package ru.forwardmobile.tforwardpayment.security;

import android.content.Context;
import android.util.Base64;
import android.util.Log;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
import org.bouncycastle.asn1.pkcs.RSAPublicKey;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.crypto.AsymmetricBlockCipher;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;

/* loaded from: classes.dex */
public class CryptEngineImpl implements ICryptEngine {
    private final AsymmetricBlockCipher cipher;
    private final MD5Digest digest;
    private final RSAPrivateCrtKeyParameters privateRsaKey;
    private final RSAKeyParameters publicRsaKey;

    public CryptEngineImpl(Context context) throws Exception {
        IKeyStorage keyStorage = KeyStorageFactory.getKeyStorage(context);
        Log.v("TFORWARD.CryptEngineImpl", "Decoding public key...");
        byte[] decode = Base64.decode(keyStorage.getKey(IKeyStorage.PUBLIC_KEY_TYPE), 0);
        Log.v("TFORWARD.CryptEngineImpl", "Decoding ASN1 Structure");
        ASN1InputStream aSN1InputStream = new ASN1InputStream(decode);
        try {
            Log.v("TFORWARD.CryptEngineImpl", "Reading ASN1 Sequence");
            ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1InputStream.readObject();
            aSN1InputStream.close();
            Log.v("TFORWARD.CryptEngineImpl", "Creating certificate. " + aSN1Sequence.size());
            RSAPublicKey rSAPublicKey = RSAPublicKey.getInstance(Certificate.getInstance(aSN1Sequence).getSubjectPublicKeyInfo().parsePublicKey());
            this.publicRsaKey = new RSAKeyParameters(false, rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent());
            aSN1InputStream = new ASN1InputStream(Base64.decode(keyStorage.getKey(IKeyStorage.SECRET_KEY_TYPE), 0));
            try {
                ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1InputStream.readObject();
                aSN1InputStream.close();
                RSAPrivateKey rSAPrivateKey = RSAPrivateKey.getInstance(aSN1Sequence2);
                this.privateRsaKey = new RSAPrivateCrtKeyParameters(rSAPrivateKey.getModulus(), rSAPrivateKey.getPublicExponent(), rSAPrivateKey.getPrivateExponent(), rSAPrivateKey.getPrime1(), rSAPrivateKey.getPrime2(), rSAPrivateKey.getExponent1(), rSAPrivateKey.getExponent2(), rSAPrivateKey.getCoefficient());
                RSAEngine rSAEngine = new RSAEngine();
                this.digest = new MD5Digest();
                this.cipher = new PKCS1Encoding(rSAEngine);
            } finally {
            }
        } finally {
        }
    }

    private boolean compareFromTheEnd(byte[] bArr, byte[] bArr2) {
        int i;
        int i2;
        int length = bArr.length - 1;
        int length2 = bArr2.length - 1;
        if (length == -1) {
            return length2 == -1;
        }
        if (length2 == -1) {
            return length == -1;
        }
        do {
            i = length2;
            i2 = length;
            if (i2 == -1 || i == -1) {
                return true;
            }
            length = i2 - 1;
            length2 = i - 1;
        } while (bArr[i2] == bArr2[i]);
        return false;
    }

    @Override // ru.forwardmobile.tforwardpayment.security.ICryptEngine
    public synchronized String generateSignature(String str) throws Exception {
        return generateSignature(str.getBytes());
    }

    @Override // ru.forwardmobile.tforwardpayment.security.ICryptEngine
    public synchronized String generateSignature(byte[] bArr) throws Exception {
        byte[] encoded;
        try {
            this.digest.reset();
            this.cipher.init(true, this.privateRsaKey);
            this.digest.update(bArr, 0, bArr.length);
            byte[] bArr2 = new byte[this.digest.getDigestSize()];
            this.digest.doFinal(bArr2, 0);
            encoded = new DigestInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5, (ASN1Encodable) null), bArr2).getEncoded(ASN1Encoding.DER);
        } catch (Exception e) {
            throw new Exception("Ошибка создания подписи:\n" + e.getMessage());
        }
        return new String(org.bouncycastle.util.encoders.Base64.encode(this.cipher.processBlock(encoded, 0, encoded.length)));
    }

    @Override // ru.forwardmobile.tforwardpayment.security.ICryptEngine
    public synchronized void verifySignature(byte[] bArr, byte[] bArr2) throws Exception {
        try {
            this.digest.reset();
            this.cipher.init(false, this.publicRsaKey);
            this.digest.update(bArr, 0, bArr.length);
            byte[] bArr3 = new byte[this.digest.getDigestSize()];
            this.digest.doFinal(bArr3, 0);
            new DigestInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5, (ASN1Encodable) null), bArr3).getEncoded(ASN1Encoding.DER);
            byte[] decode = org.bouncycastle.util.encoders.Base64.decode(bArr2);
            byte[] processBlock = this.cipher.processBlock(decode, 0, decode.length);
            if (processBlock == null || processBlock.length < bArr3.length) {
                throw new Exception("Invalid signature (1)!");
            }
            if (!compareFromTheEnd(bArr3, processBlock)) {
                throw new Exception("Invalid signature (2)!");
            }
        } catch (Exception e) {
            throw new Exception("Error checking signature:\n" + e.getMessage());
        }
    }
}
