package F0;

import P0.b;
import com.exantech.custody.apiRest.ResponseData;
import com.exantech.custody.apiRest.items.EncodedQuote;
import com.exantech.custody.apiRest.items.IasReportInfo;
import com.exantech.custody.apiRest.items.VerifyQuoteReport;
import e3.C0378c;
import e3.C0381f;
import java.io.ByteArrayInputStream;
import java.net.URLDecoder;
import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import t1.o;
import w3.C0816a;

/* loaded from: classes.dex */
public final class j extends b<VerifyQuoteReport, EncodedQuote, E0.e> {

    /* renamed from: h1, reason: collision with root package name */
    public final String f479h1;

    /* renamed from: i1, reason: collision with root package name */
    public final Class<VerifyQuoteReport> f480i1;

    /* renamed from: j1, reason: collision with root package name */
    public final C0381f f481j1;

    /* renamed from: k1, reason: collision with root package name */
    public final int f482k1;

    /* renamed from: x, reason: collision with root package name */
    public final byte[] f483x;

    /* renamed from: y, reason: collision with root package name */
    public final byte[] f484y;

    public j(byte[] bArr, q1.h hVar) {
        super(hVar);
        this.f483x = bArr;
        byte[] bArr2 = new byte[16];
        SecureRandom.getInstanceStrong().nextBytes(bArr2);
        this.f484y = bArr2;
        this.f479h1 = "https://api.trustedservices.intel.com:443/sgx/attestation/v4/report";
        this.f480i1 = VerifyQuoteReport.class;
        this.f481j1 = new C0381f(new d(1, this));
        this.f482k1 = 1;
    }

    public static void r(byte[] bArr, byte[] bArr2, X509Certificate x509Certificate) {
        PublicKey publicKey = x509Certificate.getPublicKey();
        RSAPublicKey rSAPublicKey = publicKey instanceof RSAPublicKey ? (RSAPublicKey) publicKey : null;
        if (rSAPublicKey == null) {
            new Throwable("certificate doesn't contain RSA public key");
            return;
        }
        byte[] digest = MessageDigest.getInstance("SHA-256").digest(bArr);
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initVerify(rSAPublicKey);
        signature.update(digest);
        if (signature.verify(bArr2)) {
            return;
        }
        new Throwable("invalid signature");
    }

    @Override // W0.b
    public final void f(X0.b bVar) {
        byte[] bArr;
        String body;
        G0.a aVar = (G0.a) bVar;
        ResponseData responseData = (ResponseData) aVar.f2263a;
        if (responseData == null || (body = responseData.getBody()) == null) {
            bArr = null;
        } else {
            bArr = body.getBytes(C0816a.f10164a);
            q3.j.d("getBytes(...)", bArr);
        }
        VerifyQuoteReport verifyQuoteReport = (VerifyQuoteReport) o.f9558a.b(this.f480i1, responseData != null ? responseData.getBody() : null);
        L l5 = this.f466d;
        Map<String, String> map = aVar.f547d;
        if (map == null || bArr == null || verifyQuoteReport == null) {
            t1.h.a("VerifyQuoteOperation", "Either report or headers are missing");
            ((E0.e) l5).c(new P0.b(null, b.a.f1523q, 1));
            return;
        }
        byte[] bArr2 = this.f484y;
        q3.j.e("<this>", bArr2);
        StringBuilder sb = new StringBuilder();
        sb.append((CharSequence) "");
        int i6 = 0;
        for (byte b6 : bArr2) {
            i6++;
            if (i6 > 1) {
                sb.append((CharSequence) "");
            }
            sb.append((CharSequence) String.format("%02x", Arrays.copyOf(new Object[]{Byte.valueOf(b6)}, 1)));
        }
        sb.append((CharSequence) "");
        String sb2 = sb.toString();
        q3.j.d("toString(...)", sb2);
        if (!sb2.equals(verifyQuoteReport.getNonce())) {
            t1.h.a("VerifyQuoteOperation", "Failed to verify quote: nonce mismatch");
            ((E0.e) l5).c(new P0.b(null, b.a.f1523q, 1));
            return;
        }
        try {
            C0378c<X509Certificate, X509Certificate> o3 = o(map);
            X509Certificate x509Certificate = o3.f6556c;
            X509Certificate x509Certificate2 = o3.f6557d;
            t1.h.a("VerifyQuoteOperation", "Checking Intel signing certificate");
            x509Certificate.verify(x509Certificate2.getPublicKey());
            t1.h.a("VerifyQuoteOperation", "Intel signing certificate is valid");
            try {
                byte[] bytes = p(map).getBytes(C0816a.f10164a);
                q3.j.d("getBytes(...)", bytes);
                r(bArr, bytes, x509Certificate);
                t1.h.a("VerifyQuoteOperation", "Response signature is ok");
                try {
                    IasReportInfo q5 = q(verifyQuoteReport);
                    if (q3.j.a(verifyQuoteReport.getIsvEnclaveQuoteStatus(), "GROUP_OUT_OF_DATE")) {
                        t1.h.a("VerifyQuoteOperation", "Group is out of date");
                        ((E0.e) l5).d(q5);
                    } else if (q3.j.a(verifyQuoteReport.getIsvEnclaveQuoteStatus(), "OK")) {
                        ((E0.e) l5).d(q5);
                    } else {
                        t1.h.a("VerifyQuoteOperation", "Enclave quote status recognised as OK");
                        ((E0.e) l5).c(new P0.b(null, b.a.f1523q, 1));
                    }
                } catch (Exception e6) {
                    List<t1.j> list = t1.h.f9523a;
                    t1.h.c("VerifyQuoteOperation", C3.a.O(e6), e6);
                    ((E0.e) l5).c(new P0.b(null, b.a.f1523q, 1));
                }
            } catch (Exception e7) {
                List<t1.j> list2 = t1.h.f9523a;
                t1.h.c("VerifyQuoteOperation", C3.a.O(e7), e7);
                ((E0.e) l5).c(new P0.b(null, b.a.f1523q, 1));
            }
        } catch (Exception e8) {
            List<t1.j> list3 = t1.h.f9523a;
            t1.h.c("VerifyQuoteOperation", C3.a.O(e8), e8);
            ((E0.e) l5).c(new P0.b(null, b.a.f1523q, 1));
        }
    }

