package com.scl.rdservice.ecsclient.managementclient;

import android.util.Base64;
import com.google.android.gms.measurement.AppMeasurement;
import com.scl.rdservice.ecsclient.cryptoservice.CryptoService;
import com.scl.rdservice.ecsclient.httpservice.AuthorizeHeaderComputers;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.concurrent.TimeUnit;
import okhttp3.Call;
import okhttp3.Callback;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.json.JSONObject;

/* loaded from: classes2.dex */
class ServerKeyRotation {
    private AuthorizeHeaderComputers headerComputers;
    private ServerCallbacks serverCallbacks;
    private OkHttpClient client = new OkHttpClient.Builder().connectTimeout(30, TimeUnit.SECONDS).retryOnConnectionFailure(true).build();
    private final MediaType JSON = MediaType.parse("application/json");
    private final String[] HEADER_ACCEPT = {"Accept", "application/json"};
    private final String[] HEADER_CONTENT_TYPE = {"Content-Type", "application/json"};

    private String getBase64Encoded(BigInteger bigInteger) {
        return Base64.encodeToString(bigInteger.toByteArray(), 2);
    }

    private RSAPublicKey getTenantPublicKey(boolean z) {
        try {
            return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decode(z ? com.scl.rdservice.utilities.Utils.tenantPublicKey1 : com.scl.rdservice.utilities.Utils.tenantPublicKey, 2)));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            e.printStackTrace();
            return null;
        }
    }

    private void postToServerRotation(String str, String str2, final boolean z) {
        RequestBody create = RequestBody.create(this.JSON, str2);
        Request.Builder builder = new Request.Builder();
        builder.url(str).post(create).addHeader(this.HEADER_ACCEPT[0], this.HEADER_ACCEPT[1]).addHeader(this.HEADER_CONTENT_TYPE[0], this.HEADER_CONTENT_TYPE[1]);
        if (z) {
            this.headerComputers = new AuthorizeHeaderComputers();
            String[] authorizationInformationHeader = this.headerComputers.getAuthorizationInformationHeader(str2, str, com.scl.rdservice.utilities.Utils.tenantLK, com.scl.rdservice.utilities.Utils.tenantLKHash, "POST");
            builder.addHeader("AuthorizationInformation", authorizationInformationHeader[0]).addHeader("Service-Date", authorizationInformationHeader[1]);
        }
        this.client.newCall(builder.build()).enqueue(new Callback() { // from class: com.scl.rdservice.ecsclient.managementclient.ServerKeyRotation.2
            @Override // okhttp3.Callback
            public void onFailure(Call call, IOException iOException) {
                ServerKeyRotation.this.serverCallbacks.onKeyRotationFailResponse("Server could not be reached. Please check your internet connectivity");
            }

            @Override // okhttp3.Callback
            public void onResponse(Call call, Response response) {
                if (!response.isSuccessful()) {
                    try {
                        ServerKeyRotation.this.serverCallbacks.onKeyRotationFailResponse(new JSONObject(response.body().string()).getString("errorMessage"));
                        return;
                    } catch (Exception e) {
                        e.getCause();
                        ServerKeyRotation.this.serverCallbacks.onKeyRotationFailResponse(e.getMessage());
                        return;
                    }
                }
                try {
                    JSONObject jSONObject = new JSONObject(response.body().string()).getJSONObject("deviceKeyData");
                    String string = jSONObject.getString("txnId");
                    String string2 = jSONObject.getString("status");
                    String string3 = jSONObject.getString("uidaiKeyModulas");
                    String string4 = jSONObject.getString("uidaiKeyPublicExponent");
                    String string5 = jSONObject.getString("uidaiCI");
                    SecuredParam.f(jSONObject.getString("signedDeviceCert"));
                    String string6 = jSONObject.getString("signature");
                    SecuredParam.g(jSONObject.getString("uidaiCert"));
                    if (!ServerKeyRotation.this.verifyTenantSignature(string + string2 + string3 + string4 + string5 + SecuredParam.h(), z, Base64.decode(string6, 2))) {
                        throw new Exception("Signature validation failed");
                    }
                    ServerKeyRotation.this.serverCallbacks.onKeyRotationResponse(string);
                } catch (Exception e2) {
                    e2.printStackTrace();
                    ServerKeyRotation.this.serverCallbacks.onKeyRotationFailResponse(e2.getMessage());
                }
            }
        });
    }

