package io.horizontalsystems.hdwalletkit;

import com.esaulpaugh.headlong.rlp.KeyValuePair;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.Arrays;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
import org.bouncycastle.math.ec.ECAlgorithms;
import org.bouncycastle.math.ec.ECFieldElement;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.math.ec.custom.sec.SecP256K1Curve;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: classes4.dex */
public class ECKey {
    private static final String BITCOIN_SIGNED_MESSAGE_HEADER = "Bitcoin Signed Message:\n";
    public static final BigInteger HALF_CURVE_ORDER;
    public static final ECDomainParameters ecParams;
    private static final SecureRandom secureRandom;
    private long creationTime;
    private boolean isChange;
    private boolean isCompressed;
    private String label;
    private BigInteger privKey;
    private byte[] pubKey;
    private byte[] pubKeyHash;
    private byte[] scriptHash;

    static {
        X9ECParameters byName = CustomNamedCurves.getByName(KeyValuePair.SECP256K1);
        ecParams = new ECDomainParameters(byName.getCurve(), byName.getG(), byName.getN(), byName.getH());
        HALF_CURVE_ORDER = byName.getN().shiftRight(1);
        secureRandom = new SecureRandom();
    }

    public ECKey() {
        this.label = "";
        ECKeyPairGenerator eCKeyPairGenerator = new ECKeyPairGenerator();
        eCKeyPairGenerator.init(new ECKeyGenerationParameters(ecParams, secureRandom));
        AsymmetricCipherKeyPair generateKeyPair = eCKeyPairGenerator.generateKeyPair();
        ECPrivateKeyParameters eCPrivateKeyParameters = (ECPrivateKeyParameters) generateKeyPair.getPrivate();
        ECPublicKeyParameters eCPublicKeyParameters = (ECPublicKeyParameters) generateKeyPair.getPublic();
        this.privKey = eCPrivateKeyParameters.getD();
        this.pubKey = eCPublicKeyParameters.getQ().getEncoded(true);
        this.creationTime = System.currentTimeMillis() / 1000;
        this.isCompressed = true;
    }

    public ECKey(BigInteger bigInteger, boolean z) {
        this(null, bigInteger, z);
    }

    public ECKey(byte[] bArr) {
        this(bArr, null, false);
    }

    public ECKey(byte[] bArr, BigInteger bigInteger, boolean z) {
        this.label = "";
        this.privKey = bigInteger;
        if (bArr != null) {
            this.pubKey = Arrays.copyOfRange(bArr, 0, bArr.length);
            this.isCompressed = bArr.length == 33;
        } else {
            if (bigInteger == null) {
                throw new IllegalArgumentException("You must provide at least a private key or a public key");
            }
            this.pubKey = pubKeyFromPrivKey(bigInteger, z);
            this.isCompressed = z;
        }
        this.creationTime = System.currentTimeMillis() / 1000;
    }

    private static ECPoint decompressKey(BigInteger bigInteger, boolean z) {
        SecP256K1Curve secP256K1Curve = (SecP256K1Curve) ecParams.getCurve();
        ECFieldElement fromBigInteger = secP256K1Curve.fromBigInteger(bigInteger);
        ECFieldElement sqrt = fromBigInteger.multiply(fromBigInteger.square().add(secP256K1Curve.getA())).add(secP256K1Curve.getB()).sqrt();
        if (sqrt == null) {
            throw new IllegalArgumentException("Invalid point compression");
        }
        BigInteger bigInteger2 = sqrt.toBigInteger();
        if (bigInteger2.testBit(0) == z) {
            return secP256K1Curve.createPoint(fromBigInteger.toBigInteger(), bigInteger2);
        }
        return secP256K1Curve.createPoint(fromBigInteger.toBigInteger(), secP256K1Curve.fromBigInteger(secP256K1Curve.getQ().subtract(bigInteger2)).toBigInteger());
    }

    public static boolean isPubKeyCanonical(byte[] bArr) {
        if (bArr.length < 33) {
            return false;
        }
        return bArr[0] == 4 ? bArr.length == 65 : (bArr[0] == 2 || bArr[0] == 3) && bArr.length == 33;
    }

