package com.okta.android.security.keys;

import android.text.TextUtils;
import android.util.Base64;
import com.okta.lib.android.common.utilities.CommonUtil;
import java.io.ByteArrayInputStream;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.inject.Inject;
import org.spongycastle.pqc.math.linearalgebra.Matrix;

/* loaded from: classes2.dex */
public class KeyUtils {
    private static final Character[] BASE_64_CHARS;
    private static final Set<Character> BASE_64_CHAR_SET;
    private static final int BASE_64_FLAG = 0;
    public static final String BEGIN_STRING = "-----BEGIN CERTIFICATE-----";
    private static final String DEFAULT_CHARSET = "UTF-8";
    public static final String END_STRING = "-----END CERTIFICATE-----";
    public static final String RSA_ALGORITHM_NAME = "RSA";
    private final CommonUtil commonUtil;

    static {
        Character[] chArr = {'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', Character.valueOf(Matrix.MATRIX_TYPE_RANDOM_LT), 'M', 'N', 'O', 'P', 'Q', Character.valueOf(Matrix.MATRIX_TYPE_RANDOM_REGULAR), 'S', 'T', Character.valueOf(Matrix.MATRIX_TYPE_RANDOM_UT), 'V', 'W', 'X', 'Y', Character.valueOf(Matrix.MATRIX_TYPE_ZERO), 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'};
        BASE_64_CHARS = chArr;
        BASE_64_CHAR_SET = new HashSet(Arrays.asList(chArr));
    }

    @Inject
    public KeyUtils(CommonUtil commonUtil) {
        this.commonUtil = commonUtil;
    }

    public X509Certificate bytesToCert(byte[] bArr) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    public PrivateKey bytesToPrivateKey(String str, byte[] bArr) throws GeneralSecurityException {
        return KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(bArr));
    }

    public PublicKey bytesToPublicKey(String str, byte[] bArr) throws GeneralSecurityException {
        return KeyFactory.getInstance(str).generatePublic(new X509EncodedKeySpec(bArr));
    }

    public byte[] decodeBase64(String str) {
        return Base64.decode(str, 0);
    }

    public byte[] decodeBase64(byte[] bArr) {
        return Base64.decode(bArr, 0);
    }

    public byte[] decrypt(byte[] bArr, SecretKey secretKey) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        int blockSize = cipher.getBlockSize();
        byte[] bArr2 = new byte[blockSize];
        System.arraycopy(bArr, 0, bArr2, 0, blockSize);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
        int length = bArr.length - blockSize;
        byte[] bArr3 = new byte[length];
        System.arraycopy(bArr, blockSize, bArr3, 0, length);
        return decrypt(bArr3, ivParameterSpec, cipher, secretKey);
    }

    public byte[] decrypt(byte[] bArr, IvParameterSpec ivParameterSpec, Cipher cipher, SecretKey secretKey) throws GeneralSecurityException {
        cipher.init(2, secretKey, ivParameterSpec);
        return cipher.doFinal(bArr);
    }

    public String encodeBase64(byte[] bArr) {
        return Base64.encodeToString(bArr, 0);
    }

    public String encodeToCharset(byte[] bArr, String str) {
        if (bArr != null) {
            return new String(bArr, Charset.forName(str));
        }
        throw new IllegalArgumentException("Null parameter");
    }

    public String encodeToDefaultCharset(String str) {
        if (TextUtils.isEmpty(str)) {
            throw new IllegalArgumentException();
        }
        return encodeToDefaultCharset(str.getBytes());
    }

    public String encodeToDefaultCharset(byte[] bArr) {
        return encodeToCharset(bArr, "UTF-8");
    }

    public byte[] encrypt(byte[] bArr, SecretKey secretKey) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(1, secretKey);
        byte[] iv = cipher.getIV();
        byte[] doFinal = cipher.doFinal(bArr);
        byte[] bArr2 = new byte[iv.length + doFinal.length];
        System.arraycopy(iv, 0, bArr2, 0, iv.length);
        System.arraycopy(doFinal, 0, bArr2, iv.length, doFinal.length);
        return bArr2;
    }

    public String getBase64String(String str) {
        for (char c : str.toCharArray()) {
            if (!BASE_64_CHAR_SET.contains(Character.valueOf(c))) {
                str = str.replace(Character.toString(c), "");
            }
        }
        return str.length() % 4 == 1 ? str.substring(0, str.length() - 1) : str;
    }

    public String parseKeyPairGeneratorAlgorithm(String str) {
        str.hashCode();
        return !str.equals("EC") ? (str.equals("DSA") && this.commonUtil.isApiLevelHighEnough(19) && !this.commonUtil.isApiLevelHighEnough(23)) ? "DSA" : "RSA" : this.commonUtil.isApiLevelHighEnough(23) ? "EC" : "RSA";
    }

    public String privateKeyToString(String str, PrivateKey privateKey) throws GeneralSecurityException {
        byte[] encoded = ((PKCS8EncodedKeySpec) KeyFactory.getInstance(str).getKeySpec(privateKey, PKCS8EncodedKeySpec.class)).getEncoded();
        String encodeToString = Base64.encodeToString(encoded, 0);
        Arrays.fill(encoded, (byte) 0);
        return encodeToString;
    }

    public String publicKeyToString(String str, PublicKey publicKey) throws GeneralSecurityException {
        return Base64.encodeToString(((X509EncodedKeySpec) KeyFactory.getInstance(str).getKeySpec(publicKey, X509EncodedKeySpec.class)).getEncoded(), 0);
    }

    public X509Certificate stringToCert(String str) throws CertificateException {
        return bytesToCert(Base64.decode(str.replace(BEGIN_STRING, "").replace(END_STRING, "").replace("\n", "").replace("\r", ""), 0));
    }

    public PrivateKey stringToPrivateKey(String str, String str2) throws GeneralSecurityException {
        return bytesToPrivateKey(str, Base64.decode(str2, 0));
    }

    public PublicKey stringToPublicKey(String str, String str2) throws GeneralSecurityException {
        return bytesToPublicKey(str, Base64.decode(str2, 0));
    }

    public List<X509Certificate> stringsToCerts(List<String> list) throws CertificateException {
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(stringToCert(it.next()));
        }
        return arrayList;
    }
}
