package com.paypal.android.platform.authsdk.authcommon.partnerauth.security;

import android.annotation.TargetApi;
import android.content.Context;
import android.util.Base64;
import android.util.Log;
import androidx.appcompat.widget.m1;
import androidx.datastore.preferences.protobuf.e;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import kotlin.Metadata;
import kotlin.jvm.internal.h;
import kotlin.jvm.internal.n;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import zm.a;

@Metadata(d1 = {"\u0000F\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\b\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\u0018\u0000 \u001d2\u00020\u00012\u00020\u0002:\u0001\u001dB\u0005¢\u0006\u0002\u0010\u0003J\"\u0010\u0004\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u0006\u001a\u00020\u00052\u0006\u0010\u0007\u001a\u00020\u00052\u0006\u0010\b\u001a\u00020\u0005H\u0016J*\u0010\t\u001a\u0004\u0018\u00010\u00052\u0006\u0010\n\u001a\u00020\u000b2\u0006\u0010\u0007\u001a\u00020\u00052\u0006\u0010\b\u001a\u00020\u00052\u0006\u0010\f\u001a\u00020\rH\u0017J\"\u0010\u000e\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u0006\u001a\u00020\u00052\u0006\u0010\u0007\u001a\u00020\u00052\u0006\u0010\b\u001a\u00020\u0005H\u0017J*\u0010\u000f\u001a\u0004\u0018\u00010\u00052\u0006\u0010\n\u001a\u00020\u000b2\u0006\u0010\u0007\u001a\u00020\u00052\u0006\u0010\b\u001a\u00020\u00052\u0006\u0010\f\u001a\u00020\rH\u0017J\u0018\u0010\u0010\u001a\u00020\u00052\u0006\u0010\u0006\u001a\u00020\u00052\u0006\u0010\u0011\u001a\u00020\u0012H\u0016J\u0016\u0010\u0013\u001a\u00020\u00142\u0006\u0010\u0006\u001a\u00020\u00052\u0006\u0010\u0011\u001a\u00020\u0012J\"\u0010\u0015\u001a\u0004\u0018\u00010\u00162\u0006\u0010\u0006\u001a\u00020\u00052\u0006\u0010\u0017\u001a\u00020\u00182\u0006\u0010\u0011\u001a\u00020\u0012H\u0017J\u0010\u0010\u0019\u001a\u00020\u001a2\u0006\u0010\u001b\u001a\u00020\u0005H\u0007J\u0012\u0010\u001c\u001a\u0004\u0018\u00010\u00162\u0006\u0010\u0006\u001a\u00020\u0005H\u0002¨\u0006\u001e"}, d2 = {"Lcom/paypal/android/platform/authsdk/authcommon/partnerauth/security/CryptoSecureKeyWrapperImpl;", "Lcom/paypal/android/platform/authsdk/authcommon/partnerauth/security/BaseSecureKeyWrapper;", "Lcom/paypal/android/platform/authsdk/authcommon/partnerauth/security/CryptoSecureKeyWrapper;", "()V", "decryptString", "", "keyName", "value", "cipherTransformation", "decryptStringUsingAES", "secretKey", "Ljavax/crypto/SecretKey;", "cipherIvSize", "", "encryptString", "encryptStringUsingAES", "generateAsymmetricKeyPair", "appContext", "Landroid/content/Context;", "generateAsymmetricKeyPairAndProvider", "Lcom/paypal/android/platform/authsdk/authcommon/partnerauth/security/SecureKeyModel;", "generatePublicKey", "Ljava/security/PublicKey;", "userAuthRequired", "", "generateSignatureForRSA", "Ljava/security/Signature;", "privateKeyAlias", "getPublicKeyForEncryption", "Companion", "auth-sdk_thirdPartyRelease"}, k = 1, mv = {1, 6, 0}, xi = 48)
/* loaded from: classes5.dex */
public final class CryptoSecureKeyWrapperImpl extends BaseSecureKeyWrapper implements CryptoSecureKeyWrapper {

    @NotNull
    private static final String RSA_PKI_ALGORITHM = "SHA256withRSA";

