package com.usdk.android;

import android.os.Build;
import com.google.android.gms.internal.mlkit_vision_common.e7;
import com.usdk.AbstractC0751j3;
import com.usdk.C0661a2;
import com.usdk.C0693b1;
import com.usdk.C0694b2;
import com.usdk.C0702c3;
import com.usdk.C0718e5;
import com.usdk.C0730g3;
import com.usdk.C0736h2;
import com.usdk.C0743i2;
import com.usdk.C0756k1;
import com.usdk.C0771m2;
import com.usdk.C0838w0;
import com.usdk.C0852y0;
import com.usdk.InterfaceC0779n3;
import com.usdk.J0;
import com.usdk.N0;
import com.usdk.Y4;
import com.usdk.Z4;
import com.usdk_nimbusds.jose.JWEObject;
import com.usdk_nimbusds.jose.JWSObject;
import com.usdk_nimbusds.jose.Payload;
import java.io.ByteArrayInputStream;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.emvco.threeds.core.exceptions.InvalidInputException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes7.dex */
public final class B {
    private static final J0 a = new J0();
    private static final F b = new F(C0666b.class);
    private static final C0771m2 c = C0771m2.j;

    /* loaded from: classes7.dex */
    public class a extends RuntimeException {
        public a(String str) {
            super(str);
        }

        public a(String str, Throwable th) {
            super(str, th);
        }
    }

    private PublicKey a(String str) {
        AbstractC0751j3 a2;
        try {
            a2 = AbstractC0751j3.a(str);
        } catch (Exception unused) {
        }
        if (a2 instanceof Z4) {
            return ((Z4) a2).n();
        }
        if (a2 instanceof C0743i2) {
            return ((C0743i2) a2).r();
        }
        byte[] a3 = new C0838w0(b(str)).a();
        try {
            return a(a3).getPublicKey();
        } catch (Exception unused2) {
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(a3);
            try {
                try {
                    return KeyFactory.getInstance("RSA").generatePublic(x509EncodedKeySpec);
                } catch (Exception unused3) {
                    return KeyFactory.getInstance("EC").generatePublic(x509EncodedKeySpec);
                }
            } catch (Exception unused4) {
                throw new RuntimeException("Can not parse directory server public key");
            }
        }
    }

    private X509Certificate a(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            throw new RuntimeException("Failed to parse certificate!");
        }
        for (Provider provider : Security.getProviders()) {
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X.509", provider.getName()).generateCertificate(new ByteArrayInputStream(bArr));
                if ((generateCertificate instanceof X509Certificate) && generateCertificate.getPublicKey() != null) {
                    return (X509Certificate) generateCertificate;
                }
            } catch (Exception unused) {
            }
        }
        throw new a("Neither of security providers were able to parse certificate!");
    }

    private SecretKey a(ECPrivateKey eCPrivateKey, ECPublicKey eCPublicKey, String str) {
        SecretKeySpec b2;
        C0693b1 c0693b1 = new C0693b1("SHA-256");
        if (Build.VERSION.SDK_INT < 24) {
            SecretKeySpec secretKeySpec = null;
            for (Provider provider : Security.getProviders()) {
                try {
                    secretKeySpec = e7.b(eCPublicKey, eCPrivateKey, provider);
                } catch (Exception unused) {
                }
            }
            b2 = secretKeySpec;
        } else {
            b2 = e7.b(eCPublicKey, eCPrivateKey, null);
        }
        if (b2 != null) {
            return c0693b1.a(b2, 256, C0693b1.a((String) null), C0693b1.a((C0852y0) null), C0693b1.a(C0852y0.a(str)), C0693b1.a(256), C0693b1.d());
        }
        throw new RuntimeException("Neither of security providers were able to generate ECDHSecret!");
    }

    private void a() {
        Security.removeProvider("SC");
    }

    private String b(String str) {
        int indexOf = str.indexOf("-----BEGIN");
        return indexOf == -1 ? str : str.substring(str.indexOf("\n", indexOf), str.indexOf("-----END"));
    }

    private void b() {
        Security.insertProviderAt(a, 1);
    }

    private KeyPair c() {
        Provider[] providers = Security.getProviders();
        int length = providers.length;
        for (int i = 0; i < length; i++) {
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", providers[i]);
                keyPairGenerator.initialize(new ECGenParameterSpec("secp256r1"));
                return keyPairGenerator.generateKeyPair();
            } catch (Exception unused) {
            }
        }
        throw new RuntimeException("Neither of security providers were able to generate ephemeral key!");
    }

    public String a(String str, String str2, String str3, byte[] bArr, byte[] bArr2) {
        String str4;
        JWEObject jWEObject;
        try {
            b();
            PublicKey a2 = a(new String(bArr));
            if (a2 instanceof RSAPublicKey) {
                C0730g3.a aVar = new C0730g3.a(C0702c3.f, c);
                if (T.c(str3)) {
                    aVar.b(str3);
                }
                jWEObject = new JWEObject(aVar.a(), new Payload(str));
                Y4 y4 = new Y4((RSAPublicKey) a2);
                y4.c().b(a);
                jWEObject.a(y4);
            } else {
                if (!(a2 instanceof ECPublicKey)) {
                    str4 = null;
                    return str4;
                }
                C0743i2 c0743i2 = (C0743i2) AbstractC0751j3.a(new String(bArr2));
                C0730g3.a a3 = new C0730g3.a(C0702c3.k, c).a(c0743i2.s());
                if (T.c(str3)) {
                    a3.b(str3);
                }
                JWEObject jWEObject2 = new JWEObject(a3.a(), new Payload(str));
                W w = new W(c0743i2, (ECPublicKey) a2, str2);
                w.c().b(a);
                jWEObject2.a(w);
                jWEObject = jWEObject2;
            }
            str4 = jWEObject.k();
            return str4;
        } finally {
            a();
        }
    }

