package com.adyen.checkout.cse.internal;

import com.adyen.checkout.cse.EncryptionException;
import expo.modules.securestore.encryptors.AESEncryptor;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.crypto.spec.SecretKeySpec;
import kotlin.collections.ArraysKt___ArraysJvmKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import kotlin.text.StringsKt__StringsJVMKt;
import kotlin.text.StringsKt__StringsKt;
import org.json.JSONObject;

/* compiled from: JSONWebEncryptor.kt */
/* loaded from: classes.dex */
public final class JSONWebEncryptor {
    public static final Companion Companion = new Companion(null);
    private static final JSONObject HEADER;
    private final KeyFactory keyFactory;

    /* compiled from: JSONWebEncryptor.kt */
    /* loaded from: classes.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    static {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("alg", "RSA-OAEP-256");
        jSONObject.put("enc", "A256GCM");
        jSONObject.put("version", "1");
        HEADER = jSONObject;
    }

    public JSONWebEncryptor() {
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            Intrinsics.checkNotNull(keyFactory);
            this.keyFactory = keyFactory;
        } catch (NoSuchAlgorithmException e2) {
            throw new EncryptionException("RSA KeyFactory not found", e2);
        }
    }

    private final JWEObject encrypt(String str, SecretKey secretKey, Base64String base64String) {
        byte[] encodeToByteArray;
        byte[] copyOfRange;
        byte[] copyOfRange2;
        String jSONObject = HEADER.toString();
        Intrinsics.checkNotNullExpressionValue(jSONObject, "toString(...)");
        encodeToByteArray = StringsKt__StringsJVMKt.encodeToByteArray(jSONObject);
        Base64String base64String2 = new Base64String(encodeToByteArray);
        byte[] additionalAuthenticationData = getAdditionalAuthenticationData(base64String2);
        byte[] generateInitializationVector = generateInitializationVector();
        Cipher aESCipher = getAESCipher(secretKey, generateInitializationVector);
        aESCipher.updateAAD(additionalAuthenticationData);
        byte[] bytes = str.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
        byte[] doFinal = aESCipher.doFinal(bytes);
        int length = doFinal.length - 16;
        Base64String base64String3 = new Base64String(generateInitializationVector);
        Intrinsics.checkNotNull(doFinal);
        copyOfRange = ArraysKt___ArraysJvmKt.copyOfRange(doFinal, 0, length);
        Base64String base64String4 = new Base64String(copyOfRange);
        copyOfRange2 = ArraysKt___ArraysJvmKt.copyOfRange(doFinal, length, doFinal.length);
        return new JWEObject(base64String2, base64String, base64String3, base64String4, new Base64String(copyOfRange2));
    }

    private final byte[] encryptContentEncryptionKey(PublicKey publicKey, SecretKey secretKey) {
        try {
            byte[] doFinal = getRSACipher(publicKey).doFinal(secretKey.getEncoded());
            Intrinsics.checkNotNull(doFinal);
            return doFinal;
        } catch (IllegalBlockSizeException e2) {
            throw new EncryptionException("The RSA key is invalid", e2);
        }
    }

    private final SecretKey generateContentEncryptionKey() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return new SecretKeySpec(bArr, "AES");
    }

    private final byte[] generateInitializationVector() {
        byte[] bArr = new byte[12];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    private final PublicKey generatePublicKey(String str) {
        List split$default;
        split$default = StringsKt__StringsKt.split$default((CharSequence) str, new String[]{"|"}, false, 0, 6, (Object) null);
        try {
            PublicKey generatePublic = this.keyFactory.generatePublic(new RSAPublicKeySpec(new BigInteger((String) split$default.get(1), 16), new BigInteger((String) split$default.get(0), 16)));
            Intrinsics.checkNotNull(generatePublic);
            return generatePublic;
        } catch (InvalidKeySpecException e2) {
            throw new EncryptionException("Problem reading public key", e2);
        }
    }

    private final Cipher getAESCipher(SecretKey secretKey, byte[] bArr) {
        SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getEncoded(), "AES");
        GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr);
        try {
            Cipher cipher = Cipher.getInstance(AESEncryptor.AES_CIPHER);
            cipher.init(1, secretKeySpec, gCMParameterSpec);
            Intrinsics.checkNotNull(cipher);
            return cipher;
        } catch (NoSuchAlgorithmException e2) {
            throw new EncryptionException("Problem instantiating AES/GCM/NoPadding Algorithm", e2);
        } catch (NoSuchPaddingException e3) {
            throw new EncryptionException("Problem instantiating AES/GCM/NoPadding Padding", e3);
        }
    }

    private final byte[] getAdditionalAuthenticationData(Base64String base64String) {
        byte[] bytes = base64String.getValue().getBytes(Charsets.US_ASCII);
        Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
        return bytes;
    }

    private final Cipher getRSACipher(PublicKey publicKey) {
        AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("OAEP");
        MGF1ParameterSpec mGF1ParameterSpec = MGF1ParameterSpec.SHA256;
        algorithmParameters.init(new OAEPParameterSpec(mGF1ParameterSpec.getDigestAlgorithm(), "MGF1", mGF1ParameterSpec, PSource.PSpecified.DEFAULT));
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            cipher.init(1, publicKey, algorithmParameters);
            Intrinsics.checkNotNull(cipher);
            return cipher;
        } catch (NoSuchAlgorithmException e2) {
            throw new EncryptionException("Problem instantiating RSA/ECB/OAEPWithSHA-256AndMGF1Padding Algorithm", e2);
        } catch (NoSuchPaddingException e3) {
            throw new EncryptionException("Problem instantiating RSA/ECB/OAEPWithSHA-256AndMGF1Padding Padding", e3);
        }
    }

    private final String serialize(JWEObject jWEObject) {
        String str = jWEObject.getHeader() + "." + jWEObject.getEncryptedKey() + "." + jWEObject.getInitializationVector() + "." + jWEObject.getCipherText() + "." + jWEObject.getAuthTag();
        Intrinsics.checkNotNullExpressionValue(str, "toString(...)");
        return str;
    }

    public final String encrypt(String publicKey, String payload) {
        Intrinsics.checkNotNullParameter(publicKey, "publicKey");
        Intrinsics.checkNotNullParameter(payload, "payload");
        if (!ValidationUtils.isPublicKeyValid(publicKey)) {
            throw new EncryptionException("Invalid public key", null);
        }
        PublicKey generatePublicKey = generatePublicKey(publicKey);
        SecretKey generateContentEncryptionKey = generateContentEncryptionKey();
        return serialize(encrypt(payload, generateContentEncryptionKey, new Base64String(encryptContentEncryptionKey(generatePublicKey, generateContentEncryptionKey))));
    }
}