    /* renamed from: Companion, reason: from kotlin metadata */
    @NotNull
    public static final Companion INSTANCE = new Companion(null);
    private static final String TAG = "CryptoSecureKeyWrapperImpl";

    @Metadata(d1 = {"\u0000*\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\b\n\u0002\b\u0005\n\u0002\u0010\u0012\n\u0002\b\u0002\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J \u0010\t\u001a\u0004\u0018\u00010\u00042\u0006\u0010\n\u001a\u00020\u00042\u0006\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000eJ \u0010\u000f\u001a\u00020\u00042\b\u0010\u0010\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u0011\u001a\u00020\f2\u0006\u0010\u0012\u001a\u00020\u000eJ\u0018\u0010\u0013\u001a\u0004\u0018\u00010\u00142\u0006\u0010\u0015\u001a\u00020\u00042\u0006\u0010\r\u001a\u00020\u000eR\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u0019\u0010\u0005\u001a\n \u0006*\u0004\u0018\u00010\u00040\u0004¢\u0006\b\n\u0000\u001a\u0004\b\u0007\u0010\b¨\u0006\u0016"}, d2 = {"Lcom/paypal/android/platform/authsdk/authcommon/partnerauth/security/CryptoSecureKeyWrapperImpl$Companion;", "", "()V", "RSA_PKI_ALGORITHM", "", "TAG", "kotlin.jvm.PlatformType", "getTAG", "()Ljava/lang/String;", "decryptDataUsingCipher", "encryptedData", "decryptionCipher", "Ljavax/crypto/Cipher;", "cipherIvSize", "", "encryptDataUsingCipher", "data", "encryptionCipher", "cipherIVSize", "getDecryptionIv", "", "base64EncryptedDataPrefixedByIv", "auth-sdk_thirdPartyRelease"}, k = 1, mv = {1, 6, 0}, xi = 48)
    /* loaded from: classes5.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(h hVar) {
            this();
        }

        @Nullable
        public final String decryptDataUsingCipher(@NotNull String encryptedData, @NotNull Cipher decryptionCipher, int cipherIvSize) {
            n.g(encryptedData, "encryptedData");
            n.g(decryptionCipher, "decryptionCipher");
            try {
                Log.e(getTAG(), "decryptData: base64EncryptedDataPrefixedByIv is : ".concat(encryptedData));
                byte[] decode = Base64.decode(encryptedData, 0);
                int length = decode.length - cipherIvSize;
                byte[] bArr = new byte[length];
                System.arraycopy(decode, 0, new byte[cipherIvSize], 0, cipherIvSize);
                System.arraycopy(decode, cipherIvSize, bArr, 0, length);
                byte[] doFinal = decryptionCipher.doFinal(bArr);
                n.f(doFinal, "decryptionCipher.doFinal(encryptedByteData)");
                String str = new String(doFinal, a.f77537b);
                Log.d(getTAG(), "decryptData: Returning decrypted data : ".concat(str));
                return str;
            } catch (BadPaddingException e10) {
                Log.e(getTAG(), "decryptData: Exception", e10);
                return null;
            } catch (IllegalBlockSizeException e11) {
                Log.e(getTAG(), "decryptData: Exception", e11);
                return null;
            }
        }

        @NotNull
        public final String encryptDataUsingCipher(@Nullable String data, @NotNull Cipher encryptionCipher, int cipherIVSize) {
            byte[] bytes;
            n.g(encryptionCipher, "encryptionCipher");
            if (data == null) {
                bytes = null;
            } else {
                try {
                    bytes = data.getBytes(a.f77537b);
                    n.f(bytes, "this as java.lang.String).getBytes(charset)");
                } catch (BadPaddingException e10) {
                    Log.e(getTAG(), "Error while encrypting data: Exception", e10);
                    throw new RuntimeException(e10);
                } catch (IllegalBlockSizeException e11) {
                    Log.e(getTAG(), "Error while encrypting data: Exception", e11);
                    throw new RuntimeException(e11);
                }
            }
            byte[] doFinal = encryptionCipher.doFinal(bytes);
            byte[] bArr = new byte[doFinal.length + cipherIVSize];
            System.arraycopy(encryptionCipher.getIV(), 0, bArr, 0, cipherIVSize);
            System.arraycopy(doFinal, 0, bArr, cipherIVSize, doFinal.length);
            String encodeToString = Base64.encodeToString(bArr, 0);
            n.f(encodeToString, "{\n                val pl…64.DEFAULT)\n            }");
            return encodeToString;
        }

