package datev.de.dcal;

import android.content.Context;
import android.content.Intent;
import android.database.Cursor;
import android.net.Uri;
import android.util.Base64;
import android.util.Log;
import androidx.core.app.NotificationCompat;
import com.google.android.gms.common.internal.ImagesContract;
import com.google.android.gms.drive.DriveFile;
import com.google.firebase.analytics.FirebaseAnalytics;
import com.microsoft.services.msa.OAuth;
import java.io.ByteArrayInputStream;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Enumeration;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import kotlin.TypeCastException;
import kotlin.d.a.m;
import kotlin.d.b.j;
import kotlin.h.d;
import kotlin.k;
import kotlin.s;
import org.apache.http.protocol.HTTP;

@k(bv = {1, 0, 2}, d1 = {"\u0000b\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u000b\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u000e\n\u0002\b\u000e\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\u0012\n\u0002\b\t\n\u0002\u0018\u0002\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0016\u0018\u00002\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002J\b\u0010!\u001a\u00020\"H\u0016J\u000e\u0010#\u001a\u00020\u00132\u0006\u0010$\u001a\u00020\u0013J\u0016\u0010%\u001a\u00020&2\u0006\u0010'\u001a\u00020\u00132\u0006\u0010(\u001a\u00020\u0013JP\u0010)\u001a\u00020\f2\u0006\u0010*\u001a\u00020+2@\u0010,\u001a<\u0012\u0015\u0012\u0013\u0018\u00010+¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(-\u0012\u001b\u0012\u0019\u0018\u00010\tj\u0004\u0018\u0001`\n¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(\u000b\u0012\u0004\u0012\u00020\f0\u0004J[\u0010.\u001a\u00020\f2Q\u0010,\u001aM\u0012\u0013\u0012\u00110\u0005¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(\b\u0012*\u0012(\u0018\u00010\tj\u0013\u0018\u0001`\n¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(\u000b¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(\u000b\u0012\u0004\u0012\u00020\f0\u0004j\u0002`\rH\u0002JP\u0010/\u001a\u00020\f2\u0006\u0010-\u001a\u00020+2@\u0010,\u001a<\u0012\u0015\u0012\u0013\u0018\u00010+¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(*\u0012\u001b\u0012\u0019\u0018\u00010\tj\u0004\u0018\u0001`\n¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(\u000b\u0012\u0004\u0012\u00020\f0\u0004J\u0018\u00100\u001a\u00020\u00132\u0006\u00101\u001a\u00020\u00132\u0006\u00102\u001a\u00020\u0013H\u0002J\u0010\u00103\u001a\u00020\f2\u0006\u00104\u001a\u000205H\u0016J8\u00106\u001a\u00020\"2\u0006\u00107\u001a\u00020\u00132\u0006\u00108\u001a\u00020\u00132\u0006\u00109\u001a\u00020\u00132\u0006\u0010:\u001a\u00020\u00132\u0006\u0010;\u001a\u00020\u00052\u0006\u0010<\u001a\u00020=H\u0016J\b\u0010>\u001a\u00020\fH\u0002J\u0012\u0010)\u001a\u00020\u0013*\u00020\u00132\u0006\u0010?\u001a\u00020\u0013Ri\u0010\u0003\u001aQ\u0012\u0013\u0012\u00110\u0005¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(\b\u0012*\u0012(\u0018\u00010\tj\u0013\u0018\u0001`\n¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(\u000b¢\u0006\f\b\u0006\u0012\b\b\u0007\u0012\u0004\b\b(\u000b\u0012\u0004\u0012\u00020\f\u0018\u00010\u0004j\u0004\u0018\u0001`\rX\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u000e\u0010\u000f\"\u0004\b\u0010\u0010\u0011R\u001a\u0010\u0012\u001a\u00020\u0013X\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u0014\u0010\u0015\"\u0004\b\u0016\u0010\u0017R\u001a\u0010\u0018\u001a\u00020\u0013X\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u0019\u0010\u0015\"\u0004\b\u001a\u0010\u0017R\u001a\u0010\u001b\u001a\u00020\u0013X\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u001c\u0010\u0015\"\u0004\b\u001d\u0010\u0017R\u001a\u0010\u001e\u001a\u00020\u0013X\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u001f\u0010\u0015\"\u0004\b \u0010\u0017¨\u0006@"}, d2 = {"Ldatev/de/dcal/DCALApiIntern;", "Ldatev/de/dcal/DCALapi;", "()V", "dcalLoginCompletionHandle", "Lkotlin/Function2;", "", "Lkotlin/ParameterName;", "name", "success", "Ljava/lang/Error;", "Lkotlin/Error;", OAuth.ERROR, "", "Ldatev/de/dcal/DCALLoginCompletionHandler;", "getDcalLoginCompletionHandle", "()Lkotlin/jvm/functions/Function2;", "setDcalLoginCompletionHandle", "(Lkotlin/jvm/functions/Function2;)V", "pfxContainer", "", "getPfxContainer", "()Ljava/lang/String;", "setPfxContainer", "(Ljava/lang/String;)V", "pubCert", "getPubCert", "setPubCert", "randomKey", "getRandomKey", "setRandomKey", "secKey", "getSecKey", "setSecKey", "clean", "Ldatev/de/dcal/DCALState;", "convertCertificateToPEM", "base64StringCertificate", "decodePFXContainer", "Ljava/security/cert/Certificate;", "base64String", "key", "decrypt", "encryptedData", "", "completion", "data", "doOfflineLogin", "encrypt", "encryptDecrypt", NotificationCompat.CATEGORY_MESSAGE, "staticKey", "handleUrl", ImagesContract.URL, "Landroid/net/Uri;", "initialize", OAuth.CLIENT_ID, "client_secret", OAuth.SCOPE, "redirect_URI", "use_Sandbox", "context", "Landroid/content/Context;", "readParameterFromStorage", "password", "dcal_release"}, k = 1, mv = {1, 1, 10})
/* loaded from: classes3.dex */
public class DCALApiIntern extends DCALapi {
    private m<? super Boolean, ? super Error, s> dcalLoginCompletionHandle;
    private String pubCert = "";
    private String randomKey = "";
    private String pfxContainer = "";
    private String secKey = "";

