package com.citi.mobile.framework.security.encryption;

import android.content.Context;
import android.text.TextUtils;
import android.util.Base64;
import com.citi.mobile.framework.common.utils.logger.Logger;
import com.citi.mobile.framework.common.utils.rx.RxEvent;
import com.citi.mobile.framework.common.utils.rx.RxEventBus;
import com.citi.mobile.framework.e2e.constants.E2EConstant;
import com.citi.mobile.framework.security.certs.models.CertConfig;
import com.citi.mobile.framework.security.encryption.helpers.EncryptionHelper;
import com.citi.mobile.framework.security.utils.Constants;
import com.citi.mobile.framework.storage.base.IKeyValueStore;
import com.google.gson.Gson;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import java.util.zip.GZIPOutputStream;
import javax.crypto.KeyGenerator;
import org.json.JSONException;
import org.json.JSONObject;
import runtime.Strings.StringIndexer;

/* loaded from: classes3.dex */
public class EncryptionManagerImpl implements EncryptionManager {
    private static final String CHAR_SET_UTF8 = "UTF-8";
    private String aesKey;
    private String clientRandomNumber;
    private byte[] ivNumber;
    private CertConfig mCertConfig;
    private IKeyValueStore mIKeyValueStore;
    private String oldSrvRandomNumber;
    private String srvRandomNumber;

    /* renamed from: com.citi.mobile.framework.security.encryption.EncryptionManagerImpl$1, reason: invalid class name */
    /* loaded from: classes3.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$citi$mobile$framework$security$utils$Constants$CheckSumImplType;

        static {
            int[] iArr = new int[Constants.CheckSumImplType.values().length];
            $SwitchMap$com$citi$mobile$framework$security$utils$Constants$CheckSumImplType = iArr;
            try {
                iArr[Constants.CheckSumImplType.RAW.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$citi$mobile$framework$security$utils$Constants$CheckSumImplType[Constants.CheckSumImplType.FORM_ENCRYPTION.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$citi$mobile$framework$security$utils$Constants$CheckSumImplType[Constants.CheckSumImplType.DOUBLE_ENCRYPTION.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    public EncryptionManagerImpl(CertConfig certConfig, IKeyValueStore iKeyValueStore) {
        this.mCertConfig = certConfig;
        this.mIKeyValueStore = iKeyValueStore;
    }

    private boolean checkEligibilityFlag(String str) {
        try {
            JSONObject blockingGet = this.mIKeyValueStore.retrieveJSONObject(Constants.Certs.KEY_PINNING_CERTS, new JSONObject()).blockingGet();
            if (blockingGet != null && blockingGet.has(str)) {
                JSONObject jSONObject = blockingGet.getJSONArray(str).getJSONObject(0);
                if (jSONObject.has(Constants.Certs.HOST_ELIGIBLE)) {
                    return jSONObject.getBoolean(Constants.Certs.HOST_ELIGIBLE);
                }
            }
        } catch (JSONException e) {
            Logger.e("checkEligibilityFlag JSONException " + e.getMessage(), new Object[0]);
        }
        return false;
    }

    private String getDoubleEncryptedChecksumFromNative(Context context, String str, String str2) {
        String sHA256Checksum = EncryptionHelper.getSHA256Checksum(encrypt(encryptFormdata(encryptFieldData(",b", str2, context))).getBytes(StandardCharsets.UTF_8), getSaltForChecksum(str));
        Logger.d("double encrypt checksum - " + sHA256Checksum, new Object[0]);
        return sHA256Checksum;
    }

    private String getFormEncryptedChecksumFromNative(String str, String str2) {
        String sHA256Checksum = EncryptionHelper.getSHA256Checksum(encrypt(encryptFormdata(str2)).getBytes(StandardCharsets.UTF_8), getSaltForChecksum(str));
        Logger.d("form encrypt checksum - " + sHA256Checksum, new Object[0]);
        return sHA256Checksum;
    }

    private String getRawChecksumFromNative(String str, String str2) {
        String sHA256Checksum = EncryptionHelper.getSHA256Checksum(str2.getBytes(StandardCharsets.UTF_8), getSaltForChecksum(str));
        Logger.d("raw checksum - " + sHA256Checksum, new Object[0]);
        return sHA256Checksum;
    }

