package t1;

import android.util.Log;
import c2.b;
import com.exantech.custody.apiRest.ResponseData;
import com.exantech.custody.apiRest.items.EncodedQuote;
import com.exantech.custody.apiRest.items.IasReportInfo;
import com.exantech.custody.apiRest.items.VerifyQuoteReport;
import java.io.ByteArrayInputStream;
import java.net.URLDecoder;
import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/* loaded from: classes.dex */
public final class n extends b<VerifyQuoteReport, EncodedQuote, s1.e> {

    /* renamed from: c1, reason: collision with root package name */
    public final String f8715c1;

    /* renamed from: d1, reason: collision with root package name */
    public final Class<VerifyQuoteReport> f8716d1;

    /* renamed from: e1, reason: collision with root package name */
    public final r6.c f8717e1;

    /* renamed from: f1, reason: collision with root package name */
    public final int f8718f1;

    /* renamed from: x, reason: collision with root package name */
    public final byte[] f8719x;

    /* renamed from: y, reason: collision with root package name */
    public final byte[] f8720y;

    public n(byte[] bArr, c3.g gVar) {
        super(gVar);
        this.f8719x = bArr;
        byte[] bArr2 = new byte[16];
        SecureRandom instanceStrong = SecureRandom.getInstanceStrong();
        b7.k.d("getInstanceStrong(...)", instanceStrong);
        instanceStrong.nextBytes(bArr2);
        this.f8720y = bArr2;
        this.f8715c1 = "https://api.trustedservices.intel.com:443/sgx/attestation/v4/report";
        this.f8716d1 = VerifyQuoteReport.class;
        this.f8717e1 = new r6.c(new m(this));
        this.f8718f1 = 1;
    }

    public static void s(byte[] bArr, byte[] bArr2, X509Certificate x509Certificate) {
        PublicKey publicKey = x509Certificate.getPublicKey();
        RSAPublicKey rSAPublicKey = publicKey instanceof RSAPublicKey ? (RSAPublicKey) publicKey : null;
        if (rSAPublicKey == null) {
            new Throwable("certificate doesn't contain RSA public key");
            return;
        }
        byte[] digest = MessageDigest.getInstance("SHA-256").digest(bArr);
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initVerify(rSAPublicKey);
        signature.update(digest);
        if (signature.verify(bArr2)) {
            return;
        }
        new Throwable("invalid signature");
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // j2.b
    public final void h(k2.c cVar) {
        byte[] bArr;
        String body;
        u1.a aVar = (u1.a) cVar;
        ResponseData responseData = (ResponseData) aVar.f5667a;
        if (responseData == null || (body = responseData.getBody()) == null) {
            bArr = null;
        } else {
            bArr = body.getBytes(h7.a.f4990a);
            b7.k.d("getBytes(...)", bArr);
        }
        VerifyQuoteReport verifyQuoteReport = (VerifyQuoteReport) f3.l.f4347a.b(this.f8716d1, responseData != null ? responseData.getBody() : null);
        L l10 = this.f8702d;
        Map<String, String> map = aVar.f8851d;
        if (map == null || bArr == null || verifyQuoteReport == null) {
            f3.d.a("VerifyQuoteOperation", "Either report or headers are missing");
            ((s1.e) l10).c(new c2.b(null, b.a.f2281q, 1));
            return;
        }
        if (!b7.k.a(a3.e.H0(this.f8720y), verifyQuoteReport.getNonce())) {
            f3.d.a("VerifyQuoteOperation", "Failed to verify quote: nonce mismatch");
            ((s1.e) l10).c(new c2.b(null, b.a.f2281q, 1));
            return;
        }
        try {
            r6.a<X509Certificate, X509Certificate> p10 = p(map);
            X509Certificate x509Certificate = p10.f8109c;
            X509Certificate x509Certificate2 = p10.f8110d;
            f3.d.a("VerifyQuoteOperation", "Checking Intel signing certificate");
            x509Certificate.verify(x509Certificate2.getPublicKey());
            f3.d.a("VerifyQuoteOperation", "Intel signing certificate is valid");
            try {
                byte[] bytes = q(map).getBytes(h7.a.f4990a);
                b7.k.d("getBytes(...)", bytes);
                s(bArr, bytes, x509Certificate);
                f3.d.a("VerifyQuoteOperation", "Response signature is ok");
                try {
                    IasReportInfo r10 = r(verifyQuoteReport);
                    if (b7.k.a(verifyQuoteReport.getIsvEnclaveQuoteStatus(), "GROUP_OUT_OF_DATE")) {
                        f3.d.a("VerifyQuoteOperation", "Group is out of date");
                        ((s1.e) l10).d(r10);
                    } else if (b7.k.a(verifyQuoteReport.getIsvEnclaveQuoteStatus(), "OK")) {
                        ((s1.e) l10).d(r10);
                    } else {
                        f3.d.a("VerifyQuoteOperation", "Enclave quote status recognised as OK");
                        ((s1.e) l10).c(new c2.b(null, b.a.f2281q, 1));
                    }
                } catch (Exception e9) {
                    ArrayList arrayList = f3.d.f4316a;
                    f3.d.c("VerifyQuoteOperation", a3.e.Y(e9), e9);
                    ((s1.e) l10).c(new c2.b(null, b.a.f2281q, 1));
                }
            } catch (Exception e10) {
                ArrayList arrayList2 = f3.d.f4316a;
                f3.d.c("VerifyQuoteOperation", a3.e.Y(e10), e10);
                ((s1.e) l10).c(new c2.b(null, b.a.f2281q, 1));
            }
        } catch (Exception e11) {
            ArrayList arrayList3 = f3.d.f4316a;
            f3.d.c("VerifyQuoteOperation", a3.e.Y(e11), e11);
            ((s1.e) l10).c(new c2.b(null, b.a.f2281q, 1));
        }
    }

