package e.e.a.d;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.infopulse.myzno.domain.model.CertificateYear;
import com.infopulse.myzno.domain.model.PendingAgreement;
import g.f.b.i;
import g.f.b.o;
import g.f.b.s;
import g.i.h;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Header;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Calendar;
import java.util.LinkedHashMap;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* compiled from: SecurityImpl.kt */
/* loaded from: classes.dex */
public final class e implements e.e.a.c.b.c {

    /* renamed from: a, reason: collision with root package name */
    public static final /* synthetic */ h[] f6038a = {s.f7313a.a(new o(s.f7313a.a(e.class), "keyStore", "getKeyStore()Ljava/security/KeyStore;"))};

    /* renamed from: c, reason: collision with root package name */
    public static final e f6040c = new e();

    /* renamed from: b, reason: collision with root package name */
    public static final g.c f6039b = new g.g(f.f6044b, null, 2, null);

    /* compiled from: SecurityImpl.kt */
    /* loaded from: classes.dex */
    public static final class a {

        /* renamed from: b, reason: collision with root package name */
        public static e.f.a.f f6042b;

        /* renamed from: c, reason: collision with root package name */
        public static final a f6043c = new a();

        /* renamed from: a, reason: collision with root package name */
        public static final Cipher f6041a = Cipher.getInstance("RSA/ECB/PKCS1Padding");

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Removed duplicated region for block: B:14:0x00d0  */
        /* JADX WARN: Removed duplicated region for block: B:20:0x0106  */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public final byte[] a(android.content.Context r9) {
            /*
                Method dump skipped, instructions count: 370
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: e.e.a.d.e.a.a(android.content.Context):byte[]");
        }
    }

    public String a(String str, String str2) {
        if (str == null) {
            i.a("encrypted");
            throw null;
        }
        if (str2 == null) {
            i.a("key");
            throw null;
        }
        Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");
        byte[] decode = Base64.decode(str, 0);
        byte[] bytes = str2.getBytes(g.k.b.f7354a);
        i.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        cipher.init(2, new SecretKeySpec(bytes, "AES"), new IvParameterSpec(Arrays.copyOfRange(decode, 0, 16)));
        byte[] doFinal = cipher.doFinal(Arrays.copyOfRange(decode, 16, decode.length));
        i.a((Object) doFinal, "decrypted");
        return new String(doFinal, g.k.b.f7354a);
    }

    public String a(String str, String str2, PendingAgreement pendingAgreement) {
        if (str == null) {
            i.a("clientPrivCert");
            throw null;
        }
        if (str2 == null) {
            i.a(Claims.ISSUED_AT);
            throw null;
        }
        if (pendingAgreement == null) {
            i.a("pendingAgreement");
            throw null;
        }
        byte[] bytes = str.getBytes(g.k.b.f7354a);
        i.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(bytes, 0)));
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("uri", "zno.testportal.com.ua/rest-api/agreement");
        linkedHashMap.put(Claims.ISSUED_AT, str2);
        e.e.a.c.b.d dVar = e.e.a.c.b.d.f5752f;
        linkedHashMap.put(Claims.ID, e.e.a.c.b.d.b(20));
        linkedHashMap.put("cert", pendingAgreement.getCertificateYear().getCertificate());
        linkedHashMap.put("year", pendingAgreement.getCertificateYear().getYear());
        linkedHashMap.put("ver", Integer.valueOf(pendingAgreement.getAcceptedVersionCode()));
        linkedHashMap.put("time", pendingAgreement.getAcceptedTime());
        linkedHashMap.put("phone", pendingAgreement.getDeviceModel());
        linkedHashMap.put("auth_jwt", pendingAgreement.getAuthToken());
        String compact = Jwts.builder().setHeaderParam(Header.TYPE, Header.JWT_TYPE).setClaims(linkedHashMap).signWith(SignatureAlgorithm.RS256, generatePrivate).compact();
        i.a((Object) compact, "Jwts.builder()\n         …y)\n            .compact()");
        return compact;
    }

    public String a(String str, String str2, String str3, CertificateYear certificateYear, String str4) {
        if (str == null) {
            i.a("regToken");
            throw null;
        }
        if (str2 == null) {
            i.a("clientPrivCert");
            throw null;
        }
        if (str3 == null) {
            i.a(Claims.ISSUED_AT);
            throw null;
        }
        if (certificateYear == null) {
            i.a("certificateYear");
            throw null;
        }
        if (str4 == null) {
            i.a("authToken");
            throw null;
        }
        byte[] bytes = str2.getBytes(g.k.b.f7354a);
        i.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(bytes, 0)));
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("uri", "zno.testportal.com.ua/rest-api/logout");
        linkedHashMap.put(Claims.ISSUED_AT, str3);
        e.e.a.c.b.d dVar = e.e.a.c.b.d.f5752f;
        linkedHashMap.put(Claims.ID, e.e.a.c.b.d.b(20));
        linkedHashMap.put("cert", certificateYear.getCertificate());
        linkedHashMap.put("year", certificateYear.getYear());
        linkedHashMap.put("auth_jwt", str4);
        linkedHashMap.put("reg_token", str);
        String compact = Jwts.builder().setHeaderParam(Header.TYPE, Header.JWT_TYPE).setClaims(linkedHashMap).signWith(SignatureAlgorithm.RS256, generatePrivate).compact();
        i.a((Object) compact, "Jwts.builder()\n         …y)\n            .compact()");
        return compact;
    }

