve.Fp(getPrime(eCParameterSpec), curve.getA(), curve.getB(), eCParameterSpec.getOrder(), BigInteger.valueOf(cofactor));
    }

    private static org.spongycastle.math.ec.ECPoint toBouncyCastleECPoint(ECPoint eCPoint, ECParameterSpec eCParameterSpec) {
        return toBouncyCastleECCurve(eCParameterSpec).createPoint(eCPoint.getAffineX(), eCPoint.getAffineY(), false);
    }

    public static ECNamedCurveSpec toECNamedCurveSpec(ECNamedCurveParameterSpec eCNamedCurveParameterSpec) {
        return new ECNamedCurveSpec(eCNamedCurveParameterSpec.getName(), eCNamedCurveParameterSpec.getCurve(), eCNamedCurveParameterSpec.getG(), eCNamedCurveParameterSpec.getN(), eCNamedCurveParameterSpec.getH(), eCNamedCurveParameterSpec.getSeed());
    }

    public static DHParameterSpec toExplicitDHParameterSpec(DHParameters dHParameters) {
        return new DHParameterSpec(dHParameters.getP(), dHParameters.getG(), dHParameters.getL());
    }

    public static ECParameterSpec toExplicitECParameterSpec(ECParameterSpec eCParameterSpec) {
        try {
            ECPoint generator = eCParameterSpec.getGenerator();
            BigInteger order = eCParameterSpec.getOrder();
            int cofactor = eCParameterSpec.getCofactor();
            EllipticCurve curve = eCParameterSpec.getCurve();
            BigInteger a = curve.getA();
            BigInteger b = curve.getB();
            ECField field = curve.getField();
            if (field instanceof ECFieldFp) {
                eCParameterSpec = new ECParameterSpec(new EllipticCurve(new ECFieldFp(((ECFieldFp) field).getP()), a, b), generator, order, cofactor);
            } else if (field instanceof ECFieldF2m) {
                eCParameterSpec = new ECParameterSpec(new EllipticCurve(new ECFieldF2m(((ECFieldF2m) field).getM()), a, b), generator, order, cofactor);
            } else {
                LOGGER.warning("Could not make named EC param spec explicit");
            }
        } catch (Exception e) {
            LOGGER.warning("Could not make named EC param spec explicit");
        }
        return eCParameterSpec;
    }

    public static ECParameterSpec toExplicitECParameterSpec(ECNamedCurveParameterSpec eCNamedCurveParameterSpec) {
        return toExplicitECParameterSpec((ECParameterSpec) toECNamedCurveSpec(eCNamedCurveParameterSpec));
    }

    private static ECNamedCurveSpec toNamedCurveSpec(ECParameterSpec eCParameterSpec) {
        if (eCParameterSpec == null) {
            return null;
        }
        if (eCParameterSpec instanceof ECNamedCurveSpec) {
            return (ECNamedCurveSpec) eCParameterSpec;
        }
        ArrayList list = Collections.list(ECNamedCurveTable.getNames());
        ArrayList arrayList = new ArrayList();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            ECNamedCurveSpec eCNamedCurveSpec = toECNamedCurveSpec(ECNamedCurveTable.getParameterSpec((String) it.next()));
            if (eCNamedCurveSpec.getCurve().equals(eCParameterSpec.getCurve()) && eCNamedCurveSpec.getGenerator().equals(eCParameterSpec.getGenerator()) && eCNamedCurveSpec.getOrder().equals(eCParameterSpec.getOrder()) && eCNamedCurveSpec.getCofactor() == eCParameterSpec.getCofactor()) {
                arrayList.add(eCNamedCurveSpec);
            }
        }
        if (arrayList.size() == 0) {
            return null;
        }
        return arrayList.size() == 1 ? (ECNamedCurveSpec) arrayList.get(0) : (ECNamedCurveSpec) arrayList.get(0);
    }

    public static PublicKey toPublicKey(SubjectPublicKeyInfo subjectPublicKeyInfo) {
        PublicKey publicKey = null;
        try {
            try {
                X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(subjectPublicKeyInfo.getEncoded("DER"));
                try {
                    publicKey = KeyFactory.getInstance("DH").generatePublic(x509EncodedKeySpec);
                } catch (GeneralSecurityException e) {
                    publicKey = KeyFactory.getInstance("EC", BC_PROVIDER).generatePublic(x509EncodedKeySpec);
                }
            } catch (Exception e2) {
                LOGGER.severe("Exception: " + e2.getMessage());
            }
        } catch (GeneralSecurityException e3) {
            LOGGER.severe("Exception: " + e3.getMessage());
        }
        return publicKey;
    }

