package de.payback.pay.sdk.crypto;

import _COROUTINE.a;
import android.util.Base64;
import androidx.compose.foundation.b;
import androidx.compose.runtime.internal.StabilityInferred;
import de.payback.core.kotlin.ext.BooleanExtKt;
import de.payback.pay.sdk.crypto.util.ASN1Parser;
import de.payback.pay.sdk.crypto.util.DotNetHelper;
import de.payback.pay.sdk.crypto.util.StringHelper;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.inject.Inject;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.Metadata;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.text.Charsets;
import kotlin.text.HexExtensionsKt;
import kotlin.text.HexFormat;
import kotlin.text.Regex;
import kotlin.text.StringsKt;
import kotlin.text.StringsKt__StringsJVMKt;
import kotlin.text.StringsKt__StringsKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import payback.feature.trusteddevices.implementation.interactor.CreateOneTimePasswordTokenInteractor;
import payback.platform.datetime.api.InstantProvider;
import timber.log.Timber;

@StabilityInferred(parameters = 0)
@Metadata(d1 = {"\u0000P\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0010\u000e\n\u0002\b\u0004\n\u0002\u0010\b\n\u0000\n\u0002\u0010\u000b\n\u0002\b\n\n\u0002\u0010\u0002\n\u0002\b\u0006\n\u0002\u0010 \n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\b\u0000\u0018\u0000 12\u00020\u0001:\u00011B)\b\u0007\u0012\u0006\u0010(\u001a\u00020'\u0012\u0006\u0010*\u001a\u00020)\u0012\u0006\u0010,\u001a\u00020+\u0012\u0006\u0010.\u001a\u00020-¢\u0006\u0004\b/\u00100J\r\u0010\u0003\u001a\u00020\u0002¢\u0006\u0004\b\u0003\u0010\u0004J\r\u0010\u0005\u001a\u00020\u0002¢\u0006\u0004\b\u0005\u0010\u0004JG\u0010\u000f\u001a\u00020\u00022\u0006\u0010\u0006\u001a\u00020\u00022\u0006\u0010\b\u001a\u00020\u00072\u0006\u0010\n\u001a\u00020\t2\u0006\u0010\u000b\u001a\u00020\t2\b\u0010\f\u001a\u0004\u0018\u00010\u00022\u0006\u0010\r\u001a\u00020\t2\u0006\u0010\u000e\u001a\u00020\t¢\u0006\u0004\b\u000f\u0010\u0010J)\u0010\u0015\u001a\u00020\u00142\u0006\u0010\u0011\u001a\u00020\u00022\b\u0010\u0012\u001a\u0004\u0018\u00010\u00022\b\u0010\u0013\u001a\u0004\u0018\u00010\u0002¢\u0006\u0004\b\u0015\u0010\u0016J\u0015\u0010\u0017\u001a\u00020\u00142\u0006\u0010\u0011\u001a\u00020\u0002¢\u0006\u0004\b\u0017\u0010\u0018J\u0017\u0010\u0013\u001a\u0004\u0018\u00010\u00022\u0006\u0010\u0011\u001a\u00020\u0002¢\u0006\u0004\b\u0013\u0010\u0019J\u0017\u0010\u001a\u001a\u0004\u0018\u00010\u00022\u0006\u0010\u0011\u001a\u00020\u0002¢\u0006\u0004\b\u001a\u0010\u0019J\u000f\u0010\u0011\u001a\u0004\u0018\u00010\u0002¢\u0006\u0004\b\u0011\u0010\u0004J\u0013\u0010\u001c\u001a\b\u0012\u0004\u0012\u00020\u00020\u001b¢\u0006\u0004\b\u001c\u0010\u001dJ\r\u0010\u001e\u001a\u00020\u0014¢\u0006\u0004\b\u001e\u0010\u001fJ\u001d\u0010#\u001a\u00020\u00022\u0006\u0010!\u001a\u00020 2\u0006\u0010\"\u001a\u00020\u0002¢\u0006\u0004\b#\u0010$J\r\u0010%\u001a\u00020\t¢\u0006\u0004\b%\u0010&¨\u00062"}, d2 = {"Lde/payback/pay/sdk/crypto/PayCryptography;", "", "", "initializeAndGetPublicKeyAsXML", "()Ljava/lang/String;", "generateDeviceToken", "pin", "", "pointsToRedeem", "", "isStandaloneRedemption", "isOffline", "paymentMethodType", "addPlatformInfo", "isSuperQrCode", "generatePaymentToken", "(Ljava/lang/String;IZZLjava/lang/String;ZZ)Ljava/lang/String;", "externalReferenceId", "deviceId", "deviceSecret", "", "storeDeviceCredentials", "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V", "storeExternalReferenceId", "(Ljava/lang/String;)V", "(Ljava/lang/String;)Ljava/lang/String;", "getDeviceId", "", "externalReferenceIds", "()Ljava/util/List;", "wipeExternalReferenceIds", "()V", "Lde/payback/pay/sdk/crypto/RsaKey;", "publicKey", "plainText", "encryptToBase64", "(Lde/payback/pay/sdk/crypto/RsaKey;Ljava/lang/String;)Ljava/lang/String;", "isDeviceEnrolled", "()Z", "Lde/payback/pay/sdk/crypto/SecureStorage;", "secureStorage", "Lpayback/platform/datetime/api/InstantProvider;", "instantProvider", "Lde/payback/pay/sdk/crypto/Crypto;", "crypto", "Lde/payback/pay/sdk/crypto/Base64Encoder;", "base64Encoder", "<init>", "(Lde/payback/pay/sdk/crypto/SecureStorage;Lpayback/platform/datetime/api/InstantProvider;Lde/payback/pay/sdk/crypto/Crypto;Lde/payback/pay/sdk/crypto/Base64Encoder;)V", "Companion", "implementation_release"}, k = 1, mv = {1, 9, 0})
@SourceDebugExtension({"SMAP\nPayCryptography.kt\nKotlin\n*S Kotlin\n*F\n+ 1 PayCryptography.kt\nde/payback/pay/sdk/crypto/PayCryptography\n+ 2 fake.kt\nkotlin/jvm/internal/FakeKt\n*L\n1#1,283:1\n1#2:284\n*E\n"})
/* loaded from: classes19.dex */
public final class PayCryptography {

