package com.adobe.engagementsdk;

import android.content.SharedPreferences;
import android.util.Base64;
import androidx.constraintlayout.core.motion.utils.TypedValues;
import com.facebook.internal.security.OidcSecurityUtil;
import floodgate.org.apache.commons.codec.digest.MessageDigestAlgorithms;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;
import java.util.UUID;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class AdobeEngagementCryptography {
    private static String SHARED_PREF_NAME = "AdobeEngagementCryptographySharedPreference";
    private static String TAG = "com.adobe.engagementsdk.AdobeEngagementCryptography";
    private static Set<String> verifiedCertificates = new HashSet();

    private static X509Certificate createCertificate(String str) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(str.getBytes()));
        } catch (CertificateException e) {
            AdobeEngagementLogger.error(TAG, e.getMessage());
            return null;
        }
    }

    private static X509Certificate downloadCertificate(String str) {
        try {
            URL url = new URL(str.replace("http:", "https:"));
            url.openConnection().connect();
            BufferedInputStream bufferedInputStream = new BufferedInputStream(url.openStream(), 8192);
            StringBuilder sb = new StringBuilder();
            AdobeEngagementInternal.getInstance();
            String sb2 = sb.append(AdobeEngagementInternal.getDir()).append("/").append(UUID.randomUUID()).append(".crt").toString();
            FileOutputStream fileOutputStream = new FileOutputStream(sb2);
            byte[] bArr = new byte[1024];
            while (true) {
                int read = bufferedInputStream.read(bArr);
                if (read == -1) {
                    fileOutputStream.flush();
                    fileOutputStream.close();
                    bufferedInputStream.close();
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new FileInputStream(sb2));
                    new File(sb2).delete();
                    return x509Certificate;
                }
                fileOutputStream.write(bArr, 0, read);
            }
        } catch (Exception e) {
            AdobeEngagementLogger.error(TAG, e.getMessage());
            return null;
        }
    }

    private static String getCAIssuer(X509Certificate x509Certificate) {
        String str;
        String[] split = x509Certificate.toString().split("\n");
        String str2 = null;
        boolean z = false;
        for (int i = 0; i < split.length; i++) {
            if (split[i].contains("Authority Information Access:")) {
                z = true;
            }
            if (z && split[i].contains("CA Issuers")) {
                String[] split2 = split[i].split("-");
                if (split2.length > 1 && (str = split2[1]) != null && str.contains("URI:") && (str2 = str.substring(5)) != null) {
                    return str2.trim();
                }
            }
        }
        return str2;
    }

    private static String getCommonName(X509Certificate x509Certificate) {
        String[] split = x509Certificate.getSubjectX500Principal().getName().split(",");
        if (split.length <= 2 || split[2].split("=").length <= 1) {
            return null;
        }
        return split[2].split("=")[1];
    }

    public static String getStringFromCrt(Certificate certificate) {
        try {
            return "-----BEGIN CERTIFICATE-----\r\n" + Base64.encodeToString(certificate.getEncoded(), 0).trim() + "\r\n-----END CERTIFICATE-----";
        } catch (CertificateEncodingException e) {
            AdobeEngagementLogger.error(TAG, e.getMessage());
            return null;
        }
    }

    private static boolean isCertificateValidForAMonth(X509Certificate x509Certificate) {
        Date date = new Date();
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        calendar.add(2, 1);
        try {
            x509Certificate.checkValidity(calendar.getTime());
            return true;
        } catch (CertificateExpiredException e) {
            AdobeEngagementLogger.error(TAG, e.getMessage());
            AdobeEngagementInternal.getInstance().logAnalytics(new JSONObject(new SimpleDateFormat("yyyy-mm-dd hh:mm:ss").format(x509Certificate.getNotAfter()), x509Certificate) { // from class: com.adobe.engagementsdk.AdobeEngagementCryptography.2
                final /* synthetic */ X509Certificate val$certObject;
                final /* synthetic */ String val$expiryDate;

                {
                    this.val$expiryDate = r4;
                    this.val$certObject = x509Certificate;
                    try {
                        put("event.type", "error");
                        put("event.error_type", AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning);
                        put("event.error_desc", "Certificate is expired on " + r4 + " . for version " + x509Certificate.getVersion());
                        put("event.error_code", AdobeEngagementErrorCode.AdobeEngagementErrorCodeCertificateValidationFailed);
                        put("ccxp.line", Utils.getStackTraceLineNumber());
                        put("ccxp.file", AdobeEngagementCryptography.TAG);
                    } catch (JSONException e2) {
                        AdobeEngagementLogger.error(AdobeEngagementCryptography.TAG, e2.getMessage());
                    }
                }
            });
            return false;
        } catch (CertificateNotYetValidException e2) {
            AdobeEngagementLogger.error(TAG, e2.getMessage());
            AdobeEngagementInternal.getInstance().logAnalytics(new JSONObject(new SimpleDateFormat("yyyy-mm-dd hh:mm:ss").format(x509Certificate.getNotBefore()), x509Certificate) { // from class: com.adobe.engagementsdk.AdobeEngagementCryptography.3
                final /* synthetic */ X509Certificate val$certObject;
                final /* synthetic */ String val$notValidFrom;

