package ru.yoomoney.sdk.yoopinning;

import android.content.Context;
import androidx.recyclerview.widget.u0;
import dh.e;
import dl.f;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.SecretKey;
import jk.o;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.a;
import kotlin.collections.EmptyList;
import kotlin.collections.d;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.FunctionReference;
import kotlinx.coroutines.b;
import lb.j;
import okio.Segment;
import org.jose4j.keys.AesKey;
import ru.yoomoney.sdk.yoopinning.KidType;
import ru.yoomoney.sdk.yoopinning.PinningException;

@Metadata(d1 = {"\u0000V\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010 \n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u000b\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\b\b\u0000\u0018\u0000 42\u00020\u0001:\u00014B\u0017\u0012\u0006\u0010!\u001a\u00020 \u0012\u0006\u0010$\u001a\u00020#¢\u0006\u0004\b2\u00103J\u000e\u0010\u0004\u001a\b\u0012\u0004\u0012\u00020\u00030\u0002H\u0002J\u000e\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00030\u0002H\u0002J\b\u0010\u0006\u001a\u00020\u0003H\u0002J\u0010\u0010\n\u001a\u00020\t2\u0006\u0010\b\u001a\u00020\u0007H\u0002J\u0010\u0010\f\u001a\u00020\u00032\u0006\u0010\u000b\u001a\u00020\u0003H\u0002J$\u0010\u0010\u001a\u00020\u000f2\f\u0010\r\u001a\b\u0012\u0004\u0012\u00020\u00030\u00022\f\u0010\u000e\u001a\b\u0012\u0004\u0012\u00020\u00030\u0002H\u0002J\u0018\u0010\u0013\u001a\u00020\u000f2\u0006\u0010\u0011\u001a\u00020\u00032\u0006\u0010\u0012\u001a\u00020\u0003H\u0002J0\u0010\u0016\u001a\b\u0012\u0004\u0012\u00020\u00030\u00022\u0006\u0010\u0012\u001a\u00020\u00032\u0018\u0010\u0015\u001a\u0014\u0012\u0004\u0012\u00020\u0003\u0012\n\u0012\b\u0012\u0004\u0012\u00020\u00030\u00020\u0014H\u0002J\u0016\u0010\u0018\u001a\b\u0012\u0004\u0012\u00020\u00030\u00022\u0006\u0010\u0017\u001a\u00020\u0003H\u0002J\t\u0010\u0019\u001a\u00020\u0003H\u0082 J\t\u0010\u001a\u001a\u00020\u0003H\u0082 J\t\u0010\u001b\u001a\u00020\u0003H\u0082 J\t\u0010\u001c\u001a\u00020\u0003H\u0082 J\t\u0010\u001d\u001a\u00020\u0003H\u0082 J\t\u0010\u001e\u001a\u00020\u0003H\u0082 J\b\u0010\u001f\u001a\u00020\u000fH\u0016R\u0014\u0010!\u001a\u00020 8\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b!\u0010\"R\u0014\u0010$\u001a\u00020#8\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b$\u0010%R\u001b\u0010+\u001a\u00020&8BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b'\u0010(\u001a\u0004\b)\u0010*R!\u00101\u001a\b\u0012\u0004\u0012\u00020-0,8VX\u0096\u0084\u0002¢\u0006\f\n\u0004\b.\u0010(\u001a\u0004\b/\u00100¨\u00065"}, d2 = {"Lru/yoomoney/sdk/yoopinning/CertRepositoryImpl;", "Lru/yoomoney/sdk/yoopinning/CertRepository;", "", "", "getBlackList", "getWhiteList", "getServerAnswer", "Lru/yoomoney/sdk/yoopinning/KidType;", "kid", "Ljava/security/Key;", "getPublicKey", "value", "checkSignature", "blackList", "whiteList", "Ldh/o;", "updateLists", "data", "fileName", "writeToFile", "Lkotlin/Function1;", "decrypt", "readList", "encryptedCerts", "decryptCerts", "secretCertKey", "secretAppKey", "whiteEncryptedCerts", "blackEncryptedCerts", "primaryKey", "secondaryKey", "updateCertificates", "Landroid/content/Context;", "context", "Landroid/content/Context;", "Lkotlinx/coroutines/b;", "coroutineDispatcher", "Lkotlinx/coroutines/b;", "Lorg/jose4j/keys/AesKey;", "secretKey$delegate", "Ldh/e;", "getSecretKey", "()Lorg/jose4j/keys/AesKey;", "secretKey", "Ljk/j;", "Lru/yoomoney/sdk/yoopinning/CertificatesLists;", "certificates$delegate", "getCertificates", "()Ljk/j;", "certificates", "<init>", "(Landroid/content/Context;Lkotlinx/coroutines/b;)V", "Companion", "yoopinning_release"}, k = 1, mv = {1, 5, 1})
/* loaded from: classes3.dex */
public final class CertRepositoryImpl implements CertRepository {
    private static final String BLACK_CERT_LIST = "black_cert_list";
    private static final String BLACK_KEY_LIST = "black_key_list";
    private static final String WHITE_CERT_LIST = "white_cert_list";

