package com.vodafone.idtmlib.lib.network;

import android.text.TextUtils;
import androidx.core.app.NotificationCompat;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jose.JWEObject;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.DirectDecrypter;
import com.nimbusds.jose.crypto.DirectEncrypter;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jose.crypto.MACVerifier;
import com.nimbusds.jose.crypto.RSADecrypter;
import com.nimbusds.jose.crypto.RSAEncrypter;
import com.nimbusds.jwt.EncryptedJWT;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.security.PrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
import java.util.Date;
import javax.crypto.SecretKey;
import jumio.nv.barcode.a;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;

@Metadata(d1 = {"\u0000J\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u000f\bÆ\u0002\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b*\u0010+J\u001a\u0010\u0007\u001a\u00020\u00062\b\u0010\u0003\u001a\u0004\u0018\u00010\u00022\b\u0010\u0005\u001a\u0004\u0018\u00010\u0004J\u001a\u0010\u000b\u001a\u00020\u00062\b\u0010\t\u001a\u0004\u0018\u00010\b2\b\u0010\n\u001a\u0004\u0018\u00010\u0004J\u0018\u0010\u000e\u001a\u00020\u00042\u0006\u0010\r\u001a\u00020\f2\b\u0010\u0005\u001a\u0004\u0018\u00010\u0004J\u001a\u0010\u0010\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u000f\u001a\u00020\f2\b\u0010\n\u001a\u0004\u0018\u00010\u0004J\u000e\u0010\u0013\u001a\u00020\u00042\u0006\u0010\u0012\u001a\u00020\u0011R\u001c\u0010\u0018\u001a\n \u0015*\u0004\u0018\u00010\u00140\u00148\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u0016\u0010\u0017R\u001c\u0010\u001c\u001a\n \u0015*\u0004\u0018\u00010\u00190\u00198\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u001a\u0010\u001bR\u001c\u0010 \u001a\n \u0015*\u0004\u0018\u00010\u001d0\u001d8\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u001e\u0010\u001fR\u001c\u0010\"\u001a\n \u0015*\u0004\u0018\u00010\u00140\u00148\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b!\u0010\u0017R\u001c\u0010$\u001a\n \u0015*\u0004\u0018\u00010\u00190\u00198\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b#\u0010\u001bR\u0011\u0010'\u001a\u00020\u00048F¢\u0006\u0006\u001a\u0004\b%\u0010&R\u0011\u0010)\u001a\u00020\u00048F¢\u0006\u0006\u001a\u0004\b(\u0010&¨\u0006,"}, d2 = {"Lcom/vodafone/idtmlib/lib/network/JwtHelper;", "", "Ljava/security/interfaces/RSAPublicKey;", "serverPublicKey", "", NotificationCompat.CATEGORY_MESSAGE, "Lcom/nimbusds/jwt/EncryptedJWT;", "rsaEncrypt", "Ljava/security/PrivateKey;", "privateKey", "jwtString", "rsaDecrypt", "Ljavax/crypto/SecretKey;", "aesKey", "aesEncrypt", "secretKey", "aesDecrypt", "Lcom/nimbusds/jwt/JWT;", "jwt", "getJwtMsg", "Lcom/nimbusds/jose/JWEAlgorithm;", "kotlin.jvm.PlatformType", a.l, "Lcom/nimbusds/jose/JWEAlgorithm;", "RSA_JWE_ALGORITHM", "Lcom/nimbusds/jose/EncryptionMethod;", "b", "Lcom/nimbusds/jose/EncryptionMethod;", "RSA_JWE_METHOD", "Lcom/nimbusds/jose/JWSAlgorithm;", "c", "Lcom/nimbusds/jose/JWSAlgorithm;", "AES_JWS_ALGORITHM", "d", "AES_JWE_ALGORITHM", "e", "AES_JWE_ENCRYPTION", "getRsaJweAlgorithm", "()Ljava/lang/String;", "rsaJweAlgorithm", "getRsaJweMethod", "rsaJweMethod", "<init>", "()V", "idtmsdk_release"}, k = 1, mv = {1, 8, 0})
/* loaded from: classes2.dex */
public final class JwtHelper {
    public static final JwtHelper INSTANCE = new JwtHelper();

    /* renamed from: a, reason: collision with root package name and from kotlin metadata */
    private static final JWEAlgorithm RSA_JWE_ALGORITHM = JWEAlgorithm.RSA1_5;