    private String getSaltForChecksum(String str) {
        return str;
    }

    private void notifyHybridAboutE2EChange() {
        HashMap hashMap = new HashMap();
        Map<String, String> aESKeyDetails = getAESKeyDetails();
        hashMap.put(E2EConstant.Key.IV_NUMBER, aESKeyDetails.get(E2EConstant.Key.IV_NUMBER));
        hashMap.put("aesKey", aESKeyDetails.get("aesKey"));
        hashMap.put(E2EConstant.Key.SRV_RAN_NO, aESKeyDetails.get(E2EConstant.Key.SRV_RAN_NO));
        RxEventBus.getInstance().publish(new RxEvent(E2EConstant.RxEventNames.NATIVE_E2E_DETAILS_CHANGED, 121, hashMap));
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public void clearE2EDetails() {
        this.srvRandomNumber = "";
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String compressGZIP(String str) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(str.length());
            GZIPOutputStream gZIPOutputStream = new GZIPOutputStream(byteArrayOutputStream);
            gZIPOutputStream.write(str.getBytes());
            gZIPOutputStream.close();
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            byteArrayOutputStream.close();
            return Base64.encodeToString(byteArray, 2);
        } catch (IOException e) {
            Logger.e(e.getMessage(), new Object[0]);
            return "";
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String decrypt(String str) {
        if (str == null || str.equalsIgnoreCase("") || str.equalsIgnoreCase("null")) {
            return null;
        }
        try {
            return EncryptionHelper.decryptInitData(str, EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String decryptAESGCMNoPadding(String str, byte[] bArr, byte[] bArr2) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        try {
            return EncryptionHelper.decryptAESGCMNoPaddingData(str, EncryptionHelper.hexStringToByteArray(this.aesKey), bArr, bArr2);
        } catch (Exception e) {
            Logger.e("decryptAESGCMNoPadding exception" + e.getMessage(), new Object[0]);
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String decryptActPass(String str) {
        return decryptActPass(str, Boolean.TRUE.booleanValue());
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String decryptActPass(String str, boolean z) {
        String substring = str.substring(0, 32);
        String substring2 = str.substring(32, 96);
        try {
            String decryptInitData = EncryptionHelper.decryptInitData(str.substring(96), EncryptionHelper.hexStringToByteArray(this.aesKey), EncryptionHelper.hexStringToByteArray(substring));
            if (!EncryptionHelper.getHMAC256Hash(decryptInitData.getBytes("UTF-8"), this.aesKey).equalsIgnoreCase(substring2)) {
                return null;
            }
            String substring3 = decryptInitData.substring(0, 32);
            String substring4 = decryptInitData.substring(32, 64);
            String substring5 = decryptInitData.substring(64, 96);
            String substring6 = decryptInitData.substring(96);
            if (!z) {
                return substring6;
            }
            if (!substring3.equalsIgnoreCase(this.clientRandomNumber) || !substring5.equalsIgnoreCase(this.oldSrvRandomNumber)) {
                return null;
            }
            this.srvRandomNumber = substring4;
            notifyHybridAboutE2EChange();
            return substring6;
        } catch (Exception unused) {
            Logger.e(StringIndexer._getString("3833"), new Object[0]);
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public JSONObject decryptE2EDetails(JSONObject jSONObject) {
        String str;
        String decryptInitData;
        String optString = jSONObject.optString("srv_ran");
        String optString2 = jSONObject.optString("screenwise_eli");
        String optString3 = jSONObject.optString("isE2EApplicable");
        String optString4 = jSONObject.optString("srv_exptime");
        String optString5 = jSONObject.optString("whitelist");
        String optString6 = jSONObject.optString("fedChallengCode");
        String str2 = "";
        if (optString != null) {
            try {
                if (!optString.equalsIgnoreCase("") && !optString.equalsIgnoreCase("null")) {
                    str = "decrypt_fedChallengeCode";
                    decryptInitData = EncryptionHelper.decryptInitData(optString, EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber);
                    this.srvRandomNumber = decryptInitData;
                    String decryptInitData2 = (optString2 != null || optString2.equalsIgnoreCase("") || optString2.equalsIgnoreCase("null")) ? "" : EncryptionHelper.decryptInitData(optString2, EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber);