    /* renamed from: certificates$delegate, reason: from kotlin metadata */
    private final e certificates;
    private final Context context;
    private final b coroutineDispatcher;

    /* renamed from: secretKey$delegate, reason: from kotlin metadata */
    private final e secretKey;

    @Metadata(k = 3, mv = {1, 5, 1}, xi = 48)
    /* loaded from: classes3.dex */
    public /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[KidType.values().length];
            iArr[KidType.PRIMARY.ordinal()] = 1;
            iArr[KidType.SECONDARY.ordinal()] = 2;
            $EnumSwitchMapping$0 = iArr;
        }
    }

    static {
        System.loadLibrary("native-keys-pinning-container");
    }

    public CertRepositoryImpl(Context context, b bVar) {
        j.m(context, "context");
        j.m(bVar, "coroutineDispatcher");
        this.context = context;
        this.coroutineDispatcher = bVar;
        this.secretKey = a.c(new Function0() { // from class: ru.yoomoney.sdk.yoopinning.CertRepositoryImpl$secretKey$2
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public final Object invoke() {
                String secretAppKey;
                String secretCertKey;
                CryptUtils cryptUtils = CryptUtils.INSTANCE;
                CertRepositoryImpl certRepositoryImpl = CertRepositoryImpl.this;
                secretAppKey = certRepositoryImpl.secretAppKey();
                SecretKey decodeAppSecretKey$yoopinning_release = cryptUtils.decodeAppSecretKey$yoopinning_release(secretAppKey);
                secretCertKey = certRepositoryImpl.secretCertKey();
                return new AesKey(u0.i(cryptUtils.decryptCertSecretKey$yoopinning_release(decodeAppSecretKey$yoopinning_release, secretCertKey)));
            }
        });
        this.certificates = a.c(new Function0() { // from class: ru.yoomoney.sdk.yoopinning.CertRepositoryImpl$certificates$2
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public final Object invoke() {
                List whiteList;
                List blackList;
                CertRepositoryImpl certRepositoryImpl = CertRepositoryImpl.this;
                whiteList = certRepositoryImpl.getWhiteList();
                blackList = certRepositoryImpl.getBlackList();
                return o.b(new CertificatesLists(whiteList, blackList));
            }
        });
    }

    private final native String blackEncryptedCerts();