        @Nullable
        public final byte[] getDecryptionIv(@NotNull String base64EncryptedDataPrefixedByIv, int cipherIvSize) {
            n.g(base64EncryptedDataPrefixedByIv, "base64EncryptedDataPrefixedByIv");
            byte[] decode = Base64.decode(base64EncryptedDataPrefixedByIv, 0);
            e.i("getDecryptionIv: encryptedDataPrefixByIv is : ", Arrays.toString(decode), getTAG());
            byte[] bArr = new byte[cipherIvSize];
            System.arraycopy(decode, 0, bArr, 0, cipherIvSize);
            return bArr;
        }

        public final String getTAG() {
            return CryptoSecureKeyWrapperImpl.TAG;
        }
    }

    private final PublicKey getPublicKeyForEncryption(String keyName) {
        try {
            KeyStore keyStore = KeyStore.getInstance(BaseSecureKeyWrapper.ANDROID_KEYSTORE);
            keyStore.load(null);
            Certificate certificate = keyStore.getCertificate(keyName);
            if (certificate == null) {
                return null;
            }
            return certificate.getPublicKey();
        } catch (Exception e10) {
            Log.e(TAG, "Exception in retrieving Public key", e10);
            return null;
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.CryptoSecureKeyWrapper
    @Nullable
    public String decryptString(@NotNull String keyName, @NotNull String value, @NotNull String cipherTransformation) {
        m1.j(keyName, "keyName", value, "value", cipherTransformation, "cipherTransformation");
        try {
            Cipher cipher = Cipher.getInstance(cipherTransformation);
            cipher.init(2, getPrivateKey(keyName));
            byte[] doFinal = cipher.doFinal(Base64.decode(value, 0));
            if (doFinal == null) {
                return null;
            }
            return new String(doFinal, a.f77537b);
        } catch (Exception e10) {
            Log.e(TAG, "Exception in decrypting String: " + e10.getLocalizedMessage());
            return null;
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.CryptoSecureKeyWrapper
    @Nullable
    public String decryptStringUsingAES(@NotNull SecretKey secretKey, @NotNull String value, @NotNull String cipherTransformation, int cipherIvSize) {
        n.g(secretKey, "secretKey");
        n.g(value, "value");
        n.g(cipherTransformation, "cipherTransformation");
        try {
            Cipher cipher = Cipher.getInstance(cipherTransformation);
            Companion companion = INSTANCE;
            cipher.init(2, secretKey, new IvParameterSpec(companion.getDecryptionIv(value, cipherIvSize)));
            return companion.decryptDataUsingCipher(value, cipher, cipher.getIV().length);
        } catch (Exception e10) {
            Log.e(TAG, "Exception in creating cipher for decrypting String: " + e10.getLocalizedMessage());
            return null;
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.CryptoSecureKeyWrapper
    @Nullable
    public String encryptString(@NotNull String keyName, @NotNull String value, @NotNull String cipherTransformation) {
        m1.j(keyName, "keyName", value, "value", cipherTransformation, "cipherTransformation");
        try {
            Cipher cipher = Cipher.getInstance(cipherTransformation);
            cipher.init(1, getPublicKeyForEncryption(keyName));
            byte[] bytes = value.getBytes(a.f77537b);
            n.f(bytes, "this as java.lang.String).getBytes(charset)");
            return Base64.encodeToString(cipher.doFinal(bytes), 0);
        } catch (Exception e10) {
            Log.e(TAG, "Exception in encrypting String", e10);
            return null;
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.CryptoSecureKeyWrapper
    @Nullable
    public String encryptStringUsingAES(@NotNull SecretKey secretKey, @NotNull String value, @NotNull String cipherTransformation, int cipherIvSize) {
        n.g(secretKey, "secretKey");
        n.g(value, "value");
        n.g(cipherTransformation, "cipherTransformation");
        try {
            Cipher cipher = Cipher.getInstance(cipherTransformation);
            cipher.init(1, secretKey);
            Log.d(TAG, "IV size : " + cipher.getIV().length);
            try {
                return INSTANCE.encryptDataUsingCipher(value, cipher, cipherIvSize);
            } catch (RuntimeException e10) {
                Log.e(TAG, "Exception in encrypting String", e10);
                return null;
            }
        } catch (Exception e11) {
            Log.e(TAG, "Exception in creating cipher for encrypting String", e11);
            return null;
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    @NotNull
    public String generateAsymmetricKeyPair(@NotNull String keyName, @NotNull Context appContext) throws RuntimeException {
        byte[] encoded;
        n.g(keyName, "keyName");
        n.g(appContext, "appContext");
        PublicKey generatePublicKey = generatePublicKey(keyName, false, appContext);
        String str = null;
        if (generatePublicKey != null && (encoded = generatePublicKey.getEncoded()) != null) {
            str = base64AndUrlSafeEncodedStringFromBytes(encoded);
        }
        String valueOf = String.valueOf(str);
        Log.d(TAG, "Encoded public key string: ".concat(valueOf));
        return valueOf;
    }