                    String decryptInitData3 = (optString3 != null || optString3.equalsIgnoreCase("") || optString3.equalsIgnoreCase("null")) ? "" : EncryptionHelper.decryptInitData(optString3, EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber);
                    String optimiseServerExpiryTime = (optString4 != null || optString4.equalsIgnoreCase("") || optString4.equalsIgnoreCase("null")) ? "" : EncryptionHelper.optimiseServerExpiryTime(EncryptionHelper.decryptInitData(optString4, EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber));
                    String decryptInitData4 = (optString5 != null || optString5.equalsIgnoreCase("") || optString5.equalsIgnoreCase("null")) ? "" : EncryptionHelper.decryptInitData(optString5, EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber);
                    if (optString6 != null && !optString6.equalsIgnoreCase("") && !optString6.equalsIgnoreCase("null")) {
                        str2 = EncryptionHelper.decryptInitData(optString6, EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber);
                    }
                    JSONObject jSONObject2 = new JSONObject();
                    jSONObject2.put("decrypt_srv_ran", decryptInitData);
                    jSONObject2.put("decrypt_screenwise_eli", decryptInitData2);
                    jSONObject2.put("decrypt_isE2EApplicable", decryptInitData3);
                    jSONObject2.put("decrypt_srv_exptime", optimiseServerExpiryTime);
                    jSONObject2.put("decrypt_whitelist", decryptInitData4);
                    String str3 = str;
                    jSONObject2.put(str3, str2);
                    Logger.d("decrypt_srv_ran" + decryptInitData, new Object[0]);
                    Logger.d("decrypt_screenwise_eli" + decryptInitData2, new Object[0]);
                    Logger.d("decrypt_isE2EApplicable" + decryptInitData3, new Object[0]);
                    Logger.d("decrypt_srv_exptime" + optimiseServerExpiryTime, new Object[0]);
                    Logger.d("decrypt_whitelist" + decryptInitData4, new Object[0]);
                    Logger.d(str3 + str2, new Object[0]);
                    return jSONObject2;
                }
            } catch (Exception unused) {
                return null;
            }
        }
        str = "decrypt_fedChallengeCode";
        decryptInitData = "";
        if (optString2 != null) {
        }
        if (optString3 != null) {
        }
        if (optString4 != null) {
        }
        if (optString5 != null) {
        }
        if (optString6 != null) {
            str2 = EncryptionHelper.decryptInitData(optString6, EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber);
        }
        JSONObject jSONObject22 = new JSONObject();
        jSONObject22.put("decrypt_srv_ran", decryptInitData);
        jSONObject22.put("decrypt_screenwise_eli", decryptInitData2);
        jSONObject22.put("decrypt_isE2EApplicable", decryptInitData3);
        jSONObject22.put("decrypt_srv_exptime", optimiseServerExpiryTime);
        jSONObject22.put("decrypt_whitelist", decryptInitData4);
        String str32 = str;
        jSONObject22.put(str32, str2);
        Logger.d("decrypt_srv_ran" + decryptInitData, new Object[0]);
        Logger.d("decrypt_screenwise_eli" + decryptInitData2, new Object[0]);
        Logger.d("decrypt_isE2EApplicable" + decryptInitData3, new Object[0]);
        Logger.d("decrypt_srv_exptime" + optimiseServerExpiryTime, new Object[0]);
        Logger.d("decrypt_whitelist" + decryptInitData4, new Object[0]);
        Logger.d(str32 + str2, new Object[0]);
        return jSONObject22;
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String encrypt(String str) {
        try {
            return EncryptionHelper.encryptData(str.getBytes(), EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String encryptApiProxyData(Context context, String str) {
        return EncryptionHelper.encryptApiProxy(context, str, this.mCertConfig, checkEligibilityFlag("api"));
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String encryptFieldData(String str, String str2, Context context) {
        String encodeToString = Base64.encodeToString(str2.getBytes(), 0);
        String str3 = EncryptionHelper.generateRandomString(32) + str;
        try {
            return str.contains(",a") ? EncryptionHelper.encrypRSA(context, str3, EncryptionHelper.hexDecode(new String(Base64.decode(encodeToString, 0))), this.mCertConfig, checkEligibilityFlag(Constants.Key.CERT_E2E)) : EncryptionHelper.encrypRSA(context, str3, Base64.decode(encodeToString, 0), this.mCertConfig, checkEligibilityFlag(Constants.Key.CERT_E2E));
