package io.horizontalsystems.ethereumkit.crypto;

import com.esaulpaugh.headlong.rlp.KeyValuePair;
import com.walletconnect.foundation.util.jwt.JwtUtilsKt;
import io.horizontalsystems.ethereumkit.spv.core.ExtensionsKt;
import io.horizontalsystems.ethereumkit.spv.helpers.RandomHelper;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.util.Arrays;
import kotlin.Metadata;
import kotlin.collections.ArraysKt;
import kotlin.jvm.internal.Intrinsics;
import org.bitcoinj.uri.BitcoinURI;
import org.bouncycastle.asn1.sec.SECNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.asn1.x9.X9IntegerConverter;
import org.bouncycastle.crypto.BufferedBlockCipher;
import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.engines.AESEngine;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.modes.SICBlockCipher;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.IESWithCipherParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.math.ec.ECAlgorithms;
import org.bouncycastle.math.ec.ECCurve;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.util.BigIntegers;

/* compiled from: CryptoUtils.kt */
@Metadata(d1 = {"\u0000^\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\b\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0010\u0012\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u000b\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0016\u0010\u0013\u001a\u00020\u00142\u0006\u0010\u0015\u001a\u00020\u00142\u0006\u0010\u0016\u001a\u00020\u0014J\u0018\u0010\u0017\u001a\u00020\u00182\u0006\u0010\u0019\u001a\u00020\f2\u0006\u0010\u001a\u001a\u00020\u001bH\u0002J\u000e\u0010\u001c\u001a\u00020\u001d2\u0006\u0010\u001e\u001a\u00020\fJ\u0016\u0010\u001f\u001a\u00020\u00142\u0006\u0010 \u001a\u00020\u001d2\u0006\u0010!\u001a\u00020\u0018J\u0016\u0010\"\u001a\u00020\u00142\u0006\u0010#\u001a\u00020\f2\u0006\u0010$\u001a\u00020%J\u0016\u0010&\u001a\u00020%2\u0006\u0010'\u001a\u00020\u00182\u0006\u0010$\u001a\u00020\u0014J\u0016\u0010(\u001a\u00020\u00142\u0006\u0010)\u001a\u00020\u00142\u0006\u0010#\u001a\u00020\fJ(\u0010*\u001a\u00020+2\u0006\u0010,\u001a\u00020\u001b2\u0006\u0010-\u001a\u00020\u00182\u0006\u0010.\u001a\u00020\f2\u0006\u0010/\u001a\u00020\u0014H\u0002J,\u00100\u001a\u0004\u0018\u00010\u00142\u0006\u00101\u001a\u00020\n2\u0006\u00102\u001a\u00020\f2\u0006\u00103\u001a\u00020\f2\b\u00104\u001a\u0004\u0018\u00010\u0014H\u0002J\u000e\u00105\u001a\u00020\u00142\u0006\u0010\u0016\u001a\u00020\u0014R\u0011\u0010\u0003\u001a\u00020\u0004¢\u0006\b\n\u0000\u001a\u0004\b\u0005\u0010\u0006R\u000e\u0010\u0007\u001a\u00020\bX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\t\u001a\u00020\nX\u0082D¢\u0006\u0002\n\u0000R\u0011\u0010\u000b\u001a\u00020\f¢\u0006\b\n\u0000\u001a\u0004\b\r\u0010\u000eR\u000e\u0010\u000f\u001a\u00020\u0010X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\u0011\u001a\u00020\nX\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0012\u001a\u00020\nX\u0086T¢\u0006\u0002\n\u0000¨\u00066"}, d2 = {"Lio/horizontalsystems/ethereumkit/crypto/CryptoUtils;", "", "()V", "CURVE", "Lorg/bouncycastle/crypto/params/ECDomainParameters;", "getCURVE", "()Lorg/bouncycastle/crypto/params/ECDomainParameters;", "CURVE_SPEC", "Lorg/bouncycastle/jce/spec/ECParameterSpec;", "ECIES_PREFIX_SIZE", "", "HALF_CURVE_ORDER", "Ljava/math/BigInteger;", "getHALF_CURVE_ORDER", "()Ljava/math/BigInteger;", "HASH_256_ALGORITHM_NAME", "", "KEY_SIZE", "SECRET_SIZE", "aesEncrypt", "", JwtUtilsKt.DID_METHOD_KEY, "data", "decompressKey", "Lorg/bouncycastle/math/ec/ECPoint;", "xBN", "yBit", "", "ecKeyFromPrivate", "Lio/horizontalsystems/ethereumkit/crypto/ECKey;", "privKey", "ecdhAgree", "myKey", "remotePublicKeyPoint", "eciesDecrypt", "privateKey", BitcoinURI.FIELD_MESSAGE, "Lio/horizontalsystems/ethereumkit/crypto/ECIESEncryptedMessage;", "eciesEncrypt", "remotePublicKey", "ellipticSign", "messageToSign", "makeIESEngine", "Lio/horizontalsystems/ethereumkit/crypto/IESEngine;", "isEncrypt", "pub", "prv", "IV", "recoverPubBytesFromSignature", "recId", BitcoinURI.FIELD_PAYMENT_REQUEST_URL, "s", "messageHash", "sha3", "ethereumkit_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes9.dex */
public final class CryptoUtils {
    private static final ECDomainParameters CURVE;
    private static final ECParameterSpec CURVE_SPEC;
    private static final BigInteger HALF_CURVE_ORDER;
    private static final int KEY_SIZE = 128;
    public static final int SECRET_SIZE = 32;
    public static final CryptoUtils INSTANCE = new CryptoUtils();
    private static final String HASH_256_ALGORITHM_NAME = "ETH-KECCAK-256";
    private static final int ECIES_PREFIX_SIZE = 113;

