package com.egyptianbanks.meezapaysl.input;

import android.content.Context;
import android.util.Base64;
import com.egyptianbanks.meezapaysl.TR31;
import com.egyptianbanks.meezapaysl.vo.CredMessage;
import com.egyptianbanks.meezapaysl.vo.Data;
import com.egyptianbanks.meezapaysl.vo.IpnKey;
import com.egyptianbanks.skb.SkbManager;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import java.io.ByteArrayInputStream;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.List;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.crypto.spec.SecretKeySpec;
import kotlin.UByte;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: classes.dex */
public abstract class SecureLibrary {
    static Context mContext;
    static SkbManager skbManager;
    PublicKey rsaPublic;
    String sKeyCheckValue;
    String slKeyCheckValue;

    private byte[] calculatePINBlock(String str, String str2) {
        String obj;
        if (str.length() > 6) {
            StringBuilder sb = new StringBuilder("Invalid PIN length: ");
            sb.append(str.length());
            throw new PINException(sb.toString());
        }
        if (str2.length() != 12) {
            StringBuilder sb2 = new StringBuilder("Invalid Account Number: ");
            sb2.append(str2);
            sb2.append(". The length of the account number must be 12 (the 12 right-most digits of the account number excluding the check digit)");
            throw new PINException(sb2.toString());
        }
        int length = str.length();
        if (length == 4) {
            StringBuilder sb3 = new StringBuilder(SLConstants.CRED_OTP);
            sb3.append(str);
            sb3.append("FFFFFFFFFF");
            obj = sb3.toString();
        } else if (length == 5) {
            StringBuilder sb4 = new StringBuilder(SLConstants.CRED_IBC_OTP);
            sb4.append(str);
            sb4.append("FFFFFFFFF");
            obj = sb4.toString();
        } else {
            if (length != 6) {
                StringBuilder sb5 = new StringBuilder("Unsupported PIN Length: ");
                sb5.append(str.length());
                throw new PINException(sb5.toString());
            }
            StringBuilder sb6 = new StringBuilder(SLConstants.CRED_ATM_PIN);
            sb6.append(str);
            sb6.append("FFFFFFFF");
            obj = sb6.toString();
        }
        return xor(Hex.toByte(obj), Hex.toByte("0000".concat(String.valueOf(str2))));
    }

    private byte[] createAESKey() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        return keyGenerator.generateKey().getEncoded();
    }

    public static byte[] createDes2Key() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
        keyGenerator.init(112);
        byte[] bArr = new byte[16];
        System.arraycopy(keyGenerator.generateKey().getEncoded(), 0, bArr, 0, 16);
        return bArr;
    }

    private byte[] createDesKey() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");
        keyGenerator.init(56);
        SecretKey generateKey = keyGenerator.generateKey();
        SecretKey generateKey2 = keyGenerator.generateKey();
        byte[] encoded = generateKey.getEncoded();
        byte[] encoded2 = generateKey2.getEncoded();
        byte[] bArr = new byte[16];
        System.arraycopy(encoded, 0, bArr, 0, 8);
        System.arraycopy(encoded2, 0, bArr, 8, 8);
        return bArr;
    }

    private byte[] decryptAESKey(byte[] bArr, byte[] bArr2) {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
        cipher.init(2, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    private String decryptRsaOaep(PrivateKey privateKey, byte[] bArr) {
        OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec(MessageDigestAlgorithms.SHA_256, "MGF1", MGF1ParameterSpec.SHA256, new PSource.PSpecified(new byte[0]));
        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPPadding");
        cipher.init(2, privateKey, oAEPParameterSpec);
        return Base64.encodeToString(cipher.doFinal(bArr), 2);
    }

    private byte[] encryptAES(byte[] bArr, byte[] bArr2) {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec(new byte[16]);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(1, secretKeySpec, ivParameterSpec);
        return cipher.doFinal(bArr2);
    }

    private byte[] encryptAESKey(byte[] bArr, byte[] bArr2) {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
        cipher.init(1, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    private String encryptRsa(PublicKey publicKey, byte[] bArr) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, publicKey);
        return Base64.encodeToString(cipher.doFinal(bArr), 2);
    }