                {
                    this.val$notValidFrom = r4;
                    this.val$certObject = x509Certificate;
                    try {
                        put("event.type", "error");
                        put("event.error_type", AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning);
                        put("event.error_desc", "Certificate is not valid before " + r4 + " . for version " + x509Certificate.getVersion());
                        put("event.error_code", AdobeEngagementErrorCode.AdobeEngagementErrorCodeCertificateValidationFailed);
                        put("ccxp.line", Utils.getStackTraceLineNumber());
                        put("ccxp.file", AdobeEngagementCryptography.TAG);
                    } catch (JSONException e3) {
                        AdobeEngagementLogger.error(AdobeEngagementCryptography.TAG, e3.getMessage());
                    }
                }
            });
            return false;
        }
    }

    private static boolean isValid(X509Certificate x509Certificate) {
        try {
            x509Certificate.checkValidity();
            return true;
        } catch (CertificateExpiredException e) {
            AdobeEngagementLogger.error(TAG, e.getMessage());
            return false;
        } catch (CertificateNotYetValidException e2) {
            AdobeEngagementLogger.error(TAG, e2.getMessage());
            return false;
        }
    }

    public static Result rsa256(Object obj) {
        String string;
        String replace;
        X509Certificate createCertificate;
        try {
            JSONObject jSONObject = (JSONObject) obj;
            string = jSONObject.getString("contents");
            String string2 = jSONObject.getString("certificate");
            replace = jSONObject.getString("signature").replace("-----BEGIN SIGNATURE-----", "").replace("-----END SIGNATURE-----", "");
            createCertificate = createCertificate(string2);
        } catch (InvalidKeyException e) {
            AdobeEngagementLogger.error(TAG, e.getMessage());
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeInvalidSecurityPublicKey, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, e.getMessage()));
        } catch (NoSuchAlgorithmException e2) {
            AdobeEngagementLogger.error(TAG, e2.getMessage());
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeAlgorithmNotFound, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, e2.getMessage()));
        } catch (SignatureException e3) {
            AdobeEngagementLogger.error(TAG, e3.getMessage());
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeSignatureInvalid, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, e3.getMessage()));
        } catch (JSONException e4) {
            AdobeEngagementLogger.error(TAG, e4.getMessage());
        }
        if (createCertificate == null) {
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeCannotGetUserFile, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, "Cannot read certificate"));
        }
        Signature signature = Signature.getInstance(OidcSecurityUtil.SIGNATURE_ALGORITHM_SHA256);
        signature.initVerify(createCertificate);
        signature.update(string.getBytes());
        if (!signature.verify(Base64.decode(replace.getBytes(), 0))) {
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeSignatureInvalid, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, "Content signature did not match."));
        }
        return new Result((Object) true);
    }

    private static void saveCertificate(String str, X509Certificate x509Certificate) {
        String stringFromCrt = getStringFromCrt(x509Certificate);
        if (stringFromCrt != null) {
            SharedPreferences.Editor edit = AdobeEngagementInternal.getInstance().getApplicationContext().getSharedPreferences(SHARED_PREF_NAME, 0).edit();
            edit.putString(str, stringFromCrt);
            edit.apply();
        }
    }

    public static Result sha256(Object obj) {
        String str;
        try {
            String string = ((JSONObject) obj).getString("filePath");
            MessageDigest messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256);
            FileInputStream fileInputStream = new FileInputStream(string);
            byte[] bArr = new byte[1024];
            while (true) {
                int read = fileInputStream.read(bArr);
                if (read == -1) {
                    break;
                }
                messageDigest.update(bArr, 0, read);
            }
            fileInputStream.close();
            str = Base64.encodeToString(messageDigest.digest(), 0).trim();
        } catch (FileNotFoundException e) {
            AdobeEngagementLogger.error(TAG, e.getMessage());
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeCannotGetUserFile, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, e.getMessage()));
        } catch (IOException e2) {
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeCannotGetUserFile, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, e2.getMessage()));
        } catch (NoSuchAlgorithmException e3) {
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeAlgorithmNotFound, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, e3.getMessage()));
        } catch (JSONException e4) {
            AdobeEngagementLogger.error(TAG, e4.getMessage());
            str = "";
        }
        return new Result(str);
    }

