package com.hp.sdd.wifisetup.ble_rx.util;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.Nullable;
import com.google.gson.Gson;
import com.google.gson.JsonIOException;
import com.google.gson.JsonSyntaxException;
import com.hp.sdd.servicediscovery.dnssd.DnsSdUtils;
import com.hp.sdd.wifisetup.R;
import com.hp.sdd.wifisetup.ble_rx.util.HpBleSecurePostcard;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.Set;
import java.util.regex.Pattern;
import timber.log.Timber;

/* loaded from: classes3.dex */
public class JwtUtils {
    private static final String BASE64_PADDING = "====";
    private static final String HPID_CERTIFICATE_TYPE_X509 = "X.509";
    private JwtUtilsCallback mCallback;
    private Context mContext;
    private HpBleSecurePostcard.SecurePostcardHeader tokenHeader;
    private HpBleSecurePostcard.SecurePostcardPayload tokenPayload;

    /* loaded from: classes3.dex */
    public interface JwtUtilsCallback {
        void onGetHeaderToken(@Nullable String[] strArr);

        void onGetPostCardInfo(@Nullable String str, @Nullable String str2, boolean z, boolean z2);

        void onGetPublicKey(@Nullable String str);
    }

    public JwtUtils(@Nullable Context context, @Nullable JwtUtilsCallback jwtUtilsCallback) {
        this.mCallback = jwtUtilsCallback;
        this.mContext = context;
    }

    @Nullable
    public static String addPaddingBeforeDecode(@Nullable String str) {
        int length;
        return (TextUtils.isEmpty(str) || (length = str.length() % 4) == 0) ? str : str.concat(BASE64_PADDING.substring(length));
    }

    private String base64Decode(@Nullable String str) {
        String str2;
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        try {
            str2 = new String(Base64.decode(addPaddingBeforeDecode(str), 0), StandardCharsets.UTF_8);
            try {
                Timber.d("base64Decode() : DecodeBase64String: Decoded string = %s", str2);
            } catch (IllegalArgumentException e) {
                e = e;
                Timber.e(e, "base64Decode() : IllegalArgumentException encountered while decoding", new Object[0]);
                return str2;
            }
        } catch (IllegalArgumentException e2) {
            e = e2;
            str2 = null;
        }
        return str2;
    }

    @Nullable
    public static byte[] base64DecodeEx(@Nullable String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        try {
            byte[] decode = Base64.decode(addPaddingBeforeDecode(str), 0);
            Timber.d("base64DecodeEx :DecodeBase64String decoded length = %s ", Integer.valueOf(decode.length));
            Timber.d("base64Decode() : DecodeBase64String: Decoded string = %s", new String(decode, StandardCharsets.UTF_8));
            return decode;
        } catch (IllegalArgumentException e) {
            Timber.e(e, "base64Decode() : IllegalArgumentException encountered while decoding", new Object[0]);
            return null;
        }
    }

    @TargetApi(24)
    private void printReason(CertPathValidatorException certPathValidatorException) {
        Timber.d(" verifyPostcard : %s ", certPathValidatorException.getReason());
    }

    private boolean validateToken(@Nullable String str, @Nullable String str2) {
        boolean z;
        PublicKey publicKey;
        if (!TextUtils.isEmpty(str) && !TextUtils.isEmpty(str2)) {
            try {
                try {
                    publicKey = ((X509Certificate) CertificateFactory.getInstance(HPID_CERTIFICATE_TYPE_X509).generateCertificate(new ByteArrayInputStream(Base64.decode(str2, 0)))).getPublicKey();
                } catch (CertificateException e) {
                    Timber.e(e, "**BLE:  validateToken : PublicKey CertificateException encountered.", new Object[0]);
                }
            } catch (Error e2) {
                Timber.e(e2, "**BLE: validateToken: PublicKey Error encountered.", new Object[0]);
            }
            try {
                Jwts.parser().setSigningKey(publicKey).parseClaimsJws(str);
                z = true;
            } catch (JwtException e3) {
                Timber.e(e3, "**BLE: validateToken Parser JwtException", new Object[0]);
                Timber.d("JWSString %s", str);
                Timber.d("publicKey %s", publicKey);
                Timber.d("X5c %s", str2);
                z = false;
                Timber.d(" validateToken: %s ", Boolean.valueOf(z));
                return z;
            } catch (Error e4) {
                Timber.e(e4, "**BLE:  validateToken Parser Error", new Object[0]);
                Timber.d("JWSString %s", str);
                Timber.d("publicKey %s", publicKey);
                z = false;
                Timber.d(" validateToken: %s ", Boolean.valueOf(z));
                return z;
            }
            Timber.d(" validateToken: %s ", Boolean.valueOf(z));
            return z;
        }
        z = false;
        Timber.d(" validateToken: %s ", Boolean.valueOf(z));
        return z;
    }

