package org.mozilla.gecko.browserid;

import com.huawei.hms.mlkit.common.ha.d;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import org.mozilla.gecko.sync.ExtendedJSONObject;
import org.mozilla.gecko.sync.NonObjectJSONException;

/* loaded from: classes2.dex */
public class RSACryptoImplementation {
    protected static final int SERIALIZATION_BASE = 10;
    public static final String SIGNATURE_ALGORITHM = "SHA256withRSA";

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes2.dex */
    public static class RSASigningPrivateKey implements SigningPrivateKey {
        protected final RSAPrivateKey privateKey;

        public RSASigningPrivateKey(RSAPrivateKey rSAPrivateKey) {
            this.privateKey = rSAPrivateKey;
        }

        @Override // org.mozilla.gecko.browserid.SigningPrivateKey
        public String getAlgorithm() {
            return "RS" + ((this.privateKey.getModulus().bitLength() + 7) / 8);
        }

        @Override // org.mozilla.gecko.browserid.SigningPrivateKey
        public byte[] signMessage(byte[] bArr) throws GeneralSecurityException {
            Signature signature = Signature.getInstance(RSACryptoImplementation.SIGNATURE_ALGORITHM);
            signature.initSign(this.privateKey);
            signature.update(bArr);
            return signature.sign();
        }

        @Override // org.mozilla.gecko.browserid.SigningPrivateKey
        public ExtendedJSONObject toJSONObject() {
            ExtendedJSONObject extendedJSONObject = new ExtendedJSONObject();
            extendedJSONObject.put("algorithm", "RS");
            extendedJSONObject.put("n", this.privateKey.getModulus().toString(10));
            extendedJSONObject.put(d.a, this.privateKey.getPrivateExponent().toString(10));
            return extendedJSONObject;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes2.dex */
    public static class RSAVerifyingPublicKey implements VerifyingPublicKey {
        protected final RSAPublicKey publicKey;

        public RSAVerifyingPublicKey(RSAPublicKey rSAPublicKey) {
            this.publicKey = rSAPublicKey;
        }

        @Override // org.mozilla.gecko.browserid.VerifyingPublicKey
        public ExtendedJSONObject toJSONObject() {
            ExtendedJSONObject extendedJSONObject = new ExtendedJSONObject();
            extendedJSONObject.put("algorithm", "RS");
            extendedJSONObject.put("n", this.publicKey.getModulus().toString(10));
            extendedJSONObject.put("e", this.publicKey.getPublicExponent().toString(10));
            return extendedJSONObject;
        }

        @Override // org.mozilla.gecko.browserid.VerifyingPublicKey
        public boolean verifyMessage(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
            Signature signature = Signature.getInstance(RSACryptoImplementation.SIGNATURE_ALGORITHM);
            signature.initVerify(this.publicKey);
            signature.update(bArr);
            return signature.verify(bArr2);
        }
    }

    public static SigningPrivateKey createPrivateKey(BigInteger bigInteger, BigInteger bigInteger2) throws NoSuchAlgorithmException, InvalidKeySpecException {
        if (bigInteger == null) {
            throw new IllegalArgumentException("n must not be null");
        }
        if (bigInteger2 != null) {
            return new RSASigningPrivateKey((RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateKeySpec(bigInteger, bigInteger2)));
        }
        throw new IllegalArgumentException("d must not be null");
    }

    public static SigningPrivateKey createPrivateKey(ExtendedJSONObject extendedJSONObject) throws InvalidKeySpecException, NoSuchAlgorithmException {
        String string = extendedJSONObject.getString("algorithm");
        if ("RS".equals(string)) {
            try {
                return createPrivateKey(new BigInteger(extendedJSONObject.getString("n"), 10), new BigInteger(extendedJSONObject.getString(d.a), 10));
            } catch (NullPointerException | NumberFormatException unused) {
                throw new InvalidKeySpecException("n and d must be integers encoded as strings, base 10");
            }
        }
        throw new InvalidKeySpecException("algorithm must equal RS, was " + string);
    }

    public static VerifyingPublicKey createPublicKey(BigInteger bigInteger, BigInteger bigInteger2) throws NoSuchAlgorithmException, InvalidKeySpecException {
        if (bigInteger == null) {
            throw new IllegalArgumentException("n must not be null");
        }
        if (bigInteger2 != null) {
            return new RSAVerifyingPublicKey((RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(bigInteger, bigInteger2)));
        }
        throw new IllegalArgumentException("e must not be null");
    }

    public static VerifyingPublicKey createPublicKey(ExtendedJSONObject extendedJSONObject) throws InvalidKeySpecException, NoSuchAlgorithmException {
        String string = extendedJSONObject.getString("algorithm");
        if ("RS".equals(string)) {
            try {
                return createPublicKey(new BigInteger(extendedJSONObject.getString("n"), 10), new BigInteger(extendedJSONObject.getString("e"), 10));
            } catch (NullPointerException | NumberFormatException unused) {
                throw new InvalidKeySpecException("n and e must be integers encoded as strings, base 10");
            }
        }
        throw new InvalidKeySpecException("algorithm must equal RS, was " + string);
    }

    public static BrowserIDKeyPair fromJSONObject(ExtendedJSONObject extendedJSONObject) throws InvalidKeySpecException, NoSuchAlgorithmException {
        try {
            ExtendedJSONObject object = extendedJSONObject.getObject(BrowserIDKeyPair.JSON_KEY_PRIVATEKEY);
            ExtendedJSONObject object2 = extendedJSONObject.getObject(BrowserIDKeyPair.JSON_KEY_PUBLICKEY);
            if (object == null) {
                throw new InvalidKeySpecException("privateKey must not be null");
            }
            if (object2 != null) {
                return new BrowserIDKeyPair(createPrivateKey(object), createPublicKey(object2));
            }
            throw new InvalidKeySpecException("publicKey must not be null");
        } catch (NonObjectJSONException unused) {
            throw new InvalidKeySpecException("privateKey and publicKey must be JSON objects");
        }
    }

    public static BrowserIDKeyPair generateKeyPair(int i) throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(i);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        return new BrowserIDKeyPair(new RSASigningPrivateKey((RSAPrivateKey) generateKeyPair.getPrivate()), new RSAVerifyingPublicKey((RSAPublicKey) generateKeyPair.getPublic()));
    }
}