    public static Result sha256FromStr(Object obj) {
        try {
            byte[] bytes = ((JSONObject) obj).getString(TypedValues.Custom.S_STRING).getBytes();
            int length = bytes.length;
            MessageDigest messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256);
            messageDigest.update(bytes, 0, length);
            return new Result(Base64.encodeToString(messageDigest.digest(), 0).trim());
        } catch (NoSuchAlgorithmException e) {
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeAlgorithmNotFound, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, e.getMessage()));
        } catch (JSONException e2) {
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeJSONParsingError, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, e2.getMessage()));
        }
    }

    public static Result verifyCertificate(Object obj) {
        try {
            JSONObject jSONObject = (JSONObject) obj;
            String string = jSONObject.getString("certificate");
            String string2 = jSONObject.getString("chain");
            ArrayList arrayList = new ArrayList();
            if (string2 != null && !string2.isEmpty()) {
                JSONArray jSONArray = new JSONArray(string2);
                for (int i = 0; i < jSONArray.length(); i++) {
                    arrayList.add(jSONArray.getString(i));
                }
            }
            if (verifiedCertificates.contains(string)) {
                return new Result((Object) true);
            }
            X509Certificate createCertificate = createCertificate(string);
            String commonName = getCommonName(createCertificate);
            if (commonName != null && commonName.equals("Adobe Inc.")) {
                if (!isCertificateValidForAMonth(createCertificate)) {
                    AdobeEngagementInternal.getInstance().logAnalytics(new JSONObject(new SimpleDateFormat("yyyy-mm-dd hh:mm:ss").format(createCertificate.getNotAfter()), createCertificate) { // from class: com.adobe.engagementsdk.AdobeEngagementCryptography.1
                        final /* synthetic */ X509Certificate val$certObject;
                        final /* synthetic */ String val$expiryDate;

                        {
                            this.val$expiryDate = r4;
                            this.val$certObject = createCertificate;
                            try {
                                put("event.type", "error");
                                put("event.error_type", AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning);
                                put("event.error_desc", "Certificate about to expire on " + r4 + " for version " + createCertificate.getVersion());
                                put("event.error_code", AdobeEngagementErrorCode.AdobeEngagementErrorCodeCertificateValidationFailed);
                                put("ccxp.line", Utils.getStackTraceLineNumber());
                                put("ccxp.file", AdobeEngagementCryptography.TAG);
                            } catch (JSONException e) {
                                AdobeEngagementLogger.error(AdobeEngagementCryptography.TAG, e.getMessage());
                            }
                        }
                    });
                }
                X509Certificate[] x509CertificateArr = new X509Certificate[arrayList.size()];
                for (int i2 = 0; i2 < arrayList.size(); i2++) {
                    x509CertificateArr[i2] = createCertificate("-----BEGIN CERTIFICATE-----\r\n" + ((String) arrayList.get(i2)) + "\r\n-----END CERTIFICATE-----");
                    String cAIssuer = getCAIssuer(x509CertificateArr[i2]);
                    if (cAIssuer != null && !cAIssuer.equals("") && !isValid(x509CertificateArr[i2])) {
                        String string3 = AdobeEngagementInternal.getInstance().getApplicationContext().getSharedPreferences(SHARED_PREF_NAME, 0).getString(cAIssuer, null);
                        if (string3 != null) {
                            X509Certificate createCertificate2 = createCertificate(string3);
                            if (isValid(createCertificate2)) {
                                x509CertificateArr[i2] = createCertificate2;
                            } else {
                                X509Certificate downloadCertificate = downloadCertificate(cAIssuer);
                                x509CertificateArr[i2] = downloadCertificate;
                                saveCertificate(cAIssuer, downloadCertificate);
                            }
                        } else {
                            X509Certificate downloadCertificate2 = downloadCertificate(cAIssuer);
                            x509CertificateArr[i2] = downloadCertificate2;
                            saveCertificate(cAIssuer, downloadCertificate2);
                        }
                    }
                }
                new AdobeEngagementTrustManager().checkClientTrusted(x509CertificateArr, "RSA");
                verifiedCertificates.add(string);
                return new Result((Object) true);
            }
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeCertificateValidationFailed, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, "Certificate issued to unknown organization : " + commonName));
        } catch (CertificateException e) {
            AdobeEngagementLogger.error(TAG, e.getMessage());
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeCertificateValidationFailed, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, "Certification validation failed : " + e.getMessage()));
        } catch (JSONException e2) {
            AdobeEngagementLogger.error(TAG, e2.getMessage());
            return new Result((Object) false);
        } catch (Exception e3) {
            AdobeEngagementLogger.error(TAG, e3.getMessage());
            return new Result(new AdobeEngagementException(AdobeEngagementErrorCode.AdobeEngagementErrorCodeCertificateValidationFailed, AdobeEngagementErrorCategory.AdobeEngagementErrorCategoryContentSigning, "Certification validation failed : " + e3.getMessage()));
        }
    }
}
