package net.one97.paytm.oauth.utils;

import android.net.Uri;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.Calendar;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Objects;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import net.one97.paytm.dynamic.module.movie.h5.MoviesH5Constants;
import net.one97.paytm.nativesdk.Constants.SDKConstants;
import net.one97.paytm.nativesdk.emiSubvention.utils.EmiUtil;
import net.one97.paytm.oauth.OauthModule;
import net.one97.paytm.upi.util.UpiConstants;

/* loaded from: classes5.dex */
public final class o {

    /* renamed from: b, reason: collision with root package name */
    private static String f45920b;

    /* renamed from: c, reason: collision with root package name */
    private static boolean f45921c;

    /* renamed from: a, reason: collision with root package name */
    public static final o f45919a = new o();

    /* renamed from: d, reason: collision with root package name */
    private static final List<String> f45922d = kotlin.a.k.a((Iterable) kotlin.a.k.d("Authorization", "x-public-key", "x-epoch", "x-latitude", "x-longitude", MoviesH5Constants.USER_ID, "access_token", SDKConstants.X_DEVICE_IDENTIFIER, "x-device-manufacturer", "x-device-name", "autoReadHash", "session_token", "data", "verification_type", "sessionToken"), (Comparator) new c());

    /* renamed from: e, reason: collision with root package name */
    private static String f45923e = "OAuthCryptoHelper";

    /* renamed from: f, reason: collision with root package name */
    private static final kotlin.i f45924f = kotlin.j.a(b.INSTANCE);

    /* loaded from: classes5.dex */
    public static final class a<T> implements Comparator<T> {
        /* JADX WARN: Multi-variable type inference failed */
        @Override // java.util.Comparator
        public final int compare(T t, T t2) {
            return kotlin.b.a.a(((String) t).toString(), ((String) t2).toString());
        }
    }

    /* loaded from: classes5.dex */
    static final class b extends kotlin.g.b.l implements kotlin.g.a.a<KeyStore> {
        public static final b INSTANCE = new b();

        b() {
            super(0);
        }

        @Override // kotlin.g.a.a
        public final KeyStore invoke() {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore;
        }
    }

    /* loaded from: classes5.dex */
    public static final class c<T> implements Comparator<T> {
        /* JADX WARN: Multi-variable type inference failed */
        @Override // java.util.Comparator
        public final int compare(T t, T t2) {
            return kotlin.b.a.a((String) t, (String) t2);
        }
    }

    private o() {
    }

    private static KeyStore a() {
        Object value = f45924f.getValue();
        kotlin.g.b.k.b(value, "<get-androidKeyStore>(...)");
        return (KeyStore) value;
    }

