package at.atrust.mobsig.library.util;

import android.content.Context;
import at.atrust.mobsig.library.Server;
import at.atrust.mobsig.library.constants.SignatureServerConfig;
import at.atrust.mobsig.library.dataClasses.JsonComResponse;
import at.atrust.mobsig.library.dataClasses.JsonCommands.BaseCommand;
import at.atrust.mobsig.library.dataClasses.ServerResponse;
import at.atrust.mobsig.library.jws.JoseAlg;
import at.atrust.mobsig.library.jws.JweEncryption;
import at.atrust.mobsig.library.jws.JwsSignature;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.spongycastle.util.encoders.Base64;

/* loaded from: classes18.dex */
public class JsonComUtil {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) JsonComUtil.class);
    private static final String PROD_SERVER_ENCCERT = "missing";
    private static final String PROD_SERVER_SIGCERT = "missing";
    private static final String TEST_SERVER_ENCCERT = "MIIFPDCCAySgAwIBAgIELBGfuzANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMC\nQVQxSDBGBgNVBAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUg\naW0gZWxla3RyLiBEYXRlbnZlcmtlaHIgR21iSDEYMBYGA1UECwwPYS1zaWduLWxp\nZ2h0LTA3MRgwFgYDVQQDDA9hLXNpZ24tbGlnaHQtMDcwHhcNMjAwODA1MTUxMDE2\nWhcNMjUwODA1MTUxMDE2WjCBsjELMAkGA1UEBhMCQVQxFTATBgNVBAoMDEEtVHJ1\nc3QgR21iSDEsMCoGA1UEAwwjTW9iU2lnU2VydmVyIFRhbkFwcCBUZXN0IEVuY3J5\ncHRpb24xGDAWBgNVBAQMD1Rlc3QgRW5jcnlwdGlvbjEcMBoGA1UEKgwTTW9iU2ln\nU2VydmVyIFRhbkFwcDEVMBMGA1UEBRMMNjIwNzU4MDI4MzQzMQ8wDQYDVQQIDAZW\naWVubmEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATyK1ACyZOtGdc6mep0YMH1\nToUHlQOuS1xcay7ZU4WuLroBoBMkYbx2gc01n0rVqPkRrasSX0XpfPN0C5ieWUSP\no4IBSDCCAUQwdAYIKwYBBQUHAQEEaDBmMDsGCCsGAQUFBzAChi9odHRwOi8vd3d3\nLmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWxpZ2h0LTA3LmNydDAnBggrBgEFBQcw\nAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMBMGA1UdIwQMMAqACElHmBoR\nALXSMBEGA1UdDgQKBAhHe6sCmL1C0DAOBgNVHQ8BAf8EBAMCBLAwCQYDVR0TBAIw\nADBNBgNVHSAERjBEMEIGBiooABEBCTA4MDYGCCsGAQUFBwIBFipodHRwOi8vd3d3\nLmEtdHJ1c3QuYXQvZG9jcy9jcC9hLXNpZ24tbGlnaHQwOgYDVR0fBDMwMTAvoC2g\nK4YpaHR0cDovL2NybC5hLXRydXN0LmF0L2NybC9hLXNpZ24tbGlnaHQtMDcwDQYJ\nKoZIhvcNAQELBQADggIBAFQ1ncrjYZ91Btv1dQhw3lEZwm8yCbCRXB2BpPU2nJSG\nBDNOee55M6DSRcvNdtfwJFPGgcFnpANGjmNociKzHJNxsxg5mxaspnwQOucHDOpf\noael2YQVrrHz2LP+uajVrU03aBJbtP13pvAFSefK8CLkCwSDOIowHL8PeIbeODIz\nypcZKAYTvrKmwOQyPHY3GVXiHVvQZsd30DuGjJsnm2pp9jsTM7aiTBW4jrMSiF4q\naoP/fjebSbQZgp3oGS4ZGuEJR1lIgrbK7KU4LzHqf9oY1d4HnWrqil0