    public static boolean isSignatureCanonical(byte[] bArr) {
        int i;
        int i2;
        int i3;
        if (bArr.length < 2 || bArr[0] != 48 || (bArr[1] & 128) != 0 || 4 > (i = (bArr[1] & Byte.MAX_VALUE) + 2) || bArr[2] != 2 || (bArr[3] & 128) != 0 || (i2 = (bArr[3] & Byte.MAX_VALUE) + 2 + 2) > i) {
            return false;
        }
        if ((bArr[4] == 0 && (bArr[5] & 128) == 0) || (i3 = i2 + 2) > i || bArr[i2] != 2) {
            return false;
        }
        int i4 = i2 + 1;
        if ((bArr[i4] & 128) != 0) {
            return false;
        }
        int i5 = bArr[i4] & Byte.MAX_VALUE;
        if (i2 + i5 + 2 > i) {
            return false;
        }
        return !(bArr[i3] == 0 && (bArr[i2 + 3] & 128) == 0) && i2 + (i5 + 2) == bArr.length - 1;
    }

    public static byte[] pubKeyFromPrivKey(BigInteger bigInteger, boolean z) {
        return pubKeyPointFromPrivKey(bigInteger).getEncoded(z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECPoint pubKeyPointFromPrivKey(BigInteger bigInteger) {
        int bitLength = bigInteger.bitLength();
        ECDomainParameters eCDomainParameters = ecParams;
        if (bitLength > eCDomainParameters.getN().bitLength()) {
            bigInteger = bigInteger.mod(eCDomainParameters.getN());
        }
        return eCDomainParameters.getG().multiply(bigInteger);
    }

    private static ECKey recoverFromSignature(int i, ECDSASignature eCDSASignature, BigInteger bigInteger, boolean z) {
        ECDomainParameters eCDomainParameters = ecParams;
        BigInteger n = eCDomainParameters.getN();
        BigInteger add = eCDSASignature.getR().add(BigInteger.valueOf(i / 2).multiply(n));
        if (add.compareTo(((SecP256K1Curve) eCDomainParameters.getCurve()).getQ()) >= 0) {
            return null;
        }
        ECPoint decompressKey = decompressKey(add, (i & 1) == 1);
        if (!decompressKey.multiply(n).isInfinity()) {
            return null;
        }
        BigInteger mod = BigInteger.ZERO.subtract(bigInteger).mod(n);
        BigInteger modInverse = eCDSASignature.getR().modInverse(n);
        return new ECKey(ECAlgorithms.sumOfTwoMultiplies(eCDomainParameters.getG(), modInverse.multiply(mod).mod(n), decompressKey, modInverse.multiply(eCDSASignature.getS()).mod(n)).getEncoded(z));
    }

    public ECDSASignature createECDSASignature(byte[] bArr) throws ECException {
        if (this.privKey == null) {
            throw new IllegalStateException("No private key available");
        }
        byte[] doubleDigest = Utils.doubleDigest(bArr);
        try {
            ECDSASigner eCDSASigner = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
            BigInteger bigInteger = this.privKey;
            ECDomainParameters eCDomainParameters = ecParams;
            eCDSASigner.init(true, new ECPrivateKeyParameters(bigInteger, eCDomainParameters));
            BigInteger[] generateSignature = eCDSASigner.generateSignature(doubleDigest);
            if (generateSignature[1].compareTo(HALF_CURVE_ORDER) > 0) {
                generateSignature[1] = eCDomainParameters.getN().subtract(generateSignature[1]);
            }
            return new ECDSASignature(generateSignature[0], generateSignature[1]);
        } catch (RuntimeException e) {
            throw new ECException("Exception while creating signature", e);
        }
    }

    public byte[] createSignature(byte[] bArr) throws ECException {
        return createECDSASignature(bArr).encodeToDER();
    }

    public boolean equals(Object obj) {
        return obj != null && (obj instanceof ECKey) && Arrays.equals(this.pubKey, ((ECKey) obj).pubKey);
    }