    public static void a(String str, String str2, HashMap<String, String> hashMap, String str3) {
        String str4;
        String obj;
        kotlin.g.b.k.d(str, "urlWithParams");
        kotlin.g.b.k.d(str2, "httpMethod");
        kotlin.g.b.k.d(hashMap, "headers");
        Uri parse = Uri.parse(kotlin.m.p.b((CharSequence) str).toString());
        Set<String> queryParameterNames = parse.getQueryParameterNames();
        kotlin.g.b.k.b(queryParameterNames, "uri.queryParameterNames");
        List a2 = kotlin.a.k.a((Iterable) queryParameterNames, (Comparator) new a());
        StringBuilder sb = new StringBuilder();
        Iterator it2 = a2.iterator();
        int i2 = 0;
        int i3 = 0;
        while (true) {
            str4 = "";
            if (!it2.hasNext()) {
                break;
            }
            Object next = it2.next();
            int i4 = i3 + 1;
            if (i3 < 0) {
                kotlin.a.k.a();
            }
            String str5 = (String) next;
            if (i3 > 0) {
                sb.append("&");
            }
            StringBuilder sb2 = new StringBuilder();
            kotlin.g.b.k.b(str5, "key");
            StringBuilder append = sb2.append(kotlin.m.p.b((CharSequence) str5).toString()).append('=');
            String queryParameter = parse.getQueryParameter(str5);
            if (queryParameter != null && (obj = kotlin.m.p.b((CharSequence) queryParameter).toString()) != null) {
                str4 = obj;
            }
            sb.append(append.append(str4).toString());
            i3 = i4;
        }
        StringBuilder sb3 = new StringBuilder();
        for (Object obj2 : f45922d) {
            int i5 = i2 + 1;
            if (i2 < 0) {
                kotlin.a.k.a();
            }
            String str6 = (String) obj2;
            if (!TextUtils.isEmpty(hashMap.get(str6))) {
                if (i2 > 0) {
                    sb3.append("&");
                }
                StringBuilder sb4 = new StringBuilder();
                Objects.requireNonNull(str6, "null cannot be cast to non-null type kotlin.CharSequence");
                StringBuilder append2 = sb4.append(kotlin.m.p.b((CharSequence) str6).toString()).append('=');
                String str7 = hashMap.get(str6);
                sb3.append(append2.append((Object) (str7 == null ? null : kotlin.m.p.b((CharSequence) str7).toString())).toString());
            }
            i2 = i5;
        }
        StringBuilder append3 = new StringBuilder().append((Object) parse.getPath()).append('|').append(str2).append('|').append((Object) sb).append('|').append((Object) sb3).append('|');
        if (str3 == null) {
            str3 = "";
        }
        String sb5 = append3.append(str3).toString();
        Locale locale = Locale.getDefault();
        kotlin.g.b.k.b(locale, "getDefault()");
        Objects.requireNonNull(sb5, "null cannot be cast to non-null type java.lang.String");
        String lowerCase = sb5.toLowerCase(locale);
        kotlin.g.b.k.b(lowerCase, "(this as java.lang.String).toLowerCase(locale)");
        String c2 = c(new kotlin.m.l("[^\\x00-\\x7F]|[\\p{Cntrl}&&[^\n\t]]|\\p{C}|\\s+").replace(lowerCase, ""));
        hashMap.put("x-client-signature", c2 != null ? c2 : "");
    }

    public static void a(HashMap<String, String> hashMap) throws NullPointerException {
        kotlin.g.b.k.d(hashMap, "headers");
        PublicKey c2 = c();
        HashMap<String, String> hashMap2 = hashMap;
        String encodeToString = Base64.encodeToString(c2 == null ? null : c2.getEncoded(), 2);
        kotlin.g.b.k.b(encodeToString, "encodeToString(publicKey?.encoded, Base64.NO_WRAP)");
        hashMap2.put("x-public-key", encodeToString);
    }

