package com.lfg.cma.strongkey.sacl.impl;

import android.content.Context;
import android.content.res.Resources;
import android.os.Build;
import android.util.Log;
import com.lfg.cma.strongkey.sacl.interfaces.SaclService;
import com.lfg.cma.strongkey.sacl.utilities.Common;
import com.lfg.cma.strongkey.sacl.utilities.LocalContextWrapper;
import com.lfg.cma.strongkey.sacl.utilities.SaclConstants;
import com.lfg.cma.strongkey.sacl.webservices.CallWebservice;
import com.lfg.consumerparticipant.R;
import java.io.IOException;
import java.io.StringReader;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Base64;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.openssl.PEMParser;
import org.erdtman.jcs.JsonCanonicalizer;
import org.json.JSONException;
import org.json.JSONObject;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.DERSequence;

/* loaded from: classes.dex */
public class SaclServiceImpl implements SaclService {
    static final /* synthetic */ boolean $assertionsDisabled = false;
    private static LocalContextWrapper mLocalContextWrapper;
    private static Resources mResources;
    private static final String TAG = SaclServiceImpl.class.getSimpleName();
    private static String MTAG = null;

    public SaclServiceImpl(Context context) {
        LocalContextWrapper localContextWrapper = new LocalContextWrapper(context);
        mLocalContextWrapper = localContextWrapper;
        mResources = localContextWrapper.getResources();
    }

    private static JSONObject getAndroidOsDetails() {
        MTAG = "getAndroidOsDetails";
        try {
            JSONObject put = new JSONObject().put(SaclConstants.ANDROID_OS_DETAILS, new JSONObject().put(SaclConstants.ANDROID_VERSION_RELEASE, Build.VERSION.RELEASE).put(SaclConstants.ANDROID_VERSION_INCREMENTAL, Build.VERSION.INCREMENTAL).put(SaclConstants.ANDROID_VERSION_SDK_NUMBER, Build.VERSION.SDK_INT).put(SaclConstants.ANDROID_BOARD, Build.BOARD).put(SaclConstants.ANDROID_BOOTLOADER, Build.BOOTLOADER).put(SaclConstants.ANDROID_BRAND, Build.BRAND).put(SaclConstants.ANDROID_CPU_ABI, Build.CPU_ABI).put(SaclConstants.ANDROID_CPU_ABI2, Build.CPU_ABI2).put(SaclConstants.ANDROID_DEVICE, Build.DEVICE).put(SaclConstants.ANDROID_DISPLAY, Build.DISPLAY).put(SaclConstants.ANDROID_FINGERPRINT, Build.FINGERPRINT).put(SaclConstants.ANDROID_HOST, Build.HARDWARE).put(SaclConstants.ANDROID_HOST, Build.HOST).put(SaclConstants.ANDROID_ID, Build.ID).put(SaclConstants.ANDROID_MANUFACTURER, Build.MANUFACTURER).put(SaclConstants.ANDROID_MODEL, Build.MODEL).put(SaclConstants.ANDROID_PRODUCT, Build.PRODUCT).put(SaclConstants.ANDROID_SERIAL, Build.SERIAL).put(SaclConstants.ANDROID_SUPPORTED_32BIT_ABI, Arrays.toString(Build.SUPPORTED_32_BIT_ABIS)).put(SaclConstants.ANDROID_SUPPORTED_64BIT_ABI, Arrays.toString(Build.SUPPORTED_64_BIT_ABIS)).put(SaclConstants.ANDROID_TAGS, Build.TAGS).put(SaclConstants.ANDROID_TIME, Build.TIME).put(SaclConstants.ANDROID_TYPE, Build.TYPE).put(SaclConstants.ANDROID_USER, Build.USER));
            Log.v(MTAG, put.toString());
            return put;
        } catch (JSONException unused) {
            return null;
        }
    }