    public String a(String str, String str2, String str3, String str4, String str5, String str6) {
        if (str == null) {
            i.a("regToken");
            throw null;
        }
        if (str2 == null) {
            i.a("clientPrivCert");
            throw null;
        }
        if (str3 == null) {
            i.a(Claims.ISSUED_AT);
            throw null;
        }
        if (str4 == null) {
            i.a("certificate");
            throw null;
        }
        if (str5 == null) {
            i.a("year");
            throw null;
        }
        if (str6 == null) {
            i.a("pinHash");
            throw null;
        }
        byte[] bytes = str2.getBytes(g.k.b.f7354a);
        i.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(bytes, 0)));
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("uri", "zno.testportal.com.ua/rest-api/login");
        linkedHashMap.put(Claims.ISSUED_AT, str3);
        e.e.a.c.b.d dVar = e.e.a.c.b.d.f5752f;
        linkedHashMap.put(Claims.ID, e.e.a.c.b.d.b(20));
        linkedHashMap.put("cert", str4);
        linkedHashMap.put("year", str5);
        String substring = str6.substring(7);
        i.a((Object) substring, "(this as java.lang.String).substring(startIndex)");
        linkedHashMap.put("pin", substring);
        linkedHashMap.put("reg_token", str);
        String compact = Jwts.builder().setHeaderParam(Header.TYPE, Header.JWT_TYPE).setClaims(linkedHashMap).signWith(SignatureAlgorithm.RS256, generatePrivate).compact();
        i.a((Object) compact, "Jwts.builder()\n         …y)\n            .compact()");
        return compact;
    }

    public final KeyPair a(String str) {
        if (str == null) {
            i.a("alias");
            throw null;
        }
        PrivateKey privateKey = (PrivateKey) a().getKey(str, null);
        Certificate certificate = a().getCertificate(str);
        PublicKey publicKey = certificate != null ? certificate.getPublicKey() : null;
        if (privateKey == null || publicKey == null) {
            return null;
        }
        return new KeyPair(publicKey, privateKey);
    }

    public final KeyStore a() {
        g.c cVar = f6039b;
        h hVar = f6038a[0];
        return (KeyStore) ((g.g) cVar).a();
    }

    public final void a(Context context, String str) {
        if (context == null) {
            i.a("context");
            throw null;
        }
        if (str == null) {
            i.a("keyAlias");
            throw null;
        }
        if (a().containsAlias(str)) {
            return;
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        if (Build.VERSION.SDK_INT >= 23) {
            i.a((Object) keyPairGenerator, "generator");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setKeySize(2048).build());
        } else {
            i.a((Object) keyPairGenerator, "generator");
            KeyPairGeneratorSpec.Builder subject = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSerialNumber(BigInteger.ONE).setSubject(new X500Principal(l.a.a("CN=", str, " CA Certificate")));
            Calendar calendar = Calendar.getInstance();
            i.a((Object) calendar, "Calendar.getInstance()");
            KeyPairGeneratorSpec.Builder startDate = subject.setStartDate(calendar.getTime());
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 20);
            i.a((Object) calendar2, "Calendar.getInstance().a… add(Calendar.YEAR, 20) }");
            keyPairGenerator.initialize(startDate.setEndDate(calendar2.getTime()).build());
        }
        keyPairGenerator.generateKeyPair();
    }

    public boolean a(String str, String str2, String str3, String str4, String str5) {
        if (str == null) {
            i.a("regToken");
            throw null;
        }
        if (str2 == null) {
            i.a("serverPubCert");
            throw null;
        }
        if (str3 == null) {
            i.a("authToken");
            throw null;
        }
        if (str4 == null) {
            i.a("certificate");
            throw null;
        }
        if (str5 == null) {
            i.a("year");
            throw null;
        }
        byte[] bytes = str2.getBytes(g.k.b.f7354a);
        i.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        Jws<Claims> parseClaimsJws = Jwts.parser().setSigningKey(KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decode(bytes, 0)))).parseClaimsJws(str3);
        i.a((Object) parseClaimsJws, "authTokenClaims");
        Claims body = parseClaimsJws.getBody();
        return ((i.a((Object) body.get(Claims.ISSUER), (Object) "zno.testportal.com.ua/rest-api/") ^ true) || (i.a((Object) body.get("cert"), (Object) str4) ^ true) || (i.a((Object) body.get("year"), (Object) str5) ^ true) || (i.a((Object) body.get(Claims.SUBJECT), (Object) "AUTH") ^ true) || (i.a((Boolean) body.get("auth"), Boolean.TRUE) ^ true) || (i.a((Object) body.get("reg_token"), (Object) str) ^ true)) ? false : true;
    }

    public final byte[] a(Cipher cipher, byte[] bArr, Key key) {
        if (cipher == null) {
            i.a("cipher");
            throw null;
        }
        if (bArr == null) {
            i.a("data");
            throw null;
        }
        if (key == null) {
            i.a("key");
            throw null;
        }
        cipher.init(2, key);
        byte[] doFinal = cipher.doFinal(bArr);
        i.a((Object) doFinal, "doFinal(data)");
        i.a((Object) doFinal, "cipher.run {\n        ini…      doFinal(data)\n    }");
        return doFinal;
    }

    public final byte[] b(Cipher cipher, byte[] bArr, Key key) {
        if (cipher == null) {
            i.a("cipher");
            throw null;
        }
        if (bArr == null) {
            i.a("data");
            throw null;
        }
        if (key == null) {
            i.a("key");
            throw null;
        }
        cipher.init(1, key);
        byte[] doFinal = cipher.doFinal(bArr);
        i.a((Object) doFinal, "doFinal(data)");
        i.a((Object) doFinal, "cipher.run {\n        ini…      doFinal(data)\n    }");
        return doFinal;
    }
}