    /* JADX INFO: Access modifiers changed from: private */
    public final String checkSignature(String value) {
        f fVar = new f();
        String[] split = value.split("\\.");
        if (value.endsWith(".")) {
            String[] strArr = new String[split.length + 1];
            System.arraycopy(split, 0, strArr, 0, split.length);
            strArr[split.length] = "";
            split = strArr;
        }
        if (split.length != 3) {
            throw new Exception("A JWS Compact Serialization must have exactly 3 parts separated by period ('.') characters");
        }
        String str = split[0];
        if (str == null || str.length() == 0) {
            throw new Exception("The Encoded Header cannot be empty.");
        }
        el.a aVar = fVar.f20075b;
        aVar.f20072d = str;
        String u02 = e9.f.u0("UTF-8", aVar.f20069a.g(str));
        aVar.f20071c = u02;
        aVar.f20070b = yk.a.a(u02);
        boolean e2 = fVar.e();
        u0 u0Var = fVar.f20074a;
        if (e2) {
            fVar.f19561k = e9.f.j0(split[1], fVar.f19562l);
            fVar.f19563m = null;
        } else {
            String str2 = split[1];
            fVar.f19563m = str2;
            fVar.f19561k = u0Var.g(str2);
        }
        fVar.f20076c = u0Var.g(split[2]);
        fVar.f20079f = value;
        KidType.Companion companion = KidType.INSTANCE;
        String str3 = (String) fVar.f20075b.f20070b.get("kid");
        j.l(str3, "jws.keyIdHeaderValue");
        Key publicKey = getPublicKey(companion.fromString(str3));
        Key key = fVar.f20077d;
        if (publicKey != null ? key == null || !publicKey.equals(key) : key != null) {
            fVar.f19564n = null;
        }
        fVar.f20077d = publicKey;
        if (!fVar.f()) {
            throw PinningException.SignatureNotVerifyException.INSTANCE;
        }
        if (!Boolean.getBoolean("org.jose4j.jws.getPayload-skip-verify") && !fVar.f()) {
            throw new Exception("JWS signature is invalid.");
        }
        String u03 = e9.f.u0(fVar.f19562l, fVar.f19561k);
        j.l(u03, "jws.payload");
        return u03;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final List<String> decryptCerts(String encryptedCerts) {
        return encryptedCerts.length() == 0 ? EmptyList.f23038a : kotlin.text.b.L0(CryptUtils.INSTANCE.decrypt$yoopinning_release(encryptedCerts, getSecretKey()), new String[]{","}, 0, 6);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r8v0, types: [qh.j, kotlin.jvm.internal.FunctionReference] */
    public final List<String> getBlackList() {
        try {
            List<String> readList = readList(BLACK_CERT_LIST, new FunctionReference(1, this, CertRepositoryImpl.class, "decryptCerts", "decryptCerts(Ljava/lang/String;)Ljava/util/List;", 0));
            if (readList.isEmpty()) {
                readList = decryptCerts(blackEncryptedCerts());
            }
            return readList;
        } catch (Exception e2) {
            e2.printStackTrace();
            return EmptyList.f23038a;
        }
    }

    private final Key getPublicKey(KidType kid) {
        List<String> readList = readList(BLACK_KEY_LIST, new qh.j() { // from class: ru.yoomoney.sdk.yoopinning.CertRepositoryImpl$getPublicKey$blackKeyList$1
            @Override // qh.j
            public final Object invoke(Object obj) {
                String str = (String) obj;
                j.m(str, "data");
                return kotlin.text.b.L0(str, new String[]{","}, 0, 6);
            }
        });
        String primaryKey = primaryKey();
        int i10 = WhenMappings.$EnumSwitchMapping$0[kid.ordinal()];
        if (i10 != 1) {
            if (i10 != 2) {
                throw new NoWhenBranchMatchedException();
            }
            if (!readList.contains(CryptUtils.INSTANCE.decrypt$yoopinning_release(primaryKey, getSecretKey()))) {
                ArrayList W0 = d.W0(readList);
                W0.add(primaryKey);
                writeToFile(d.y0(W0, ",", null, null, null, 62), BLACK_KEY_LIST);
            }
            primaryKey = secondaryKey();
        }
        String decrypt$yoopinning_release = CryptUtils.INSTANCE.decrypt$yoopinning_release(primaryKey, getSecretKey());
        if (readList.contains(decrypt$yoopinning_release)) {
            throw PinningException.KeyInBlackListException.INSTANCE;
        }
        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(u0.i(decrypt$yoopinning_release)));
        j.l(generatePublic, "factory.generatePublic(pubKeySpec)");
        return generatePublic;
    }

