package com.citi.mobile.framework.security.encryption;

import android.content.Context;
import android.util.Base64;
import com.citi.mobile.framework.common.utils.logger.Logger;
import com.citi.mobile.framework.common.utils.rx.RxEvent;
import com.citi.mobile.framework.common.utils.rx.RxEventBus;
import com.citi.mobile.framework.e2e.constants.E2EConstant;
import com.citi.mobile.framework.network.utils.NetworkConstant;
import com.citi.mobile.framework.security.certs.models.CertConfig;
import com.citi.mobile.framework.security.encryption.helpers.EncryptionAES256Helper;
import com.citi.mobile.framework.security.utils.Constants;
import com.citi.mobile.framework.session.base.ISessionManager;
import com.citi.mobile.framework.storage.base.IKeyValueStore;
import dagger.Lazy;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.json.JSONException;
import org.json.JSONObject;
import runtime.Strings.StringIndexer;

/* loaded from: classes3.dex */
public class EncryptionAES256ManagerImpl implements EncryptionAES256Manager {
    private static final String CHAR_SET_UTF8 = "UTF-8";
    private byte[] aesKey;
    private String aesKeyHexString;
    private String checkDigit;
    private String clientRandomNumber;
    private String ivHexString;
    private byte[] ivNumber;
    private CertConfig mCertConfig;
    private String mDoubleEncryptionType;
    private IKeyValueStore mIKeyValueStore;
    private boolean mIsDemoApp;
    Lazy<ISessionManager> mSessionManager;
    private String oldSrvRandomNumber;
    private String srvRandomNumber;

    public EncryptionAES256ManagerImpl(CertConfig certConfig, Lazy<ISessionManager> lazy, String str, boolean z, IKeyValueStore iKeyValueStore) {
        this.mCertConfig = certConfig;
        this.mSessionManager = lazy;
        this.mDoubleEncryptionType = str;
        this.mIsDemoApp = z;
        this.mIKeyValueStore = iKeyValueStore;
    }

    private boolean checkEligibilityFlag(String str) {
        try {
            JSONObject blockingGet = this.mIKeyValueStore.retrieveJSONObject(Constants.Certs.KEY_PINNING_CERTS, new JSONObject()).blockingGet();
            if (blockingGet != null && blockingGet.has(str)) {
                JSONObject jSONObject = blockingGet.getJSONArray(str).getJSONObject(0);
                if (jSONObject.has(Constants.Certs.HOST_ELIGIBLE)) {
                    return jSONObject.getBoolean(Constants.Certs.HOST_ELIGIBLE);
                }
            }
        } catch (JSONException e) {
            Logger.e("checkEligibilityFlag JSONException " + e.getMessage(), new Object[0]);
        }
        return false;
    }

    private String getEventId() {
        String _getString = this.mSessionManager.get().getGlobalProfile().getItem(NetworkConstant.ProxyNGAAuth.EVENT_ID) != null ? (String) this.mSessionManager.get().getGlobalProfile().getItem(NetworkConstant.ProxyNGAAuth.EVENT_ID) : StringIndexer._getString("3844");
        Logger.d("event id for field level encryption " + _getString, new Object[0]);
        return _getString;
    }

    private String getPasswordToEncrypt(Context context, String str, String str2) {
        Logger.d("input - " + str, new Object[0]);
        Logger.d("doubleEncryptionType - " + str2, new Object[0]);
        if (str2.equalsIgnoreCase(Constants.E2EDoubleEncryptionType.RSAEncryptUpperCasePwd.name())) {
            return this.ivHexString + getEventId() + ",b" + EncryptionAES256Helper.encrypRSA(context, "", str.toUpperCase().getBytes(), this.mCertConfig, checkEligibilityFlag(Constants.Key.CERT_E2E));
        }
        if (!str2.equalsIgnoreCase(Constants.E2EDoubleEncryptionType.RSAEncryptEventIdCsTypePwd.name())) {
            return this.ivHexString + getEventId() + "b" + str;
        }
        return this.ivHexString + EncryptionAES256Helper.encrypRSA(context, "", (getEventId() + ",b" + str).getBytes(), this.mCertConfig, checkEligibilityFlag(Constants.Key.CERT_E2E));
    }