wRaNIX21v\nz2rjhmuNY/W6B7EyqgIFQmiky78i5u/T4mjCXK/g6eWFsSJcXhOqN+z2DRsr5L2U\nq09L6idQfmOwfCIDT9lnXRInnJFZzP2jeZgngzhSEegW24e/5HbhQsA7pd7B5rDu\nvzQQ5mx84IjOJF8kS5946bBe7HXybrJxzAOwRpQfD94f8nqIA79bUTXyyCZSoZ0u\nioYTXJgcalgSMWnWgxxUiP05M/k5vCVODAQpqVAhq6NEci1uihYjFCSGdM4/HC6X\nlc1gstxrhh0LhqiM8Hd0Bhq/5AqmS9MGV/wIK+ad/GiUOwEjg7qjVODYNGZahhue\nTslDzrDq+lH9BGhXQ2iCqLkeZtnzkqD1uUWRRNMzHyVqxSi/O0TjYmjcxIKYLlZn";
    private static final String TEST_SERVER_SIGCERT = "MIIFTzCCAzegAwIBAgIELh8o6TANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMC\nQVQxSDBGBgNVBAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUg\naW0gZWxla3RyLiBEYXRlbnZlcmtlaHIgR21iSDEYMBYGA1UECwwPYS1zaWduLWxp\nZ2h0LTA3MRgwFgYDVQQDDA9hLXNpZ24tbGlnaHQtMDcwHhcNMjAwODA1MTUwMzA3\nWhcNMjUwODA1MTUwMzA3WjCBxTELMAkGA1UEBhMCQVQxFTATBgNVBAoMDEEtVHJ1\nc3QgR21iSDErMCkGA1UEAwwiTW9iU2lnU2VydmVyIFRhbkFwcCBUZXN0IFNpZ25h\ndHVyZTEXMBUGA1UEBAwOVGVzdCBTaWduYXR1cmUxHDAaBgNVBCoME01vYlNpZ1Nl\ncnZlciBUYW5BcHAxFTATBgNVBAUTDDQwNTM0MzMzMjI4NDETMBEGA1UECAwKU29t\nZS1TdGF0ZTEPMA0GA1UEBwwGVmllbm5hMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD\nQgAEwDHFcQZ5lfi4Ttm2EbbgGZY123bC6Co1+B0/l6vgeSgKGAe8h0K96MqAmU8Y\n4bobE4kk2a5yrrbqqS+DKmQtGaOCAUgwggFEMHQGCCsGAQUFBwEBBGgwZjA7Bggr\nBgEFBQcwAoYvaHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1saWdo\ndC0wNy5jcnQwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLmEtdHJ1c3QuYXQvb2Nz\ncDATBgNVHSMEDDAKgAhJR5gaEQC10jARBgNVHQ4ECgQITHb5FEC0olMwDgYDVR0P\nAQH/BAQDAgSwMAkGA1UdEwQCMAAwTQYDVR0gBEYwRDBCBgYqKAARAQkwODA2Bggr\nBgEFBQcCARYqaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLWxp\nZ2h0MDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuYS10cnVzdC5hdC9jcmwv\nYS1zaWduLWxpZ2h0LTA3MA0GCSqGSIb3DQEBCwUAA4ICAQAlrD73KH0ySpRceDRY\nyJ9RkyPL04DP9BdjPAFuHtN7AcXjYN10l+raPtXX50FHgHi0EIchj2O5wJt4AN4v\n5PHsowJ0oK0xsnJHy4OjvF9pKsmIOSBZFwemAukbriICAGpRRdvIwfT5j+Tcbv2i\nBNRAdOt+WZQwGf9BDsVsJT908p/Bh5N7Koh6QboZnlXQuUhaKlkrZYYzvNomU2EP\nx+kqL3nwCfgZD88AqNrANmMgcR4dEt4vHW0WhB/4ZYIa0REWbX2/T2k+sW+XiZfP\nPTjKhByAmlxc2xwoaH8u8Rbwz9Em40N8ZViF44AxH+tliY3JTsxRBso/Ql5QtT0j\nby8qmX7NoltPoHbR/CHHDZhu/lFDrfWPIfj30BjgacpkXLCWjZV03qMG5SatsEhP\nvREp5g7o197EEsnK6zZBI9cm67/HeT5zSlKJ4kt2MdtypCvN7/G0WgxnWESusVYY\nKmeUzDsutDFLbIoWQwHw15rggJK0A37P+etras1neogHGItDYPDu47gsgjWCrmi4\nBRnAHsKgqza7D1bQSfoZWMnrvk30Eol6qo2cZkbvyI/4SJFR0Q3GfF9xAu7bAx3R\nZlgRKKnrx9X9XiEgRKwHGdruZ1v2XeAsKHOFtnX/4AJqx9E7d7IIk7Tnxbi9aOfg\nc0ow9/3wCc37k3xk6TdKL2H/Dg==";