    private boolean verifyPostcard1(@Nullable String str) {
        boolean z;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance(HPID_CERTIFICATE_TYPE_X509);
            CertPath generateCertPath = certificateFactory.generateCertPath(Arrays.asList((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(str, 0)))));
            if (generateCertPath != null) {
                Timber.v("verifyPostcard have CertPath %s", generateCertPath);
            }
            KeyStore keyStore = KeyStore.getInstance("BKS");
            keyStore.load(null);
            BufferedInputStream bufferedInputStream = new BufferedInputStream(this.mContext.getResources().openRawResource(R.raw.pcl_d020_secure_ca));
            try {
                Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
                Timber.d("verifyPostcard ca= %s", ((X509Certificate) generateCertificate).getSubjectDN());
                Timber.d("verifyPostcard ca= %s  %s ", ((X509Certificate) generateCertificate).getNotBefore(), ((X509Certificate) generateCertificate).getNotAfter());
                bufferedInputStream.close();
                CertPath generateCertPath2 = certificateFactory.generateCertPath(Arrays.asList(generateCertificate));
                if (generateCertPath2 != null) {
                    Timber.v("verifyPostcard have certCp %s", generateCertPath2);
                }
                keyStore.setCertificateEntry("HP_CERT", generateCertificate);
                Timber.d("verifyPostcard isCerticateEntry: %s", Boolean.valueOf(keyStore.isCertificateEntry("HP_CERT")));
                CertPath generateCertPath3 = certificateFactory.generateCertPath(Arrays.asList(keyStore.getCertificate("HP_CERT")));
                if (generateCertPath3 != null) {
                    Timber.v("verifyPostcard ----- have testCp %s", generateCertPath3);
                }
                PKIXParameters pKIXParameters = new PKIXParameters(keyStore);
                pKIXParameters.setRevocationEnabled(false);
                if (CertPathValidator.getInstance(CertPathValidator.getDefaultType()).validate(generateCertPath, pKIXParameters) != null) {
                    try {
                        Timber.d("verifyPostcard have cpvr ", new Object[0]);
                    } catch (Exception e) {
                        e = e;
                        z = true;
                        Timber.d(e, "verifyPostcard exception", new Object[0]);
                        Timber.d("verifyPostcard postcard validated: %s", Boolean.valueOf(z));
                        return z;
                    }
                }
                z = true;
            } catch (Throwable th) {
                bufferedInputStream.close();
                throw th;
            }
        } catch (Exception e2) {
            e = e2;
            z = false;
        }
        Timber.d("verifyPostcard postcard validated: %s", Boolean.valueOf(z));
        return z;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v0 */
    /* JADX WARN: Type inference failed for: r3v1 */
    /* JADX WARN: Type inference failed for: r3v10 */
    /* JADX WARN: Type inference failed for: r3v19 */
    /* JADX WARN: Type inference failed for: r3v2, types: [boolean] */
    /* JADX WARN: Type inference failed for: r3v20 */
    /* JADX WARN: Type inference failed for: r3v21 */
    /* JADX WARN: Type inference failed for: r3v5, types: [java.security.cert.CertPath] */
    /* JADX WARN: Type inference failed for: r3v8 */
    /* JADX WARN: Type inference failed for: r7v2, types: [java.lang.Object[]] */
    private boolean verifyPostcard2(@Nullable String str) {
        ?? r3;
        boolean z;
        boolean z2;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance(HPID_CERTIFICATE_TYPE_X509);
            CertPath generateCertPath = certificateFactory.generateCertPath(Arrays.asList((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(str, 0)))));
            if (generateCertPath != null) {
                Timber.v("verifyPostcard have CertPath %s", generateCertPath);
            }
            KeyStore.getInstance("BKS").load(null);
            BufferedInputStream bufferedInputStream = new BufferedInputStream(this.mContext.getResources().openRawResource(R.raw.pcl_d020_secure_ca));
            try {
                Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
                Timber.d("verifyPostcard ca= %s", ((X509Certificate) generateCertificate).getSubjectDN());
                Timber.d("verifyPostcard ca= %s  %s ", ((X509Certificate) generateCertificate).getNotBefore(), ((X509Certificate) generateCertificate).getNotAfter());
                bufferedInputStream.close();
                r3 = certificateFactory.generateCertPath(Arrays.asList(generateCertificate));
                if (r3 != 0) {
                    Timber.v("verifyPostcard have certCp %s", new Object[]{r3});
                }
                try {
                    try {
                        PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) Collections.singleton(new TrustAnchor((X509Certificate) generateCertificate, null)));
                        pKIXParameters.setRevocationEnabled(false);
                        if (CertPathValidator.getInstance(CertPathValidator.getDefaultType()).validate(generateCertPath, pKIXParameters) != null) {
                            try {
                                Timber.d("verifyPostcard have cpvr ", new Object[0]);
                            } catch (CertPathValidatorException e) {
                                e = e;
                                z2 = true;
                                int i = Build.VERSION.SDK_INT;
                                printReason(e);
                                r3 = z2;
                                Timber.d("verifyPostcard postcard validated: %s", Boolean.valueOf((boolean) r3));
                                return r3;
                            } catch (Exception e2) {
                                e = e2;
                                z = true;
                                Timber.d(e, "verifyPostcard exception", new Object[0]);
                                r3 = z;
                                Timber.d("verifyPostcard postcard validated: %s", Boolean.valueOf((boolean) r3));
                                return r3;
                            }
                        }
                        r3 = 1;
                    } catch (Exception e3) {
                        e = e3;
                        Timber.d(e, "verifyPostcard exception", new Object[0]);
                        Timber.d("verifyPostcard postcard validated: %s", Boolean.valueOf((boolean) r3));
                        return r3;
                    }
                } catch (CertPathValidatorException e4) {
                    e = e4;
                    z2 = false;
                } catch (Exception e5) {
                    e = e5;
                    z = false;
                }
            } catch (Throwable th) {
                bufferedInputStream.close();
                throw th;
            }
        } catch (Exception e6) {
            e = e6;
            r3 = 0;
        }
        Timber.d("verifyPostcard postcard validated: %s", Boolean.valueOf((boolean) r3));
        return r3;
    }