    public static boolean a(String str) {
        kotlin.g.b.k.d(str, UpiConstants.MOBILE_NO);
        f45920b = str;
        if (c() != null) {
            f45921c = true;
            return true;
        }
        f45921c = false;
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            kotlin.g.b.k.b(keyPairGenerator, "getInstance(KEY_ALGORITHM_RSA, ANDROID_KEY_STORE)");
            if (Build.VERSION.SDK_INT >= 23) {
                KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(d(), 4);
                builder.setCertificateSubject(new X500Principal("CN=Paytm, O=One97 Communications Ltd."));
                builder.setKeySize(EmiUtil.EMI_PLAN_REQUEST_CODE);
                builder.setDigests("SHA-256");
                builder.setSignaturePaddings("PKCS1");
                KeyGenParameterSpec build = builder.build();
                kotlin.g.b.k.b(build, "Builder(getKeyStoreAlias(), KeyProperties.PURPOSE_SIGN).apply {\n                    setCertificateSubject(X500Principal(\"CN=Paytm, O=One97 Communications Ltd.\"))\n                    setKeySize(KEY_SIZE)\n                    setDigests(KeyProperties.DIGEST_SHA256)                          //Set of digests algorithms with which the key can be used\n                    setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)  //Set of padding schemes with which the key can be used when signing/verifying\n                }.build()");
                keyPairGenerator.initialize(build);
            } else {
                KeyPairGeneratorSpec.Builder builder2 = new KeyPairGeneratorSpec.Builder(OauthModule.b().getApplicationContext());
                builder2.setAlias(d());
                builder2.setSubject(new X500Principal("CN=Paytm, O=One97 Communications Ltd."));
                builder2.setSerialNumber(BigInteger.ONE);
                builder2.setStartDate(Calendar.getInstance().getTime());
                Calendar calendar = Calendar.getInstance();
                calendar.add(1, 30);
                builder2.setEndDate(calendar.getTime());
                if (Build.VERSION.SDK_INT >= 19) {
                    builder2.setKeySize(EmiUtil.EMI_PLAN_REQUEST_CODE);
                }
                KeyPairGeneratorSpec build2 = builder2.build();
                kotlin.g.b.k.b(build2, "Builder(OauthModule.getOathDataProvider().getApplicationContext()).apply {\n                    setAlias(getKeyStoreAlias())\n                    setSubject(X500Principal(\"CN=Paytm, O=One97 Communications Ltd.\"))\n                    setSerialNumber(BigInteger.ONE)\n                    setStartDate(Calendar.getInstance().time)\n                    // 30 years of validity\n                    val endDate = Calendar.getInstance()\n                    endDate.add(Calendar.YEAR, 30)\n                    setEndDate(endDate.time)\n                    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT) {\n                        setKeySize(KEY_SIZE)\n                    }\n                }.build()");
                keyPairGenerator.initialize(build2);
            }
            kotlin.g.b.k.b(keyPairGenerator.generateKeyPair(), "keyPairGenerator.generateKeyPair()");
            return true;
        } catch (NullPointerException e2) {
            e2.printStackTrace();
            return false;
        } catch (GeneralSecurityException e3) {
            e3.printStackTrace();
            return false;
        } catch (ProviderException e4) {
            e4.printStackTrace();
            return false;
        }
    }

    private static PrivateKey b() {
        try {
            Key key = a().getKey(d(), null);
            if (key instanceof PrivateKey) {
                return (PrivateKey) key;
            }
            return null;
        } catch (RuntimeException e2) {
            e2.getMessage();
            return null;
        } catch (KeyStoreException e3) {
            e3.printStackTrace();
            return null;
        } catch (UnrecoverableKeyException e4) {
            e4.getMessage();
            return null;
        }
    }

    public static void b(String str) {
        f45920b = str;
        try {
            a().deleteEntry(d());
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        }
    }

    private static String c(String str) {
        PrivateKey b2 = b();
        if (b2 != null) {
            try {
                Signature signature = Signature.getInstance("SHA256withRSA");
                signature.initSign(b2);
                Charset charset = kotlin.m.d.f31945a;
                if (str == null) {
                    throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
                }
                byte[] bytes = str.getBytes(charset);
                kotlin.g.b.k.b(bytes, "(this as java.lang.String).getBytes(charset)");
                signature.update(bytes);
                String encodeToString = Base64.encodeToString(signature.sign(), 2);
                kotlin.g.b.k.b(encodeToString, "encodeToString(signature, Base64.NO_WRAP)");
                return encodeToString;
            } catch (InvalidKeyException e2) {
                e2.printStackTrace();
            } catch (NoSuchAlgorithmException e3) {
                e3.printStackTrace();
            } catch (SignatureException e4) {
                e4.printStackTrace();
            } catch (Exception e5) {
                e5.printStackTrace();
            }
        }
        return "";
    }

    private static PublicKey c() {
        try {
            Certificate certificate = a().getCertificate(d());
            if (certificate == null) {
                return null;
            }
            return certificate.getPublicKey();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    private static String d() {
        String str = f45920b;
        if (com.paytm.utility.c.r(OauthModule.b().getApplicationContext())) {
            str = com.paytm.utility.c.Z(OauthModule.b().getApplicationContext());
        }
        return "secure." + ((Object) OauthModule.b().getApplicationContext().getPackageName()) + '.' + ((Object) str);
    }
}