    @Override // com.lfg.cma.strongkey.sacl.interfaces.SaclService
    public JSONObject checkForAttestationAuthorization(String str, String str2, String str3) {
        MTAG = SaclConstants.JSON_KEY_SACL_SERVICE_OPERATION_CHECK_ATTESTATION_AUTHORIZATION;
        long nowms = Common.nowms();
        Log.i(TAG, MTAG + "-IN-" + nowms);
        LocalContextWrapper localContextWrapper = mLocalContextWrapper;
        if (localContextWrapper == null) {
            String string = localContextWrapper.getString(R.string.ERROR_NULL_CONTEXT);
            Log.w(TAG, string);
            try {
                long nowms2 = Common.nowms();
                Log.i(TAG, MTAG + "-OUT-" + nowms + "-" + nowms2 + "|TTC=" + (nowms2 - nowms));
                return Common.jsonError(TAG, MTAG, SaclConstants.ERROR_NULL_CONTEXT, string);
            } catch (JSONException e) {
                e.printStackTrace();
            }
        }
        try {
            JSONObject put = new JSONObject().put("did", str).put("uid", str2).put("devid", str3);
            Log.d(TAG, "mJSONObjectInput: " + put.toString());
            JSONObject execute = CallWebservice.execute(SaclConstants.JSON_KEY_SACL_SERVICE_OPERATION_CHECK_ATTESTATION_AUTHORIZATION, put, mLocalContextWrapper);
            long nowms3 = Common.nowms();
            Log.i(TAG, MTAG + "-OUT-" + nowms + "-" + nowms3 + "|TTC=" + (nowms3 - nowms));
            return execute;
        } catch (RuntimeException | JSONException e2) {
            e2.printStackTrace();
            try {
                return Common.JsonError(TAG, "execute", "http", e2.getLocalizedMessage());
            } catch (JSONException unused) {
                return null;
            }
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:20:0x00d2 A[Catch: SignatureException -> 0x0421, JSONException -> 0x0423, InvalidKeyException -> 0x0425, UnrecoverableEntryException -> 0x0427, KeyStoreException -> 0x0429, NoSuchAlgorithmException -> 0x042b, IOException -> 0x042d, CertificateException -> 0x042f, TRY_LEAVE, TryCatch #1 {JSONException -> 0x0423, blocks: (B:3:0x002c, B:6:0x0041, B:17:0x00a6, B:18:0x00ac, B:20:0x00d2, B:30:0x0137, B:31:0x013d, B:33:0x0199, B:36:0x024c, B:39:0x01dd, B:43:0x01e8, B:50:0x0247), top: B:2:0x002c }] */
    /* JADX WARN: Removed duplicated region for block: B:33:0x0199 A[Catch: SignatureException -> 0x0421, JSONException -> 0x0423, InvalidKeyException -> 0x0425, UnrecoverableEntryException -> 0x0427, KeyStoreException -> 0x0429, NoSuchAlgorithmException -> 0x042b, IOException -> 0x042d, CertificateException -> 0x042f, TryCatch #1 {JSONException -> 0x0423, blocks: (B:3:0x002c, B:6:0x0041, B:17:0x00a6, B:18:0x00ac, B:20:0x00d2, B:30:0x0137, B:31:0x013d, B:33:0x0199, B:36:0x024c, B:39:0x01dd, B:43:0x01e8, B:50:0x0247), top: B:2:0x002c }] */
    /* JADX WARN: Removed duplicated region for block: B:43:0x01e8 A[Catch: SignatureException -> 0x0421, JSONException -> 0x0423, InvalidKeyException -> 0x0425, UnrecoverableEntryException -> 0x0427, KeyStoreException -> 0x0429, NoSuchAlgorithmException -> 0x042b, IOException -> 0x042d, CertificateException -> 0x042f, TRY_LEAVE, TryCatch #1 {JSONException -> 0x0423, blocks: (B:3:0x002c, B:6:0x0041, B:17:0x00a6, B:18:0x00ac, B:20:0x00d2, B:30:0x0137, B:31:0x013d, B:33:0x0199, B:36:0x024c, B:39:0x01dd, B:43:0x01e8, B:50:0x0247), top: B:2:0x002c }] */
    /* JADX WARN: Removed duplicated region for block: B:54:0x013b  */
    @Override // com.lfg.cma.strongkey.sacl.interfaces.SaclService
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.json.JSONObject generateJsonWebSignature(java.lang.String r18, java.lang.String r19, java.lang.String r20, java.lang.String r21) {
        /*
            Method dump skipped, instructions count: 1078
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.lfg.cma.strongkey.sacl.impl.SaclServiceImpl.generateJsonWebSignature(java.lang.String, java.lang.String, java.lang.String, java.lang.String):org.json.JSONObject");
    }

