package com.citi.mobile.framework.security.encryption.helpers;

import android.content.Context;
import android.text.TextUtils;
import com.citi.mobile.framework.common.error.ApplicationException;
import com.citi.mobile.framework.common.utils.logger.Logger;
import com.citi.mobile.framework.security.certs.models.CertConfig;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import runtime.Strings.StringIndexer;

/* loaded from: classes3.dex */
public class EncryptionHelper {
    private static final String AES_KEY = "AES";
    private static final String CHAR_SET_UTF8 = "UTF-8";
    private static final String E2EENCRYPTION_PADDING = "AES/CBC/PKCS7Padding";
    private static final String ENCRYPTION_AES_GCM_NO_PADDING = "AES/GCM/NoPadding";
    private static final char[] hexArray = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};

    public static String byteArrayToHexString(byte[] bArr) {
        char[] cArr = new char[bArr.length * 2];
        for (int i = 0; i < bArr.length; i++) {
            int i2 = bArr[i] & 255;
            int i3 = i * 2;
            char[] cArr2 = hexArray;
            cArr[i3] = cArr2[i2 >>> 4];
            cArr[i3 + 1] = cArr2[i2 & 15];
        }
        return new String(cArr);
    }

    public static String decryptAESGCMNoPaddingData(String str, byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        byte[] decodeBase64 = Base64.decodeBase64(str.getBytes("UTF-8"));
        Cipher cipher = Cipher.getInstance(ENCRYPTION_AES_GCM_NO_PADDING);
        cipher.init(2, new SecretKeySpec(bArr, StringIndexer._getString("3850")), new IvParameterSpec(bArr2));
        cipher.updateAAD(bArr3);
        return new String(cipher.doFinal(decodeBase64)).trim();
    }

    public static String decryptInitData(String str, byte[] bArr, byte[] bArr2) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        byte[] decodeBase64 = Base64.decodeBase64(str.getBytes("UTF-8"));
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
        cipher.init(2, new SecretKeySpec(bArr, "AES"), new IvParameterSpec(bArr2));
        return new String(cipher.doFinal(decodeBase64), "UTF-8").trim();
    }

    public static String encrypRSA(Context context, String str, byte[] bArr, CertConfig certConfig, boolean z) {
        String str2;
        PublicKey publicKey;
        try {
            if (certConfig.isEncryptionCertificateEnabled() && z) {
                Logger.d("cert service | getting e2e cert from db", new Object[0]);
                if (certConfig.getE2ECertConfig().getE2ECertFromCache() == null) {
                    Logger.e("E2E cerificate to encypt not available in CertConfig", new Object[0]);
                    throw new ApplicationException("E2E cerificate to encypt not available in CertConfig");
                }
                publicKey = processEncodedCert(certConfig.getE2ECertConfig().getE2ECertFromCache()).getPublicKey();
            } else {
                Logger.d("cert service | getting e2e cert from bundle", new Object[0]);
                publicKey = CertificateFactory.getInstance("X.509").generateCertificate(new BufferedInputStream(context.getAssets().open("www/cert/e2e_cert.cer"))).getPublicKey();
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
            cipher.init(1, publicKey);
            str2 = byteArrayToHexString(cipher.doFinal(bArr));
        } catch (Exception e) {
            Logger.e("Exception while encrypRSA" + e, new Object[0]);
            str2 = "";
        }
        return str + str2;
    }

    public static String encryptApiProxy(Context context, String str, CertConfig certConfig, boolean z) {
        PublicKey publicKey;
        try {
            if (certConfig.isEncryptionCertificateEnabled() && z) {
                Logger.e("encryptApiProxy :::: API cerificate", new Object[0]);
                if (certConfig.getApiCertConfig().getApiCertFromCache() == null) {
                    Logger.e("API cerificate to encypt not available in CertConfig", new Object[0]);
                    throw new ApplicationException("API cerificate to encypt not available in CertConfig");
                }
                publicKey = processEncodedCert(certConfig.getApiCertConfig().getApiCertFromCache()).getPublicKey();
            } else {
                publicKey = CertificateFactory.getInstance("X.509").generateCertificate(new BufferedInputStream(context.getAssets().open("www/cert/ApiProxy.der"))).getPublicKey();
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
            cipher.init(1, publicKey);
            return byteArrayToHexString(cipher.doFinal(hexStringToByteArray(String.format("%1$-16s", str).replace(' ', 'F'))));
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public static String encryptData(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
        cipher.init(1, new SecretKeySpec(bArr2, "AES"), new IvParameterSpec(bArr3));
        return new String(Base64.encodeBase64(cipher.doFinal(bArr)), "UTF-8");
    }

    public static byte[] generateRandomNum() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    public static String generateRandomString(int i) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i2 = 0; i2 < i; i2++) {
            stringBuffer.append("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789".charAt(getRandomNumber()));
        }
        return stringBuffer.toString();
    }

    public static String getHMAC256Hash(byte[] bArr, String str) {
        byte[] hexStringToByteArray = hexStringToByteArray(str);
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(hexStringToByteArray, "HmacSHA256"));
            return new String(Hex.encodeHex(mac.doFinal(bArr)));
        } catch (Exception unused) {
            return null;
        }
    }

    public static int getRandomNumber() {
        int nextInt = new SecureRandom().nextInt(62);
        int i = nextInt - 1;
        return i == -1 ? nextInt : i;
    }

    public static String getSHA256Checksum(byte[] bArr, String str) {
        byte[] bytes = str.getBytes();
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(bytes, "HmacSHA256"));
            return new String(Hex.encodeHex(mac.doFinal(bArr)));
        } catch (Exception unused) {
            return null;
        }
    }

    public static byte[] hexDecode(String str) {
        byte[] bArr = new byte[str.length() / 2];
        int length = str.length();
        int i = 0;
        int i2 = 0;
        while (i < length) {
            int i3 = i + 1;
            bArr[i2] = (byte) ((hexToChar(str.charAt(i)) << 4) | hexToChar(str.charAt(i3)));
            i2++;
            i = i3 + 1;
        }
        return bArr;
    }

    public static byte[] hexStringToByteArray(String str) {
        int length = str.length();
        byte[] bArr = new byte[length / 2];
        for (int i = 0; i < length; i += 2) {
            bArr[i / 2] = (byte) ((Character.digit(str.charAt(i), 16) << 4) + Character.digit(str.charAt(i + 1), 16));
        }
        return bArr;
    }

    private static int hexToChar(int i) {
        if (i >= 48 && i <= 57) {
            return i - 48;
        }
        int i2 = 97;
        if (i < 97 || i > 102) {
            i2 = 65;
            if (i < 65 || i > 70) {
                return 0;
            }
        }
        return (i - i2) + 10;
    }

    public static int optimiseServerExpiryTime(int i) {
        return i > 60 ? i - 60 : i;
    }

    public static String optimiseServerExpiryTime(String str) {
        if (TextUtils.isEmpty(str)) {
            return str;
        }
        try {
            return String.valueOf(optimiseServerExpiryTime(Integer.parseInt(str)));
        } catch (Exception unused) {
            return str;
        }
    }

    public static Certificate processEncodedCert(String str) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(android.util.Base64.decode(str, 0));
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                byteArrayInputStream.close();
                return generateCertificate;
            } finally {
            }
        } catch (Exception unused) {
            Logger.e("Exception while processEncodedCert", new Object[0]);
            return null;
        }
    }
}