    public long getCreationTime() {
        return this.creationTime;
    }

    public String getLabel() {
        return this.label;
    }

    public BigInteger getPrivKey() {
        return this.privKey;
    }

    public byte[] getPrivKeyBytes() {
        BigInteger bigInteger = this.privKey;
        if (bigInteger != null) {
            return bigInteger.toByteArray();
        }
        return null;
    }

    public byte[] getPubKey() {
        return this.pubKey;
    }

    public byte[] getPubKeyHash() {
        if (this.pubKeyHash == null) {
            this.pubKeyHash = Utils.sha256Hash160(this.pubKey);
        }
        return this.pubKeyHash;
    }

    public boolean hasPrivKey() {
        return this.privKey != null;
    }

    public int hashCode() {
        return Arrays.hashCode(this.pubKey);
    }

    public boolean isChange() {
        return this.isChange;
    }

    public boolean isCompressed() {
        return this.isCompressed;
    }

    public void setChange(boolean z) {
        this.isChange = z;
    }

    public void setCreationTime(long j) {
        this.creationTime = j;
    }

    public void setLabel(String str) {
        this.label = str;
    }

    public String signMessage(String str) throws ECException {
        int i;
        if (this.privKey == null) {
            throw new IllegalStateException("No private key available");
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(str.length() * 2);
            try {
                byte[] bytes = BITCOIN_SIGNED_MESSAGE_HEADER.getBytes(StandardCharsets.UTF_8);
                byteArrayOutputStream.write(Utils.encode(bytes.length));
                byteArrayOutputStream.write(bytes);
                byte[] bytes2 = str.getBytes(StandardCharsets.UTF_8);
                byteArrayOutputStream.write(Utils.encode(bytes2.length));
                byteArrayOutputStream.write(bytes2);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                ECDSASignature createECDSASignature = createECDSASignature(byteArray);
                BigInteger bigInteger = new BigInteger(1, Utils.doubleDigest(byteArray));
                int i2 = 0;
                while (true) {
                    i = 4;
                    if (i2 >= 4) {
                        i2 = -1;
                        break;
                    }
                    ECKey recoverFromSignature = recoverFromSignature(i2, createECDSASignature, bigInteger, isCompressed());
                    if (recoverFromSignature != null && Arrays.equals(recoverFromSignature.getPubKey(), this.pubKey)) {
                        break;
                    }
                    i2++;
                }
                if (i2 == -1) {
                    throw new ECException("Unable to recover public key from signature");
                }
                int i3 = i2 + 27;
                if (!isCompressed()) {
                    i = 0;
                }
                byte[] bArr = new byte[65];
                bArr[0] = (byte) (i3 + i);
                System.arraycopy(Utils.bigIntegerToBytes(createECDSASignature.getR(), 32), 0, bArr, 1, 32);
                System.arraycopy(Utils.bigIntegerToBytes(createECDSASignature.getS(), 32), 0, bArr, 33, 32);
                return new String(Base64.encode(bArr), StandardCharsets.UTF_8);
            } finally {
            }
        } catch (IOException e) {
            throw new IllegalStateException("Unexpected IOException", e);
        }
    }

    public boolean verifySignature(byte[] bArr, byte[] bArr2) throws ECException {
        byte[] bArr3;
        ECDSASignature eCDSASignature = new ECDSASignature(bArr2);
        if (bArr != null) {
            bArr3 = Utils.doubleDigest(bArr);
        } else {
            bArr3 = new byte[32];
            bArr3[0] = 1;
        }
        try {
            ECDSASigner eCDSASigner = new ECDSASigner();
            ECDomainParameters eCDomainParameters = ecParams;
            eCDSASigner.init(false, new ECPublicKeyParameters(eCDomainParameters.getCurve().decodePoint(this.pubKey), eCDomainParameters));
            return eCDSASigner.verifySignature(bArr3, eCDSASignature.getR(), eCDSASignature.getS());
        } catch (RuntimeException e) {
            throw new ECException("Exception while verifying signature: " + e.getMessage());
        }
    }
}
