package samagra.gov.in.faceauthaadhar.javamethods;

import android.content.Context;
import java.io.ByteArrayInputStream;
import java.io.StringReader;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import org.bouncycastle.crypto.BufferedBlockCipher;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.AESEngine;
import org.bouncycastle.crypto.modes.CFBBlockCipher;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;
import samagra.gov.in.faceauthaadhar.settings.auaConfig.ConfigUtils;

/* loaded from: classes5.dex */
public class DataDecryptor {
    static final /* synthetic */ boolean $assertionsDisabled = false;
    private static final int BLOCK_SIZE = 128;
    private static final String DIGEST_ALGORITHM = "SHA-256";
    private static final int EID_SIZE = 32;
    private static final byte[] HEADER_DATA = "VERSION_1.0".getBytes();
    private static final int HMAC_SIZE = 32;
    private static final String MASKING_FUNCTION = "MGF1";
    private static final String MEC_TYPE = "DOM";
    private static final int PUBLIC_KEY_SIZE = 294;
    private static final int SECRET_KEY_SIZE = 256;
    private static final String SECURITY_PROVIDER = "BC";
    private static final String SIGNATURE_TAG = "Signature";
    private static final String TRANSFORMATION = "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING";
    private static final int VECTOR_SIZE = 16;
    private final KeyStore.PrivateKeyEntry privateKey;

    /* loaded from: classes5.dex */
    private static class ByteArraySpliter {
        private final byte[] encryptedData;
        private final byte[] encryptedSecretKey;
        private final byte[] headerVersion;
        private final byte[] iv;
        private final byte[] publicKeyData;

        public ByteArraySpliter(byte[] bArr) throws Exception {
            byte[] bArr2 = new byte[DataDecryptor.HEADER_DATA.length];
            this.headerVersion = bArr2;
            copyByteArray(bArr, 0, bArr2.length, bArr2);
            int length = DataDecryptor.HEADER_DATA.length;
            byte[] bArr3 = new byte[DataDecryptor.PUBLIC_KEY_SIZE];
            this.publicKeyData = bArr3;
            copyByteArray(bArr, length, bArr3.length, bArr3);
            int i = length + DataDecryptor.PUBLIC_KEY_SIZE;
            byte[] bArr4 = new byte[32];
            this.iv = bArr4;
            copyByteArray(bArr, i, bArr4.length, bArr4);
            byte[] bArr5 = new byte[256];
            this.encryptedSecretKey = bArr5;
            copyByteArray(bArr, length + 326, bArr5.length, bArr5);
            int i2 = length + 582;
            byte[] bArr6 = new byte[bArr.length - i2];
            this.encryptedData = bArr6;
            copyByteArray(bArr, i2, bArr6.length, bArr6);
        }

        private void copyByteArray(byte[] bArr, int i, int i2, byte[] bArr2) throws Exception {
            try {
                System.arraycopy(bArr, i, bArr2, 0, i2);
            } catch (Exception e) {
                throw new Exception("Decryption failed, Corrupted packet ", e);
            }
        }

        public byte[] getEncryptedData() {
            return this.encryptedData;
        }

        public byte[] getEncryptedSecretKey() {
            return this.encryptedSecretKey;
        }

        public byte[] getIv() {
            return this.iv;
        }
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public DataDecryptor(Context context) {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) getKeyFromKeyStore(context).first;
        this.privateKey = privateKeyEntry;
        if (privateKeyEntry == null) {
            throw new RuntimeException("Key could not be read for digital signature. Please check value of signature alias and signature password, and restart the Auth Client");
        }
    }

    private byte[] decryptData(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        try {
            byte[][] split = split(bArr2, 16);
            BufferedBlockCipher bufferedBlockCipher = new BufferedBlockCipher(new CFBBlockCipher(new AESEngine(), 128));
            bufferedBlockCipher.init(false, new ParametersWithIV(new KeyParameter(bArr3), split[0]));
            byte[] bArr4 = new byte[bufferedBlockCipher.getOutputSize(bArr.length)];
            bufferedBlockCipher.doFinal(bArr4, bufferedBlockCipher.processBytes(bArr, 0, bArr.length, bArr4, 0));
            return bArr4;
        } catch (InvalidCipherTextException e) {
            throw new Exception("Decrypting data using AES failed", e);
        }
    }

