package com.oplus.oner.security;

import android.content.Context;
import android.util.Base64;
import androidx.annotation.NonNull;
import com.heytap.speechassist.core.f0;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.jose4j.jwa.AlgorithmConstraints;
import org.jose4j.jwt.MalformedClaimException;
import org.jose4j.jwt.consumer.InvalidJwtException;
import org.jose4j.jwt.consumer.InvalidJwtSignatureException;
import org.jose4j.jwt.consumer.b;
import org.jose4j.jwt.consumer.c;
import org.jose4j.jwt.consumer.d;
import org.jose4j.jwt.consumer.e;
import org.jose4j.jwt.consumer.f;
import org.jose4j.jwt.consumer.g;
import org.jose4j.keys.KeyPersuasion;
import org.jose4j.lang.JoseException;
import v80.m;

/* loaded from: classes4.dex */
public class SecurityEnhancer {

    /* renamed from: a, reason: collision with root package name */
    public final g80.a f24753a;

    /* renamed from: oner, reason: collision with root package name */
    public final Context f24754oner;

    /* loaded from: classes4.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        public String f24755a;

        /* renamed from: oner, reason: collision with root package name */
        public String f24756oner;
    }

    /* loaded from: classes4.dex */
    public enum b {
        PRODUCTION(0),
        TEST(1),
        DEVELOP(2);


        /* renamed from: oner, reason: collision with root package name */
        public final int f24761oner;

        b(int i3) {
            this.f24761oner = i3;
        }
    }

    /* loaded from: classes4.dex */
    public static class oner {

        /* renamed from: a, reason: collision with root package name */
        public byte[] f24762a;

        /* renamed from: b, reason: collision with root package name */
        public byte[] f24763b;

        /* renamed from: oner, reason: collision with root package name */
        public byte[] f24764oner;
    }

    static {
        System.loadLibrary("oner-security");
    }

    public SecurityEnhancer(@NonNull Context context) {
        Context applicationContext = context.getApplicationContext();
        this.f24754oner = applicationContext;
        this.f24753a = g80.a.b(applicationContext);
    }

    private native void setEnvConfig(int i3);

    /* JADX WARN: Code restructure failed: missing block: B:13:0x0024, code lost:
    
        if (r3 == null) goto L17;
     */
    /* JADX WARN: Removed duplicated region for block: B:42:0x0180  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void initSecurityModule(com.oplus.oner.security.SecurityEnhancer.b r11) {
        /*
            Method dump skipped, instructions count: 667
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.oplus.oner.security.SecurityEnhancer.initSecurityModule(com.oplus.oner.security.SecurityEnhancer$b):void");
    }

    public oner packDigitEnvelope(byte[] bArr) {
        RSAPublicKey rSAPublicKey;
        RSAPublicKey rSAPublicKey2;
        byte[] bArr2;
        g80.a aVar = this.f24753a;
        synchronized (aVar) {
            rSAPublicKey = aVar.f30301b;
        }
        Objects.requireNonNull(rSAPublicKey);
        g80.a aVar2 = this.f24753a;
        synchronized (aVar2) {
            rSAPublicKey2 = aVar2.f30301b;
        }
        Objects.requireNonNull(rSAPublicKey2, "RSAPublicKey is null");
        byte[] bArr3 = new byte[12];
        new SecureRandom().nextBytes(bArr3);
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        SecretKey generateKey = keyGenerator.generateKey();
        byte[] bArr4 = null;
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/OAEPPadding");
            cipher.init(1, rSAPublicKey2);
            bArr2 = cipher.doFinal(generateKey.getEncoded());
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e11) {
            e11.printStackTrace();
            bArr2 = null;
        }
        try {
            Cipher cipher2 = Cipher.getInstance("AES_256/GCM/NoPadding");
            cipher2.init(1, generateKey, new GCMParameterSpec(128, bArr3));
            bArr4 = cipher2.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e12) {
            e12.printStackTrace();
        }
        oner onerVar = new oner();
        onerVar.f24764oner = (byte[]) bArr3.clone();
        onerVar.f24762a = bArr2;
        onerVar.f24763b = bArr4;
        return onerVar;
    }