    private void notifyHybridAboutE2EChange() {
        HashMap hashMap = new HashMap();
        Map<String, String> aESKeyDetails = getAESKeyDetails();
        hashMap.put(E2EConstant.Key.IV_NUMBER, aESKeyDetails.get(E2EConstant.Key.IV_NUMBER));
        hashMap.put("aesKey", aESKeyDetails.get("aesKey"));
        hashMap.put(E2EConstant.Key.SRV_RAN_NO, aESKeyDetails.get(E2EConstant.Key.SRV_RAN_NO));
        RxEventBus.getInstance().publish(new RxEvent(E2EConstant.RxEventNames.NATIVE_E2E_DETAILS_CHANGED, 121, hashMap));
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public void clearE2EDetails() {
        this.srvRandomNumber = "";
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String decrypt(String str) {
        if (this.mIsDemoApp) {
            return str;
        }
        if (str == null || str.equalsIgnoreCase("") || str.equalsIgnoreCase("null")) {
            return null;
        }
        try {
            return EncryptionAES256Helper.decryptData(str, this.aesKey, this.ivNumber);
        } catch (Exception e) {
            this.mSessionManager.get().getGlobalProfile().setItem(Constants.LoggerKeys.EXCEPTION_LOGS, str + "=====" + e.toString());
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String decryptActPass(String str) {
        String substring = str.substring(0, 32);
        String substring2 = str.substring(32, 96);
        try {
            String decryptInitData = EncryptionAES256Helper.decryptInitData(str.substring(96), EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), EncryptionAES256Helper.hexStringToByteArray(substring));
            if (!EncryptionAES256Helper.getHMAC256Hash(decryptInitData.getBytes("UTF-8"), this.aesKeyHexString).equalsIgnoreCase(substring2)) {
                return null;
            }
            String substring3 = decryptInitData.substring(0, 32);
            String substring4 = decryptInitData.substring(32, 64);
            String substring5 = decryptInitData.substring(64, 96);
            String substring6 = decryptInitData.substring(96);
            if (!substring3.equalsIgnoreCase(this.clientRandomNumber) || !substring5.equalsIgnoreCase(this.oldSrvRandomNumber)) {
                return null;
            }
            this.srvRandomNumber = substring4;
            notifyHybridAboutE2EChange();
            return substring6;
        } catch (Exception unused) {
            Logger.e("Error while decryptActPass", new Object[0]);
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public JSONObject decryptE2EDetails(JSONObject jSONObject) {
        String str;
        String decryptInitData;
        String _getString = StringIndexer._getString("3845");
        String optString = jSONObject.optString("srv_ran");
        String optString2 = jSONObject.optString("screenwise_eli");
        String optString3 = jSONObject.optString("isE2EApplicable");
        String optString4 = jSONObject.optString("srv_exptime");
        String optString5 = jSONObject.optString("whitelist");
        String optString6 = jSONObject.optString("fedChallengCode");
        String str2 = "";
        if (optString != null) {
            try {
                if (!optString.equalsIgnoreCase("") && !optString.equalsIgnoreCase("null")) {
                    str = "decrypt_fedChallengeCode";
                    decryptInitData = EncryptionAES256Helper.decryptInitData(optString, EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), this.ivNumber);
                    this.srvRandomNumber = decryptInitData;
                    String decryptInitData2 = (optString2 != null || optString2.equalsIgnoreCase("") || optString2.equalsIgnoreCase("null")) ? "" : EncryptionAES256Helper.decryptInitData(optString2, EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), this.ivNumber);
                    String decryptInitData3 = (optString3 != null || optString3.equalsIgnoreCase("") || optString3.equalsIgnoreCase("null")) ? "" : EncryptionAES256Helper.decryptInitData(optString3, EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), this.ivNumber);
                    String optimiseServerExpiryTime = (optString4 != null || optString4.equalsIgnoreCase("") || optString4.equalsIgnoreCase("null")) ? "" : EncryptionAES256Helper.optimiseServerExpiryTime(EncryptionAES256Helper.decryptInitData(optString4, EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), this.ivNumber));
                    String decryptInitData4 = (optString5 != null || optString5.equalsIgnoreCase("") || optString5.equalsIgnoreCase("null")) ? "" : EncryptionAES256Helper.decryptInitData(optString5, EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), this.ivNumber);
                    if (optString6 != null && !optString6.equalsIgnoreCase("") && !optString6.equalsIgnoreCase("null")) {
