package com.daon.sdk.crypto.ados.a;

import com.daon.sdk.crypto.ados.EncryptionMethod;
import com.daon.sdk.crypto.ados.EncryptionParams;
import com.daon.sdk.crypto.ados.EncryptionResult;
import com.daon.sdk.crypto.ados.Encryptor;
import com.daon.sdk.crypto.ados.PkEncryptionParams;
import com.daon.sdk.crypto.ados.SecureMessageData;
import com.daon.sdk.crypto.ados.SessionKeyEncryptionResult;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes.dex */
public class a implements Encryptor {

    /* renamed from: a, reason: collision with root package name */
    private byte[] f8894a;

    /* renamed from: b, reason: collision with root package name */
    private SecretKey f8895b;

    /* renamed from: c, reason: collision with root package name */
    private SecureRandom f8896c;

    /* renamed from: d, reason: collision with root package name */
    private PkEncryptionParams f8897d;

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: com.daon.sdk.crypto.ados.a.a$a, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public class C0120a {

        /* renamed from: a, reason: collision with root package name */
        public byte[] f8898a;

        /* renamed from: b, reason: collision with root package name */
        public byte[] f8899b;

        protected C0120a() {
        }
    }

    protected C0120a a(byte[] bArr, byte[] bArr2) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            if (bArr2 == null) {
                cipher.init(1, this.f8895b, b());
            } else {
                cipher.init(1, this.f8895b, new IvParameterSpec(bArr2));
            }
            byte[] doFinal = cipher.doFinal(bArr);
            C0120a c0120a = new C0120a();
            c0120a.f8898a = doFinal;
            c0120a.f8899b = cipher.getIV();
            return c0120a;
        } catch (Exception e10) {
            throw new RuntimeException("Failed to encrypt data", e10);
        }
    }

    protected SecretKey a() {
        if (this.f8895b == null) {
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                keyGenerator.init(256, b());
                this.f8895b = keyGenerator.generateKey();
            } catch (NoSuchAlgorithmException e10) {
                throw new RuntimeException("AES algorithm not supported.", e10);
            }
        }
        return this.f8895b;
    }

    public void a(PkEncryptionParams pkEncryptionParams) {
        this.f8897d = pkEncryptionParams;
    }

    protected byte[] a(SecretKey secretKey, PublicKey publicKey) {
        if (this.f8894a == null) {
            try {
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(3, publicKey, b());
                this.f8894a = cipher.wrap(secretKey);
            } catch (Exception e10) {
                throw new RuntimeException("Failed to wrap session key", e10);
            }
        }
        return this.f8894a;
    }

    protected SecureRandom b() {
        if (this.f8896c == null) {
            this.f8896c = new SecureRandom();
        }
        return this.f8896c;
    }

    @Override // com.daon.sdk.crypto.ados.Encryptor
    public EncryptionResult encrypt(byte[] bArr) {
        if (this.f8897d.getNonce() != null) {
            bArr = new SecureMessageData(bArr, this.f8897d).getEncoded();
        }
        SecretKey a10 = a();
        C0120a a11 = a(bArr, this.f8897d.getIv());
        return new SessionKeyEncryptionResult(a11.f8898a, a11.f8899b, a(a10, this.f8897d.getPublicKey()));
    }

    @Override // com.daon.sdk.crypto.ados.Encryptor
    public String getId() {
        return EncryptionMethod.CDEM_1;
    }

    @Override // com.daon.sdk.crypto.ados.Encryptor
    public void init(EncryptionParams encryptionParams) {
        if (encryptionParams instanceof PkEncryptionParams) {
            a((PkEncryptionParams) encryptionParams);
            return;
        }
        throw new IllegalArgumentException("params illegal type. Expected: " + PkEncryptionParams.class.getName() + ". Received: " + encryptionParams.getClass().getName());
    }
}