    /* renamed from: a, reason: collision with root package name */
    public final SecureStorage f25043a;
    public final InstantProvider b;
    public final Crypto c;
    public final Base64Encoder d;
    public final Lazy e;

    @NotNull
    public static final String END_ADDITIONAL_DATA_MARKER = "00";
    public static final int $stable = 8;

    @Inject
    public PayCryptography(@NotNull SecureStorage secureStorage, @NotNull InstantProvider instantProvider, @NotNull Crypto crypto, @NotNull Base64Encoder base64Encoder) {
        Intrinsics.checkNotNullParameter(secureStorage, "secureStorage");
        Intrinsics.checkNotNullParameter(instantProvider, "instantProvider");
        Intrinsics.checkNotNullParameter(crypto, "crypto");
        Intrinsics.checkNotNullParameter(base64Encoder, "base64Encoder");
        this.f25043a = secureStorage;
        this.b = instantProvider;
        this.c = crypto;
        this.d = base64Encoder;
        this.e = LazyKt.lazy(new Function0<KeyPair>() { // from class: de.payback.pay.sdk.crypto.PayCryptography$keys$2
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public final KeyPair invoke() {
                return PayCryptography.access$getKeysFromStorage(PayCryptography.this);
            }
        });
    }

    public static final KeyPair access$getKeysFromStorage(PayCryptography payCryptography) {
        String externalReferenceId = payCryptography.externalReferenceId();
        if (externalReferenceId == null) {
            throw new IllegalStateException("External reference Id not set".toString());
        }
        SecureStorage secureStorage = payCryptography.f25043a;
        String readPrivateKey = secureStorage.readPrivateKey(externalReferenceId);
        byte[] encodeToByteArray = StringsKt.encodeToByteArray(secureStorage.readPublicKey(externalReferenceId));
        Base64Encoder base64Encoder = payCryptography.d;
        byte[] decode = base64Encoder.decode(encodeToByteArray, 2);
        byte[] decode2 = base64Encoder.decode(StringsKt.encodeToByteArray(readPrivateKey), 2);
        KeyFactory keyFactory = KeyFactory.getInstance(payCryptography.c.getKeyAlgorithm());
        return new KeyPair(keyFactory.generatePublic(new X509EncodedKeySpec(decode)), keyFactory.generatePrivate(new PKCS8EncodedKeySpec(decode2)));
    }

