package com.wibmo.threeds2.sdk.util.crypto;

import android.app.Activity;
import android.content.Context;
import android.util.Log;
import com.nimbusds.jose.i;
import com.nimbusds.jose.jwk.b;
import com.nimbusds.jose.l;
import com.nimbusds.jose.m;
import com.nimbusds.jose.q;
import com.nimbusds.jose.t;
import com.nimbusds.jose.util.o;
import com.payu.threedsbase.constants.APIConstants;
import com.pichillilorenzo.flutter_inappwebview_android.credential_database.URLCredentialContract;
import com.wibmo.threeds2.sdk.cfg.f;
import com.wibmo.threeds2.sdk.j;
import com.wibmo.threeds2.sdk.pojo.CReq;
import com.wibmo.threeds2.sdk.util.e;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Enumeration;
import java.util.List;
import java.util.Objects;
import java.util.TimeZone;
import javax.crypto.SecretKey;
import org.jose4j.jwa.c;
import org.jose4j.jwe.p;
import org.jose4j.lang.g;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public class b {
    private static MessageDigest a;
    private static PublicKey b;

    static {
        try {
            a = MessageDigest.getInstance("sha256");
        } catch (Exception e) {
            Log.e("wibmo.3dssdk.CryptoUtil", "Error: " + e, e);
        }
        "0123456789ABCDEF".toCharArray();
    }

    public static String a(Context context, f fVar, String str, PublicKey publicKey, String str2) throws Exception {
        publicKey.getAlgorithm();
        Activity activity = (Activity) context;
        e.d(activity, fVar.o(), "ECDH_check", "publicKey_getAlgorithm : " + publicKey.getAlgorithm());
        if ("EC".equals(publicKey.getAlgorithm())) {
            e.d(activity, fVar.o(), "ECDH_check", "publicKey_getAlgorithm_Under_EC_Condition : " + publicKey.getAlgorithm());
            return m(str, publicKey, str2);
        }
        e.d(activity, fVar.o(), "ECDH_check", "publicKey_getAlgorithm_Under_RSA_Condition : " + publicKey.getAlgorithm());
        return c(str, publicKey, str2);
    }

    public static String b(CReq cReq, SecretKey secretKey, Activity activity, f fVar) throws Exception {
        try {
            String r = com.wibmo.threeds2.sdk.util.b.a().r(cReq);
            e.d(activity, fVar.o(), "challenge_api_request", "CReqDetails: " + r);
            Objects.toString(secretKey);
            p pVar = new p();
            pVar.u(secretKey);
            pVar.v(cReq.getAcsTransID());
            pVar.o("dir");
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            pVar.M("A128CBC-HS256");
            pVar.N(secureRandom.generateSeed(16));
            pVar.O(r);
            String z = pVar.z();
            l(z);
            return z;
        } catch (Exception e) {
            Log.e("wibmo.3dssdk.CryptoUtil", "JWE Error: " + e, e);
            throw new RuntimeException("JWE encryption failed.", e);
        }
    }

    public static String c(String str, PublicKey publicKey, String str2) throws Exception {
        try {
            com.nimbusds.jwt.b e = com.nimbusds.jwt.b.e(str);
            l.a aVar = new l.a(i.f, com.nimbusds.jose.d.j);
            if (str2.equalsIgnoreCase("A000000004")) {
                aVar.m("7c4debe3f4af7f9d1569a2ffea4343c2566826ee");
            }
            com.nimbusds.jwt.a aVar2 = new com.nimbusds.jwt.a(aVar.d(), e);
            aVar2.f(new com.nimbusds.jose.crypto.b((RSAPublicKey) publicKey));
            return aVar2.l();
        } catch (Exception e2) {
            try {
                Log.e("wibmo.3dssdk.CryptoUtil", "JWE Error: " + e2, e2);
                throw new RuntimeException("JWE encryption failed.", e2);
            } catch (Exception e3) {
                Log.e("wibmo.3dssdk.CryptoUtil", "JWE Error: " + e3, e3);
                throw new RuntimeException("JWE encryption failed.", e3);
            }
        }
    }