    public a parseTerminalToken(String str, String str2) {
        ECPublicKey eCPublicKey;
        String str3;
        b.a aVar;
        String str4;
        boolean z11;
        String str5;
        String l;
        y80.a aVar2;
        g80.a aVar3 = this.f24753a;
        synchronized (aVar3) {
            eCPublicKey = aVar3.f30302c;
        }
        if (str2 == null || eCPublicKey == null) {
            throw new InvalidParameterException("token or PublicKey is null .");
        }
        if (str2.split("\\.").length != 3) {
            throw new InvalidParameterException("token is not jwt format .");
        }
        ah.a aVar4 = new ah.a((Object) null);
        f fVar = new f();
        ArrayList arrayList = new ArrayList();
        ah.a aVar5 = new ah.a(eCPublicKey);
        fVar.f35232a = true;
        fVar.f35233b = true;
        c cVar = new c("OPPO Arbitrate Cloud", true);
        AlgorithmConstraints algorithmConstraints = new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.PERMIT, "ES256");
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new org.jose4j.jwt.consumer.a(Collections.emptySet(), false));
        arrayList2.add(cVar);
        arrayList2.add(fVar);
        arrayList2.add(new g(false));
        arrayList2.add(new d(false));
        arrayList2.addAll(arrayList);
        LinkedList linkedList = new LinkedList();
        z80.a aVar6 = new z80.a(str2, null, Collections.unmodifiableList(linkedList));
        String str6 = str2;
        y80.a aVar7 = null;
        while (true) {
            str3 = " JOSE object (cause: ";
            if (aVar7 != null) {
                break;
            }
            y80.a aVar8 = aVar7;
            try {
                try {
                    a90.b c11 = a90.b.c(str6);
                    if (c11 instanceof x80.d) {
                        x80.d dVar = (x80.d) c11;
                        str5 = str6;
                        try {
                            l = f0.L(dVar.f39979k, dVar.l);
                        } catch (JoseException e11) {
                            e = e11;
                            String str7 = str5;
                            StringBuilder d11 = androidx.core.content.a.d("Unable to process");
                            if (!linkedList.isEmpty()) {
                                d11.append(" nested");
                            }
                            d11.append(" JOSE object (cause: ");
                            d11.append(e);
                            d11.append("): ");
                            d11.append(str7);
                            throw new InvalidJwtException("JWT processing failed.", new b.a(17, d11.toString()), e, aVar6);
                        } catch (Exception e12) {
                            e = e12;
                            String str8 = str5;
                            StringBuilder d12 = androidx.core.content.a.d("Unexpected exception encountered while processing");
                            if (!linkedList.isEmpty()) {
                                d12.append(" nested");
                            }
                            d12.append(" JOSE object (");
                            d12.append(e);
                            d12.append("): ");
                            d12.append(str8);
                            throw new InvalidJwtException("JWT processing failed.", new b.a(17, d12.toString()), e, aVar6);
                        }
                    } else {
                        str5 = str6;
                        m mVar = (m) c11;
                        Collections.unmodifiableList(linkedList);
                        mVar.j((Key) aVar4.f329a);
                        l = mVar.l();
                    }
                    ArrayList arrayList3 = arrayList2;
                    String str9 = (String) c11.f266b.f261b.get("cty");
                    if (str9 != null && (str9.equalsIgnoreCase("jwt") || str9.equalsIgnoreCase("application/jwt"))) {
                        aVar2 = aVar8;
                        str5 = l;
                    } else {
                        try {
                            aVar2 = new y80.a(l, aVar6);
                            aVar6.f41130b = aVar2;
                        } catch (InvalidJwtException e13) {
                            throw e13;
                        }
                    }
                    linkedList.addFirst(c11);
                    aVar7 = aVar2;
                    str6 = str5;
                    arrayList2 = arrayList3;
                } catch (InvalidJwtException e14) {
                    throw e14;
                }
            } catch (JoseException e15) {
                e = e15;
                str5 = str6;
            } catch (Exception e16) {
                e = e16;
                str5 = str6;
            }
        }
        ArrayList<org.jose4j.jwt.consumer.b> arrayList4 = arrayList2;
        ArrayList arrayList5 = new ArrayList(aVar6.f41131c);
        int size = arrayList5.size() - 1;
        boolean z12 = false;
        while (size >= 0) {
            List subList = arrayList5.subList(size + 1, arrayList5.size());
            Collections.unmodifiableList(subList);
            a90.b bVar = (a90.b) arrayList5.get(size);
            ArrayList arrayList6 = arrayList5;
            try {
                try {
                    if (bVar instanceof x80.d) {