    /* renamed from: b, reason: from kotlin metadata */
    private static final EncryptionMethod RSA_JWE_METHOD = EncryptionMethod.A128CBC_HS256;

    /* renamed from: c, reason: from kotlin metadata */
    private static final JWSAlgorithm AES_JWS_ALGORITHM = JWSAlgorithm.HS256;

    /* renamed from: d, reason: from kotlin metadata */
    private static final JWEAlgorithm AES_JWE_ALGORITHM = JWEAlgorithm.DIR;

    /* renamed from: e, reason: from kotlin metadata */
    private static final EncryptionMethod AES_JWE_ENCRYPTION = EncryptionMethod.A128CBC_HS256;

    private JwtHelper() {
    }

    public final String aesDecrypt(SecretKey secretKey, String jwtString) throws JOSEException, ParseException {
        Intrinsics.checkNotNullParameter(secretKey, "secretKey");
        JWEObject parse = JWEObject.parse(jwtString);
        parse.decrypt(new DirectDecrypter(secretKey.getEncoded()));
        SignedJWT signedJWT = parse.getPayload().toSignedJWT();
        if (signedJWT != null && signedJWT.verify(new MACVerifier(secretKey.getEncoded()))) {
            return getJwtMsg(signedJWT);
        }
        return null;
    }

    public final String aesEncrypt(SecretKey aesKey, String msg) throws JOSEException {
        Intrinsics.checkNotNullParameter(aesKey, "aesKey");
        SignedJWT signedJWT = new SignedJWT(new JWSHeader(AES_JWS_ALGORITHM), new JWTClaimsSet.Builder().issueTime(new Date()).expirationTime(new Date(System.currentTimeMillis() + 86400000)).claim(NotificationCompat.CATEGORY_MESSAGE, msg).build());
        signedJWT.sign(new MACSigner(aesKey.getEncoded()));
        JWEObject jWEObject = new JWEObject(new JWEHeader.Builder(AES_JWE_ALGORITHM, AES_JWE_ENCRYPTION).contentType("JWT").build(), new Payload(signedJWT));
        jWEObject.encrypt(new DirectEncrypter(aesKey.getEncoded()));
        String serialize = jWEObject.serialize();
        Intrinsics.checkNotNullExpressionValue(serialize, "jwe.serialize()");
        return serialize;
    }

    public final String getJwtMsg(JWT jwt) throws JOSEException {
        Intrinsics.checkNotNullParameter(jwt, "jwt");
        try {
            JWTClaimsSet jWTClaimsSet = jwt.getJWTClaimsSet();
            if (jWTClaimsSet != null) {
                new Date(System.currentTimeMillis());
                String msg = jWTClaimsSet.getStringClaim(NotificationCompat.CATEGORY_MESSAGE);
                if (!TextUtils.isEmpty(msg)) {
                    Intrinsics.checkNotNullExpressionValue(msg, "msg");
                    return msg;
                }
            }
        } catch (ParseException unused) {
        }
        throw new JOSEException("JWT not valid");
    }

    public final String getRsaJweAlgorithm() {
        String obj = RSA_JWE_ALGORITHM.toString();
        Intrinsics.checkNotNullExpressionValue(obj, "RSA_JWE_ALGORITHM.toString()");
        return obj;
    }

    public final String getRsaJweMethod() {
        String obj = RSA_JWE_METHOD.toString();
        Intrinsics.checkNotNullExpressionValue(obj, "RSA_JWE_METHOD.toString()");
        return obj;
    }

    public final EncryptedJWT rsaDecrypt(PrivateKey privateKey, String jwtString) throws ParseException, JOSEException {
        EncryptedJWT jwt = EncryptedJWT.parse(jwtString);
        jwt.decrypt(new RSADecrypter(privateKey));
        Intrinsics.checkNotNullExpressionValue(jwt, "jwt");
        return jwt;
    }

    public final EncryptedJWT rsaEncrypt(RSAPublicKey serverPublicKey, String msg) throws JOSEException {
        EncryptedJWT encryptedJWT = new EncryptedJWT(new JWEHeader(RSA_JWE_ALGORITHM, RSA_JWE_METHOD), new JWTClaimsSet.Builder().issueTime(new Date()).expirationTime(new Date(System.currentTimeMillis() + 86400000)).claim(NotificationCompat.CATEGORY_MESSAGE, msg).build());
        encryptedJWT.encrypt(new RSAEncrypter(serverPublicKey));
        return encryptedJWT;
    }
}
