package com.microsoft.office.lync.platform.security;

import android.content.Context;
import android.provider.Settings;
import android.telephony.TelephonyManager;
import android.text.TextUtils;
import android.util.Base64;
import com.microsoft.office.lync.proxy.enums.IDigestHelper;
import com.microsoft.office.lync.proxy.enums.NativeErrorCodes;
import com.microsoft.office.lync.tracing.Trace;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;

/* loaded from: classes.dex */
public class CryptoUtils {
    private static final String CryptoAlgorithm = "AES";
    private static final int IterationCount = 100;
    private static final String KeyDerivationAlgorithm = "PBKDF2WithHmacSHA1";
    private static final int KeyLength = 128;
    private static final String LOG_TAG = "CryptoUtils";
    private static final String RSA_ALGORITHM = "RSA";
    private static final String RandomNumberAlgorithm = "SHA1PRNG";
    private static final Charset defaultCharset = Charset.forName("UTF-8");
    private static String mSaltRoot;

    public static Digest computeDigest(String str, IDigestHelper.DigestType digestType) {
        MessageDigest messageDigest;
        byte[] bytes;
        String str2 = "";
        NativeErrorCodes nativeErrorCodes = NativeErrorCodes.S_OK;
        try {
            messageDigest = MessageDigest.getInstance(digestType.name());
            bytes = str.getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Failure while encoding digest", e);
        } catch (NoSuchAlgorithmException e2) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Invalid algorithm while computing digest", e2);
        }
        if (bytes.length > 65535) {
            return new Digest("", NativeErrorCodes.E_InvalidArgument);
        }
        messageDigest.update(bytes);
        str2 = Base64.encodeToString(messageDigest.digest(), 2);
        return new Digest(str2, nativeErrorCodes);
    }

    public static HMAC computeHMACDigest(byte[] bArr, byte[] bArr2, IDigestHelper.DigestType digestType) {
        Mac mac;
        byte[] bArr3 = null;
        NativeErrorCodes nativeErrorCodes = NativeErrorCodes.S_OK;
        if (bArr2.length > 65535) {
            return new HMAC(null, NativeErrorCodes.E_InvalidArgument);
        }
        try {
            mac = Mac.getInstance("HMAC" + digestType.name());
            mac.init(new SecretKeySpec(bArr2, mac.getAlgorithm()));
        } catch (InvalidKeyException e) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Invalid private key bytes while creating HMAC", e);
        } catch (NoSuchAlgorithmException e2) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Invalid digest algorithm while computing HMAC", e2);
        }
        if (bArr.length > 65535) {
            return new HMAC(null, NativeErrorCodes.E_InvalidArgument);
        }
        bArr3 = mac.doFinal(bArr);
        return new HMAC(bArr3, nativeErrorCodes);
    }

    public static Signature createSignature(String str, String str2, IDigestHelper.DigestType digestType) {
        byte[] decode;
        NativeErrorCodes nativeErrorCodes = NativeErrorCodes.S_OK;
        String str3 = "";
        try {
            decode = Base64.decode(str2, 2);
        } catch (InvalidKeyException e) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Invalid private key in signature creation", e);
        } catch (NoSuchAlgorithmException e2) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Invalid algorithm in signature creation", e2);
        } catch (SignatureException e3) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Failed to create signature", e3);
        } catch (InvalidKeySpecException e4) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Invalid private Key in signature creation", e4);
        }
        if (decode.length > 65535) {
            return new Signature("", NativeErrorCodes.E_InvalidArgument);
        }
        java.security.Signature signature = java.security.Signature.getInstance(digestType + "with" + RSA_ALGORITHM);
        signature.initSign(privateKeyFromBytes(decode));
        signature.update(str.getBytes());
        str3 = Base64.encodeToString(signature.sign(), 2);
        return new Signature(str3, nativeErrorCodes);
    }

    public static String decrypt(Context context, String str) {
        return decrypt(getDefaultSeed(context), str, getDefaultSalt(), defaultCharset);
    }