                        x80.d dVar2 = (x80.d) bVar;
                        z11 = z12;
                        str4 = str3;
                        try {
                            boolean equals = "none".equals(dVar2.d());
                            dVar2.f269e = false;
                            dVar2.f271g = algorithmConstraints;
                            dVar2.j((Key) aVar5.f329a);
                            if (!dVar2.l()) {
                                throw new InvalidJwtSignatureException(dVar2, aVar6);
                            }
                            if (!equals) {
                                z12 = true;
                                size--;
                                arrayList5 = arrayList6;
                                str3 = str4;
                            }
                        } catch (JoseException e17) {
                            e = e17;
                            StringBuilder d13 = androidx.core.content.a.d("Unable to process");
                            if (!subList.isEmpty()) {
                                d13.append(" nested");
                            }
                            d13.append(str4);
                            d13.append(e);
                            d13.append("): ");
                            d13.append(bVar);
                            throw new InvalidJwtException("JWT processing failed.", new b.a(17, d13.toString()), e, aVar6);
                        }
                    } else {
                        z11 = z12;
                        str4 = str3;
                        m mVar2 = (m) bVar;
                        Key key = (Key) aVar4.f329a;
                        if (key != null && !key.equals(mVar2.f268d)) {
                            throw new InvalidJwtException("The resolved decryption key is different than the one originally used to decrypt the JWE.", Collections.singletonList(new b.a(17, "Key resolution problem.")), aVar6);
                        }
                        mVar2.k().b();
                        KeyPersuasion keyPersuasion = KeyPersuasion.SYMMETRIC;
                    }
                    z12 = z11;
                    size--;
                    arrayList5 = arrayList6;
                    str3 = str4;
                } catch (JoseException e18) {
                    e = e18;
                    str4 = str3;
                }
            } catch (InvalidJwtException e19) {
                throw e19;
            } catch (Exception e21) {
                StringBuilder d14 = androidx.core.content.a.d("Unexpected exception encountered while processing");
                if (!subList.isEmpty()) {
                    d14.append(" nested");
                }
                d14.append(" JOSE object (");
                d14.append(e21);
                d14.append("): ");
                d14.append(bVar);
                throw new InvalidJwtException("JWT processing failed.", new b.a(17, d14.toString()), e21, aVar6);
            }
        }
        if (!z12) {
            List singletonList = Collections.singletonList(new b.a(10, "Missing signature."));
            StringBuilder d15 = androidx.core.content.a.d("The JWT has no signature but the JWT Consumer is configured to require one: ");
            d15.append(aVar6.f41129a);
            throw new InvalidJwtException(d15.toString(), singletonList, aVar6);
        }
        ArrayList arrayList7 = new ArrayList();
        for (org.jose4j.jwt.consumer.b bVar2 : arrayList4) {
            try {
                aVar = bVar2.a(aVar6);
            } catch (MalformedClaimException e22) {
                aVar = new b.a(18, e22.getMessage());
            } catch (Exception e23) {
                StringBuilder d16 = androidx.core.content.a.d("Unexpected exception thrown from validator ");
                d16.append(bVar2.getClass().getName());
                d16.append(": ");
                d16.append(r9.b.u(e23, e.class));
                aVar = new b.a(17, d16.toString());
            }
            if (aVar != null) {
                arrayList7.add(aVar);
            }
        }
        if (!arrayList7.isEmpty()) {
            throw new InvalidJwtException(android.support.v4.media.a.h(androidx.core.content.a.d("JWT (claims->"), aVar6.f41130b.f40768b, ") rejected due to invalid claims or other invalid content."), arrayList7, aVar6);
        }
        y80.a aVar9 = aVar6.f41130b;
        Objects.requireNonNull(aVar9);
        Set emptySet = Collections.emptySet();
        LinkedHashMap linkedHashMap = new LinkedHashMap(aVar9.f40767a);
        Iterator it2 = emptySet.iterator();
        while (it2.hasNext()) {
            linkedHashMap.remove((String) it2.next());
        }
        String encodeToString = Base64.encodeToString(MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256).digest(str.getBytes(StandardCharsets.UTF_8)), 2);
        if (!linkedHashMap.containsKey("dst_OAF_deviceId") || !linkedHashMap.containsKey("rand_hash")) {
            return null;
        }
        if (!Objects.equals(linkedHashMap.get("rand_hash"), encodeToString)) {
            throw new Exception("rand hash is not equal");
        }
        a aVar10 = new a();
        aVar10.f24756oner = (String) linkedHashMap.get("dst_OAF_deviceId");
        aVar10.f24755a = (String) linkedHashMap.get("dst_device_type");
        return aVar10;
    }
}
