package com.layer.transport.auth;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509KeyManager;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: Crypto.java */
/* loaded from: classes2.dex */
public class d {
    public static String a(String str, String str2, KeyPair keyPair) throws GeneralSecurityException, IOException {
        JSONObject jSONObject = new JSONObject();
        a(jSONObject, "typ", (Object) "JWS");
        a(jSONObject, "cty", (Object) "layer-csr;v=1");
        a(jSONObject, "alg", (Object) "RS256");
        String a2 = a(jSONObject);
        JSONObject jSONObject2 = new JSONObject();
        a(jSONObject2, "uat", (Object) str);
        a(jSONObject2, "prn", (Object) str2);
        a(jSONObject2, "pka", (Object) keyPair.getPublic().getAlgorithm());
        a(jSONObject2, "pky", (Object) d.f.a(keyPair.getPublic().getEncoded()).b());
        String a3 = a(jSONObject2);
        return a2 + "." + a3 + "." + d.f.a(a(keyPair.getPrivate(), "SHA256withRSA", b(a2 + "." + a3))).b();
    }

    private static String a(JSONObject jSONObject) {
        return d.f.a(b(jSONObject.toString())).b();
    }

    private static String a(JSONObject jSONObject, String str, String str2) throws JSONException {
        Object obj = jSONObject.get(str);
        if ((str instanceof String) && str2.equals(obj)) {
            return (String) obj;
        }
        throw new IllegalArgumentException("Bogus entry: key = " + str + " val = " + obj + " instead of " + str2);
    }

    public static KeyPair a(e eVar, int i2) {
        try {
            KeyPairGenerator d2 = eVar.d();
            d2.initialize(i2);
            return d2.generateKeyPair();
        } catch (NoSuchAlgorithmException e2) {
            if (!com.layer.transport.lsdkd.a.a(6)) {
                return null;
            }
            com.layer.transport.lsdkd.a.b(e2.getMessage(), e2);
            return null;
        }
    }

    public static KeyPair a(e eVar, byte[] bArr, byte[] bArr2) {
        try {
            KeyFactory a2 = eVar.a();
            return new KeyPair(a2.generatePublic(new X509EncodedKeySpec(bArr)), a2.generatePrivate(new PKCS8EncodedKeySpec(bArr2)));
        } catch (NoSuchAlgorithmException e2) {
            if (!com.layer.transport.lsdkd.a.a(6)) {
                return null;
            }
            com.layer.transport.lsdkd.a.b(e2.getMessage(), e2);
            return null;
        } catch (InvalidKeySpecException e3) {
            if (!com.layer.transport.lsdkd.a.a(6)) {
                return null;
            }
            com.layer.transport.lsdkd.a.b(e3.getMessage(), e3);
            return null;
        }
    }

    public static PublicKey a(e eVar, String str) {
        try {
            return eVar.e().generateCertificate(new ByteArrayInputStream(d.f.b(str.replaceAll("-----BEGIN CERTIFICATE-----", "").replaceAll("-----END CERTIFICATE-----", "")).g())).getPublicKey();
        } catch (Exception e2) {
            if (!com.layer.transport.lsdkd.a.a(6)) {
                return null;
            }
            com.layer.transport.lsdkd.a.b(e2.getMessage(), e2);
            return null;
        }
    }

    public static Certificate a(e eVar, byte[] bArr) {
        try {
            return eVar.e().generateCertificate(new ByteArrayInputStream(bArr));
        } catch (CertificateException e2) {
            if (!com.layer.transport.lsdkd.a.a(6)) {
                return null;
            }
            com.layer.transport.lsdkd.a.b(e2.getMessage(), e2);
            return null;
        }
    }

    public static X509KeyManager a(e eVar, KeyPair keyPair, Certificate certificate) {
        char[] charArray = "".toCharArray();
        Certificate[] certificateArr = {certificate};
        try {
            KeyStore b2 = eVar.b();
            b2.load(null, charArray);
            b2.setCertificateEntry("csr", certificate);
            b2.setKeyEntry("rsa_priv", keyPair.getPrivate(), charArray, certificateArr);
            KeyManagerFactory c2 = eVar.c();
            c2.init(b2, charArray);
            for (KeyManager keyManager : c2.getKeyManagers()) {
                if (keyManager instanceof X509KeyManager) {
                    return (X509KeyManager) keyManager;
                }
            }
            throw new IllegalStateException("No X509 KeyManager found");
        } catch (IOException e2) {
            if (com.layer.transport.lsdkd.a.a(6)) {
                com.layer.transport.lsdkd.a.b(e2.getMessage(), e2);
            }
            return null;
        } catch (KeyStoreException e3) {
            if (com.layer.transport.lsdkd.a.a(6)) {
                com.layer.transport.lsdkd.a.b(e3.getMessage(), e3);
            }
            return null;
        } catch (NoSuchAlgorithmException e4) {
            if (com.layer.transport.lsdkd.a.a(6)) {
                com.layer.transport.lsdkd.a.b(e4.getMessage(), e4);
            }
            return null;
        } catch (UnrecoverableKeyException e5) {
            if (com.layer.transport.lsdkd.a.a(6)) {
                com.layer.transport.lsdkd.a.b(e5.getMessage(), e5);
            }
            return null;
        } catch (CertificateException e6) {
            if (com.layer.transport.lsdkd.a.a(6)) {
                com.layer.transport.lsdkd.a.b(e6.getMessage(), e6);
            }
            return null;
        }
    }

    private static JSONObject a(byte[] bArr) throws JSONException {
        return new JSONObject(b(bArr));
    }

    public static void a(String str) throws GeneralSecurityException, IOException {
        String[] split = str.split("\\.");
        if (split.length != 3) {
            throw new IllegalArgumentException("Wrong number of components: " + split.length);
        }
        JSONObject a2 = a(d.f.b(split[0]).g());
        a(a2, "typ", "JWS");
        a(a2, "cty", "layer-csr;v=1");
        a(a2, "alg", "RS256");
        JSONObject a3 = a(d.f.b(split[1]).g());
        a(KeyFactory.getInstance(a(a3, "pka", "RSA")).generatePublic(new X509EncodedKeySpec(d.f.b(a3.getString("pky")).g())), "SHA256withRSA", b(split[0] + "." + split[1]), d.f.b(split[2]).g());
    }

    private static void a(PublicKey publicKey, String str, byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        Signature signature = Signature.getInstance(str);
        signature.initVerify(publicKey);
        signature.update(bArr);
        if (!signature.verify(bArr2)) {
            throw new GeneralSecurityException("Signature doesn't match");
        }
    }

    private static void a(JSONObject jSONObject, String str, Object obj) {
        try {
            jSONObject.put(str, obj);
        } catch (JSONException unused) {
            throw new RuntimeException("Problem putting JSONObject entry, this should never happen!");
        }
    }

    private static byte[] a(PrivateKey privateKey, String str, byte[] bArr) throws GeneralSecurityException {
        Signature signature = Signature.getInstance(str);
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    private static String b(byte[] bArr) {
        return new String(bArr, Charset.forName("UTF-8"));
    }

    private static byte[] b(String str) {
        return str.getBytes(Charset.forName("UTF-8"));
    }
}