    public String a(String str, byte[] bArr) {
        InterfaceC0779n3 c0736h2;
        F f = b;
        StringBuilder y = defpackage.c.y("Entered verifySignature, acsSignedContentStr: '", str, "', dsCaCertificatePem: '");
        y.append(new String(bArr));
        y.append("'");
        f.a(y.toString());
        try {
            try {
                b();
                JWSObject b2 = JWSObject.b(str);
                if (b2.d().e() == null || b2.d().e().size() < 1) {
                    throw new a("No x5c certificates found in AcsSignedContent");
                }
                X509Certificate a2 = a(new C0838w0(b(new String(bArr))).a());
                ArrayList arrayList = new ArrayList();
                for (int i = 0; i < b2.d().e().size(); i++) {
                    arrayList.add(a(((C0838w0) b2.d().e().get(i)).a()));
                }
                if (!arrayList.contains(a2)) {
                    arrayList.add(a2);
                }
                Date date = new Date();
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    X509Certificate x509Certificate = (X509Certificate) it.next();
                    if (date.before(x509Certificate.getNotBefore())) {
                        throw new a(String.format("Attempt to use certificate '%s' before %s", x509Certificate.getSerialNumber().toString(), x509Certificate.getNotBefore().toString()));
                    }
                    if (date.after(x509Certificate.getNotAfter())) {
                        throw new a(String.format("Attempt to use certificate '%s' after %s", x509Certificate.getSerialNumber().toString(), x509Certificate.getNotAfter().toString()));
                    }
                }
                int i2 = 0;
                while (i2 < arrayList.size() - 1) {
                    X509Certificate x509Certificate2 = (X509Certificate) arrayList.get(i2);
                    i2++;
                    x509Certificate2.verify(((X509Certificate) arrayList.get(i2)).getPublicKey());
                }
                PublicKey publicKey = ((X509Certificate) arrayList.get(0)).getPublicKey();
                if (publicKey instanceof RSAPublicKey) {
                    c0736h2 = new C0718e5((RSAPublicKey) publicKey);
                } else {
                    if (!(publicKey instanceof ECPublicKey)) {
                        throw new IllegalArgumentException("Public key not supported, only RSAPublicKey and ECPublicKey allowed!");
                    }
                    c0736h2 = new C0736h2((ECPublicKey) publicKey);
                }
                if (!b2.a(c0736h2)) {
                    throw new a("Failed to verify JWS");
                }
                b2.b().toString();
                return b2.b().toString();
            } catch (Exception e) {
                throw new a("Failed to parse/verify the signature", e);
            }
        } finally {
            a();
        }
    }

    public String a(byte[] bArr, byte[] bArr2, byte[] bArr3, String str) {
        try {
            b();
            SecretKey a2 = a(((C0743i2) AbstractC0751j3.a(new String(bArr3))).q(), ((C0743i2) AbstractC0751j3.a(new String(bArr2))).r(), str);
            byte[] a3 = N0.a(a2.getEncoded(), a2.getEncoded().length / 2, a2.getEncoded().length / 2);
            JWEObject b2 = JWEObject.b(new String(bArr));
            C0661a2 c0661a2 = new C0661a2(a3);
            c0661a2.c().a(a);
            b2.a(c0661a2);
            return b2.b().toString();
        } finally {
            a();
        }
    }

    public String a(byte[] bArr, byte[] bArr2, byte[] bArr3, String str, String str2) {
        try {
            b();
            SecretKey a2 = a(((C0743i2) AbstractC0751j3.a(new String(bArr3))).q(), ((C0743i2) AbstractC0751j3.a(new String(bArr2))).r(), str2);
            byte[] a3 = N0.a(a2.getEncoded(), 0, a2.getEncoded().length / 2);
            JWEObject jWEObject = new JWEObject(new C0730g3.a(C0702c3.j, c).b(str).a(), new Payload(bArr));
            C0694b2 c0694b2 = new C0694b2(a3);
            c0694b2.c().b(a);
            jWEObject.a(c0694b2);
            return jWEObject.k();
        } finally {
            a();
        }
    }

    public void c(String str) {
        try {
            a(new C0838w0(b(str)).a());
        } catch (Exception unused) {
            throw new InvalidInputException(defpackage.c.m("X509 Certificate could not be parsed: ", str));
        }
    }

    public b0 d() {
        try {
            b();
            KeyPair c2 = c();
            C0756k1 c0756k1 = C0756k1.d;
            return new b0(new C0743i2.a(c0756k1, (ECPublicKey) c2.getPublic()).a().m().getBytes(), new C0743i2.a(c0756k1, (ECPublicKey) c2.getPublic()).a((ECPrivateKey) c2.getPrivate()).a().m().getBytes());
        } finally {
            a();
        }
    }

    public void d(String str) {
        try {
            a(str);
        } catch (Exception unused) {
            throw new InvalidInputException(defpackage.c.m("JWK public key could not be parsed: ", str));
        }
    }
}