    private byte[] decryptSecretKeyData(byte[] bArr, byte[] bArr2, PrivateKey privateKey) throws Exception {
        try {
            Cipher cipher = Cipher.getInstance(TRANSFORMATION, SECURITY_PROVIDER);
            cipher.init(2, privateKey, new OAEPParameterSpec("SHA-256", MASKING_FUNCTION, MGF1ParameterSpec.SHA256, new PSource.PSpecified(bArr2)));
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
            throw new Exception("Failed to decrypt AES secret key using RSA.", e);
        }
    }

    private Document getDomObject(String str) throws Exception {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        return newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str)));
    }

    private PublicKey getPublicKey() throws Exception {
        try {
            return ((X509Certificate) CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertificate(new ByteArrayInputStream(ConfigUtils.INSTANCE.getConfigData(ConfigUtils.INSTANCE.getSelectedConfigEnv()).getSigningCert().getBytes(StandardCharsets.UTF_8)))).getPublicKey();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static Node getSignatureNode(Document document) {
        Element documentElement;
        NodeList childNodes;
        if (document == null || (documentElement = document.getDocumentElement()) == null || (childNodes = documentElement.getChildNodes()) == null) {
            return null;
        }
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (item != null && item.getNodeName() != null && "signature".equalsIgnoreCase(item.getLocalName())) {
                return item;
            }
        }
        return null;
    }

    public static Document removeSignature(Document document) {
        if (document != null) {
            Element documentElement = document.getDocumentElement();
            Node signatureNode = getSignatureNode(document);
            if (signatureNode != null) {
                documentElement.removeChild(signatureNode);
            }
        }
        return document;
    }

    private byte[][] split(byte[] bArr, int i) {
        byte[] bArr2;
        if (bArr == null || bArr.length <= i) {
            bArr2 = new byte[0];
        } else {
            byte[] bArr3 = new byte[i];
            int length = bArr.length - i;
            bArr2 = new byte[length];
            System.arraycopy(bArr, 0, bArr3, 0, i);
            System.arraycopy(bArr, i, bArr2, 0, length);
            bArr = bArr3;
        }
        return new byte[][]{bArr, bArr2};
    }

    private byte[] trimHMAC(byte[] bArr) {
        if (bArr == null || bArr.length <= 32) {
            return new byte[0];
        }
        int length = bArr.length - 32;
        byte[] bArr2 = new byte[length];
        System.arraycopy(bArr, 32, bArr2, 0, length);
        return bArr2;
    }

    private boolean validateHash(byte[] bArr) throws Exception {
        byte[][] split = split(bArr, 32);
        try {
            return new String(split[0], StandardCharsets.UTF_8).equals(new String(generateHash(split[1]), StandardCharsets.UTF_8));
        } catch (Exception e) {
            throw new Exception("Not able to compute hash.", e);
        }
    }

    public byte[] decrypt(byte[] bArr) throws Exception {
        if (bArr == null || bArr.length == 0) {
            throw new Exception("byte array data can not be null or blank array.");
        }
        ByteArraySpliter byteArraySpliter = new ByteArraySpliter(bArr);
        return trimHMAC(decryptData(byteArraySpliter.getEncryptedData(), byteArraySpliter.getIv(), decryptSecretKeyData(byteArraySpliter.getEncryptedSecretKey(), byteArraySpliter.getIv(), this.privateKey.getPrivateKey())));
    }