    private void putToServerRotation(String str, String str2, String str3, final boolean z) {
        RequestBody create = RequestBody.create(this.JSON, str3);
        Request.Builder builder = new Request.Builder();
        builder.url(str + "/" + str2).put(create).addHeader(this.HEADER_ACCEPT[0], this.HEADER_ACCEPT[1]).addHeader(this.HEADER_CONTENT_TYPE[0], this.HEADER_CONTENT_TYPE[1]);
        if (z) {
            this.headerComputers = new AuthorizeHeaderComputers();
            String[] authorizationInformationHeader = this.headerComputers.getAuthorizationInformationHeader(str3, str + "/" + str2, com.scl.rdservice.utilities.Utils.tenantLK, com.scl.rdservice.utilities.Utils.tenantLKHash, "PUT");
            builder.addHeader("AuthorizationInformation", authorizationInformationHeader[0]).addHeader("Service-Date", authorizationInformationHeader[1]);
        }
        this.client.newCall(builder.build()).enqueue(new Callback() { // from class: com.scl.rdservice.ecsclient.managementclient.ServerKeyRotation.1
            @Override // okhttp3.Callback
            public void onFailure(Call call, IOException iOException) {
                ServerKeyRotation.this.serverCallbacks.onKeyRotationUpdateFailResponse("Server could not be reached. Please check your internet connectivity");
            }