    @NotNull
    public final SecureKeyModel generateAsymmetricKeyPairAndProvider(@NotNull String keyName, @NotNull Context appContext) throws RuntimeException {
        n.g(keyName, "keyName");
        n.g(appContext, "appContext");
        SecureKeyModel secureKeyModel = new SecureKeyModel();
        deleteAsymmetricKey(keyName);
        PublicKey generatePublicKey = super.generatePublicKey(keyName, false, appContext);
        if (generatePublicKey != null) {
            byte[] encoded = generatePublicKey.getEncoded();
            n.f(encoded, "publicKey.encoded");
            String base64AndUrlSafeEncodedStringFromBytes = base64AndUrlSafeEncodedStringFromBytes(encoded);
            String str = TAG;
            Log.d(str, "Encoded public key string: " + base64AndUrlSafeEncodedStringFromBytes);
            Log.d(str, "keystore provider:".concat("EC"));
            secureKeyModel.setKeyStoreProvider("EC");
            secureKeyModel.setPublicKey(base64AndUrlSafeEncodedStringFromBytes);
        }
        return secureKeyModel;
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.BaseSecureKeyWrapper
    @TargetApi(18)
    @Nullable
    public PublicKey generatePublicKey(@NotNull String keyName, boolean userAuthRequired, @NotNull Context appContext) {
        n.g(keyName, "keyName");
        n.g(appContext, "appContext");
        return super.generatePublicKey(keyName, userAuthRequired, appContext);
    }

    @TargetApi(18)
    @NotNull
    public final Signature generateSignatureForRSA(@NotNull String privateKeyAlias) {
        n.g(privateKeyAlias, "privateKeyAlias");
        try {
            KeyStore keyStore = KeyStore.getInstance(BaseSecureKeyWrapper.ANDROID_KEYSTORE);
            keyStore.load(null);
            Key key = keyStore.getKey(privateKeyAlias, null);
            if (key == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.PrivateKey");
            }
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign((PrivateKey) key);
            return signature;
        } catch (IOException e10) {
            Log.e(TAG, "generateSignature : Exception in generateSignature", e10);
            throw new RuntimeException(e10);
        } catch (InvalidKeyException e11) {
            Log.e(TAG, "generateSignature : Exception in generateSignature", e11);
            throw new RuntimeException(e11);
        } catch (KeyStoreException e12) {
            Log.e(TAG, "generateSignature : Exception in generateSignature", e12);
            throw new RuntimeException(e12);
        } catch (NoSuchAlgorithmException e13) {
            Log.e(TAG, "generateSignature : Exception in generateSignature", e13);
            throw new RuntimeException(e13);
        } catch (UnrecoverableEntryException e14) {
            Log.e(TAG, "generateSignature : Exception in generateSignature", e14);
            throw new RuntimeException(e14);
        } catch (CertificateException e15) {
            Log.e(TAG, "generateSignature : Exception in generateSignature", e15);
            throw new RuntimeException(e15);
        }
    }
}