    private static X509Certificate GetServerEncCert(String str) {
        byte[] decode;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            if (!str.equalsIgnoreCase(Server.PRODUCTION) && !str.equalsIgnoreCase(Server.AUTOMATIC)) {
                decode = Base64.decode(TEST_SERVER_ENCCERT);
                return (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(decode));
            }
            decode = Base64.decode("missing");
            return (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(decode));
        } catch (Exception e) {
            LOGGER.error("error loading server enc cert", (Throwable) e);
            return null;
        }
    }

    private static X509Certificate GetServerSigCert(String str) {
        byte[] decode;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            if (!str.equalsIgnoreCase(Server.PRODUCTION) && !str.equalsIgnoreCase(Server.AUTOMATIC)) {
                decode = Base64.decode(TEST_SERVER_SIGCERT);
                return (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(decode));
            }
            decode = Base64.decode("missing");
            return (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(decode));
        } catch (Exception e) {
            LOGGER.error("error loading server sig cert", (Throwable) e);
            return null;
        }
    }

    private static String decryptData(String str) {
        try {
            JweEncryption jweEncryption = new JweEncryption();
            if (!jweEncryption.parse(str)) {
                LOGGER.error("error parse encrypted data");
                return null;
            }
            byte[] dataToDecrypt = jweEncryption.getDataToDecrypt();
            if (dataToDecrypt == null) {
                LOGGER.error("error data to decrypt is null");
                return null;
            }
            String str2 = KeystoreUtil.RSA_ECB_PKCS1PADDING;
            if (JoseAlg.RSA_OAEP_256 == jweEncryption.getAlg()) {
                str2 = KeystoreUtil.RSA_OEAP_256;
            } else if (JoseAlg.RSA_OAEP == jweEncryption.getAlg()) {
                str2 = KeystoreUtil.RSA_OEAP;
            }
            byte[] decryptWithKeystore = KeystoreUtil.decryptWithKeystore(KeystoreUtil.JSON_ENCRYPTION_KEY, dataToDecrypt, str2);
            if (decryptWithKeystore == null) {
                LOGGER.error("error decrypted key is null");
                return null;
            }
            byte[] decryptWithkey = jweEncryption.decryptWithkey(decryptWithKeystore);
            if (decryptWithkey != null) {
                return new String(decryptWithkey, StandardCharsets.UTF_8);
            }
            LOGGER.error("error jew decrypted result is null");
            return null;
        } catch (Exception e) {
            LOGGER.error("exception in jwe", (Throwable) e);
            return null;
        }
    }

    private static String encryptData(String str, String str2) {
        try {
            X509Certificate GetServerEncCert = GetServerEncCert(str2);
            JweEncryption jweEncryption = new JweEncryption();
            if (jweEncryption.encrypt(str, GetServerEncCert)) {
                return jweEncryption.toString();
            }
            LOGGER.error("error encrypt data for server");
            return null;
        } catch (Exception e) {
            LOGGER.error("exception in jwe", (Throwable) e);
            return null;
        }
    }

    public static JsonComResponse sendToServer(Context context, String str, BaseCommand baseCommand) {
        String baseCommand2 = baseCommand.toString();
        if (baseCommand2 != null && !baseCommand2.isEmpty()) {
            return sendToServer(context, str, baseCommand2);
        }
        LOGGER.error("error convert BaseCommand to string");
        return new JsonComResponse();
    }

    public static JsonComResponse sendToServer(Context context, String str, String str2) {
        String encryptData;
        ServerResponse postJsonData;
        String decryptData;
        JsonComResponse jsonComResponse = new JsonComResponse();
        jsonComResponse.success = false;
        String signData = signData(str2);
        if (signData == null || (encryptData = encryptData(signData, str)) == null || (postJsonData = ATrustClient.getInstance().postJsonData(context, SignatureServerConfig.getJsonUsageURL(str), encryptData)) == null || !postJsonData.isOk() || (decryptData = decryptData(postJsonData.getResponse())) == null) {
            return jsonComResponse;
        }
        jsonComResponse.response = verifyData(decryptData, str);
        if (jsonComResponse.response == null) {
            return jsonComResponse;
        }
        jsonComResponse.success = true;
        return jsonComResponse;
    }

    private static String signData(String str) {
        try {
            JwsSignature jwsSignature = new JwsSignature();
            jwsSignature.protectedHeader.alg = JoseAlg.RS256;
            jwsSignature.protectedHeader.kid = "signingkey";
            jwsSignature.payload = str;
            jwsSignature.setSignature(KeystoreUtil.signWithKey(KeystoreUtil.JSON_SIGNATURE_KEY, jwsSignature.getToBeSigned()));
            String signedData = jwsSignature.getSignedData();
            if (signedData != null && !signedData.isEmpty()) {
                return signedData;
            }
            LOGGER.error("error signed data is empty");
            return null;
        } catch (Exception e) {
            LOGGER.error("exception in jws", (Throwable) e);
            return null;
        }
    }

    private static String verifyData(String str, String str2) {
        try {
            X509Certificate GetServerSigCert = GetServerSigCert(str2);
            if (GetServerSigCert == null) {
                return null;
            }
            JwsSignature jwsSignature = new JwsSignature();
            if (!jwsSignature.parse(str)) {
                LOGGER.error("error parse response jws");
                return null;
            }
            if (jwsSignature.verify(GetServerSigCert)) {
                return jwsSignature.payload;
            }
            LOGGER.error("error verify response jws signature");
            return null;
        } catch (Exception e) {
            LOGGER.error("exception in verifyData", (Throwable) e);
            return null;
        }
    }
}
