package io.getlime.security.powerauth.lib.cmd.steps.v3;

import com.google.common.io.BaseEncoding;
import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.EciesEncryptor;
import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.EciesFactory;
import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesCryptogram;
import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesSharedInfo1;
import io.getlime.security.powerauth.http.PowerAuthEncryptionHttpHeader;
import io.getlime.security.powerauth.lib.cmd.consts.BackwardCompatibilityConst;
import io.getlime.security.powerauth.lib.cmd.consts.PowerAuthConst;
import io.getlime.security.powerauth.lib.cmd.consts.PowerAuthStep;
import io.getlime.security.powerauth.lib.cmd.consts.PowerAuthVersion;
import io.getlime.security.powerauth.lib.cmd.logging.StepLogger;
import io.getlime.security.powerauth.lib.cmd.logging.StepLoggerFactory;
import io.getlime.security.powerauth.lib.cmd.status.ResultStatusService;
import io.getlime.security.powerauth.lib.cmd.steps.AbstractBaseStep;
import io.getlime.security.powerauth.lib.cmd.steps.context.RequestContext;
import io.getlime.security.powerauth.lib.cmd.steps.context.StepContext;
import io.getlime.security.powerauth.lib.cmd.steps.context.security.SimpleSecurityContext;
import io.getlime.security.powerauth.lib.cmd.steps.model.EncryptStepModel;
import io.getlime.security.powerauth.lib.cmd.steps.pojo.ResultStatusObject;
import io.getlime.security.powerauth.lib.cmd.util.SecurityUtil;
import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
import java.nio.charset.StandardCharsets;
import java.security.interfaces.ECPublicKey;
import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.stereotype.Component;

@Component("encryptStepV3")
/* loaded from: input_file:io/getlime/security/powerauth/lib/cmd/steps/v3/EncryptStep.class */
public class EncryptStep extends AbstractBaseStep<EncryptStepModel, EciesEncryptedResponse> {
    private static final EciesFactory ECIES_FACTORY = new EciesFactory();

    @Autowired
    public EncryptStep(ResultStatusService resultStatusService, StepLoggerFactory stepLoggerFactory) {
        super(PowerAuthStep.ENCRYPT, PowerAuthVersion.VERSION_3, resultStatusService, stepLoggerFactory);
    }

    public EncryptStep() {
        this(BackwardCompatibilityConst.RESULT_STATUS_SERVICE, BackwardCompatibilityConst.STEP_LOGGER_FACTORY);
    }

    @Override // io.getlime.security.powerauth.lib.cmd.steps.AbstractBaseStep
    protected ParameterizedTypeReference<EciesEncryptedResponse> getResponseTypeReference() {
        return PowerAuthConst.RESPONSE_TYPE_REFERENCE_V3;
    }

    @Override // io.getlime.security.powerauth.lib.cmd.steps.AbstractBaseStep
    public StepContext<EncryptStepModel, EciesEncryptedResponse> prepareStepContext(StepLogger stepLogger, Map<String, Object> map) throws Exception {
        EciesSharedInfo1 eciesSharedInfo1;
        EciesEncryptor createEncryptor;
        PowerAuthEncryptionHttpHeader powerAuthEncryptionHttpHeader;
        EncryptStepModel encryptStepModel = new EncryptStepModel();
        encryptStepModel.fromMap(map);
        RequestContext build = RequestContext.builder().uri(encryptStepModel.getUriString()).build();
        StepContext<EncryptStepModel, EciesEncryptedResponse> buildStepContext = buildStepContext(stepLogger, encryptStepModel, build);
        byte[] data = encryptStepModel.getData();
        if (data == null) {
            stepLogger.writeError("encrypt-error-file", "Encrypt Request Failed", "Request data for encryption was null.");
            stepLogger.writeDoneFailed("encrypt-failed");
            return null;
        }
        stepLogger.writeItem(getStep().id() + "-request-encrypt", "Preparing Request Data", "Following data will be encrypted", "OK", data);
        byte[] bytes = encryptStepModel.getApplicationSecret().getBytes(StandardCharsets.UTF_8);
        String scope = encryptStepModel.getScope();
        boolean z = -1;
        switch (scope.hashCode()) {
            case 1554253136:
                if (scope.equals("application")) {
                    z = false;
                    break;
                }
                break;
            case 2041217302:
                if (scope.equals("activation")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                eciesSharedInfo1 = EciesSharedInfo1.APPLICATION_SCOPE_GENERIC;
                createEncryptor = ECIES_FACTORY.getEciesEncryptorForApplication((ECPublicKey) encryptStepModel.getMasterPublicKey(), bytes, eciesSharedInfo1);
                powerAuthEncryptionHttpHeader = new PowerAuthEncryptionHttpHeader(encryptStepModel.getApplicationKey(), encryptStepModel.getVersion().value());
                break;
            case true:
                ResultStatusObject resultStatus = encryptStepModel.getResultStatus();
                eciesSharedInfo1 = EciesSharedInfo1.ACTIVATION_SCOPE_GENERIC;
                createEncryptor = SecurityUtil.createEncryptor(encryptStepModel.getApplicationSecret(), resultStatus, EciesSharedInfo1.ACTIVATION_SCOPE_GENERIC);
                powerAuthEncryptionHttpHeader = new PowerAuthEncryptionHttpHeader(encryptStepModel.getApplicationKey(), resultStatus.getActivationId(), encryptStepModel.getVersion().value());
                break;
            default:
                stepLogger.writeError("encrypt-error-scope", "Encrypt Request Failed", "Unsupported encryption scope: " + encryptStepModel.getScope());
                stepLogger.writeDoneFailed("encrypt-failed");
                return null;
        }
        buildStepContext.setSecurityContext(SimpleSecurityContext.builder().encryptor(createEncryptor).build());
        addEncryptedRequest(buildStepContext, encryptStepModel.getApplicationSecret(), eciesSharedInfo1, data);
        String buildHttpHeader = powerAuthEncryptionHttpHeader.buildHttpHeader();
        build.setAuthorizationHeader(buildHttpHeader);
        build.getHttpHeaders().put("X-PowerAuth-Encryption", buildHttpHeader);
        stepLogger.writeItem(getStep().id() + "-request-encrypt", "Encrypting Request Data", "Following data is sent to intermediate server", "OK", build.getRequestObject());
        return buildStepContext;
    }

    @Override // io.getlime.security.powerauth.lib.cmd.steps.AbstractBaseStep
    public void processResponse(StepContext<EncryptStepModel, EciesEncryptedResponse> stepContext) throws Exception {
        EncryptStepModel model = stepContext.getModel();
        EciesEncryptor encryptor = ((SimpleSecurityContext) stepContext.getSecurityContext()).getEncryptor();
        EciesEncryptedResponse responseBodyObject = stepContext.getResponseContext().getResponseBodyObject();
        String str = new String(encryptor.decryptResponse(new EciesCryptogram(BaseEncoding.base64().decode(responseBodyObject.getMac()), BaseEncoding.base64().decode(responseBodyObject.getEncryptedData()))), StandardCharsets.UTF_8);
        model.getResultStatus().setResponseData(str);
        stepContext.getStepLogger().writeItem(getStep().id() + "-response-decrypt", "Decrypted Response", "Following data were decrypted", "OK", str);
    }
}
