package com.mastercard.api.core.security.mpqrmes;

import com.mastercard.api.core.exception.SdkException;
import com.mastercard.api.core.model.RequestMap;
import com.mastercard.api.core.security.fle.Config;
import com.mastercard.api.core.security.fle.FieldLevelEncryption;
import com.mastercard.api.core.security.oauth.OAuthConstants;
import com.mastercard.api.core.security.util.CryptUtil;
import com.mastercard.api.core.security.util.DataEncoding;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.json.simple.JSONValue;

/* loaded from: input_file:com/mastercard/api/core/security/mpqrmes/MESCryptography.class */
public class MESCryptography extends FieldLevelEncryption {
    public MESCryptography(InputStream inputStream, InputStream inputStream2, String str, String str2, String str3) throws SdkException {
        super(inputStream, inputStream2, str, str2, config(), str3);
    }

    public MESCryptography(InputStream inputStream, InputStream inputStream2, String str) throws SdkException {
        super(inputStream, inputStream2, config(), str);
    }

    public MESCryptography(InputStream inputStream, InputStream inputStream2, String str, String str2) throws SdkException {
        super(inputStream, inputStream2, str, str2, config(), null);
    }

    public MESCryptography(InputStream inputStream, InputStream inputStream2) throws SdkException {
        super(inputStream, inputStream2, config(), null);
    }

    private static final Config config() {
        Config config = new Config();
        config.triggeringEndPath = Arrays.asList(".*/mes/api/v1/merchants/.*/transactions", ".*/paygo/api/v1/merchants/.*/transactions", "/mpqr-mes/api/v1/merchants/.*/transactions", "/mpqr-paygo/api/v1/merchants/.*/transactions");
        config.fieldsToEncrypt = Collections.emptyList();
        config.fieldsToDecrypt = Arrays.asList("items", "data.extraData");
        config.symmetricAlgorithm = "AES/CBC/PKCS5Padding";
        config.symmetricCipher = "AES";
        config.symmetricKeysize = 128;
        config.asymmetricCipher = "RSA/ECB/OAEPWithSHA-512AndMGF1Padding";
        config.oaepHashingAlgorithm = "SHA512";
        config.oaepHashingAlgorithmFieldName = "oaepHashingAlgorithm";
        config.publicKeyFingerprintHashing = OAuthConstants.SHA256;
        config.publicKeyFingerprintFiledName = "publicKeyFingerprint";
        config.ivFieldName = "iv";
        config.encryptedKeyFiledName = "encryptedKey";
        config.dataEncoding = DataEncoding.BASE64;
        return config;
    }

    @Override // com.mastercard.api.core.security.fle.FieldLevelEncryption, com.mastercard.api.core.security.CryptographyInterceptor
    public Map<String, Object> encrypt(Map<String, Object> map) throws SdkException {
        try {
            RequestMap requestMap = new RequestMap(map);
            if (this.publicCertificate == null) {
                return requestMap;
            }
            for (String str : this.config.fieldsToEncrypt) {
                if (requestMap.containsKey(str)) {
                    Object remove = requestMap.remove(str);
                    String jSONString = ((remove instanceof Map) || (remove instanceof List)) ? JSONValue.toJSONString(remove) : String.valueOf(remove);
                    IvParameterSpec generateIv = CryptUtil.generateIv();
                    String byteArrayToString = CryptUtil.byteArrayToString(generateIv.getIV(), this.config.dataEncoding);
                    SecretKey generateSecretKey = CryptUtil.generateSecretKey(this.config.symmetricCipher, this.config.symmetricKeysize, this.config.publicKeyFingerprintHashing);
                    String byteArrayToString2 = CryptUtil.byteArrayToString(CryptUtil.crypt(1, this.config.symmetricAlgorithm, "SunJCE", generateSecretKey, generateIv, jSONString.getBytes("UTF8")), this.config.dataEncoding);
                    String byteArrayToString3 = CryptUtil.byteArrayToString(CryptUtil.wrap(this.config.asymmetricCipher, "SunJCE", this.publicCertificate.getPublicKey(), generateSecretKey), this.config.dataEncoding);
                    String byteArrayToString4 = this.publicKeyFingerprint == null ? CryptUtil.byteArrayToString(CryptUtil.generateFingerprint(this.config.publicKeyFingerprintHashing, this.publicCertificate), this.config.dataEncoding) : this.publicKeyFingerprint;
                    String str2 = "";
                    String str3 = str;
                    if (str.indexOf(46) > 0) {
                        str2 = str.substring(0, str.lastIndexOf(".")) + ".";
                        str3 = str.substring(str.lastIndexOf(".") + 1);
                    }
                    if (this.config.publicKeyFingerprintFiledName != null) {
                        requestMap.put(str2 + this.config.publicKeyFingerprintFiledName, (Object) byteArrayToString4);
                    }
                    if (this.config.oaepHashingAlgorithmFieldName != null) {
                        requestMap.put(str2 + this.config.oaepHashingAlgorithmFieldName, (Object) this.config.oaepHashingAlgorithm);
                    }
                    requestMap.put(str2 + this.config.ivFieldName, (Object) byteArrayToString);
                    requestMap.put(str2 + this.config.encryptedKeyFiledName, (Object) byteArrayToString3);
                    requestMap.put(str2 + str3, (Object) byteArrayToString2);
                }
            }
            return requestMap;
        } catch (Exception e) {
            throw new SdkException(e.getMessage(), e);
        }
    }