    public byte[] generateHash(byte[] bArr) throws Exception {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256", SECURITY_PROVIDER);
            messageDigest.reset();
            return messageDigest.digest(bArr);
        } catch (GeneralSecurityException unused) {
            throw new Exception("SHA-256 Hashing algorithm not available");
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:22:0x0086 A[Catch: KeyStoreException -> 0x00c3, TRY_LEAVE, TryCatch #1 {KeyStoreException -> 0x00c3, blocks: (B:19:0x007b, B:20:0x0080, B:22:0x0086, B:25:0x0097, B:28:0x00a2, B:34:0x00b8), top: B:18:0x007b }] */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0046 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public android.util.Pair<java.security.KeyStore.PrivateKeyEntry, byte[]> getKeyFromKeyStore(android.content.Context r7) {
        /*
            r6 = this;
            samagra.gov.in.faceauthaadhar.javamethods.AssetsPropertyReader r0 = new samagra.gov.in.faceauthaadhar.javamethods.AssetsPropertyReader
            r0.<init>(r7)
            java.lang.String r1 = "face_auth.properties"
            java.util.Properties r0 = r0.getProperties(r1)
            r1 = 0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L3e
            r2.<init>()     // Catch: java.lang.Exception -> L3e
            samagra.gov.in.faceauthaadhar.settings.auaConfig.ConfigUtils$Companion r3 = samagra.gov.in.faceauthaadhar.settings.auaConfig.ConfigUtils.INSTANCE     // Catch: java.lang.Exception -> L3e
            java.lang.String r3 = r3.getSelectedConfigEnv()     // Catch: java.lang.Exception -> L3e
            r2.append(r3)     // Catch: java.lang.Exception -> L3e
            java.lang.String r3 = "-cert.p12"
            r2.append(r3)     // Catch: java.lang.Exception -> L3e
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Exception -> L3e
            java.io.FileInputStream r2 = r7.openFileInput(r2)     // Catch: java.lang.Exception -> L3e
            samagra.gov.in.faceauthaadhar.settings.auaConfig.ConfigUtils$Companion r3 = samagra.gov.in.faceauthaadhar.settings.auaConfig.ConfigUtils.INSTANCE     // Catch: java.lang.Exception -> L3c
            samagra.gov.in.faceauthaadhar.settings.auaConfig.ConfigUtils$Companion r4 = samagra.gov.in.faceauthaadhar.settings.auaConfig.ConfigUtils.INSTANCE     // Catch: java.lang.Exception -> L3c
            java.lang.String r4 = r4.getSelectedConfigEnv()     // Catch: java.lang.Exception -> L3c
            samagra.gov.in.faceauthaadhar.settings.auaConfig.ConfigParams r3 = r3.getConfigData(r4)     // Catch: java.lang.Exception -> L3c
            java.lang.String r3 = r3.getP12Password()     // Catch: java.lang.Exception -> L3c
            char[] r3 = r3.toCharArray()     // Catch: java.lang.Exception -> L3c
            goto L44
        L3c:
            r3 = move-exception
            goto L40
        L3e:
            r3 = move-exception
            r2 = r1
        L40:
            r3.printStackTrace()
            r3 = r1
        L44:
            if (r2 != 0) goto L63
            android.content.res.AssetManager r7 = r7.getAssets()     // Catch: java.io.IOException -> L5f
            java.lang.String r4 = "P12_FILE_NAME"
            java.lang.String r4 = r0.getProperty(r4)     // Catch: java.io.IOException -> L5f
            java.io.InputStream r2 = r7.open(r4)     // Catch: java.io.IOException -> L5f
            java.lang.String r7 = "P12_PASSWORD"
            java.lang.String r7 = r0.getProperty(r7)     // Catch: java.io.IOException -> L5f
            char[] r3 = r7.toCharArray()     // Catch: java.io.IOException -> L5f
            goto L63
        L5f:
            r7 = move-exception
            r7.printStackTrace()
        L63:
            java.lang.String r7 = "PKCS12"
            java.security.KeyStore r7 = java.security.KeyStore.getInstance(r7)     // Catch: java.security.KeyStoreException -> L6a
            goto L6f
        L6a:
            r7 = move-exception
            r7.printStackTrace()
            r7 = r1
        L6f:
            r7.load(r2, r3)     // Catch: java.io.IOException -> L73 java.security.NoSuchAlgorithmException -> L75 java.security.cert.CertificateException -> L77
            goto L7b
        L73:
            r0 = move-exception
            goto L78
        L75:
            r0 = move-exception
            goto L78
        L77:
            r0 = move-exception
        L78:
            r0.printStackTrace()
        L7b:
            java.util.Enumeration r0 = r7.aliases()     // Catch: java.security.KeyStoreException -> Lc3