    private final AesKey getSecretKey() {
        return (AesKey) this.secretKey.getF23014a();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final String getServerAnswer() {
        return new CertificateRequest(new ETagRepositoryImpl(this.context)).getCertificates(this.context);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r8v0, types: [qh.j, kotlin.jvm.internal.FunctionReference] */
    public final List<String> getWhiteList() {
        try {
            List<String> readList = readList(WHITE_CERT_LIST, new FunctionReference(1, this, CertRepositoryImpl.class, "decryptCerts", "decryptCerts(Ljava/lang/String;)Ljava/util/List;", 0));
            if (readList.isEmpty()) {
                readList = decryptCerts(whiteEncryptedCerts());
            }
            return readList;
        } catch (Exception e2) {
            e2.printStackTrace();
            return EmptyList.f23038a;
        }
    }

    private final native String primaryKey();

    private final List<String> readList(String str, qh.j jVar) {
        try {
            FileInputStream openFileInput = this.context.openFileInput(str);
            try {
                j.l(openFileInput, "stream");
                Reader inputStreamReader = new InputStreamReader(openFileInput, ek.a.f20052a);
                BufferedReader bufferedReader = inputStreamReader instanceof BufferedReader ? (BufferedReader) inputStreamReader : new BufferedReader(inputStreamReader, Segment.SIZE);
                try {
                    String V = q7.b.V(bufferedReader);
                    com.bumptech.glide.d.r(bufferedReader, null);
                    List<String> list = (List) jVar.invoke(V);
                    com.bumptech.glide.d.r(openFileInput, null);
                    return list;
                } finally {
                }
            } finally {
            }
        } catch (FileNotFoundException unused) {
            return EmptyList.f23038a;
        } catch (Exception e2) {
            e2.printStackTrace();
            return EmptyList.f23038a;
        }
    }

    private final native String secondaryKey();

    /* JADX INFO: Access modifiers changed from: private */
    public final native String secretAppKey();

    /* JADX INFO: Access modifiers changed from: private */
    public final native String secretCertKey();

    /* JADX INFO: Access modifiers changed from: private */
    public final void updateLists(List<String> list, List<String> list2) {
        CryptUtils cryptUtils = CryptUtils.INSTANCE;
        String encrypt$yoopinning_release = cryptUtils.encrypt$yoopinning_release(d.y0(list2, ",", null, null, null, 62), getSecretKey());
        writeToFile(cryptUtils.encrypt$yoopinning_release(d.y0(list, ",", null, null, null, 62), getSecretKey()), BLACK_CERT_LIST);
        writeToFile(encrypt$yoopinning_release, WHITE_CERT_LIST);
    }

    private final native String whiteEncryptedCerts();

    private final void writeToFile(String str, String str2) {
        FileOutputStream openFileOutput = this.context.openFileOutput(str2, 0);
        try {
            Charset charset = ek.a.f20052a;
            if (str == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = str.getBytes(charset);
            j.l(bytes, "(this as java.lang.String).getBytes(charset)");
            openFileOutput.write(bytes);
            com.bumptech.glide.d.r(openFileOutput, null);
        } catch (Throwable th2) {
            try {
                throw th2;
            } catch (Throwable th3) {
                com.bumptech.glide.d.r(openFileOutput, th2);
                throw th3;
            }
        }
    }

    @Override // ru.yoomoney.sdk.yoopinning.CertRepository
    public jk.j getCertificates() {
        return (jk.j) this.certificates.getF23014a();
    }

    @Override // ru.yoomoney.sdk.yoopinning.CertRepository
    public void updateCertificates() {
        hh.f.q0(hh.f.J(hh.f.L()), null, null, new CertRepositoryImpl$updateCertificates$1(this, null), 3);
    }
}