    private final void doOfflineLogin(m<? super Boolean, ? super Error, s> mVar) {
        this.dcalLoginCompletionHandle = mVar;
        Intent intent = new Intent("android.intent.action.VIEW");
        intent.setData(Uri.parse("datevsmartlogin://doofflinelogin?portal=dcaldemo://&displayname=DCALDEMO&isDatev=true"));
        intent.addFlags(DriveFile.MODE_READ_ONLY);
        DCALapiKt.getDCAL().getAppContext$dcal_release().startActivity(intent);
    }

    private final String encryptDecrypt(String str, String str2) {
        Charset charset = d.f4927a;
        if (str2 == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str2.getBytes(charset);
        j.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        int length = str.length();
        byte[] bArr = new byte[length];
        for (int i = 0; i < length; i++) {
            bArr[i] = (byte) (bytes[i] ^ str.charAt(i));
        }
        Charset forName = Charset.forName(HTTP.ASCII);
        j.a((Object) forName, "Charset.forName(charsetName)");
        return new String(bArr, forName);
    }

    private final void readParameterFromStorage() {
        Cursor query = DCALapiKt.getDCAL().getAppContext$dcal_release().getContentResolver().query(Uri.parse("content://de.datev.smartlogin/dcal"), null, null, null, null, null);
        if (!query.moveToFirst()) {
            Log.i("", "ReadFromProvider failed");
            return;
        }
        do {
            String string = query.getString(1);
            String string2 = query.getString(2);
            if (string != null) {
                int hashCode = string.hashCode();
                if (hashCode != 946085449) {
                    if (hashCode != 946087599) {
                        if (hashCode == 1269479852 && string.equals("caf_dsl_pubCer")) {
                            j.a((Object) string2, FirebaseAnalytics.Param.VALUE);
                            this.pubCert = string2;
                        }
                    } else if (string.equals("caf_dsl_rnd")) {
                        j.a((Object) string2, FirebaseAnalytics.Param.VALUE);
                        this.randomKey = string2;
                    }
                } else if (string.equals("caf_dsl_pfx")) {
                    j.a((Object) string2, FirebaseAnalytics.Param.VALUE);
                    this.pfxContainer = string2;
                }
            }
        } while (query.moveToNext());
    }

    @Override // datev.de.dcal.DCALapi
    public DCALState clean() {
        setCurrentState$dcal_release(DCALapiKt.getDCAL().clean());
        return getCurrentState$dcal_release();
    }

    public final String convertCertificateToPEM(String str) {
        j.b(str, "base64StringCertificate");
        return "-----BEGIN CERTIFICATE-----\n" + str + "\n-----END CERTIFICATE-----";
    }

    public final Certificate decodePFXContainer(String str, String str2) {
        j.b(str, "base64String");
        j.b(str2, "key");
        byte[] decode = Base64.decode(str, 0);
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        j.a((Object) decode, "decodedPFXContainer");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decode);
        char[] charArray = str2.toCharArray();
        j.a((Object) charArray, "(this as java.lang.String).toCharArray()");
        keyStore.load(byteArrayInputStream, charArray);
        Enumeration<String> aliases = keyStore.aliases();
        Certificate certificate = null;
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (nextElement == null) {
                throw new TypeCastException("null cannot be cast to non-null type kotlin.String");
            }
            certificate = keyStore.getCertificate(nextElement);
            j.a((Object) certificate, "keystore.getCertificate(alias)");
        }
        if (certificate == null) {
            j.b("publicCert");
        }
        return certificate;
    }