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String encryptFormdata(String str) {
        Logger.d("Encrypting M63Core formdata aesKey:" + this.aesKey + " srvRandomNumber:" + this.srvRandomNumber, new Object[0]);
        this.clientRandomNumber = EncryptionHelper.generateRandomString(32);
        byte[] bArr = new byte[0];
        try {
            byte[] bytes = (this.clientRandomNumber + this.srvRandomNumber).getBytes(StringIndexer._getString("3834"));
            byte[] decode = Base64.decode(str, 0);
            bArr = new byte[bytes.length + decode.length];
            System.arraycopy(bytes, 0, bArr, 0, bytes.length);
            System.arraycopy(decode, 0, bArr, bytes.length, decode.length);
        } catch (Exception e) {
            e.printStackTrace();
        }
        this.oldSrvRandomNumber = this.srvRandomNumber;
        try {
            return EncryptionHelper.byteArrayToHexString(this.ivNumber) + EncryptionHelper.getHMAC256Hash(bArr, this.aesKey) + EncryptionHelper.encryptData(bArr, EncryptionHelper.hexStringToByteArray(this.aesKey), this.ivNumber);
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public JSONObject generateAESKey(Context context) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(E2EConstant.Value.ALGO_AES);
            keyGenerator.init(128);
            this.aesKey = EncryptionHelper.byteArrayToHexString(keyGenerator.generateKey().getEncoded());
            this.ivNumber = EncryptionHelper.generateRandomNum();
            String encrypRSA = EncryptionHelper.encrypRSA(context, "", ("c" + this.aesKey).getBytes(), this.mCertConfig, checkEligibilityFlag(Constants.Key.CERT_E2E));
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(E2EConstant.Key.ENCRYPTED_AES_KEY, EncryptionHelper.byteArrayToHexString(this.ivNumber) + ",c" + encrypRSA);
            return jSONObject;
        } catch (NoSuchAlgorithmException | JSONException unused) {
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public Map<String, String> getAESKeyDetails() {
        HashMap hashMap = new HashMap();
        hashMap.put(E2EConstant.Key.IV_NUMBER, Base64.encodeToString(this.ivNumber, 0));
        hashMap.put("aesKey", this.aesKey);
        hashMap.put(E2EConstant.Key.SRV_RAN_NO, this.srvRandomNumber);
        return hashMap;
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String getClientDetails(Map<String, String> map) {
        String json = new Gson().toJson(map);
        if (TextUtils.isEmpty(json)) {
            return null;
        }
        return compressGZIP(json);
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String getMessageChecksum(Context context, String str, String str2, Constants.CheckSumImplType checkSumImplType) {
        Logger.d("checksum salt - " + str, new Object[0]);
        Logger.d("checksum message - " + str2, new Object[0]);
        int i = AnonymousClass1.$SwitchMap$com$citi$mobile$framework$security$utils$Constants$CheckSumImplType[checkSumImplType.ordinal()];
        if (i == 1) {
            return getRawChecksumFromNative(str, str2);
        }
        if (i == 2) {
            return getFormEncryptedChecksumFromNative(str, str2);
        }
        if (i != 3) {
            return null;
        }
        return getDoubleEncryptedChecksumFromNative(context, str, str2);
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public String getSerialNumberFromCert(String str) {
        X509Certificate x509Certificate;
        if (TextUtils.isEmpty(str) || (x509Certificate = (X509Certificate) EncryptionHelper.processEncodedCert(str)) == null) {
            return null;
        }
        String bigInteger = new BigInteger(x509Certificate.getSerialNumber().toString()).toString(16);
        Logger.d("cert service | serialNumber - " + bigInteger.toUpperCase(), new Object[0]);
        return bigInteger.toUpperCase();
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public int optimiseServerExpiryTime(int i) {
        return EncryptionHelper.optimiseServerExpiryTime(i);
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionManager
    public void setAESKeyDetails(Map map) {
        try {
            this.ivNumber = Base64.decode(String.valueOf(map.get(E2EConstant.Key.IV_NUMBER)), 0);
            this.aesKey = String.valueOf(map.get("aesKey"));
            this.srvRandomNumber = String.valueOf(map.get("decrypt_srv_ran"));
            Logger.d("Setting M63Core e2e params from BAU: aesKey:" + this.aesKey + " srvRandomNumber:" + this.srvRandomNumber, new Object[0]);
        } catch (Exception unused) {
            Logger.e("Error while accessing aeskeydetails", new Object[0]);
        }
    }
}