    public static String decrypt(Context context, String str, Charset charset) {
        return decrypt(getDefaultSeed(context), str, getDefaultSalt(), charset);
    }

    public static String decrypt(String str, String str2) {
        return decrypt(str, str2, getDefaultSalt(), defaultCharset);
    }

    private static String decrypt(String str, String str2, byte[] bArr, Charset charset) {
        if (charset == null) {
            throw new IllegalArgumentException("charset is null.");
        }
        try {
            if (!TextUtils.isEmpty(str) && !TextUtils.isEmpty(str2)) {
                return new String(decrypt(generateKey(str, bArr), Base64.decode(str2, 0)), charset);
            }
        } catch (IllegalArgumentException e) {
            Trace.e(LOG_TAG, "Invalid argument in decrypt()", e);
        } catch (InvalidKeyException e2) {
            Trace.e(LOG_TAG, "Invalid key in decrypt()", e2);
        } catch (NoSuchAlgorithmException e3) {
            Trace.e(LOG_TAG, "Invalid algorithm name in decrypt()", e3);
        } catch (InvalidKeySpecException e4) {
            Trace.e(LOG_TAG, "Invalid Key spec in decrypt()", e4);
        } catch (BadPaddingException e5) {
            Trace.e(LOG_TAG, "Base64 encoding failed in decrypt()", e5);
        } catch (IllegalBlockSizeException e6) {
            Trace.e(LOG_TAG, "Invalid Block size of cipher in decrypt()", e6);
        } catch (NoSuchPaddingException e7) {
            Trace.e(LOG_TAG, "Invalid Base64 padding in decrypt()", e7);
        }
        return "";
    }

    private static byte[] decrypt(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, CryptoAlgorithm);
        Cipher cipher = Cipher.getInstance(CryptoAlgorithm);
        cipher.init(2, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    public static String encrypt(Context context, String str) {
        return encrypt(getDefaultSeed(context), str, getDefaultSalt());
    }

    public static String encrypt(String str, String str2) {
        return encrypt(str, str2, getDefaultSalt());
    }

    private static String encrypt(String str, String str2, byte[] bArr) {
        try {
            if (!TextUtils.isEmpty(str) && !TextUtils.isEmpty(str2)) {
                return Base64.encodeToString(encrypt(generateKey(str, bArr), str2.getBytes(defaultCharset)), 0);
            }
        } catch (InvalidKeyException e) {
            Trace.e(LOG_TAG, "Invalid key in encrypt()", e);
        } catch (NoSuchAlgorithmException e2) {
            Trace.e(LOG_TAG, "Invalid algorithm name in encrypt()", e2);
        } catch (InvalidKeySpecException e3) {
            Trace.e(LOG_TAG, "Invalid Key spec in encrypt()", e3);
        } catch (BadPaddingException e4) {
            Trace.e(LOG_TAG, "Base64 encoding failed in encrypt()", e4);
        } catch (IllegalBlockSizeException e5) {
            Trace.e(LOG_TAG, "Invalid Block size of cipher in encrypt()", e5);
        } catch (NoSuchPaddingException e6) {
            Trace.e(LOG_TAG, "Invalid Base64 padding in encrypt()", e6);
        }
        return null;
    }

    private static byte[] encrypt(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, CryptoAlgorithm);
        Cipher cipher = Cipher.getInstance(CryptoAlgorithm);
        cipher.init(1, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    public static CertificateSigningRequest generateCSR(int i) {
        NativeErrorCodes nativeErrorCodes = NativeErrorCodes.S_OK;
        CertificateSigningRequest certificateSigningRequest = new CertificateSigningRequest();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA_ALGORITHM);
            keyPairGenerator.initialize(i);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            PrivateKey privateKey = genKeyPair.getPrivate();
            byte[] encoded = new JcaPKCS10CertificationRequestBuilder(new X500Principal(""), genKeyPair.getPublic()).build(new JcaContentSignerBuilder(IDigestHelper.DigestType.SHA256 + "with" + RSA_ALGORITHM).build(privateKey)).getEncoded();
            certificateSigningRequest.setPrivateKey(Base64.encodeToString(privateKey.getEncoded(), 2));
            certificateSigningRequest.setCSR(Base64.encodeToString(encoded, 2));
        } catch (IOException e) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Failed to write CSR to PEM object in CSR generation", e);
        } catch (NoSuchAlgorithmException e2) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Invalid algorithm name in CSR generation", e2);
        } catch (OperatorCreationException e3) {
            nativeErrorCodes = NativeErrorCodes.E_CryptographicError;
            Trace.e(LOG_TAG, "Failure in ContentSIgner creation in CSR generation ", e3);
        }
        certificateSigningRequest.setErrorCode(nativeErrorCodes);
        return certificateSigningRequest;
    }