    @Override // com.mastercard.api.core.security.fle.FieldLevelEncryption, com.mastercard.api.core.security.CryptographyInterceptor
    public Map<String, Object> decrypt(Map<String, Object> map) throws SdkException {
        Map map2;
        SecretKey secretKey;
        try {
            RequestMap requestMap = new RequestMap(map);
            if (this.privateKey == null) {
                return requestMap;
            }
            Iterator<String> it = this.config.fieldsToDecrypt.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String next = it.next();
                if (requestMap.containsKey(next)) {
                    String str = "";
                    String str2 = next;
                    if (next.indexOf(46) > 0) {
                        str = next.substring(0, next.lastIndexOf("."));
                        str2 = next.substring(next.lastIndexOf(".") + 1);
                        map2 = (Map) requestMap.get(str);
                    } else {
                        map2 = requestMap;
                    }
                    byte[] stringToByteArray = CryptUtil.stringToByteArray((String) map2.remove(this.config.encryptedKeyFiledName), this.config.dataEncoding);
                    if (map2.containsKey(this.config.oaepHashingAlgorithmFieldName)) {
                        String str3 = (String) map2.remove(this.config.oaepHashingAlgorithmFieldName);
                        if (!str3.contains("-")) {
                            str3 = str3.replace("SHA", "SHA-");
                        }
                        secretKey = (SecretKey) CryptUtil.unwrap("RSA/ECB/OAEPWith" + str3 + "AndMGF1Padding", "SunJCE", this.privateKey, stringToByteArray, this.config.symmetricCipher, 3);
                    } else {
                        secretKey = (SecretKey) CryptUtil.unwrap(this.config.asymmetricCipher, "SunJCE", this.privateKey, stringToByteArray, this.config.symmetricCipher, 3);
                    }
                    String str4 = (String) map2.remove(this.config.ivFieldName);
                    if (map2.containsKey(this.config.publicKeyFingerprintFiledName)) {
                        map2.remove(this.config.publicKeyFingerprintFiledName);
                    }
                    String str5 = new String(CryptUtil.crypt(2, this.config.symmetricAlgorithm, "SunJCE", secretKey, new IvParameterSpec(CryptUtil.stringToByteArray(str4, this.config.dataEncoding)), CryptUtil.stringToByteArray((String) map2.remove(str2), this.config.dataEncoding)), Charset.forName(OAuthConstants.UTF_8));
                    String buildFieldPath = buildFieldPath(str, str2);
                    if (str5.startsWith("{")) {
                        for (Map.Entry entry : ((Map) JSONValue.parse(str5)).entrySet()) {
                            requestMap.put(buildFieldPath + "." + ((String) entry.getKey()), entry.getValue());
                        }
                    } else if (str5.startsWith("[")) {
                        requestMap.put(buildFieldPath, JSONValue.parse(str5));
                    } else {
                        requestMap.put(buildFieldPath, (Object) str5);
                    }
                }
            }
            return requestMap;
        } catch (Exception e) {
            throw new SdkException(e.getMessage(), e);
        }
    }

    private String buildFieldPath(String str, String str2) {
        StringBuilder sb = new StringBuilder();
        if (!str.isEmpty()) {
            sb.append(str).append(".");
        }
        sb.append(str2);
        return sb.toString();
    }
}