    public final String a(byte[] bArr) {
        Crypto crypto = this.c;
        try {
            Signature signature = Signature.getInstance(crypto.getSignatureAlgorithm());
            signature.initSign(((KeyPair) this.e.getValue()).getPrivate());
            signature.update(bArr);
            byte[] sign = signature.sign();
            if (crypto.getIsSignatureASN1Formatted()) {
                return ASN1Parser.INSTANCE.parseSignature(sign);
            }
            Intrinsics.checkNotNull(sign);
            return HexExtensionsKt.toHexString$default(sign, (HexFormat) null, 1, (Object) null);
        } catch (InvalidKeyException e) {
            Timber.INSTANCE.e(e, "signHash failed", new Object[0]);
            return null;
        } catch (SignatureException e2) {
            Timber.INSTANCE.e(e2, "signHash failed", new Object[0]);
            return null;
        }
    }

    @Nullable
    public final String deviceSecret(@NotNull String externalReferenceId) throws Exception {
        Intrinsics.checkNotNullParameter(externalReferenceId, "externalReferenceId");
        return this.f25043a.getValue("sec_storage_key_device_secret" + externalReferenceId);
    }

    @NotNull
    public final String encryptToBase64(@NotNull RsaKey publicKey, @NotNull String plainText) {
        String replace$default;
        Intrinsics.checkNotNullParameter(publicKey, "publicKey");
        Intrinsics.checkNotNullParameter(plainText, "plainText");
        String modulus = publicKey.getModulus();
        String exponent = publicKey.getExponent();
        byte[] encodeToByteArray = StringsKt.encodeToByteArray(modulus);
        Base64Encoder base64Encoder = this.d;
        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, base64Encoder.decode(encodeToByteArray, 0)), new BigInteger(1, base64Encoder.decode(StringsKt.encodeToByteArray(exponent), 0))));
        Intrinsics.checkNotNullExpressionValue(generatePublic, "generatePublic(...)");
        byte[] bytes = plainText.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding");
            cipher.init(1, generatePublic);
            byte[] doFinal = cipher.doFinal(bytes);
            Intrinsics.checkNotNull(doFinal);
            String encodeToString = Base64.encodeToString(doFinal, 0);
            Intrinsics.checkNotNull(encodeToString);
            replace$default = StringsKt__StringsJVMKt.replace$default(new Regex("\\\\").replace(encodeToString, ""), "\n", "", false, 4, (Object) null);
            return StringsKt.trim(replace$default).toString();
        } catch (GeneralSecurityException e) {
            Timber.INSTANCE.e(e, a.m("Error while encrypting data: ", e.getMessage()), new Object[0]);
            throw e;
        }
    }

    @Nullable
    public final String externalReferenceId() {
        return this.f25043a.getValue("sec_storage_external_reference");
    }

    @NotNull
    public final List<String> externalReferenceIds() throws Exception {
        ArrayList arrayList = new ArrayList();
        String value = this.f25043a.getValue("sec_storage_external_references");
        if (value != null && !StringsKt.isBlank(value)) {
            arrayList.addAll(new Regex("\\s*,\\s*").split(value, 0));
        }
        return arrayList;
    }