            @Override // okhttp3.Callback
            public void onResponse(Call call, Response response) {
                if (!response.isSuccessful()) {
                    try {
                        ServerKeyRotation.this.serverCallbacks.onKeyRotationUpdateFailResponse(new JSONObject(response.body().string()).getString("errorMessage"));
                        return;
                    } catch (Exception e) {
                        e.getCause();
                        ServerKeyRotation.this.serverCallbacks.onKeyRotationUpdateFailResponse(e.getMessage());
                        return;
                    }
                }
                try {
                    JSONObject jSONObject = new JSONObject(response.body().string()).getJSONObject("deviceKeyData");
                    String string = jSONObject.getString("modelId");
                    String string2 = jSONObject.getString("deviceCode");
                    String string3 = jSONObject.getString(AppMeasurement.Param.TIMESTAMP);
                    String string4 = jSONObject.getString("status");
                    String string5 = jSONObject.getString("signature");
                    String string6 = jSONObject.getString("txnId");
                    if (string4.equalsIgnoreCase("success")) {
                        if (!ServerKeyRotation.this.verifyTenantSignature(string + SecuredParam.g() + string3 + string4 + string6, z, Base64.decode(string5, 2))) {
                            ServerKeyRotation.this.serverCallbacks.onKeyRotationUpdateFailResponse("Device rotation update failed");
                        } else if (string2.equalsIgnoreCase(SecuredParam.g())) {
                            ServerKeyRotation.this.serverCallbacks.onKeyRotationUpdateResponse("All ok. Status: " + string4);
                        } else {
                            ServerKeyRotation.this.serverCallbacks.onKeyRotationUpdateFailResponse("Device rotation update failed");
                        }
                    } else {
                        ServerKeyRotation.this.serverCallbacks.onKeyRotationUpdateFailResponse("Device rotation update failed");
                    }
                } catch (Exception e2) {
                    e2.printStackTrace();
                    ServerKeyRotation.this.serverCallbacks.onKeyRotationUpdateFailResponse(e2.getMessage());
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean verifyTenantSignature(String str, boolean z, byte[] bArr) {
        Security.addProvider(new BouncyCastleProvider());
        RSAPublicKey tenantPublicKey = getTenantPublicKey(z);
        Signature signature = Signature.getInstance("SHA256withRSA", BouncyCastleProvider.PROVIDER_NAME);
        signature.initVerify(tenantPublicKey);
        signature.update(str.getBytes("UTF-8"));
        return signature.verify(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String str, ServerCallbacks serverCallbacks, String str2, boolean z, CryptoService cryptoService) {
        this.serverCallbacks = serverCallbacks;
        Long valueOf = Long.valueOf(System.currentTimeMillis());
        RSAPublicKey rSAPublicKey = (RSAPublicKey) SecuredParam.c().getPublic();
        String base64Encoded = getBase64Encoded(rSAPublicKey != null ? rSAPublicKey.getModulus() : null);
        String base64Encoded2 = getBase64Encoded(rSAPublicKey != null ? rSAPublicKey.getPublicExponent() : null);
        HashMap hashMap = new HashMap();
        hashMap.put("modelId", str2);
        hashMap.put("deviceCode", SecuredParam.g());
        hashMap.put(AppMeasurement.Param.TIMESTAMP, valueOf.toString());
        hashMap.put("newDeviceKeyModulas", base64Encoded);
        hashMap.put("newDeviceKeyPublicExponent", base64Encoded2);
        hashMap.put("signature", Base64.encodeToString(cryptoService.signDataWithPrivateKey(((String) hashMap.get("modelId")) + ((String) hashMap.get("deviceCode")) + ((String) hashMap.get(AppMeasurement.Param.TIMESTAMP)) + ((String) hashMap.get("newDeviceKeyModulas")) + ((String) hashMap.get("newDeviceKeyPublicExponent")), SecuredParam.a()), 2));
        HashMap hashMap2 = new HashMap();
        hashMap2.put("deviceKeyData", hashMap);
        hashMap2.put("keyGenType", "clientSide");
        if (z) {
            hashMap2.put("tenantPublicKeyId", com.scl.rdservice.utilities.Utils.tenantPublicKeyId1);
        } else {
            hashMap2.put("tenantPublicKeyId", com.scl.rdservice.utilities.Utils.tenantPublicKeyId);
        }
        hashMap2.put("complianceLevel", "L0");
        hashMap2.put("hostId", SecuredParam.f());
        try {
            postToServerRotation(str, new JSONObject(hashMap2).toString(), z);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            this.serverCallbacks.onKeyRotationFailResponse(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String str, String str2, String str3, boolean z, ServerCallbacks serverCallbacks, CryptoService cryptoService) {
        this.serverCallbacks = serverCallbacks;
        Long valueOf = Long.valueOf(System.currentTimeMillis());
        HashMap hashMap = new HashMap();
        hashMap.put("modelId", str3);
        hashMap.put("deviceCode", SecuredParam.g());
        hashMap.put(AppMeasurement.Param.TIMESTAMP, valueOf.toString());
        hashMap.put("txnId", str2);
        hashMap.put("status", "success");
        hashMap.put("errorMessage", "");
        hashMap.put("signature", Base64.encodeToString(cryptoService.signDataWithPrivateKey(((String) hashMap.get("modelId")) + ((String) hashMap.get("deviceCode")) + ((String) hashMap.get(AppMeasurement.Param.TIMESTAMP)) + ((String) hashMap.get("txnId")) + ((String) hashMap.get("status")) + ((String) hashMap.get("errorMessage")), SecuredParam.c()), 2));
        HashMap hashMap2 = new HashMap();
        hashMap2.put("deviceKeyData", hashMap);
        hashMap2.put("keyGenType", "clientSide");
        if (z) {
            hashMap2.put("tenantPublicKeyId", com.scl.rdservice.utilities.Utils.tenantPublicKeyId1);
        } else {
            hashMap2.put("tenantPublicKeyId", com.scl.rdservice.utilities.Utils.tenantPublicKeyId);
        }
        hashMap2.put("complianceLevel", "L0");
        hashMap2.put("hostId", SecuredParam.f());
        try {
            putToServerRotation(str, str2, new JSONObject(hashMap2).toString(), z);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
    }
}