    public static String d(String str, X509Certificate x509Certificate) {
        try {
            if (x509Certificate != null) {
                Objects.toString(x509Certificate.getSubjectDN());
            } else {
                Log.w("wibmo.3dssdk.CryptoUtil", "dsRoot was null!");
            }
            try {
                q i = q.i(str);
                List f = i.h().f();
                if (x509Certificate != null) {
                    try {
                        k(x509Certificate, f);
                    } catch (Exception e) {
                        Log.e("wibmo.3dssdk.CryptoUtil", "validateCertChain Error: " + e, e);
                    }
                } else {
                    Log.w("wibmo.3dssdk.CryptoUtil", "Skipping DSRoot validation of chain..");
                }
                X509Certificate a2 = o.a(((com.nimbusds.jose.util.a) f.get(0)).a());
                Objects.toString(a2 == null ? null : a2.getSubjectDN());
                org.jose4j.jws.d dVar = new org.jose4j.jws.d();
                dVar.o(i.h().g().a());
                dVar.n(new org.jose4j.jwa.c(c.b.WHITELIST, "PS256", "ES256"));
                dVar.p(str);
                dVar.u(a2.getPublicKey());
                if (dVar.G()) {
                    return dVar.z();
                }
                return null;
            } catch (ParseException e2) {
                Log.e("wibmo.3dssdk.CryptoUtil", "ParseException Error: " + e2, e2);
                throw new com.wibmo.threeds2.sdk.error.d("JWS parsing failed" + e2, APIConstants.AUTH_OUTSIDE_PAYU, e2);
            }
        } catch (Exception e3) {
            throw new com.wibmo.threeds2.sdk.error.d("jwsValidateSignature failed", APIConstants.AUTH_OUTSIDE_PAYU, e3);
        }
    }

    public static String e(String str, SecretKey secretKey, Activity activity, f fVar) throws Exception {
        try {
            Objects.toString(secretKey);
            l(str);
            m k = m.k(str);
            p pVar = new p();
            com.nimbusds.jose.d i = k.j().i();
            Objects.toString(i);
            if (i == com.nimbusds.jose.d.j) {
                byte[] encoded = secretKey.getEncoded();
                pVar.u(new org.jose4j.keys.a(Arrays.copyOfRange(encoded, encoded.length - 16, encoded.length)));
            } else {
                pVar.u(secretKey);
            }
            c.b bVar = c.b.WHITELIST;
            pVar.n(new org.jose4j.jwa.c(bVar, "dir"));
            pVar.J(new org.jose4j.jwa.c(bVar, "A128CBC-HS256", "A128GCM"));
            pVar.p(str);
            String I = pVar.I();
            e.d(activity, fVar.o(), "challenge_api_response", "CResDetails: " + I);
            if (str.equalsIgnoreCase(pVar.z())) {
                return I;
            }
            throw new com.google.gson.o("JWE encryption failed.");
        } catch (Exception e) {
            Log.e("wibmo.3dssdk.CryptoUtil", "JWE Error: " + e, e);
            throw new com.google.gson.o("JWE encryption failed.", e);
        }
    }

    public static KeyPair f() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        org.bouncycastle.jce.provider.a aVar = new org.bouncycastle.jce.provider.a();
        ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec("P-256");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDH", aVar);
        keyPairGenerator.initialize(eCGenParameterSpec, new SecureRandom());
        return keyPairGenerator.generateKeyPair();
    }

    public static PublicKey g(Context context, f fVar, String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, InvalidKeySpecException {
        String[] split = str.split("\\.");
        String str2 = split[0];
        if (split[1].equalsIgnoreCase("RSA")) {
            Activity activity = (Activity) context;
            e.d(activity, fVar.o(), "ECDH_check", "pubKey_Under_RSA_Condition");
            b = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(com.wibmo.threeds2.sdk.util.d.a(str2.toCharArray())));
            e.d(activity, fVar.o(), "ECDH_check", "merchantPublicKey_getAlgorithm_Under_RSA_Condition : " + b.getAlgorithm());
        } else {
            Activity activity2 = (Activity) context;
            e.d(activity2, fVar.o(), "ECDH_check", "pubKey_Under_EC_Condition");
            b = KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(com.wibmo.threeds2.sdk.util.d.a(str2.toCharArray())));
            e.d(activity2, fVar.o(), "ECDH_check", "merchantPublicKey_getAlgorithm_Under_EC_Condition : " + b.getAlgorithm());
        }
        return b;
    }

    public static ECPublicKey h(String str) throws ParseException, com.nimbusds.jose.f {
        return com.nimbusds.jose.jwk.b.l(str).n();
    }