    private String encryptRsaNoPad(PublicKey publicKey, byte[] bArr) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/NoPadding");
        cipher.init(1, publicKey);
        return Base64.encodeToString(cipher.doFinal(bArr), 2);
    }

    private String encryptRsaOaep(PublicKey publicKey, byte[] bArr) {
        OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec(MessageDigestAlgorithms.SHA_256, "MGF1", MGF1ParameterSpec.SHA256, new PSource.PSpecified(new byte[0]));
        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPwithSHA-256andMGF1Padding");
        cipher.init(1, publicKey, oAEPParameterSpec);
        return Base64.encodeToString(cipher.doFinal(bArr), 2);
    }

    private String encryptRsaPkcs1(PublicKey publicKey, byte[] bArr) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, publicKey);
        return Base64.encodeToString(cipher.doFinal(bArr), 2);
    }

    private byte[] encryptWithDes2Key(byte[] bArr, byte[] bArr2) {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "DESede");
        Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding");
        cipher.init(1, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    private static byte[] extendDoubleKeyToTripleKey(byte[] bArr) {
        int i;
        byte[] bArr2 = new byte[24];
        int i2 = 0;
        int i3 = 0;
        while (true) {
            if (i3 >= 16) {
                break;
            }
            bArr2[i3] = bArr[i3];
            i3++;
        }
        for (i = 16; i < 24; i++) {
            bArr2[i] = bArr[i2];
            i2++;
        }
        return bArr2;
    }

    private String getAesKCV(byte[] bArr) {
        return Hex.toString(encryptAES(bArr, new byte[8])).substring(0, 6);
    }

    public static String getDesKCV(byte[] bArr) {
        return Hex.toString(tdesEncrypt(bArr, new byte[8])).substring(0, 6);
    }

    private PublicKey getPublic(String str) {
        RSAPublicKey rSAPublicKey = (RSAPublicKey) ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(str, 2)))).getPublicKey();
        new SimpleDateFormat("yyyyMMdd");
        return rSAPublicKey;
    }

    public static SkbManager getSKBManager() {
        if (skbManager == null) {
            skbManager = SkbManager.getInstance();
        }
        return skbManager;
    }

    private PublicKey readHSMPublickey(String str) {
        try {
            return new RsaPublicKeyDecoder().parse(new ByteArrayInputStream(Base64.decode(str, 2)));
        } catch (Exception unused) {
            return null;
        }
    }

    private PrivateKey readPrivatekey(String str) {
        try {
            return (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(str.replace("\n", ""), 2)));
        } catch (Exception unused) {
            return null;
        }
    }

    private PublicKey readPublicKeyFromString(String str) {
        return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decode(str.getBytes("utf-8"), 2)));
    }

    public static byte[] tdesDecryptNoPadding(SecretKey secretKey, byte[] bArr) {
        getSKBManager();
        return SkbManager.tdesDecryptNoPadding(secretKey, bArr);
    }

    public static byte[] tdesDecryptNoPadding(byte[] bArr, byte[] bArr2) {
        if (bArr.length == 16) {
            bArr = extendDoubleKeyToTripleKey(bArr);
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "DESede");
        Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding");
        cipher.init(2, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    private static byte[] tdesEncrypt(byte[] bArr, byte[] bArr2) {
        if (bArr.length == 16) {
            bArr = extendDoubleKeyToTripleKey(bArr);
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "DESede");
        Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding");
        cipher.init(1, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    private byte[] xor(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length];
        for (int i = 0; i < bArr.length; i++) {
            bArr3[i] = (byte) ((bArr[i] & UByte.MAX_VALUE) ^ (bArr2[i] & UByte.MAX_VALUE));
        }
        return bArr3;
    }

    public byte[] SHA256(String str) {
        MessageDigest messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256);
        messageDigest.update(str.getBytes("UTF-8"));
        return messageDigest.digest();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String createTrust(String str) {
        byte[] SHA256 = SHA256(str);
        StringBuilder sb = new StringBuilder(SLConstants.CRED_HASH);
        sb.append(updateHex(SHA256.length));
        sb.append(Hex.toString(SHA256));
        return sb.toString();
    }

    public String createZpkTr31(byte[] bArr, byte[] bArr2, String str) {
        byte[] bArr3 = new byte[6];
        new SecureRandom().nextBytes(bArr3);
        return new TR31(bArr, bArr2, bArr3, str).getKeyBlock();
    }

