package com.daon.sdk.authenticator.capture.ados;

import android.os.Bundle;
import android.util.Base64;
import com.daon.sdk.authenticator.CommonExtensions;
import com.daon.sdk.crypto.ados.EncryptionMethod;
import com.daon.sdk.crypto.ados.Encryptor;
import com.daon.sdk.crypto.ados.EncryptorFactory;
import com.daon.sdk.crypto.ados.PkEncryptionParams;
import com.daon.sdk.crypto.ados.SessionKeyEncryptionResult;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.X509EncodedKeySpec;

/* loaded from: classes.dex */
public class CDEM1CaptureDataEncryptor implements CaptureDataEncryptor {

    /* renamed from: a, reason: collision with root package name */
    public int f2460a;

    /* renamed from: b, reason: collision with root package name */
    public Encryptor f2461b;

    /* renamed from: c, reason: collision with root package name */
    public PkEncryptionParams f2462c;

    private SessionKeyEncryptionResult a(byte[] bArr, Bundle bundle, Bundle bundle2) throws Exception {
        SessionKeyEncryptionResult a2 = a(bArr, bundle.getByteArray(CommonExtensions.ADOS_IV), a(bundle));
        bundle2.putString(CommonExtensions.CAPTURE_SCHEME_ID, EncryptionMethod.CDEM_1);
        bundle2.putString(CommonExtensions.CAPTURE_IV, Base64.encodeToString(a2.getIv(), 10));
        bundle2.putString(CommonExtensions.CAPTURE_DATA, Base64.encodeToString(a2.getEncryptedData(), 10));
        bundle2.putString(CommonExtensions.CAPTURE_CDEK, Base64.encodeToString(a2.getWrappedSessionKey(), 10));
        return a2;
    }

    private SessionKeyEncryptionResult a(byte[] bArr, byte[] bArr2, PublicKey publicKey) throws Exception {
        if (this.f2461b == null) {
            this.f2461b = EncryptorFactory.getEncryptor(EncryptionMethod.CDEM_1);
            int i2 = this.f2460a;
            this.f2460a = i2 + 1;
            this.f2462c = new PkEncryptionParams(i2, a(8), publicKey);
        }
        this.f2462c.setIv(bArr2);
        this.f2461b.init(this.f2462c);
        return (SessionKeyEncryptionResult) this.f2461b.encrypt(bArr);
    }

    private PublicKey a(Bundle bundle) throws Exception {
        return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bundle.getByteArray(CommonExtensions.ADOS_DEK)));
    }

    private byte[] a(int i2) throws GeneralSecurityException {
        byte[] bArr = new byte[i2];
        SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
        return bArr;
    }

    @Override // com.daon.sdk.authenticator.capture.ados.CaptureDataEncryptor
    public void encryptCaptureData(byte[] bArr, Bundle bundle, Bundle bundle2) throws Exception {
        a(bArr, bundle, bundle2);
    }

    @Override // com.daon.sdk.authenticator.capture.ados.CaptureDataEncryptor
    public void encryptCaptureData(byte[] bArr, byte[] bArr2, Bundle bundle, Bundle bundle2) throws Exception {
        SessionKeyEncryptionResult a2 = a(bArr, bundle, bundle2);
        if (bArr2 != null) {
            bundle2.putString(CommonExtensions.CAPTURE_DATA_VERIFY, Base64.encodeToString(a(bArr2, a2.getIv(), a(bundle)).getEncryptedData(), 10));
        }
    }
}