            r2 = r1
        L80:
            boolean r4 = r0.hasMoreElements()     // Catch: java.security.KeyStoreException -> Lc3
            if (r4 == 0) goto Lbd
            java.lang.Object r4 = r0.nextElement()     // Catch: java.security.KeyStoreException -> Lc3
            java.lang.String r4 = (java.lang.String) r4     // Catch: java.security.KeyStoreException -> Lc3
            java.io.PrintStream r5 = java.lang.System.out     // Catch: java.security.KeyStoreException -> Lc3
            r5.println(r4)     // Catch: java.security.KeyStoreException -> Lc3
            boolean r5 = r7.isKeyEntry(r4)     // Catch: java.security.KeyStoreException -> Lc3
            if (r5 == 0) goto L80
            java.security.KeyStore$PasswordProtection r5 = new java.security.KeyStore$PasswordProtection     // Catch: java.security.cert.CertificateEncodingException -> Lb1 java.security.UnrecoverableEntryException -> Lb3 java.security.NoSuchAlgorithmException -> Lb5 java.security.KeyStoreException -> Lc3
            r5.<init>(r3)     // Catch: java.security.cert.CertificateEncodingException -> Lb1 java.security.UnrecoverableEntryException -> Lb3 java.security.NoSuchAlgorithmException -> Lb5 java.security.KeyStoreException -> Lc3
            java.security.KeyStore$Entry r5 = r7.getEntry(r4, r5)     // Catch: java.security.cert.CertificateEncodingException -> Lb1 java.security.UnrecoverableEntryException -> Lb3 java.security.NoSuchAlgorithmException -> Lb5 java.security.KeyStoreException -> Lc3
            java.security.KeyStore$PrivateKeyEntry r5 = (java.security.KeyStore.PrivateKeyEntry) r5     // Catch: java.security.cert.CertificateEncodingException -> Lb1 java.security.UnrecoverableEntryException -> Lb3 java.security.NoSuchAlgorithmException -> Lb5 java.security.KeyStoreException -> Lc3
            java.security.cert.Certificate r1 = r7.getCertificate(r4)     // Catch: java.security.cert.CertificateEncodingException -> Lab java.security.UnrecoverableEntryException -> Lad java.security.NoSuchAlgorithmException -> Laf java.security.KeyStoreException -> Lc3
            byte[] r2 = r1.getEncoded()     // Catch: java.security.cert.CertificateEncodingException -> Lab java.security.UnrecoverableEntryException -> Lad java.security.NoSuchAlgorithmException -> Laf java.security.KeyStoreException -> Lc3
            goto Lbb
        Lab:
            r1 = move-exception
            goto Lb8
        Lad:
            r1 = move-exception
            goto Lb8
        Laf:
            r1 = move-exception
            goto Lb8
        Lb1:
            r4 = move-exception
            goto Lb6
        Lb3:
            r4 = move-exception
            goto Lb6
        Lb5:
            r4 = move-exception
        Lb6:
            r5 = r1
            r1 = r4
        Lb8:
            r1.printStackTrace()     // Catch: java.security.KeyStoreException -> Lc3
        Lbb:
            r1 = r5
            goto L80
        Lbd:
            android.util.Pair r7 = new android.util.Pair
            r7.<init>(r1, r2)
            return r7
        Lc3:
            r7 = move-exception
            java.lang.RuntimeException r0 = new java.lang.RuntimeException
            java.lang.String r1 = "CATCH"
            r0.<init>(r1, r7)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: samagra.gov.in.faceauthaadhar.javamethods.DataDecryptor.getKeyFromKeyStore(android.content.Context):android.util.Pair");
    }

    public boolean verify(String str) throws Exception {
        try {
            Document domObject = getDomObject(str);
            PublicKey publicKey = getPublicKey();
            NodeList elementsByTagNameNS = domObject.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
            if (elementsByTagNameNS.getLength() == 0) {
                throw new IllegalArgumentException("Cannot find Signature element");
            }
            XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance(MEC_TYPE, new XMLDSigRI());
            DOMValidateContext dOMValidateContext = new DOMValidateContext(publicKey, elementsByTagNameNS.item(0));
            return xMLSignatureFactory.unmarshalXMLSignature(dOMValidateContext).validate(dOMValidateContext);
        } catch (MarshalException e) {
            e = e;
            throw new Exception(e);
        } catch (XMLSignatureException e2) {
            e = e2;
            throw new Exception(e);
        } catch (Exception unused) {
            return false;
        }
    }
}
