package io.mosip.kernel.clientcrypto.service.impl;

import io.mosip.kernel.clientcrypto.constant.ClientCryptoErrorConstants;
import io.mosip.kernel.clientcrypto.exception.ClientCryptoException;
import io.mosip.kernel.clientcrypto.service.spi.ClientCryptoService;
import io.mosip.kernel.core.logger.spi.Logger;
import io.mosip.kernel.keymanagerservice.logger.KeymanagerLogger;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.validation.constraints.NotNull;

/* loaded from: input_file:io/mosip/kernel/clientcrypto/service/impl/AndroidClientCryptoServiceImpl.class */
public class AndroidClientCryptoServiceImpl implements ClientCryptoService {
    private static final Logger LOGGER = KeymanagerLogger.getLogger(AndroidClientCryptoServiceImpl.class);
    private static final String ALGORITHM = "RSA";
    private static final String SIGN_ALGORITHM = "SHA256withRSA";
    private static final String ASYMMETRIC_ALGORITHM = "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING";
    private static final String ASYMMETRIC_ALGO_MD = "SHA-256";
    private static final String ASYMMETRIC_ALGO_MGF = "MGF1";

    @Override // io.mosip.kernel.clientcrypto.service.spi.ClientCryptoService
    public byte[] signData(@NotNull byte[] bArr) throws ClientCryptoException {
        return new byte[0];
    }

    @Override // io.mosip.kernel.clientcrypto.service.spi.ClientCryptoService
    public boolean validateSignature(@NotNull byte[] bArr, @NotNull byte[] bArr2) throws ClientCryptoException {
        return validateSignature(getSigningPublicPart(), bArr, bArr2);
    }

    @Override // io.mosip.kernel.clientcrypto.service.spi.ClientCryptoService
    public byte[] asymmetricEncrypt(@NotNull byte[] bArr) throws ClientCryptoException {
        return new byte[0];
    }

    @Override // io.mosip.kernel.clientcrypto.service.spi.ClientCryptoService
    public byte[] asymmetricDecrypt(@NotNull byte[] bArr) throws ClientCryptoException {
        return asymmetricEncrypt(getEncryptionPublicPart(), bArr);
    }

    @Override // io.mosip.kernel.clientcrypto.service.spi.ClientCryptoService
    public byte[] getSigningPublicPart() {
        return new byte[0];
    }

    @Override // io.mosip.kernel.clientcrypto.service.spi.ClientCryptoService
    public void closeSecurityInstance() throws ClientCryptoException {
    }

    @Override // io.mosip.kernel.clientcrypto.service.spi.ClientCryptoService
    public boolean isTPMInstance() {
        return false;
    }

    @Override // io.mosip.kernel.clientcrypto.service.spi.ClientCryptoService
    public byte[] getEncryptionPublicPart() {
        return new byte[0];
    }

    public static boolean validateSignature(byte[] bArr, byte[] bArr2, byte[] bArr3) throws ClientCryptoException {
        LOGGER.debug("AndroidClientSecurity validate signature invoked");
        try {
            PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr));
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initVerify(generatePublic);
            signature.update(bArr3);
            return signature.verify(bArr2);
        } catch (Exception e) {
            throw new ClientCryptoException(ClientCryptoErrorConstants.CRYPTO_FAILED.getErrorCode(), ClientCryptoErrorConstants.CRYPTO_FAILED.getErrorMessage(), e);
        }
    }

    public static byte[] asymmetricEncrypt(byte[] bArr, byte[] bArr2) throws ClientCryptoException {
        LOGGER.debug("AndroidClientSecurity asymmetricEncrypt invoked");
        try {
            PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr));
            Cipher cipher = Cipher.getInstance(ASYMMETRIC_ALGORITHM);
            cipher.init(1, generatePublic, new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
            return cipher.doFinal(bArr2);
        } catch (Exception e) {
            throw new ClientCryptoException(ClientCryptoErrorConstants.CRYPTO_FAILED.getErrorCode(), ClientCryptoErrorConstants.CRYPTO_FAILED.getErrorMessage(), e);
        }
    }
}