    static {
        X9ECParameters byName = SECNamedCurves.getByName(KeyValuePair.SECP256K1);
        CURVE = new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN(), byName.getH());
        CURVE_SPEC = new ECParameterSpec(byName.getCurve(), byName.getG(), byName.getN(), byName.getH());
        BigInteger shiftRight = byName.getN().shiftRight(1);
        Intrinsics.checkNotNullExpressionValue(shiftRight, "params.n.shiftRight(1)");
        HALF_CURVE_ORDER = shiftRight;
    }

    private CryptoUtils() {
    }

    private final ECPoint decompressKey(BigInteger xBN, boolean yBit) {
        X9IntegerConverter x9IntegerConverter = new X9IntegerConverter();
        ECDomainParameters eCDomainParameters = CURVE;
        byte[] integerToBytes = x9IntegerConverter.integerToBytes(xBN, x9IntegerConverter.getByteLength(eCDomainParameters.getCurve()) + 1);
        integerToBytes[0] = (byte) (yBit ? 3 : 2);
        ECPoint decodePoint = eCDomainParameters.getCurve().decodePoint(integerToBytes);
        Intrinsics.checkNotNullExpressionValue(decodePoint, "CURVE.curve.decodePoint(compEnc)");
        return decodePoint;
    }

    private final IESEngine makeIESEngine(boolean isEncrypt, ECPoint pub, BigInteger prv, byte[] IV) {
        IESEngine iESEngine = new IESEngine(new ECDHBasicAgreement(), new ConcatKDFBytesGenerator(new SHA256Digest()), new HMac(new SHA256Digest()), new SHA256Digest(), new BufferedBlockCipher(new SICBlockCipher(new AESEngine())));
        ParametersWithIV parametersWithIV = new ParametersWithIV(new IESWithCipherParameters(new byte[0], new byte[0], 128, 128), IV);
        ECDomainParameters eCDomainParameters = CURVE;
        iESEngine.init(isEncrypt, new ECPrivateKeyParameters(prv, eCDomainParameters), new ECPublicKeyParameters(pub, eCDomainParameters), parametersWithIV);
        return iESEngine;
    }