    @Override // F0.a
    public final void j(G0.a<ResponseData> aVar) {
        q3.j.e("result", aVar);
        super.j(aVar);
        ((E0.e) this.f466d).c(new P0.b(null, b.a.f1523q, 1));
    }

    @Override // F0.f
    public final Class<VerifyQuoteReport> l() {
        return this.f480i1;
    }

    @Override // F0.f
    public final HashMap<String, String> m() {
        HashMap<String, String> m5 = super.m();
        m5.put("Ocp-Apim-Subscription-Key", "7eb30c4b956c4326864f4171f4f26d31");
        return m5;
    }

    @Override // F0.f
    public final EncodedQuote n() {
        return (EncodedQuote) this.f481j1.a();
    }

    public final C0378c<X509Certificate, X509Certificate> o(Map<String, String> map) {
        String str = map.get("X-Iasreport-Signing-Certificate");
        if (str == null) {
            t1.h.a("VerifyQuoteOperation", "Certificates not found");
            ((E0.e) this.f466d).c(new P0.b(null, b.a.f1523q, 1));
            throw new IllegalStateException("Certificates not found");
        }
        String decode = URLDecoder.decode(str, "UTF-8");
        q3.j.b(decode);
        int N2 = w3.i.N(decode, "-----END CERTIFICATE-----\n", 0, false, 6);
        if (N2 < 0) {
            throw new IllegalStateException("No certificate found");
        }
        int i6 = N2 + 26;
        String substring = decode.substring(0, i6);
        q3.j.d("substring(...)", substring);
        Charset charset = C0816a.f10164a;
        byte[] bytes = substring.getBytes(charset);
        q3.j.d("getBytes(...)", bytes);
        String substring2 = decode.substring(i6);
        q3.j.d("substring(...)", substring2);
        byte[] bytes2 = substring2.getBytes(charset);
        q3.j.d("getBytes(...)", bytes2);
        Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bytes));
        q3.j.c("null cannot be cast to non-null type java.security.cert.X509Certificate", generateCertificate);
        Certificate generateCertificate2 = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bytes2));
        q3.j.c("null cannot be cast to non-null type java.security.cert.X509Certificate", generateCertificate2);
        return new C0378c<>((X509Certificate) generateCertificate, (X509Certificate) generateCertificate2);
    }

    public final String p(Map<String, String> map) {
        String str = map.get("X-Iasreport-Signature");
        if (str == null) {
            ((E0.e) this.f466d).c(new P0.b(null, b.a.f1523q, 1));
            throw new IllegalStateException("Signature not found");
        }
        String decode = URLDecoder.decode(str, "UTF-8");
        q3.j.d("decode(...)", decode);
        return decode;
    }

    public final IasReportInfo q(VerifyQuoteReport verifyQuoteReport) {
        try {
            byte[] decode = Base64.getDecoder().decode(verifyQuoteReport.getIsvEnclaveQuoteBody());
            q3.j.b(decode);
            byte[] b6 = f3.f.b(decode, 176, 208);
            if (b6.length != 32) {
                ((E0.e) this.f466d).c(new P0.b(null, b.a.f1523q, 1));
                throw new IllegalStateException("Unexpected MRSIGNER size");
            }
            String advisoryURL = verifyQuoteReport.getAdvisoryURL();
            List<String> advisoryIDs = verifyQuoteReport.getAdvisoryIDs();
            byte[] copyOf = Arrays.copyOf(b6, b6.length);
            q3.j.d("copyOf(...)", copyOf);
            return new IasReportInfo(copyOf, advisoryURL, advisoryIDs);
        } catch (Exception unused) {
            verifyQuoteReport.getIsvEnclaveQuoteBody();
            throw new IllegalStateException("Failed to decode base64 quote body");
        }
    }
}