                        str2 = EncryptionAES256Helper.decryptInitData(optString6, EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), this.ivNumber);
                    }
                    JSONObject jSONObject2 = new JSONObject();
                    jSONObject2.put("decrypt_srv_ran", decryptInitData);
                    jSONObject2.put("decrypt_screenwise_eli", decryptInitData2);
                    jSONObject2.put("decrypt_isE2EApplicable", decryptInitData3);
                    jSONObject2.put("decrypt_srv_exptime", optimiseServerExpiryTime);
                    jSONObject2.put(_getString, decryptInitData4);
                    String str3 = str;
                    jSONObject2.put(str3, str2);
                    Logger.d("decrypt_srv_ran" + decryptInitData, new Object[0]);
                    Logger.d("decrypt_screenwise_eli" + decryptInitData2, new Object[0]);
                    Logger.d("decrypt_isE2EApplicable" + decryptInitData3, new Object[0]);
                    Logger.d("decrypt_srv_exptime" + optimiseServerExpiryTime, new Object[0]);
                    Logger.d(_getString + decryptInitData4, new Object[0]);
                    Logger.d(str3 + str2, new Object[0]);
                    return jSONObject2;
                }
            } catch (Exception unused) {
                return null;
            }
        }
        str = "decrypt_fedChallengeCode";
        decryptInitData = "";
        if (optString2 != null) {
        }
        if (optString3 != null) {
        }
        if (optString4 != null) {
        }
        if (optString5 != null) {
        }
        if (optString6 != null) {
            str2 = EncryptionAES256Helper.decryptInitData(optString6, EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), this.ivNumber);
        }
        JSONObject jSONObject22 = new JSONObject();
        jSONObject22.put("decrypt_srv_ran", decryptInitData);
        jSONObject22.put("decrypt_screenwise_eli", decryptInitData2);
        jSONObject22.put("decrypt_isE2EApplicable", decryptInitData3);
        jSONObject22.put("decrypt_srv_exptime", optimiseServerExpiryTime);
        jSONObject22.put(_getString, decryptInitData4);
        String str32 = str;
        jSONObject22.put(str32, str2);
        Logger.d("decrypt_srv_ran" + decryptInitData, new Object[0]);
        Logger.d("decrypt_screenwise_eli" + decryptInitData2, new Object[0]);
        Logger.d("decrypt_isE2EApplicable" + decryptInitData3, new Object[0]);
        Logger.d("decrypt_srv_exptime" + optimiseServerExpiryTime, new Object[0]);
        Logger.d(_getString + decryptInitData4, new Object[0]);
        Logger.d(str32 + str2, new Object[0]);
        return jSONObject22;
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String doubleEncrypt(Context context, String str) {
        try {
            if (this.mIsDemoApp) {
                return str;
            }
            String passwordToEncrypt = getPasswordToEncrypt(context, str, this.mDoubleEncryptionType);
            Logger.d("passwordToEncrypt - " + passwordToEncrypt, new Object[0]);
            return EncryptionAES256Helper.getCCPEncryptedString(passwordToEncrypt, this.aesKey, this.ivNumber);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String doubleEncrypt(Context context, String str, String str2) {
        try {
            if (this.mIsDemoApp) {
                return str;
            }
            String passwordToEncrypt = getPasswordToEncrypt(context, str, str2);
            Logger.d("passwordToEncrypt - " + passwordToEncrypt, new Object[0]);
            return EncryptionAES256Helper.getCCPEncryptedString(passwordToEncrypt, this.aesKey, this.ivNumber);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String encrypt(String str) {
        try {
            return EncryptionAES256Helper.encryptData(str.getBytes(), EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), this.ivNumber);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String encryptApiProxyData(Context context, String str) {
        return EncryptionAES256Helper.encryptApiProxy(context, str, this.mCertConfig, checkEligibilityFlag("api"));
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String encryptFieldData(String str, String str2, Context context) {
        String encodeToString = Base64.encodeToString(str2.getBytes(), 0);
        String str3 = EncryptionAES256Helper.generateRandomString(32) + str;
        try {
            return str.contains(",a") ? EncryptionAES256Helper.encrypRSA(context, str3, EncryptionAES256Helper.hexDecode(new String(Base64.decode(encodeToString, 0))), this.mCertConfig, checkEligibilityFlag(Constants.Key.CERT_E2E)) : EncryptionAES256Helper.encrypRSA(context, str3, Base64.decode(encodeToString, 0), this.mCertConfig, checkEligibilityFlag(Constants.Key.CERT_E2E));