    public CredMessage encryptAuth(String str, String str2) {
        IpnKey ipnKeyWith = getIpnKeyWith("K0");
        String encryptRsa = encryptRsa(readPublicKeyFromString(ipnKeyWith.getCertificate()), Hex.toByte(str2));
        StringBuilder sb = new StringBuilder(SLConstants.CRED_VERSION);
        sb.append(updateHex(str.length()));
        sb.append(Hex.toString(str.getBytes()));
        sb.append(SLConstants.SALT_DELIMETER);
        sb.append(encryptRsa);
        return new CredMessage("AUTHENTICATION", ipnKeyWith.getkIndex(), new Data(Base64.encodeToString(sb.toString().getBytes(), 2)));
    }

    public ArrayList<CredMessage> generateToken(String str, String str2, String str3, String str4, String str5) {
        ArrayList<CredMessage> arrayList = new ArrayList<>();
        skbManager = getSKBManager();
        SecretKey createDes2Key = SkbManager.createDes2Key();
        this.slKeyCheckValue = skbManager.getDesKCV(createDes2Key);
        setIpnKeys((List) new Gson().fromJson(str5, new TypeToken<ArrayList<IpnKey>>() { // from class: com.egyptianbanks.meezapaysl.input.SecureLibrary.1
        }.getType()));
        IpnKey ipnKeyWith = getIpnKeyWith("K2");
        if (ipnKeyWith == null) {
            return null;
        }
        String encryptRsaOaep = SkbManager.encryptRsaOaep(Base64.decode(ipnKeyWith.getCertificate(), 2), createDes2Key);
        CredMessage credMessage = new CredMessage();
        credMessage.setkIndex(ipnKeyWith.getkIndex());
        credMessage.setType("SLK");
        Data data = new Data();
        data.setEncryptedBase64String(encryptRsaOaep);
        credMessage.setData(data);
        arrayList.add(credMessage);
        skbManager.saveData(createDes2Key, mContext);
        byte[] createDes2Key2 = createDes2Key();
        SecretKey createDes2Key3 = SkbManager.createDes2Key();
        String createZpkTr31 = SkbManager.createZpkTr31(createDes2Key, createDes2Key3, SLConstants.HEADER_ZEK, false);
        String desKCV = getDesKCV(createDes2Key2);
        String desKCV2 = skbManager.getDesKCV(createDes2Key);
        StringBuilder sb = new StringBuilder();
        sb.append(str);
        sb.append(SLConstants.SALT_DELIMETER);
        sb.append(str2);
        sb.append(SLConstants.SALT_DELIMETER);
        sb.append(str3);
        sb.append(SLConstants.SALT_DELIMETER);
        sb.append(str4);
        String hex = Hex.toString(SHA256(sb.toString()));
        StringBuilder sb2 = new StringBuilder();
        sb2.append(createZpkTr31);
        sb2.append(SLConstants.SALT_DELIMETER);
        sb2.append(skbManager.getDesKCV(createDes2Key3));
        sb2.append(SLConstants.SALT_DELIMETER);
        sb2.append(this.slKeyCheckValue);
        sb2.append(SLConstants.SALT_DELIMETER);
        sb2.append(desKCV);
        sb2.append(SLConstants.SALT_DELIMETER);
        sb2.append(hex);
        String obj = sb2.toString();
        IpnKey ipnKeyWith2 = getIpnKeyWith("K0");
        PublicKey readPublicKeyFromString = readPublicKeyFromString(ipnKeyWith2.getCertificate());
        this.rsaPublic = readPublicKeyFromString;
        String encryptRsaPkcs1 = encryptRsaPkcs1(readPublicKeyFromString, obj.getBytes("UTF-8"));
        CredMessage credMessage2 = new CredMessage();
        credMessage2.setkIndex(ipnKeyWith2.getkIndex());
        credMessage2.setType("SK");
        credMessage2.setData(new Data(encryptRsaPkcs1));
        arrayList.add(credMessage2);
        IpnKey ipnKeyWith3 = getIpnKeyWith("K1");
        String encryptRsaOaep2 = encryptRsaOaep(readHSMPublickey(ipnKeyWith3.getCertificate()), createDes2Key2);
        CredMessage credMessage3 = new CredMessage();
        credMessage3.setkIndex(ipnKeyWith3.getkIndex());
        credMessage3.setData(new Data(encryptRsaOaep2));
        credMessage3.setType("PAK");
        arrayList.add(credMessage3);
        CredMessage credMessage4 = new CredMessage();
        credMessage4.setkIndex("0000");
        credMessage4.setType("APP");
        StringBuilder sb3 = new StringBuilder();
        sb3.append(Hex.toString(createDes2Key2));
        sb3.append(SLConstants.SALT_DELIMETER);
        sb3.append(desKCV);
        sb3.append(SLConstants.SALT_DELIMETER);
        sb3.append(desKCV2);
        String obj2 = sb3.toString();
        Data data2 = new Data();
        data2.setEncryptedBase64String(Base64.encodeToString(obj2.getBytes(), 2));
        credMessage4.setData(data2);
        arrayList.add(credMessage4);
        return arrayList;
    }

