package snowblossom.lib;

import com.google.protobuf.ByteString;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.IESParameterSpec;
import snowblossom.proto.SigSpec;
import snowblossom.proto.WalletKeyPair;
import snowblossom.util.proto.SymmetricKey;

/* loaded from: input_file:snowblossom/lib/CipherUtil.class */
public class CipherUtil {
    public static final String SYM_ENCRYPTION_MODE_0 = "AES/CBC/PKCS5PADDING";
    public static final int SYM_BLOCK_SIZE_0 = 32;
    public static final int SYM_IV_SIZE_0 = 16;

    public static ByteString encrypt(SigSpec sigSpec, ByteString byteString) throws ValidationException {
        try {
            int signatureType = sigSpec.getSignatureType();
            sigSpec.getPublicKey();
            String algo = SignatureUtil.getAlgo(signatureType);
            PublicKey decodePublicKey = SignatureUtil.decodePublicKey(sigSpec);
            if (!algo.equals("ECDSA")) {
                throw new ValidationException("Encryption not supported with " + algo);
            }
            Random random = new Random();
            byte[] bArr = new byte[16];
            byte[] bArr2 = new byte[16];
            random.nextBytes(bArr);
            random.nextBytes(bArr2);
            Cipher cipher = Cipher.getInstance("ECIES", BouncyCastleProvider.PROVIDER_NAME);
            cipher.init(1, decodePublicKey, new IESParameterSpec(bArr, bArr2, 128));
            return ByteString.copyFrom(bArr).concat(ByteString.copyFrom(bArr2)).concat(ByteString.copyFrom(cipher.doFinal(byteString.toByteArray())));
        } catch (GeneralSecurityException e) {
            throw new ValidationException(e);
        }
    }

    public static ByteString decrypt(WalletKeyPair walletKeyPair, ByteString byteString) throws ValidationException {
        try {
            String algo = SignatureUtil.getAlgo(walletKeyPair.getSignatureType());
            KeyPair decodeKeypair = KeyUtil.decodeKeypair(walletKeyPair);
            if (!algo.equals("ECDSA")) {
                throw new ValidationException("Encryption not supported with " + algo);
            }
            ByteString substring = byteString.substring(0, 16);
            ByteString substring2 = byteString.substring(16, 32);
            ByteString substring3 = byteString.substring(32);
            Cipher cipher = Cipher.getInstance("ECIES", BouncyCastleProvider.PROVIDER_NAME);
            cipher.init(2, decodeKeypair.getPrivate(), new IESParameterSpec(substring.toByteArray(), substring2.toByteArray(), 128));
            return ByteString.copyFrom(cipher.doFinal(substring3.toByteArray()));
        } catch (GeneralSecurityException e) {
            throw new ValidationException(e);
        }
    }

    public static SymmetricKey generageSymmetricKey() {
        SecureRandom secureRandom = new SecureRandom();
        SymmetricKey.Builder newBuilder = SymmetricKey.newBuilder();
        newBuilder.setAlgoSet(0);
        byte[] bArr = new byte[32];
        secureRandom.nextBytes(bArr);
        newBuilder.setKey(ByteString.copyFrom(bArr));
        byte[] bArr2 = new byte[8];
        new Random().nextBytes(bArr2);
        newBuilder.setKeyId(ByteString.copyFrom(bArr2));
        return newBuilder.build();
    }

    public static ByteString encryptSymmetric(SymmetricKey symmetricKey, ByteString byteString) throws ValidationException {
        Random random = new Random();
        try {
            if (symmetricKey.getAlgoSet() != 0) {
                throw new ValidationException("Unknown algo_set: " + symmetricKey.getAlgoSet());
            }
            byte[] bArr = new byte[16];
            random.nextBytes(bArr);
            SecretKeySpec secretKeySpec = new SecretKeySpec(symmetricKey.getKey().toByteArray(), "AES");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
            cipher.init(1, secretKeySpec, new IvParameterSpec(bArr));
            return ByteString.copyFrom(bArr).concat(ByteString.copyFrom(cipher.doFinal(byteString.toByteArray())));
        } catch (GeneralSecurityException e) {
            throw new ValidationException(e);
        }
    }

    public static ByteString encryptSymmetric(SymmetricKey symmetricKey, ByteString byteString, ByteString byteString2) throws ValidationException {
        try {
            if (symmetricKey.getAlgoSet() != 0) {
                throw new ValidationException("Unknown algo_set: " + symmetricKey.getAlgoSet());
            }
            SecretKeySpec secretKeySpec = new SecretKeySpec(symmetricKey.getKey().toByteArray(), "AES");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
            cipher.init(1, secretKeySpec, new IvParameterSpec(byteString2.toByteArray()));
            return byteString2.concat(ByteString.copyFrom(cipher.doFinal(byteString.toByteArray())));
        } catch (GeneralSecurityException e) {
            throw new ValidationException(e);
        }
    }

    public static ByteString decryptSymmetric(SymmetricKey symmetricKey, ByteString byteString) throws ValidationException {
        try {
            if (symmetricKey.getAlgoSet() != 0) {
                throw new ValidationException("Unknown algo_set: " + symmetricKey.getAlgoSet());
            }
            byte[] byteArray = byteString.substring(0, 16).toByteArray();
            SecretKeySpec secretKeySpec = new SecretKeySpec(symmetricKey.getKey().toByteArray(), "AES");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
            cipher.init(2, secretKeySpec, new IvParameterSpec(byteArray));
            return ByteString.copyFrom(cipher.doFinal(byteString.substring(16).toByteArray()));
        } catch (GeneralSecurityException e) {
            throw new ValidationException(e);
        }
    }
}