    @NotNull
    public final String generateDeviceToken() {
        String padStart;
        String externalReferenceId = externalReferenceId();
        if (externalReferenceId == null) {
            throw new IllegalStateException("External reference Id not set".toString());
        }
        String valueOf = String.valueOf(this.b.now().getEpochSeconds());
        String deviceSecret = deviceSecret(externalReferenceId);
        if (deviceSecret == null) {
            throw new IllegalStateException("Error getting device secret".toString());
        }
        String deviceId = getDeviceId(externalReferenceId);
        if (deviceId == null) {
            throw new IllegalStateException("Error getting deviceId".toString());
        }
        DotNetHelper dotNetHelper = DotNetHelper.INSTANCE;
        String deviceId2DotNetDeviceId = dotNetHelper.deviceId2DotNetDeviceId(deviceId);
        byte[] bytes = b.n(deviceSecret, "|", valueOf).getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
        String a2 = a(bytes);
        if (a2 == null) {
            throw new IllegalStateException("Sign Hash failed".toString());
        }
        padStart = StringsKt__StringsKt.padStart(dotNetHelper.string2DotNetBigIntegerImproved(a2), 155, CreateOneTimePasswordTokenInteractor.PAD_CHARACTER);
        String n = b.n(deviceId2DotNetDeviceId, valueOf, padStart);
        Timber.Companion companion = Timber.INSTANCE;
        int length = deviceId2DotNetDeviceId.length();
        int length2 = valueOf.length();
        int length3 = padStart.length();
        StringBuilder v = androidx.collection.a.v("deviceId=", length, " timestamp=", length2, " signature=");
        v.append(length3);
        companion.i(v.toString(), new Object[0]);
        return n;
    }

    @NotNull
    public final String generatePaymentToken(@NotNull String pin, int pointsToRedeem, boolean isStandaloneRedemption, boolean isOffline, @Nullable String paymentMethodType, boolean addPlatformInfo, boolean isSuperQrCode) {
        String padStart;
        Intrinsics.checkNotNullParameter(pin, "pin");
        String externalReferenceId = externalReferenceId();
        if (externalReferenceId == null) {
            throw new IllegalStateException("External reference Id not set".toString());
        }
        String valueOf = String.valueOf(this.b.now().getEpochSeconds());
        String deviceSecret = deviceSecret(externalReferenceId);
        if (deviceSecret == null) {
            throw new IllegalStateException("Error getting device secret".toString());
        }
        String deviceId = getDeviceId(externalReferenceId);
        if (deviceId == null) {
            throw new IllegalStateException("Error getting deviceId".toString());
        }
        DotNetHelper dotNetHelper = DotNetHelper.INSTANCE;
        String deviceId2DotNetDeviceId = dotNetHelper.deviceId2DotNetDeviceId(deviceId);
        String str = isSuperQrCode ? "04" : "03";
        if (pointsToRedeem > 0) {
            String concat = str.concat(isStandaloneRedemption ? "02" : "01");
            String format = String.format(Locale.getDefault(), "%05d", Arrays.copyOf(new Object[]{Integer.valueOf(pointsToRedeem)}, 1));
            Intrinsics.checkNotNullExpressionValue(format, "format(...)");
            str = androidx.compose.runtime.a.l(concat, format);
        }
        String str2 = str + "03" + BooleanExtKt.toInt(isOffline);
        if (addPlatformInfo) {
            str2 = androidx.compose.runtime.a.l(str2, "041");
            if (paymentMethodType != null && paymentMethodType.length() != 0) {
                str2 = b.n(str2, "05", paymentMethodType);
            }
        }
        if (isSuperQrCode) {
            str2 = androidx.compose.runtime.a.l(str2, "061");
        }
        String l = androidx.compose.runtime.a.l(str2, "00");
        String l2 = androidx.compose.runtime.a.l(l, StringHelper.INSTANCE.randomNumericString(52 - l.length()));
        String str3 = pin + "|" + deviceSecret + "|" + valueOf;
        if (l2 != null) {
            str3 = b.n(str3, "|", l2);
        }
        byte[] bytes = str3.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
        String a2 = a(bytes);
        if (a2 == null) {
            throw new IllegalStateException("Sign Hash failed".toString());
        }
        padStart = StringsKt__StringsKt.padStart(dotNetHelper.string2DotNetBigIntegerImproved(a2), this.c.getMinSignatureLength(), CreateOneTimePasswordTokenInteractor.PAD_CHARACTER);
        Timber.Companion companion = Timber.INSTANCE;
        int length = deviceId2DotNetDeviceId.length();
        int length2 = valueOf.length();
        int length3 = l2.length();
        int length4 = padStart.length();
        StringBuilder v = androidx.collection.a.v("deviceId=", length, " timestamp=", length2, " unused=");
        v.append(length3);
        v.append(" signature=");
        v.append(length4);
        companion.i(v.toString(), new Object[0]);
        StringBuilder sb = new StringBuilder();
        sb.append(deviceId2DotNetDeviceId);
        sb.append(valueOf);
        return a.s(sb, l2, padStart);
    }