    @Nullable
    public String loadData(@Nullable String str) {
        try {
            InputStream open = this.mContext.getAssets().open(str);
            byte[] bArr = new byte[open.available()];
            open.read(bArr);
            open.close();
            return new String(bArr);
        } catch (Exception e) {
            Timber.d(e);
            return "";
        }
    }

    public boolean processJWTToken(@Nullable String str) {
        if (TextUtils.isEmpty(str)) {
            return false;
        }
        Timber.d("BLE: processJWTToken  (signedPublicKey) encodedString:  %s", str);
        String[] split = str.split(Pattern.quote(DnsSdUtils.DOT));
        if (split.length <= 1) {
            return false;
        }
        Gson gson = new Gson();
        String base64Decode = base64Decode(split[0]);
        if (!TextUtils.isEmpty(base64Decode)) {
            try {
                this.tokenHeader = (HpBleSecurePostcard.SecurePostcardHeader) gson.fromJson(base64Decode, HpBleSecurePostcard.SecurePostcardHeader.class);
                Timber.d("processJWTToken() :  jwt Token Header Algorith : %s , kid : %s", this.tokenHeader.getAlg(), this.tokenHeader.getTyp());
                Timber.d("processJWTToken() :  jwt Token Header x5c : %s ", Arrays.deepToString(this.tokenHeader.getX5c()));
                String[] x5c = this.tokenHeader.getX5c();
                if (x5c != null && x5c.length > 0) {
                    boolean validateToken = validateToken(str, x5c[0]);
                    boolean verifyPostcard1 = verifyPostcard1(x5c[0]);
                    boolean verifyPostcard2 = verifyPostcard2(x5c[0]);
                    Timber.d("LLLLLLLL  **BLE_processJWTToken isValid %s isValidatePostcard %s isValidatePostcard2 %s", Boolean.valueOf(validateToken), Boolean.valueOf(verifyPostcard1), Boolean.valueOf(verifyPostcard2));
                    this.mCallback.onGetPostCardInfo(x5c[0], this.tokenHeader.getAlg(), validateToken, verifyPostcard2);
                    this.mCallback.onGetHeaderToken(x5c);
                }
            } catch (Error e) {
                Timber.e(e, "opps", new Object[0]);
            }
        }
        String base64Decode2 = base64Decode(split[1]);
        Timber.d("processJWTToken RSA info : %s  (length) %s ", base64Decode2, Integer.valueOf(base64Decode2.length()));
        if (TextUtils.isEmpty(base64Decode2)) {
            return false;
        }
        try {
            this.tokenPayload = (HpBleSecurePostcard.SecurePostcardPayload) gson.fromJson(base64Decode2, HpBleSecurePostcard.SecurePostcardPayload.class);
            Timber.d("processJWTToken RSA info: publickey: %s", this.tokenPayload.getPublic_key());
            Timber.d("processJWTToken RSA info (tokenPayloadData):    (length) %s ", Integer.valueOf(base64DecodeEx(this.tokenPayload.getPublic_key()).length));
            if (this.tokenPayload == null) {
                return false;
            }
            Timber.d("\n\ntokenPayload: RSA key %s  (length) %s", this.tokenPayload.getPublic_key(), Integer.valueOf(this.tokenPayload.getPublic_key().length()));
            this.mCallback.onGetPublicKey(this.tokenPayload.getPublic_key());
            return true;
        } catch (JsonIOException e2) {
            Timber.e(e2, "processHPIDToken() : JsonIOException encountered while converting JSON to class object", new Object[0]);
            return false;
        } catch (JsonSyntaxException e3) {
            Timber.e(e3, "processHPIDToken() : JsonSyntaxException encountered while converting JSON to class object", new Object[0]);
            return false;
        }
    }

    @Nullable
    public byte[] readInFile(int i) {
        Timber.d("readInFile- entry", new Object[0]);
        InputStream openRawResource = this.mContext.getResources().openRawResource(i);
        try {
            byte[] bArr = new byte[openRawResource.available()];
            openRawResource.read(bArr);
            return bArr;
        } catch (Exception e) {
            Timber.d(e, "readInFile", new Object[0]);
            return null;
        }
    }
}
