package com.mastercard.api.core.security.fle;

import com.mastercard.api.core.exception.SdkException;
import com.mastercard.api.core.model.RequestMap;
import com.mastercard.api.core.security.CryptographyInterceptor;
import com.mastercard.api.core.security.oauth.OAuthConstants;
import com.mastercard.api.core.security.util.CryptUtil;
import com.mastercard.api.core.security.util.KeyType;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.json.simple.JSONValue;

/* loaded from: input_file:com/mastercard/api/core/security/fle/FieldLevelEncryption.class */
public class FieldLevelEncryption implements CryptographyInterceptor {
    protected final PrivateKey privateKey;
    protected final Certificate publicCertificate;
    protected final Config config;
    protected final String publicKeyFingerprint;

    public FieldLevelEncryption(InputStream inputStream, InputStream inputStream2, String str, String str2, Config config, String str3) throws SdkException {
        try {
            if (inputStream != null) {
                this.publicCertificate = CryptUtil.loadCertificate("X.509", inputStream);
            } else {
                this.publicCertificate = null;
            }
            if (inputStream2 != null) {
                this.privateKey = (PrivateKey) CryptUtil.loadKey(KeyType.PRIVATE, "PKCS12", inputStream2, str, str2);
            } else {
                this.privateKey = null;
            }
            this.config = config;
            this.publicKeyFingerprint = str3;
        } catch (Exception e) {
            throw new SdkException(e.getMessage(), e);
        }
    }

    public FieldLevelEncryption(InputStream inputStream, InputStream inputStream2, Config config, String str) throws SdkException {
        try {
            if (inputStream != null) {
                this.publicCertificate = CryptUtil.loadCertificate("X.509", inputStream);
            } else {
                this.publicCertificate = null;
            }
            if (inputStream2 != null) {
                this.privateKey = CryptUtil.loadPrivateKey("RSA", inputStream2);
            } else {
                this.privateKey = null;
            }
            this.config = config;
            this.publicKeyFingerprint = str;
        } catch (Exception e) {
            throw new SdkException(e.getMessage(), e);
        }
    }

    @Override // com.mastercard.api.core.security.CryptographyInterceptor
    public List<String> getTriggeringEndPath() {
        return this.config.triggeringEndPath;
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x003a, code lost:
    
        r0 = r0.remove(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x004a, code lost:
    
        if ((r0 instanceof java.util.Map) == false) goto L12;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x004d, code lost:
    
        r14 = com.mastercard.api.core.security.util.CryptUtil.sanitizeJson(org.json.simple.JSONValue.toJSONString(r0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:14:0x0065, code lost:
    
        r0 = com.mastercard.api.core.security.util.CryptUtil.generateIv();
        r0 = com.mastercard.api.core.security.util.CryptUtil.byteArrayToString(r0.getIV(), r8.config.dataEncoding);
        r0 = com.mastercard.api.core.security.util.CryptUtil.generateSecretKey(r8.config.symmetricCipher, r8.config.symmetricKeysize, r8.config.publicKeyFingerprintHashing);
        r0 = com.mastercard.api.core.security.util.CryptUtil.byteArrayToString(com.mastercard.api.core.security.util.CryptUtil.crypt(1, r8.config.symmetricAlgorithm, "SunJCE", r0, r0, r14.getBytes("UTF8")), r8.config.dataEncoding);
        r0 = com.mastercard.api.core.security.util.CryptUtil.byteArrayToString(com.mastercard.api.core.security.util.CryptUtil.wrap(r8.config.asymmetricCipher, "SunJCE", r8.publicCertificate.getPublicKey(), r0), r8.config.dataEncoding);
     */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x00e6, code lost:
    
        if (r8.publicKeyFingerprint != null) goto L16;
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x00e9, code lost:
    
        r22 = com.mastercard.api.core.security.util.CryptUtil.byteArrayToString(com.mastercard.api.core.security.util.CryptUtil.generateFingerprint(r8.config.publicKeyFingerprintHashing, r8.publicCertificate), r8.config.dataEncoding);
     */
    /* JADX WARN: Code restructure failed: missing block: B:17:0x0110, code lost:
    
        r23 = "";
     */
    /* JADX WARN: Code restructure failed: missing block: B:18:0x011b, code lost:
    
        if (r0.indexOf(46) <= 0) goto L20;
     */
    /* JADX WARN: Code restructure failed: missing block: B:19:0x011e, code lost:
    
        r23 = r0.substring(0, r0.lastIndexOf(".")) + ".";
     */
    /* JADX WARN: Code restructure failed: missing block: B:21:0x014a, code lost:
    