    @Override // com.lfg.cma.strongkey.sacl.interfaces.SaclService
    public JSONObject generateSigningKey(String str, String str2, String str3, String str4) {
        MTAG = "generateSigningKey";
        long nowms = Common.nowms();
        Log.i(TAG, MTAG + "-IN-" + nowms);
        try {
            String string = mLocalContextWrapper.getString(R.string.ERROR_NOT_IMPLEMENTED_YET);
            long nowms2 = Common.nowms();
            Log.i(TAG, MTAG + "-OUT-" + nowms + "-" + nowms2 + "|TTC=" + (nowms2 - nowms));
            return Common.jsonError(TAG, MTAG, SaclConstants.ERROR_NOT_IMPLEMENTED_YET, string);
        } catch (JSONException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.lfg.cma.strongkey.sacl.interfaces.SaclService
    public JSONObject proposeMobileDevice(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) {
        MTAG = SaclConstants.JSON_KEY_SACL_SERVICE_OPERATION_PROPOSE_DEVICE;
        long nowms = Common.nowms();
        Log.i(TAG, MTAG + "-IN-" + nowms);
        LocalContextWrapper localContextWrapper = mLocalContextWrapper;
        if (localContextWrapper == null) {
            String string = localContextWrapper.getString(R.string.ERROR_NULL_CONTEXT);
            Log.w(TAG, string);
            try {
                long nowms2 = Common.nowms();
                Log.i(TAG, MTAG + "-OUT-" + nowms + "-" + nowms2 + "|TTC=" + (nowms2 - nowms));
                return Common.jsonError(TAG, MTAG, SaclConstants.ERROR_NULL_CONTEXT, string);
            } catch (JSONException e) {
                e.printStackTrace();
            }
        }
        try {
            JSONObject put = new JSONObject().put("did", str).put("uid", str2).put(SaclConstants.JSON_KEY_USER_DEVICE, new JSONObject().put(SaclConstants.JSON_KEY_DEVICE_MOBILE_NUMBER, str3).put(SaclConstants.JSON_KEY_DEVICE_MANUFACTURER, str4).put(SaclConstants.JSON_KEY_DEVICE_MODEL, str5).put(SaclConstants.JSON_KEY_DEVICE_OS_RELEASE, str6).put(SaclConstants.JSON_KEY_DEVICE_OS_SDK_NUMBER, str7).put(SaclConstants.JSON_KEY_DEVICE_FINGERPRINT, str8));
            Log.d(TAG, "mJSONObjectInput: " + put.toString());
            JSONObject execute = CallWebservice.execute(SaclConstants.JSON_KEY_SACL_SERVICE_OPERATION_PROPOSE_DEVICE, put, mLocalContextWrapper);
            long nowms3 = Common.nowms();
            Log.i(TAG, MTAG + "-OUT-" + nowms + "-" + nowms3 + "|TTC=" + (nowms3 - nowms));
            return execute;
        } catch (RuntimeException | JSONException e2) {
            e2.printStackTrace();
            try {
                return Common.JsonError(TAG, "execute", "http", e2.getLocalizedMessage());
            } catch (JSONException unused) {
                return null;
            }
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:22:0x00b9  */
    /* JADX WARN: Removed duplicated region for block: B:46:0x0125  */
    /* JADX WARN: Removed duplicated region for block: B:66:0x026b  */
    /* JADX WARN: Removed duplicated region for block: B:71:0x0367 A[Catch: JSONException -> 0x0509, UnrecoverableEntryException -> 0x050b, InvalidKeySpecException -> 0x050d, NoSuchProviderException -> 0x050f, SignatureException -> 0x0511, InvalidKeyException -> 0x0513, NoSuchAlgorithmException -> 0x0515, IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | UnrecoverableEntryException | CertificateException | InvalidKeySpecException | JSONException -> 0x0517, CertificateException -> 0x0519, KeyStoreException -> 0x051b, TryCatch #16 {IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | UnrecoverableEntryException | CertificateException | InvalidKeySpecException | JSONException -> 0x0517, blocks: (B:64:0x0248, B:68:0x026e, B:69:0x0276, B:71:0x0367, B:73:0x0380, B:75:0x0386, B:76:0x0390, B:78:0x03c9, B:80:0x03e2, B:82:0x03e9, B:84:0x0415, B:88:0x04f0, B:90:0x0271, B:91:0x0274), top: B:63:0x0248 }] */
    /* JADX WARN: Removed duplicated region for block: B:73:0x0380 A[Catch: JSONException -> 0x0509, UnrecoverableEntryException -> 0x050b, InvalidKeySpecException -> 0x050d, NoSuchProviderException -> 0x050f, SignatureException -> 0x0511, InvalidKeyException -> 0x0513, NoSuchAlgorithmException -> 0x0515, IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | UnrecoverableEntryException | CertificateException | InvalidKeySpecException | JSONException -> 0x0517, CertificateException -> 0x0519, KeyStoreException -> 0x051b, TRY_LEAVE, TryCatch #16 {IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | UnrecoverableEntryException | CertificateException | InvalidKeySpecException | JSONException -> 0x0517, blocks: (B:64:0x0248, B:68:0x026e, B:69:0x0276, B:71:0x0367, B:73:0x0380, B:75:0x0386, B:76:0x0390, B:78:0x03c9, B:80:0x03e2, B:82:0x03e9, B:84:0x0415, B:88:0x04f0, B:90:0x0271, B:91:0x0274), top: B:63:0x0248 }] */
    /* JADX WARN: Removed duplicated region for block: B:91:0x0274 A[Catch: JSONException -> 0x0509, UnrecoverableEntryException -> 0x050b, InvalidKeySpecException -> 0x050d, NoSuchProviderException -> 0x050f, SignatureException -> 0x0511, InvalidKeyException -> 0x0513, NoSuchAlgorithmException -> 0x0515, IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | UnrecoverableEntryException | CertificateException | InvalidKeySpecException | JSONException -> 0x0517, CertificateException -> 0x0519, KeyStoreException -> 0x051b, TryCatch #16 {IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | UnrecoverableEntryException | CertificateException | InvalidKeySpecException | JSONException -> 0x0517, blocks: (B:64:0x0248, B:68:0x026e, B:69:0x0276, B:71:0x0367, B:73:0x0380, B:75:0x0386, B:76:0x0390, B:78:0x03c9, B:80:0x03e2, B:82:0x03e9, B:84:0x0415, B:88:0x04f0, B:90:0x0271, B:91:0x0274), top: B:63:0x0248 }] */
    @Override // com.lfg.cma.strongkey.sacl.interfaces.SaclService
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.json.JSONObject validateAndroidKeystore(java.lang.String r26, java.lang.String r27, java.lang.String r28, java.lang.String r29, java.lang.String r30, java.lang.String r31, java.lang.String r32, java.lang.String r33, java.lang.String r34) {
        /*
            Method dump skipped, instructions count: 1388
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.lfg.cma.strongkey.sacl.impl.SaclServiceImpl.validateAndroidKeystore(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String):org.json.JSONObject");
    }

