package com.citibank.mobile.domain_common.common.plugin;

import android.content.Context;
import android.util.Base64;
import com.citi.mobile.framework.common.error.ApplicationException;
import com.citi.mobile.framework.common.utils.logger.Logger;
import com.citi.mobile.framework.content.utils.ContentConstant;
import com.citi.mobile.framework.security.certs.models.CertConfig;
import com.citi.mobile.framework.security.encryption.helpers.EncryptionAES256Helper;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import javax.crypto.Cipher;
import runtime.Strings.StringIndexer;

/* loaded from: classes4.dex */
public class RSAHelper {
    public static String encrypRSA(Context context, String str, byte[] bArr, CertConfig certConfig, boolean z) {
        String str2;
        PublicKey publicKey;
        try {
            if (certConfig.isEncryptionCertificateEnabled() && z) {
                Logger.d("cert service | getting e2e cert from db", new Object[0]);
                if (certConfig.getE2ECertConfig().getE2ECertFromCache() == null) {
                    Logger.e("E2E cerificate to encypt not available in CertConfig", new Object[0]);
                    throw new ApplicationException("E2E cerificate to encypt not available in CertConfig");
                }
                publicKey = processEncodedCert(certConfig.getE2ECertConfig().getE2ECertFromCache()).getPublicKey();
            } else {
                Logger.d("cert service | getting e2e cert from bundle", new Object[0]);
                InputStream open = context.getAssets().open("www/cert/e2e_cert.cer");
                BufferedInputStream bufferedInputStream = new BufferedInputStream(open);
                PublicKey publicKey2 = CertificateFactory.getInstance("X.509").generateCertificate(bufferedInputStream).getPublicKey();
                bufferedInputStream.close();
                open.close();
                publicKey = publicKey2;
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, publicKey);
            str2 = EncryptionAES256Helper.hexEncode(cipher.doFinal(bArr));
        } catch (Exception e) {
            Logger.e("Exception while encrypRSA" + e, new Object[0]);
            str2 = "";
        }
        return str + str2;
    }

    public static String encryptApiProxy(Context context, String str, CertConfig certConfig, boolean z) {
        PublicKey publicKey;
        try {
            if (certConfig.isEncryptionCertificateEnabled() && z) {
                Logger.e("encryptApiProxy :::: API cerificate", new Object[0]);
                if (certConfig.getApiCertConfig().getApiCertFromCache() == null) {
                    Logger.e("API cerificate to encypt not available in CertConfig", new Object[0]);
                    throw new ApplicationException("API cerificate to encypt not available in CertConfig");
                }
                publicKey = processEncodedCert(certConfig.getApiCertConfig().getApiCertFromCache()).getPublicKey();
            } else {
                publicKey = CertificateFactory.getInstance("X.509").generateCertificate(new BufferedInputStream(context.getAssets().open("www/cert/ApiProxy.der"))).getPublicKey();
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
            cipher.init(1, publicKey);
            return RSAPlugin.byteArrayToHexString(cipher.doFinal(RSAPlugin.hexStringToByteArray(String.format("%1$-16s", str).replace(' ', 'F'))));
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public static String encryptApiProxyWithThalesPadding(Context context, String str, CertConfig certConfig) {
        PublicKey publicKey;
        String _getString = StringIndexer._getString("6147");
        try {
            if (certConfig.isEncryptionCertificateEnabled()) {
                if (certConfig.isEnabledInRule() && certConfig.isEnabledInWebConfig()) {
                    Logger.e("Cert service :::: API cerificate", new Object[0]);
                    if (certConfig.getApiCertConfig().getApiCertFromCache() == null) {
                        Logger.e(_getString, new Object[0]);
                        throw new ApplicationException(_getString);
                    }
                    publicKey = processEncodedCert(certConfig.getApiCertConfig().getApiCertFromCache()).getPublicKey();
                }
                publicKey = CertificateFactory.getInstance("X.509").generateCertificate(new BufferedInputStream(context.getAssets().open("www/cert/ApiProxy.der"))).getPublicKey();
            } else {
                publicKey = CertificateFactory.getInstance("X.509").generateCertificate(new BufferedInputStream(context.getAssets().open("www/cert/ApiProxy.der"))).getPublicKey();
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
            cipher.init(1, publicKey);
            return RSAPlugin.byteArrayToHexString(cipher.doFinal(RSAPlugin.hexStringToByteArray(getThalesPaddedNumber(str))));
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public static String getThalesPaddedNumber(String str) {
        String hexString = Long.toHexString(System.currentTimeMillis());
        String str2 = ContentConstant.DynamicDrupalContent.ONE + str.length() + str;
        return str2 + hexString.substring(0, 16 - str2.length());
    }

    private static Certificate processEncodedCert(String str) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str, 0));
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                byteArrayInputStream.close();
                return generateCertificate;
            } finally {
            }
        } catch (Exception unused) {
            Logger.e("Exception while processEncodedCert", new Object[0]);
            return null;
        }
    }
}