    private static byte[] generateKey(String str, byte[] bArr) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return new SecretKeySpec(SecretKeyFactory.getInstance(KeyDerivationAlgorithm).generateSecret(new PBEKeySpec(str.toCharArray(), bArr, 100, 128)).getEncoded(), CryptoAlgorithm).getEncoded();
    }

    private static byte[] getDefaultSalt() {
        if (mSaltRoot == null) {
            throw new NullPointerException("mSaltRoot is null. CryptoUtils wasn't initialized properly");
        }
        File file = new File(mSaltRoot, "salt");
        byte[] bArr = null;
        if (file.exists()) {
            try {
                FileInputStream fileInputStream = new FileInputStream(file);
                bArr = new byte[16];
                fileInputStream.read(bArr);
                fileInputStream.close();
            } catch (IOException e) {
                Trace.e(LOG_TAG, "Failed to read the salt file in getDefaultSalt()", e);
            }
        } else {
            try {
                bArr = new byte[16];
                SecureRandom.getInstance(RandomNumberAlgorithm).nextBytes(bArr);
            } catch (NoSuchAlgorithmException e2) {
                Trace.e(LOG_TAG, "Invalid algorithm in getDefaultSalt()", e2);
            }
            try {
                file.getParentFile().mkdirs();
                if (!file.getParentFile().isDirectory()) {
                    Trace.e(LOG_TAG, "Could not create parent directory for salt file");
                    return null;
                }
                file.createNewFile();
                if (!file.exists()) {
                    Trace.e(LOG_TAG, "Could not create salt file");
                    return null;
                }
                FileOutputStream fileOutputStream = new FileOutputStream(file);
                fileOutputStream.write(bArr);
                fileOutputStream.flush();
                fileOutputStream.close();
            } catch (IOException e3) {
                Trace.e(LOG_TAG, e3.toString());
            }
        }
        return bArr;
    }

    private static String getDefaultSeed(Context context) {
        if (context == null) {
            throw new IllegalArgumentException("context is null.");
        }
        StringBuilder sb = new StringBuilder();
        TelephonyManager telephonyManager = (TelephonyManager) context.getSystemService("phone");
        String deviceId = telephonyManager.getDeviceId();
        if (deviceId == null) {
            deviceId = "";
        }
        sb.append(deviceId);
        String string = Settings.Secure.getString(context.getContentResolver(), "android_id");
        if (string == null) {
            string = "";
        }
        sb.append(string);
        String simSerialNumber = telephonyManager.getSimSerialNumber();
        if (simSerialNumber == null) {
            simSerialNumber = "";
        }
        sb.append(simSerialNumber);
        String subscriberId = telephonyManager.getSubscriberId();
        if (subscriberId == null) {
            subscriberId = "";
        }
        sb.append(subscriberId);
        return sb.toString();
    }

    public static void initialize(Context context) {
        if (mSaltRoot == null) {
            mSaltRoot = context.getFilesDir().getParentFile().getAbsolutePath() + File.separator + "Crypto";
        }
        Trace.i(LOG_TAG, "CryptoUtils initialized. mSaltRoot=" + mSaltRoot);
    }

    private static PrivateKey privateKeyFromBytes(byte[] bArr) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return KeyFactory.getInstance(RSA_ALGORITHM).generatePrivate(new PKCS8EncodedKeySpec(bArr));
    }
}