    @Nullable
    public final String getDeviceId(@NotNull String externalReferenceId) throws Exception {
        Intrinsics.checkNotNullParameter(externalReferenceId, "externalReferenceId");
        return this.f25043a.getValue("sec_storage_key_device_id" + externalReferenceId);
    }

    @NotNull
    public final String initializeAndGetPublicKeyAsXML() throws Exception {
        Crypto crypto = this.c;
        KeyPair generateKeyPair = crypto.generateKeyPair();
        String externalReferenceId = externalReferenceId();
        if (externalReferenceId == null) {
            throw new IllegalStateException("External reference Id not set".toString());
        }
        PrivateKey privateKey = generateKeyPair.getPrivate();
        Intrinsics.checkNotNullExpressionValue(privateKey, "getPrivate(...)");
        byte[] encoded = privateKey.getEncoded();
        Intrinsics.checkNotNullExpressionValue(encoded, "getEncoded(...)");
        Base64Encoder base64Encoder = this.d;
        String decodeToString = StringsKt.decodeToString(base64Encoder.encode(encoded, 2));
        SecureStorage secureStorage = this.f25043a;
        secureStorage.writePrivateKey(decodeToString, externalReferenceId);
        PublicKey publicKey = generateKeyPair.getPublic();
        Intrinsics.checkNotNullExpressionValue(publicKey, "getPublic(...)");
        byte[] encoded2 = publicKey.getEncoded();
        Intrinsics.checkNotNullExpressionValue(encoded2, "getEncoded(...)");
        secureStorage.writePublicKey(StringsKt.decodeToString(base64Encoder.encode(encoded2, 2)), externalReferenceId);
        PublicKey publicKey2 = generateKeyPair.getPublic();
        Intrinsics.checkNotNullExpressionValue(publicKey2, "getPublic(...)");
        return crypto.publicKeyAsXML(publicKey2);
    }

    public final boolean isDeviceEnrolled() {
        String externalReferenceId = externalReferenceId();
        if (externalReferenceId == null) {
            return false;
        }
        return this.f25043a.containsValue("sec_storage_key_device_id".concat(externalReferenceId));
    }

    public final void storeDeviceCredentials(@NotNull String externalReferenceId, @Nullable String deviceId, @Nullable String deviceSecret) throws Exception {
        Intrinsics.checkNotNullParameter(externalReferenceId, "externalReferenceId");
        SecureStorage secureStorage = this.f25043a;
        secureStorage.storeValue("sec_storage_key_device_id" + externalReferenceId, deviceId);
        secureStorage.storeValue("sec_storage_key_device_secret" + externalReferenceId, deviceSecret);
    }

    public final void storeExternalReferenceId(@NotNull String externalReferenceId) throws Exception {
        Intrinsics.checkNotNullParameter(externalReferenceId, "externalReferenceId");
        SecureStorage secureStorage = this.f25043a;
        secureStorage.storeValue("sec_storage_external_reference", externalReferenceId);
        secureStorage.storeValue("sec_storage_external_reference" + externalReferenceId, externalReferenceId);
        if (StringsKt.isBlank(externalReferenceId)) {
            return;
        }
        String value = secureStorage.getValue("sec_storage_external_references");
        StringBuilder sb = new StringBuilder();
        if (value != null && !StringsKt.isBlank(value)) {
            sb.append(value);
            sb.append(",");
        }
        sb.append(externalReferenceId);
        String sb2 = sb.toString();
        Intrinsics.checkNotNullExpressionValue(sb2, "toString(...)");
        secureStorage.storeValue("sec_storage_external_references", sb2);
    }

    public final void wipeExternalReferenceIds() throws Exception {
        Iterator<String> it = externalReferenceIds().iterator();
        while (true) {
            boolean hasNext = it.hasNext();
            SecureStorage secureStorage = this.f25043a;
            if (!hasNext) {
                secureStorage.removeValue("sec_storage_external_references");
                secureStorage.removeValue("sec_storage_external_reference");
                return;
            } else {
                secureStorage.removeValue("sec_storage_key_device_id" + it.next());
            }
        }
    }
}
