package com.mastercard.api.core.security.mdes;

import com.mastercard.api.core.security.CryptographyInterceptor;
import com.mastercard.api.core.security.oauth.OAuthConstants;
import com.mastercard.api.core.security.util.CryptUtil;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.apache.commons.codec.DecoderException;
import org.json.simple.JSONValue;

/* loaded from: input_file:com/mastercard/api/core/security/mdes/MDESCryptography.class */
public class MDESCryptography implements CryptographyInterceptor {
    private Certificate issuerCertificate;
    private PrivateKey privateKey;
    private List<String> fieldsToHide = Arrays.asList("publicKeyFingerprint", "oaepHashingAlgorithm", "iv", "encryptedData", "encryptedKey");
    public final String triggeringPath = "/tokenize";

    public MDESCryptography(InputStream inputStream, InputStream inputStream2) throws UnrecoverableKeyException, CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, NoSuchProviderException, InvalidKeySpecException {
        this.issuerCertificate = CryptUtil.loadCertificate("X.509", inputStream);
        this.privateKey = CryptUtil.loadPrivateKey("RSA", inputStream2);
    }

    @Override // com.mastercard.api.core.security.CryptographyInterceptor
    public String getTriggeringPath() {
        return "/tokenize";
    }

    @Override // com.mastercard.api.core.security.CryptographyInterceptor
    public Map<String, Object> encrypt(Map<String, Object> map) throws NoSuchAlgorithmException, InvalidKeyException, CertificateEncodingException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, UnsupportedEncodingException, NoSuchProviderException, IllegalBlockSizeException {
        if (map.containsKey("cardInfo")) {
            String sanitizeJson = CryptUtil.sanitizeJson(JSONValue.toJSONString((Map) map.remove("cardInfo")));
            IvParameterSpec generateIv = CryptUtil.generateIv();
            String byteArrayToHexString = CryptUtil.byteArrayToHexString(generateIv.getIV());
            SecretKey generateSecretKey = CryptUtil.generateSecretKey("AES", 128);
            String byteArrayToHexString2 = CryptUtil.byteArrayToHexString(CryptUtil.crypt(1, "AES/CBC/PKCS5Padding", "SunJCE", generateSecretKey, generateIv, sanitizeJson.getBytes("UTF8")));
            String byteArrayToHexString3 = CryptUtil.byteArrayToHexString(CryptUtil.wrap("RSA/ECB/PKCS1Padding", "SunJCE", this.issuerCertificate.getPublicKey(), generateSecretKey));
            String byteArrayToHexString4 = CryptUtil.byteArrayToHexString(CryptUtil.generateFingerprint(OAuthConstants.SHA1, this.issuerCertificate));
            HashMap hashMap = new HashMap();
            hashMap.put("publicKeyFingerprint", byteArrayToHexString4);
            hashMap.put("encryptedKey", byteArrayToHexString3);
            hashMap.put("iv", byteArrayToHexString);
            hashMap.put("encryptedData", byteArrayToHexString2);
            map.put("cardInfo", hashMap);
        }
        return map;
    }

    @Override // com.mastercard.api.core.security.CryptographyInterceptor
    public Map<String, Object> decrypt(Map<String, Object> map) throws DecoderException, NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, NoSuchProviderException, InvalidKeyException {
        if (map.containsKey("token")) {
            Map map2 = (Map) map.get("token");
            if (map2.containsKey("encryptedData") && map2.containsKey("encryptedKey")) {
                String str = new String(CryptUtil.crypt(2, "AES/CBC/PKCS5Padding", "SunJCE", (SecretKey) CryptUtil.unwrap("RSA/ECB/PKCS1Padding", "SunJCE", this.privateKey, CryptUtil.hexStringToByteArray((String) map2.remove("encryptedKey")), "AES", 3), new IvParameterSpec(CryptUtil.hexStringToByteArray((String) map2.remove("iv"))), CryptUtil.hexStringToByteArray((String) map2.remove("encryptedData"))));
                Iterator<String> it = this.fieldsToHide.iterator();
                while (it.hasNext()) {
                    map2.remove(it.next());
                }
                for (Map.Entry entry : ((Map) JSONValue.parse(str)).entrySet()) {
                    map2.put(entry.getKey(), entry.getValue());
                }
            }
        }
        return map;
    }

    public boolean equals(MDESCryptography mDESCryptography) {
        return this.issuerCertificate.getType().compareTo(mDESCryptography.issuerCertificate.getType()) == 0;
    }

    public int hashCode() {
        return new StringBuilder().append(this.issuerCertificate.getType()).hashCode();
    }
}