    public static SecretKey i(ECPublicKey eCPublicKey, ECPrivateKey eCPrivateKey, String str) {
        try {
            return new a("SHA-256").c(c.a(eCPublicKey, eCPrivateKey), 256, a.g(null), a.f(null), a.f(com.nimbusds.jose.util.c.e(str)), a.e(256), a.d());
        } catch (Exception e) {
            Log.e("wibmo.3dssdk.CryptoUtil", "failed to decrypt", e);
            throw new RuntimeException();
        }
    }

    public static boolean j(Context context, String str) throws NoSuchAlgorithmException, InvalidKeySpecException, com.nimbusds.jose.f, ParseException, g, CertificateException, InvalidKeyException, NoSuchProviderException, SignatureException, JSONException {
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(context.getResources().openRawResource(j.wibmo_staging_sdk_license));
        PublicKey publicKey = x509Certificate.getPublicKey();
        q i = q.i(str);
        org.jose4j.jws.d dVar = new org.jose4j.jws.d();
        dVar.o("PS256");
        dVar.n(new org.jose4j.jwa.c(c.b.WHITELIST, "PS256", "ES256"));
        dVar.p(str);
        dVar.u(publicKey);
        boolean G = dVar.G();
        String z = dVar.z();
        if (!k(x509Certificate, i.h().f()) || !G) {
            return false;
        }
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
        simpleDateFormat.parse(simpleDateFormat.format(Calendar.getInstance().getTime()));
        JSONObject jSONObject = new JSONObject(z);
        new SimpleDateFormat("yyyy-MM-dd").setTimeZone(TimeZone.getTimeZone("UTC"));
        return jSONObject.getString("issuer").equals("www.wibmo.com");
    }

    public static boolean k(X509Certificate x509Certificate, List<com.nimbusds.jose.util.a> list) throws CertificateException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        ArrayList arrayList = new ArrayList(list.size());
        for (int i = 0; i < list.size(); i++) {
            arrayList.add(o.a(list.get(i).a()));
        }
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            if (i2 < arrayList.size() - 1) {
                ((X509Certificate) arrayList.get(i2)).verify(((X509Certificate) arrayList.get(i2 + 1)).getPublicKey());
            }
        }
        return com.wibmo.threeds2.sdk.util.location.a.a(x509Certificate.getSignature()).equals(com.wibmo.threeds2.sdk.util.location.a.a(((X509Certificate) arrayList.get(0)).getSignature()));
    }

    public static String l(String str) {
        try {
            return new String(com.wibmo.threeds2.sdk.util.d.b(a.digest(str.getBytes("utf-8"))));
        } catch (Exception e) {
            Log.e("wibmo.3dssdk.CryptoUtil", "Error: " + e, e);
            return null;
        }
    }

    public static String m(String str, PublicKey publicKey, String str2) throws Exception {
        try {
            com.nimbusds.jwt.b.e(str);
            KeyPair f = f();
            SecretKey i = i((ECPublicKey) publicKey, (ECPrivateKey) f.getPrivate(), str2);
            m mVar = new m(new l.a(i.j, com.nimbusds.jose.d.e).i(com.nimbusds.jose.jwk.b.l(new b.a(com.nimbusds.jose.jwk.a.d, (ECPublicKey) f.getPublic()).a().b())).d(), new t(str));
            mVar.f(new com.nimbusds.jose.crypto.a(i));
            return mVar.l();
        } catch (Exception e) {
            Log.e("wibmo.3dssdk.CryptoUtil", "JWE Error: " + e, e);
            throw new RuntimeException("JWE encryption failed.", e);
        }
    }

    public static Certificate n(Context context, String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        InputStream inputStream = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("BKS");
            InputStream openRawResource = context.getResources().openRawResource(j.ds_public_key_bks);
            try {
                keyStore.load(openRawResource, URLCredentialContract.FeedEntry.COLUMN_NAME_PASSWORD.toCharArray());
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    aliases.nextElement();
                }
                Certificate certificate = keyStore.getCertificate("ds_" + str.toLowerCase());
                if (certificate == null) {
                    if (openRawResource != null) {
                        openRawResource.close();
                    }
                    return null;
                }
                if (openRawResource != null) {
                    openRawResource.close();
                }
                return certificate;
            } catch (Throwable th) {
                th = th;
                inputStream = openRawResource;
                if (inputStream != null) {
                    inputStream.close();
                }
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }
}