    public ArrayList<CredMessage> generateToken1(String str) {
        ArrayList<CredMessage> arrayList = new ArrayList<>();
        skbManager = getSKBManager();
        SecretKey createDes2Key = SkbManager.createDes2Key();
        this.slKeyCheckValue = skbManager.getDesKCV(createDes2Key);
        String encryptRsaOaep = SkbManager.encryptRsaOaep(SkbManager.hexToBytes(str), createDes2Key);
        CredMessage credMessage = new CredMessage();
        credMessage.setkIndex("keyClkPub.getkIndex()");
        credMessage.setType("SLK");
        Data data = new Data();
        data.setEncryptedBase64String(encryptRsaOaep);
        credMessage.setData(data);
        arrayList.add(credMessage);
        byte[] createDes2Key2 = createDes2Key();
        SecretKey createDes2Key3 = SkbManager.createDes2Key();
        String createZpkTr31 = SkbManager.createZpkTr31(createDes2Key, createDes2Key3, SLConstants.HEADER_ZEK, false);
        getDesKCV(createDes2Key2);
        skbManager.getDesKCV(createDes2Key);
        StringBuilder sb = new StringBuilder("f738437843274834|12121212121212");
        sb.append("|232323232323|com.app.test");
        Hex.toString(SHA256(sb.toString()));
        skbManager.getDesKCV(createDes2Key3);
        CredMessage credMessage2 = new CredMessage();
        credMessage2.setkIndex("keyPakPub.getkIndex()");
        credMessage2.setType("SK");
        credMessage2.setData(new Data(createZpkTr31));
        arrayList.add(credMessage2);
        return arrayList;
    }

    public byte[] getEncryptedData(SecretKey secretKey, SecretKey secretKey2, String str) {
        byte[] bytes = str.getBytes();
        getSKBManager();
        return SkbManager.tdesEncrypt(secretKey2, bytes);
    }

    public byte[] getEncryptedPin(SecretKey secretKey, SecretKey secretKey2, String str, String str2) {
        byte[] calculatePINBlock = calculatePINBlock(str, str2);
        getSKBManager();
        return SkbManager.tdesEncrypt(secretKey2, calculatePINBlock);
    }

    abstract IpnKey getIpnKey();

    abstract IpnKey getIpnKeyWith(String str);

    public PublicKey getPublicKey() {
        return this.rsaPublic;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int getRandom(int i) {
        return new Random().nextInt(i - 1);
    }

    abstract void setIpnKeys(List<IpnKey> list);

    abstract void setKzero(String str);

    abstract void setToken(String str);

    public String sign(String str, PrivateKey privateKey) {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes("UTF-8"));
        return Base64.encodeToString(signature.sign(), 2);
    }

    public byte[] tdesEncryptpadding(byte[] bArr, byte[] bArr2) {
        if (bArr.length == 16) {
            bArr = extendDoubleKeyToTripleKey(bArr);
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "DESede");
        Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
        cipher.init(1, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    public String updateHex(int i) {
        String hexString = Integer.toHexString(i);
        return hexString.length() == 1 ? "0".concat(String.valueOf(hexString)) : hexString;
    }

    public boolean verify(byte[] bArr, String str, PublicKey publicKey) {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initVerify(publicKey);
        signature.update(bArr);
        return signature.verify(Base64.decode(str, 2));
    }
}