    @Override // com.lfg.cma.strongkey.sacl.interfaces.SaclService
    public JSONObject verifyJsonWebSignature(String str, String str2, JSONObject jSONObject) {
        MTAG = "verifyJsonWebSignature";
        long nowms = Common.nowms();
        Log.i(TAG, MTAG + "-IN-" + nowms);
        try {
            Base64.Decoder urlDecoder = Base64.getUrlDecoder();
            Log.i(TAG, mResources.getString(R.string.message_jws_json_web_signature) + jSONObject);
            Log.v(TAG, "\npayload plaintext: " + new String(urlDecoder.decode(jSONObject.getString("payload")), StandardCharsets.UTF_8));
            X509Certificate certificate = new JcaX509CertificateConverter().getCertificate((X509CertificateHolder) new PEMParser(new StringReader(jSONObject.getJSONObject(SaclConstants.JWS_ATTRIBUTE_PROTECTED).getString("x5c"))).readObject());
            PublicKey publicKey = certificate.getPublicKey();
            JSONObject put = new JSONObject().put("payload", jSONObject.getString("payload")).put(SaclConstants.JWS_ATTRIBUTE_PROTECTED, jSONObject.getJSONObject(SaclConstants.JWS_ATTRIBUTE_PROTECTED));
            Log.v(TAG, mResources.getString(R.string.message_jws_tbv_unencoded) + put);
            String encodedString = new JsonCanonicalizer(put.toString()).getEncodedString();
            Log.v(TAG, mResources.getString(R.string.message_jws_tbs_canonicalized) + encodedString);
            byte[] decode = urlDecoder.decode(jSONObject.getString("signature"));
            Signature signature = Signature.getInstance(SaclConstants.FIDO2_SIGNATURE_ALGORITHM);
            signature.initVerify(publicKey);
            signature.update(encodedString.getBytes(StandardCharsets.UTF_8));
            boolean verify = signature.verify(new DERSequence(new ASN1Encodable[]{new ASN1Integer(new BigInteger(1, org.spongycastle.util.Arrays.copyOfRange(decode, 0, 32))), new ASN1Integer(new BigInteger(1, org.spongycastle.util.Arrays.copyOfRange(decode, 32, 64)))}).getEncoded());
            if (verify) {
                Log.v(TAG, mResources.getString(R.string.message_jws_signature_verified));
            } else {
                Log.v(TAG, mResources.getString(R.string.message_jws_signature_not_verified));
            }
            return new JSONObject().put(SaclConstants.JWS_RESPONSE_ATTRIBUTE_DN, certificate.getSubjectDN()).put(SaclConstants.JWS_RESPONSE_ATTRIBUTE_SERIAL, certificate.getSerialNumber()).put(SaclConstants.JWS_RESPONSE_ATTRIBUTE_START, certificate.getNotBefore()).put(SaclConstants.JWS_RESPONSE_ATTRIBUTE_END, certificate.getNotAfter()).put(SaclConstants.JWS_RESPONSE_ATTRIBUTE_VERIFIED, verify);
        } catch (IOException | InvalidKeyException | NoSuchAlgorithmException | SignatureException | CertificateException | JSONException e) {
            Log.e(TAG, e.getLocalizedMessage());
            return null;
        }
    }
}