    private final byte[] recoverPubBytesFromSignature(int recId, BigInteger r, BigInteger s, byte[] messageHash) {
        ECDomainParameters eCDomainParameters = CURVE;
        BigInteger n = eCDomainParameters.getN();
        BigInteger x = r.add(BigInteger.valueOf(recId / 2).multiply(n));
        ECCurve curve = eCDomainParameters.getCurve();
        Intrinsics.checkNotNull(curve, "null cannot be cast to non-null type org.bouncycastle.math.ec.ECCurve.Fp");
        if (x.compareTo(((ECCurve.Fp) curve).getQ()) >= 0) {
            return null;
        }
        Intrinsics.checkNotNullExpressionValue(x, "x");
        ECPoint decompressKey = decompressKey(x, (recId & 1) == 1);
        if (!decompressKey.multiply(n).isInfinity()) {
            return null;
        }
        BigInteger mod = BigInteger.ZERO.subtract(new BigInteger(1, messageHash)).mod(n);
        BigInteger modInverse = r.modInverse(n);
        ECPoint sumOfTwoMultiplies = ECAlgorithms.sumOfTwoMultiplies(eCDomainParameters.getG(), modInverse.multiply(mod).mod(n), decompressKey, modInverse.multiply(s).mod(n));
        Intrinsics.checkNotNull(sumOfTwoMultiplies, "null cannot be cast to non-null type org.bouncycastle.math.ec.ECPoint.Fp");
        ECPoint.Fp fp = (ECPoint.Fp) sumOfTwoMultiplies;
        if (fp.isInfinity()) {
            return null;
        }
        return fp.getEncoded(false);
    }

    public final byte[] aesEncrypt(byte[] key, byte[] data) {
        Intrinsics.checkNotNullParameter(key, "key");
        Intrinsics.checkNotNullParameter(data, "data");
        byte[] bArr = new byte[data.length];
        AESEngine aESEngine = new AESEngine();
        aESEngine.init(true, new KeyParameter(key));
        aESEngine.processBlock(data, 0, bArr, 0);
        return bArr;
    }

    public final ECKey ecKeyFromPrivate(BigInteger privKey) {
        Intrinsics.checkNotNullParameter(privKey, "privKey");
        ECPoint multiply = CURVE.getG().multiply(privKey);
        Intrinsics.checkNotNullExpressionValue(multiply, "CURVE.g.multiply(privKey)");
        return new ECKey(privKey, multiply);
    }

    public final byte[] ecdhAgree(ECKey myKey, ECPoint remotePublicKeyPoint) {
        Intrinsics.checkNotNullParameter(myKey, "myKey");
        Intrinsics.checkNotNullParameter(remotePublicKeyPoint, "remotePublicKeyPoint");
        ECDHBasicAgreement eCDHBasicAgreement = new ECDHBasicAgreement();
        BigInteger privateKey = myKey.getPrivateKey();
        ECDomainParameters eCDomainParameters = CURVE;
        eCDHBasicAgreement.init(new ECPrivateKeyParameters(privateKey, eCDomainParameters));
        BigInteger calculateAgreement = eCDHBasicAgreement.calculateAgreement(new ECPublicKeyParameters(remotePublicKeyPoint, eCDomainParameters));
        Intrinsics.checkNotNullExpressionValue(calculateAgreement, "agreement.calculateAgree…tePublicKeyPoint, CURVE))");
        return ExtensionsKt.toBytes(calculateAgreement, 32);
    }

    public final byte[] eciesDecrypt(BigInteger privateKey, ECIESEncryptedMessage message) {
        Intrinsics.checkNotNullParameter(privateKey, "privateKey");
        Intrinsics.checkNotNullParameter(message, "message");
        ECPoint ephem = CURVE.getCurve().decodePoint(message.getEphemeralPublicKey());
        Intrinsics.checkNotNullExpressionValue(ephem, "ephem");
        IESEngine makeIESEngine = makeIESEngine(false, ephem, privateKey, message.getInitialVector());
        byte[] plus = ArraysKt.plus(message.getCipher(), message.getCheckSum());
        return makeIESEngine.processBlock(plus, 0, plus.length, message.getPrefixBytes());
    }