    public static SubjectPublicKeyInfo toSubjectPublicKeyInfo(PublicKey publicKey) {
        try {
            String algorithm = publicKey.getAlgorithm();
            if (!"EC".equals(algorithm) && !"ECDH".equals(algorithm) && !(publicKey instanceof ECPublicKey)) {
                if (!"DH".equals(algorithm) && !(publicKey instanceof DHPublicKey)) {
                    throw new IllegalArgumentException("Unrecognized key type, found " + publicKey.getAlgorithm() + ", should be DH or ECDH");
                }
                DHPublicKey dHPublicKey = (DHPublicKey) publicKey;
                DHParameterSpec params = dHPublicKey.getParams();
                return new SubjectPublicKeyInfo(new AlgorithmIdentifier(EACObjectIdentifiers.id_PK_DH, new DHParameter(params.getP(), params.getG(), params.getL()).toASN1Primitive()), new ASN1Integer(dHPublicKey.getY()));
            }
            ASN1InputStream aSN1InputStream = new ASN1InputStream(publicKey.getEncoded());
            SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(aSN1InputStream.readObject());
            aSN1InputStream.close();
            AlgorithmIdentifier algorithm2 = subjectPublicKeyInfo.getAlgorithm();
            String id = algorithm2.getAlgorithm().getId();
            if (!SecurityInfo.ID_EC_PUBLIC_KEY.equals(id)) {
                throw new IllegalStateException("Was expecting id-ecPublicKey (" + SecurityInfo.ID_EC_PUBLIC_KEY_TYPE + "), found " + id);
            }
            ASN1ObjectIdentifier aSN1Primitive = algorithm2.getParameters().toASN1Primitive();
            if (!(aSN1Primitive instanceof ASN1ObjectIdentifier)) {
                return subjectPublicKeyInfo;
            }
            ASN1ObjectIdentifier aSN1ObjectIdentifier = aSN1Primitive;
            X9ECParameters byOID = X962NamedCurves.getByOID(aSN1ObjectIdentifier);
            if (byOID == null) {
                throw new IllegalStateException("Could not find X9.62 named curve for OID " + aSN1ObjectIdentifier.getId());
            }
            org.spongycastle.math.ec.ECPoint g = byOID.getG();
            return publicKey instanceof org.spongycastle.jce.interfaces.ECPublicKey ? new SubjectPublicKeyInfo(new AlgorithmIdentifier(subjectPublicKeyInfo.getAlgorithm().getAlgorithm(), new X9ECParameters(byOID.getCurve(), g.getCurve().createPoint(g.getX().toBigInteger(), g.getY().toBigInteger(), false), byOID.getN(), byOID.getH(), byOID.getSeed()).toASN1Primitive()), ((org.spongycastle.jce.interfaces.ECPublicKey) publicKey).getQ().getEncoded()) : subjectPublicKeyInfo;
        } catch (Exception e) {
            LOGGER.severe("Exception: " + e.getMessage());
            return null;
        }
    }

    public static byte[] unpad(byte[] bArr) throws BadPaddingException {
        int length = bArr.length - 1;
        while (length >= 0 && bArr[length] == 0) {
            length--;
        }
        if ((bArr[length] & 255) != 128) {
            throw new BadPaddingException("Expected constant 0x80, found 0x" + Integer.toHexString(bArr[length] & 255) + "\nDEBUG: in = " + Hex.bytesToHexString(bArr) + ", index = " + length);
        }
        byte[] bArr2 = new byte[length];
        System.arraycopy(bArr, 0, bArr2, 0, length);
        return bArr2;
    }

    public static byte[] unwrapDO(byte b, byte[] bArr) {
        if (bArr == null || bArr.length < 2) {
            throw new IllegalArgumentException("Wrapped data is null or length < 2");
        }
        byte b2 = bArr[0];
        if (b2 != b) {
            throw new IllegalArgumentException("Expected tag " + Integer.toHexString(b) + ", found tag " + Integer.toHexString(b2));
        }
        byte[] bArr2 = new byte[bArr.length - 2];
        System.arraycopy(bArr, 2, bArr2, 0, bArr2.length);
        return bArr2;
    }

    public static byte[] wrapDO(byte b, byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException("Data to wrap is null");
        }
        byte[] bArr2 = new byte[bArr.length + 2];
        bArr2[0] = b;
        bArr2[1] = (byte) bArr.length;
        System.arraycopy(bArr, 0, bArr2, 2, bArr.length);
        return bArr2;
    }
}
