package com.veridiumid.sdk.client.handlers.revalidate;

import android.util.Base64;
import com.veridiumid.sdk.client.IVeridiumIDSDKModel;
import com.veridiumid.sdk.client.api.VeridiumIDClient;
import com.veridiumid.sdk.client.api.request.AbstractClientCertificateRecoveryRequest;
import com.veridiumid.sdk.client.api.response.VeridiumIDResponse;
import com.veridiumid.sdk.client.handlers.VeridiumIDHandler;
import com.veridiumid.sdk.client.listeners.IVeridiumIDListener;
import com.veridiumid.sdk.client.util.SSLHelper;
import java.security.KeyStore;
import java.security.Signature;

/* loaded from: classes.dex */
public class ClientCertificateRecoveryModeHandler<T extends AbstractClientCertificateRecoveryRequest<R>, R extends VeridiumIDResponse<T>> extends VeridiumIDHandler<T, R> {
    public ClientCertificateRecoveryModeHandler(IVeridiumIDListener<T, R> iVeridiumIDListener) {
        super(iVeridiumIDListener);
    }

    private KeyStore.PrivateKeyEntry getClientCertificateKeystore(VeridiumIDClient veridiumIDClient) {
        IVeridiumIDSDKModel model = veridiumIDClient.getModel();
        String restoreCertificate = model.restoreCertificate();
        String certificatePassword = model.getCertificatePassword();
        KeyStore createKeyStore = SSLHelper.createKeyStore(restoreCertificate, certificatePassword);
        return (KeyStore.PrivateKeyEntry) createKeyStore.getEntry(createKeyStore.aliases().nextElement(), new KeyStore.PasswordProtection(certificatePassword.toCharArray()));
    }

    private byte[] signMessage(KeyStore.PrivateKeyEntry privateKeyEntry, byte[] bArr) {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKeyEntry.getPrivateKey());
        signature.update(bArr);
        return signature.sign();
    }

    @Override // com.veridiumid.sdk.client.handlers.VeridiumIDHandler
    public void handleRequest(VeridiumIDClient veridiumIDClient, T t10) {
        super.handleRequest(veridiumIDClient, (VeridiumIDClient) t10);
        try {
            KeyStore.PrivateKeyEntry clientCertificateKeystore = getClientCertificateKeystore(veridiumIDClient);
            t10.setPublicClientCertificate(Base64.encodeToString(clientCertificateKeystore.getCertificate().getEncoded(), 2));
            t10.setSignature(Base64.encodeToString(signMessage(clientCertificateKeystore, t10.getSingingMessage()), 2));
        } catch (Exception e10) {
            throw new RuntimeException("Recovery request build failed", e10);
        }
    }
}
