package com.daon.sdk.crypto.ados.a;

import com.daon.sdk.crypto.ados.EncryptionMethod;
import com.daon.sdk.crypto.ados.EncryptionParams;
import com.daon.sdk.crypto.ados.EncryptionResult;
import com.daon.sdk.crypto.ados.Encryptor;
import com.daon.sdk.crypto.ados.PkEncryptionParams;
import com.daon.sdk.crypto.ados.SecureMessageData;
import com.daon.sdk.crypto.ados.SessionKeyEncryptionResult;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes.dex */
public class a implements Encryptor {

    /* renamed from: a, reason: collision with root package name */
    private byte[] f840a;
    private SecretKey b;
    private SecureRandom c;
    private PkEncryptionParams d;

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: com.daon.sdk.crypto.ados.a.a$a, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public class C0020a {

        /* renamed from: a, reason: collision with root package name */
        public byte[] f841a;
        public byte[] b;

        protected C0020a() {
        }
    }

    protected C0020a a(byte[] bArr, byte[] bArr2) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            if (bArr2 == null) {
                cipher.init(1, this.b, b());
            } else {
                cipher.init(1, this.b, new IvParameterSpec(bArr2));
            }
            byte[] doFinal = cipher.doFinal(bArr);
            C0020a c0020a = new C0020a();
            c0020a.f841a = doFinal;
            c0020a.b = cipher.getIV();
            return c0020a;
        } catch (Exception e) {
            throw new RuntimeException("Failed to encrypt data", e);
        }
    }

    protected SecretKey a() {
        if (this.b == null) {
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                keyGenerator.init(256, b());
                this.b = keyGenerator.generateKey();
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException("AES algorithm not supported.", e);
            }
        }
        return this.b;
    }

    public void a(PkEncryptionParams pkEncryptionParams) {
        this.d = pkEncryptionParams;
    }

    protected byte[] a(SecretKey secretKey, PublicKey publicKey) {
        if (this.f840a == null) {
            try {
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(3, publicKey, b());
                this.f840a = cipher.wrap(secretKey);
            } catch (Exception e) {
                throw new RuntimeException("Failed to wrap session key", e);
            }
        }
        return this.f840a;
    }

    protected SecureRandom b() {
        if (this.c == null) {
            this.c = new SecureRandom();
        }
        return this.c;
    }

    @Override // com.daon.sdk.crypto.ados.Encryptor
    public EncryptionResult encrypt(byte[] bArr) {
        if (this.d.getNonce() != null) {
            bArr = new SecureMessageData(bArr, this.d).getEncoded();
        }
        SecretKey a2 = a();
        C0020a a3 = a(bArr, this.d.getIv());
        return new SessionKeyEncryptionResult(a3.f841a, a3.b, a(a2, this.d.getPublicKey()));
    }

    @Override // com.daon.sdk.crypto.ados.Encryptor
    public String getId() {
        return EncryptionMethod.CDEM_1;
    }

    @Override // com.daon.sdk.crypto.ados.Encryptor
    public void init(EncryptionParams encryptionParams) {
        if (encryptionParams instanceof PkEncryptionParams) {
            a((PkEncryptionParams) encryptionParams);
            return;
        }
        throw new IllegalArgumentException("params illegal type. Expected: " + PkEncryptionParams.class.getName() + ". Received: " + encryptionParams.getClass().getName());
    }
}