    public final ECIESEncryptedMessage eciesEncrypt(ECPoint remotePublicKey, byte[] message) {
        Intrinsics.checkNotNullParameter(remotePublicKey, "remotePublicKey");
        Intrinsics.checkNotNullParameter(message, "message");
        byte[] bytes = ExtensionsKt.toBytes((short) (message.length + ECIES_PREFIX_SIZE));
        byte[] randomBytes = RandomHelper.INSTANCE.randomBytes(16);
        ECKey randomECKey = RandomHelper.INSTANCE.randomECKey();
        byte[] processBlock = makeIESEngine(true, remotePublicKey, randomECKey.getPrivateKey(), randomBytes).processBlock(message, 0, message.length, bytes);
        byte[] encoded = randomECKey.getPublicKeyPoint().getEncoded(false);
        Intrinsics.checkNotNullExpressionValue(encoded, "ephemPair.publicKeyPoint.getEncoded(false)");
        return new ECIESEncryptedMessage(bytes, encoded, randomBytes, ArraysKt.copyOfRange(processBlock, 0, processBlock.length - 32), ArraysKt.copyOfRange(processBlock, processBlock.length - 32, processBlock.length));
    }

    public final byte[] ellipticSign(byte[] messageToSign, BigInteger privateKey) {
        Intrinsics.checkNotNullParameter(messageToSign, "messageToSign");
        Intrinsics.checkNotNullParameter(privateKey, "privateKey");
        ECDSASigner eCDSASigner = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
        ECDomainParameters eCDomainParameters = CURVE;
        eCDSASigner.init(true, new ECPrivateKeyParameters(privateKey, eCDomainParameters));
        BigInteger[] generateSignature = eCDSASigner.generateSignature(messageToSign);
        BigInteger r = generateSignature[0];
        BigInteger s = generateSignature[1];
        if (s.compareTo(HALF_CURVE_ORDER) > 0) {
            s = eCDomainParameters.getN().subtract(s);
        }
        byte[] encoded = eCDomainParameters.getG().multiply(privateKey).getEncoded(false);
        int i = 0;
        while (true) {
            if (i >= 4) {
                i = -1;
                break;
            }
            Intrinsics.checkNotNullExpressionValue(r, "r");
            Intrinsics.checkNotNullExpressionValue(s, "s");
            byte[] recoverPubBytesFromSignature = recoverPubBytesFromSignature(i, r, s, messageToSign);
            if (recoverPubBytesFromSignature != null && Arrays.equals(recoverPubBytesFromSignature, encoded)) {
                break;
            }
            i++;
        }
        byte[] bArr = new byte[32];
        byte[] asUnsignedByteArray = BigIntegers.asUnsignedByteArray(r);
        System.arraycopy(asUnsignedByteArray, 0, bArr, 32 - asUnsignedByteArray.length, asUnsignedByteArray.length);
        byte[] bArr2 = new byte[32];
        byte[] asUnsignedByteArray2 = BigIntegers.asUnsignedByteArray(s);
        System.arraycopy(asUnsignedByteArray2, 0, bArr2, 32 - asUnsignedByteArray2.length, asUnsignedByteArray2.length);
        return ArraysKt.plus(ArraysKt.plus(bArr, bArr2), new byte[]{(byte) i});
    }

    public final ECDomainParameters getCURVE() {
        return CURVE;
    }

    public final BigInteger getHALF_CURVE_ORDER() {
        return HALF_CURVE_ORDER;
    }

    public final byte[] sha3(byte[] data) {
        Intrinsics.checkNotNullParameter(data, "data");
        MessageDigest messageDigest = MessageDigest.getInstance(HASH_256_ALGORITHM_NAME);
        messageDigest.update(data);
        byte[] digest = messageDigest.digest();
        Intrinsics.checkNotNullExpressionValue(digest, "digest.digest()");
        return digest;
    }
}