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String encryptFormdata(String str) {
        Logger.d("Encrypting M63Core formdata aesKeyHexString:" + this.aesKeyHexString + " srvRandomNumber:" + this.srvRandomNumber, new Object[0]);
        this.clientRandomNumber = EncryptionAES256Helper.generateRandomString(32);
        byte[] bArr = new byte[0];
        try {
            byte[] bytes = (this.clientRandomNumber + this.srvRandomNumber).getBytes("UTF-8");
            byte[] decode = Base64.decode(str, 0);
            bArr = new byte[bytes.length + decode.length];
            System.arraycopy(bytes, 0, bArr, 0, bytes.length);
            System.arraycopy(decode, 0, bArr, bytes.length, decode.length);
        } catch (Exception e) {
            e.printStackTrace();
        }
        this.oldSrvRandomNumber = this.srvRandomNumber;
        try {
            return EncryptionAES256Helper.byteArrayToHexString(this.ivNumber) + EncryptionAES256Helper.getHMAC256Hash(bArr, this.aesKeyHexString) + EncryptionAES256Helper.encryptData(bArr, EncryptionAES256Helper.hexStringToByteArray(this.aesKeyHexString), this.ivNumber);
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String encryptNGAFieldData(String str, String str2) {
        try {
            return this.mIsDemoApp ? str : EncryptionAES256Helper.getCCPEncryptedString(this.ivHexString + getEventId() + str2 + str, this.aesKey, this.ivNumber);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public JSONObject generateAESKey(Context context) {
        String _getString = StringIndexer._getString("3846");
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(E2EConstant.Value.ALGO_AES);
            keyGenerator.init(256);
            SecretKey generateKey = keyGenerator.generateKey();
            this.checkDigit = getCheckDigit(generateKey);
            this.aesKey = generateKey.getEncoded();
            this.ivNumber = EncryptionAES256Helper.generateRandomNum();
            this.aesKeyHexString = EncryptionAES256Helper.byteArrayToHexString(this.aesKey);
            this.ivHexString = EncryptionAES256Helper.byteArrayToHexString(this.ivNumber);
            String str = this.ivHexString + EncryptionAES256Helper.encrypRSA(context, _getString, this.aesKey, this.mCertConfig, checkEligibilityFlag(Constants.Key.CERT_E2E));
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("encryptedKey", str);
            jSONObject.put(E2EConstant.Key.CHECK_DIGIT, this.checkDigit);
            jSONObject.put(E2EConstant.Key.ALGO, E2EConstant.Value.ALGO_AES);
            jSONObject.put(E2EConstant.Key.PUBLIC_KEY_IDENTIFIER, _getString);
            this.mSessionManager.get().getGlobalProfile().setItem("aesKey", this.aesKeyHexString);
            this.mSessionManager.get().getGlobalProfile().setItem(Constants.LoggerKeys.IV_VALUE, this.ivHexString);
            return jSONObject;
        } catch (JSONException | Exception unused) {
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public String getAESDecryptedString(String str) {
        String substring = str.substring(0, 32);
        str.substring(32, 96);
        try {
            return EncryptionAES256Helper.decryptString(str.substring(96), this.aesKey, EncryptionAES256Helper.hexStringToByteArray(substring));
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public Map<String, String> getAESKeyDetails() {
        HashMap hashMap = new HashMap();
        hashMap.put(E2EConstant.Key.IV_NUMBER, Base64.encodeToString(this.ivNumber, 0));
        hashMap.put("aesKey", this.aesKeyHexString);
        hashMap.put(E2EConstant.Key.SRV_RAN_NO, this.srvRandomNumber);
        return hashMap;
    }

    public String getCheckDigit(SecretKey secretKey) throws Exception {
        Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
        cipher.init(1, secretKey, new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}));
        return EncryptionAES256Helper.hexEncode(cipher.doFinal(new byte[]{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0})).substring(0, 6);
    }

    @Override // com.citi.mobile.framework.security.encryption.EncryptionAES256Manager
    public void setAESKeyDetails(Map map) {
        try {
            this.ivNumber = Base64.decode(String.valueOf(map.get(E2EConstant.Key.IV_NUMBER)), 0);
            this.aesKeyHexString = String.valueOf(map.get("aesKey"));
            this.srvRandomNumber = String.valueOf(map.get("decrypt_srv_ran"));
            Logger.d("Setting M63Core e2e params from BAU: aesKeyHexString:" + this.aesKeyHexString + " srvRandomNumber:" + this.srvRandomNumber, new Object[0]);
        } catch (Exception unused) {
            Logger.e("Error while accessing aeskeydetails", new Object[0]);
        }
    }
}