    @Override // t1.a
    public final void l(u1.a<ResponseData> aVar) {
        b7.k.e("result", aVar);
        super.l(aVar);
        ((s1.e) this.f8702d).c(new c2.b(null, b.a.f2281q, 1));
    }

    @Override // t1.g
    public final Class<VerifyQuoteReport> m() {
        return this.f8716d1;
    }

    @Override // t1.g
    public final HashMap<String, String> n() {
        HashMap<String, String> n10 = super.n();
        n10.put("Ocp-Apim-Subscription-Key", "7eb30c4b956c4326864f4171f4f26d31");
        return n10;
    }

    @Override // t1.g
    public final EncodedQuote o() {
        return (EncodedQuote) this.f8717e1.a();
    }

    public final r6.a<X509Certificate, X509Certificate> p(Map<String, String> map) {
        String str = map.get("X-Iasreport-Signing-Certificate");
        if (str == null) {
            f3.d.a("VerifyQuoteOperation", "Certificates not found");
            ((s1.e) this.f8702d).c(new c2.b(null, b.a.f2281q, 1));
            throw new IllegalStateException("Certificates not found".toString());
        }
        String decode = URLDecoder.decode(str, "UTF-8");
        b7.k.b(decode);
        int e02 = h7.h.e0(decode, "-----END CERTIFICATE-----\n", 0, false, 6);
        if (e02 < 0) {
            Log.d("VerifyQuoteOperation", "No certificate found");
            throw new IllegalStateException("No certificate found".toString());
        }
        int i10 = e02 + 26;
        String substring = decode.substring(0, i10);
        b7.k.d("substring(...)", substring);
        Charset charset = h7.a.f4990a;
        byte[] bytes = substring.getBytes(charset);
        b7.k.d("getBytes(...)", bytes);
        String substring2 = decode.substring(i10);
        b7.k.d("substring(...)", substring2);
        byte[] bytes2 = substring2.getBytes(charset);
        b7.k.d("getBytes(...)", bytes2);
        Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bytes));
        b7.k.c("null cannot be cast to non-null type java.security.cert.X509Certificate", generateCertificate);
        Certificate generateCertificate2 = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bytes2));
        b7.k.c("null cannot be cast to non-null type java.security.cert.X509Certificate", generateCertificate2);
        return new r6.a<>((X509Certificate) generateCertificate, (X509Certificate) generateCertificate2);
    }

    public final String q(Map<String, String> map) {
        String str = map.get("X-Iasreport-Signature");
        if (str != null) {
            String decode = URLDecoder.decode(str, "UTF-8");
            b7.k.d("decode(...)", decode);
            return decode;
        }
        Log.d("VerifyQuoteOperation", "Signature not found");
        ((s1.e) this.f8702d).c(new c2.b(null, b.a.f2281q, 1));
        throw new IllegalStateException("Signature not found".toString());
    }

    public final IasReportInfo r(VerifyQuoteReport verifyQuoteReport) {
        try {
            byte[] decode = Base64.getDecoder().decode(verifyQuoteReport.getIsvEnclaveQuoteBody());
            b7.k.b(decode);
            byte[] R0 = s6.f.R0(decode, 176, 208);
            if (R0.length != 32) {
                Log.d("VerifyQuoteOperation", "Unexpected MRSIGNER size");
                ((s1.e) this.f8702d).c(new c2.b(null, b.a.f2281q, 1));
                throw new IllegalStateException("Unexpected MRSIGNER size".toString());
            }
            String advisoryURL = verifyQuoteReport.getAdvisoryURL();
            List<String> advisoryIDs = verifyQuoteReport.getAdvisoryIDs();
            byte[] copyOf = Arrays.copyOf(R0, R0.length);
            b7.k.d("copyOf(...)", copyOf);
            return new IasReportInfo(copyOf, advisoryURL, advisoryIDs);
        } catch (Exception e9) {
            Log.d("VerifyQuoteOperation", "Failed to decode base64 quote body: " + verifyQuoteReport.getIsvEnclaveQuoteBody(), e9);
            throw new IllegalStateException("Failed to decode base64 quote body".toString());
        }
    }
}