        if (r8.config.publicKeyFingerprintFiledName == null) goto L23;
     */
    /* JADX WARN: Code restructure failed: missing block: B:22:0x014d, code lost:
    
        r0.put(r23 + r8.config.publicKeyFingerprintFiledName, (java.lang.Object) r22);
     */
    /* JADX WARN: Code restructure failed: missing block: B:24:0x0174, code lost:
    
        if (r8.config.oaepHashingAlgorithmFieldName == null) goto L26;
     */
    /* JADX WARN: Code restructure failed: missing block: B:25:0x0177, code lost:
    
        r0.put(r23 + r8.config.oaepHashingAlgorithmFieldName, (java.lang.Object) r8.config.oaepHashingAlgorithm);
     */
    /* JADX WARN: Code restructure failed: missing block: B:26:0x019c, code lost:
    
        r0.put(r23 + r8.config.ivFieldName, (java.lang.Object) r0);
        r0.put(r23 + r8.config.encryptedKeyFiledName, (java.lang.Object) r0);
        r0.put(r23 + r8.config.encryptedDataFieldName, (java.lang.Object) r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:28:0x010a, code lost:
    
        r22 = r8.publicKeyFingerprint;
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x005e, code lost:
    
        r14 = java.lang.String.valueOf(r0);
     */
    @Override // com.mastercard.api.core.security.CryptographyInterceptor
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.util.Map<java.lang.String, java.lang.Object> encrypt(java.util.Map<java.lang.String, java.lang.Object> r9) throws com.mastercard.api.core.exception.SdkException {
        /*
            Method dump skipped, instructions count: 530
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.mastercard.api.core.security.fle.FieldLevelEncryption.encrypt(java.util.Map):java.util.Map");
    }

    @Override // com.mastercard.api.core.security.CryptographyInterceptor
    public Map<String, Object> decrypt(Map<String, Object> map) throws SdkException {
        Map map2;
        SecretKey secretKey;
        try {
            RequestMap requestMap = new RequestMap(map);
            if (this.privateKey != null) {
                Iterator<String> it = this.config.fieldsToDecrypt.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    String next = it.next();
                    if (requestMap.containsKey(next)) {
                        String str = "";
                        String str2 = next;
                        if (next.indexOf(46) > 0) {
                            str = next.substring(0, next.lastIndexOf("."));
                            str2 = next.substring(next.lastIndexOf(".") + 1);
                            map2 = (Map) requestMap.get(str);
                        } else {
                            map2 = requestMap;
                        }
                        byte[] stringToByteArray = CryptUtil.stringToByteArray((String) map2.remove(this.config.encryptedKeyFiledName), this.config.dataEncoding);
                        if (map2.containsKey(this.config.oaepHashingAlgorithmFieldName)) {
                            String str3 = (String) map2.remove(this.config.oaepHashingAlgorithmFieldName);
                            if (!str3.contains("-")) {
                                str3 = str3.replace("SHA", "SHA-");
                            }
                            secretKey = (SecretKey) CryptUtil.unwrap("RSA/ECB/OAEPWith" + str3 + "AndMGF1Padding", "SunJCE", this.privateKey, stringToByteArray, this.config.symmetricCipher, 3);
                        } else {
                            secretKey = (SecretKey) CryptUtil.unwrap(this.config.asymmetricCipher, "SunJCE", this.privateKey, stringToByteArray, this.config.symmetricCipher, 3);
                        }
                        String str4 = (String) map2.remove(this.config.ivFieldName);
                        if (map2.containsKey(this.config.publicKeyFingerprintFiledName)) {
                            map2.remove(this.config.publicKeyFingerprintFiledName);
                        }
                        String str5 = new String(CryptUtil.crypt(2, this.config.symmetricAlgorithm, "SunJCE", secretKey, new IvParameterSpec(CryptUtil.stringToByteArray(str4, this.config.dataEncoding)), CryptUtil.stringToByteArray((String) map2.remove(str2), this.config.dataEncoding)), Charset.forName(OAuthConstants.UTF_8));
                        if (str5.startsWith("{")) {
                            for (Map.Entry entry : ((Map) JSONValue.parse(str5)).entrySet()) {
                                requestMap.put(str + "." + str2 + "." + ((String) entry.getKey()), entry.getValue());
                            }
                        } else {
                            requestMap.put(str + "." + str2, (Object) str5);
                        }
                    }
                }
            }
            return requestMap;
        } catch (Exception e) {
            throw new SdkException(e.getMessage(), e);
        }
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        return this.config.equals(((FieldLevelEncryption) obj).config);
    }

    public int hashCode() {
        return this.config.hashCode();
    }
}