    public final String decrypt(String str, String str2) {
        j.b(str, "$receiver");
        j.b(str2, "password");
        byte[] bytes = str2.getBytes(d.f4927a);
        j.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bytes, "AES");
        byte[] bArr = new byte[16];
        char[] charArray = str2.toCharArray();
        j.a((Object) charArray, "(this as java.lang.String).toCharArray()");
        int length = charArray.length;
        for (int i = 0; i < length; i++) {
            bArr[i] = (byte) charArray[i];
        }
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(2, secretKeySpec, ivParameterSpec);
        byte[] doFinal = cipher.doFinal(Base64.decode(str, 0));
        j.a((Object) doFinal, "decryptedByteValue");
        return new String(doFinal, d.f4927a);
    }

    public final void decrypt(byte[] bArr, m<? super byte[], ? super Error, s> mVar) {
        j.b(bArr, "encryptedData");
        j.b(mVar, "completion");
        if (!DCALapiKt.getDCAL().getState().contains((Object) State.initialized)) {
            mVar.invoke(null, new Error("DCAL is not initialized"));
            return;
        }
        if (!DCALapiKt.getDCAL().getState().contains((Object) State.loggedIn)) {
            mVar.invoke(null, new Error("The client has not logged in"));
            return;
        }
        if (!(!j.a((Object) this.secKey, (Object) ""))) {
            doOfflineLogin(new DCALApiIntern$decrypt$1(this, bArr, mVar));
            return;
        }
        byte[] decode = Base64.decode(this.pfxContainer, 0);
        CoreCrypto coreCrypto = CoreCryptoKt.getCoreCrypto();
        j.a((Object) decode, "base64PFXContainer");
        coreCrypto.parse(decode, decode.length, this.secKey);
        mVar.invoke(CoreCryptoKt.getCoreCrypto().decrypt(bArr), null);
    }

    public final void encrypt(byte[] bArr, m<? super byte[], ? super Error, s> mVar) {
        j.b(bArr, "data");
        j.b(mVar, "completion");
        readParameterFromStorage();
        if (!DCALapiKt.getDCAL().getState().contains((Object) State.initialized)) {
            mVar.invoke(null, new Error("Init DCAL"));
        } else if (j.a((Object) this.pubCert, (Object) "")) {
            mVar.invoke(null, new Error("Activate Offline Crypto on SmartLogin"));
        } else {
            mVar.invoke(CoreCryptoKt.getCoreCrypto().encrypt(bArr, convertCertificateToPEM(this.pubCert)), null);
        }
    }

    public final m<Boolean, Error, s> getDcalLoginCompletionHandle() {
        return this.dcalLoginCompletionHandle;
    }

    public final String getPfxContainer() {
        return this.pfxContainer;
    }

    public final String getPubCert() {
        return this.pubCert;
    }

    public final String getRandomKey() {
        return this.randomKey;
    }

    public final String getSecKey() {
        return this.secKey;
    }

    @Override // datev.de.dcal.DCALapi
    public void handleUrl(Uri uri) {
        j.b(uri, ImagesContract.URL);
        String queryParameter = uri.getQueryParameter("secKey");
        if (queryParameter != null) {
            readParameterFromStorage();
            this.secKey = encryptDecrypt(queryParameter, this.randomKey);
            m<? super Boolean, ? super Error, s> mVar = this.dcalLoginCompletionHandle;
            if (mVar != null) {
                mVar.invoke(true, null);
            }
        }
        super.handleUrl(uri);
    }

    @Override // datev.de.dcal.DCALapi
    public DCALState initialize(String str, String str2, String str3, String str4, boolean z, Context context) {
        j.b(str, OAuth.CLIENT_ID);
        j.b(str2, "client_secret");
        j.b(str3, OAuth.SCOPE);
        j.b(str4, "redirect_URI");
        j.b(context, "context");
        setCurrentState$dcal_release(DCALapiKt.getDCAL().initialize(str, str2, str3, str4 + "&isDatev=true", z, context));
        DCALapiKt.getDCAL().setAuthDelegate(getAuthDelegate());
        return getCurrentState$dcal_release();
    }

    public final void setDcalLoginCompletionHandle(m<? super Boolean, ? super Error, s> mVar) {
        this.dcalLoginCompletionHandle = mVar;
    }

    public final void setPfxContainer(String str) {
        j.b(str, "<set-?>");
        this.pfxContainer = str;
    }

    public final void setPubCert(String str) {
        j.b(str, "<set-?>");
        this.pubCert = str;
    }

    public final void setRandomKey(String str) {
        j.b(str, "<set-?>");
        this.randomKey = str;
    }

    public final void setSecKey(String str) {
        j.b(str, "<set-?>");
        this.secKey = str;
    }
}
