package mobi.droidcloud.accountmgr;

import android.util.Base64;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;

/* compiled from: Hypori-ACE */
/* loaded from: classes.dex */
public class o {

    /* renamed from: a, reason: collision with root package name */
    private static final String f1487a = o.class.getSimpleName();

    /* renamed from: b, reason: collision with root package name */
    private static final b.b.a.o f1488b = new b.b.a.o("2.16.840.1.101.3.4.2.1");
    private mobi.droidcloud.c.a.a c;
    private byte[] d;
    private String e;
    private byte[] f;
    private String g;
    private String h;
    private String i;
    private byte[] j;

    public o() {
        this.c = new mobi.droidcloud.c.a.a();
    }

    public o(mobi.droidcloud.c.a.a aVar, String str, byte[] bArr, byte[] bArr2, String str2, byte[] bArr3, String str3) {
        this.c = aVar;
        this.e = str;
        this.d = bArr2;
        this.i = str2;
        this.f = bArr3;
        this.g = str3;
        this.j = bArr;
        if (this.c.p == null) {
            a();
        }
    }

    private static String a(int i) {
        switch (i) {
            case 0:
                return "SHA-1";
            case 1:
                return "SHA-256";
            case 2:
                return "SHA-384";
            case 3:
                return "SHA-512";
            default:
                mobi.droidcloud.h.e.d(f1487a, "Unknown hash algorithm with id=%d. Will return default=%s", Integer.valueOf(i), "SHA-256");
                return "SHA-256";
        }
    }

    public static o a(String str) {
        if (str == null) {
            mobi.droidcloud.h.e.d(f1487a, "Null base64 AuthToken from the server", new Object[0]);
            return null;
        }
        if (str.length() > 8192) {
            mobi.droidcloud.h.e.d(f1487a, "A base64 token %d bytes long is larger than the maximum=%d", Integer.valueOf(str.length()), 8192);
            return null;
        }
        byte[] decode = Base64.decode(str, 0);
        ByteBuffer wrap = ByteBuffer.wrap(decode);
        int length = decode.length;
        int i = wrap.getInt();
        int i2 = length - 4;
        if (i > i2) {
            mobi.droidcloud.h.e.d(f1487a, "Signature size of %d is larger than unparsed byte count=%d", Integer.valueOf(i), Integer.valueOf(i2));
            return null;
        }
        byte[] bArr = new byte[i];
        wrap.get(bArr);
        int i3 = i2 - i;
        if (i3 < 4) {
            mobi.droidcloud.h.e.d(f1487a, "There is only %d bytes left to parse which is not enough to get the hash algorithm enum", Integer.valueOf(i3));
            return null;
        }
        int i4 = i3 - 4;
        String a2 = a(wrap.getInt());
        if (i4 < 1) {
            mobi.droidcloud.h.e.d(f1487a, "No bytes left for parsing the json payload!", new Object[0]);
            return null;
        }
        byte[] bArr2 = new byte[i4];
        wrap.get(bArr2);
        try {
            return a(str, decode, bArr, a2, bArr2, new String(bArr2, "UTF-8"));
        } catch (Exception e) {
            mobi.droidcloud.h.e.d(f1487a, "Failed to parse %d json bytes. error=%s", Integer.valueOf(i4), e.getLocalizedMessage());
            return null;
        }
    }

    private static o a(String str, byte[] bArr, byte[] bArr2, String str2, byte[] bArr3, String str3) {
        mobi.droidcloud.c.a.a aVar = new mobi.droidcloud.c.a.a();
        if (str3 == null) {
            mobi.droidcloud.h.e.b(f1487a, "Null AuthToken from the server", new Object[0]);
            return null;
        }
        try {
            b.a.d dVar = new b.a.d(str3);
            try {
                aVar.f1513a = dVar.h("version");
            } catch (b.a.c e) {
                aVar.f1513a = "3.0.2";
            }
            int[] b2 = b(aVar.f1513a);
            if (b2 == null) {
                mobi.droidcloud.h.e.d(f1487a, "Error parsing version string = %s", aVar.f1513a);
                return null;
            }
            aVar.f1514b = b2[0];
            aVar.c = b2[1];
            aVar.d = b2[2];
            aVar.e = dVar.h("serviceType");
            aVar.f = dVar.g("iat");
            aVar.g = dVar.g("nbt");
            aVar.h = dVar.g("expiration");
            aVar.i = dVar.h("host");
            aVar.j = dVar.f("port");
            aVar.k = dVar.h("vdId");
            try {
                aVar.l = dVar.h("uuid");
            } catch (b.a.c e2) {
                aVar.l = null;
            }
            aVar.m = dVar.h("subject");
            try {
                b.a.b i = dVar.i("groups");
                aVar.n = new String[i.a()];
                for (int i2 = 0; i2 < aVar.n.length; i2++) {
                    aVar.n[i2] = i.c(i2);
                }
            } catch (b.a.c e3) {
                aVar.n = new String[0];
            }
            b.a.d k = dVar.k("location");
            if (k == null) {
                aVar.o = null;
            } else {
                aVar.getClass();
                aVar.o = new mobi.droidcloud.c.a.b(aVar);
                aVar.o.f1515a = k.h("latitude");
                aVar.o.f1516b = k.h("longitude");
            }
            aVar.p = dVar.h("random");
            try {
                aVar.q = dVar.h("virtualDeviceType");
            } catch (b.a.c e4) {
                aVar.q = "FullVM";
            }
            if (!c(aVar.q)) {
                mobi.droidcloud.h.e.d(f1487a, "Unknown Virtual Device Type: %s", aVar.q);
                return null;
            }
            try {
                aVar.r = dVar.e("spice_client_signing_required");
            } catch (b.a.c e5) {
                aVar.r = false;
            }
            return new o(aVar, str, bArr, bArr2, str2, bArr3, str3);
        } catch (b.a.c e6) {
            mobi.droidcloud.h.e.d(f1487a, "Error decoding JSON: %s", e6.getMessage());
            return null;
        }
    }

    private boolean a(String str, String str2) {
        char[] charArray = str.toCharArray();
        char[] charArray2 = str2.toCharArray();
        if (charArray == null || charArray2 == null || charArray.length == 0 || charArray2.length == 0) {
            return false;
        }
        int i = charArray[0] == '/' ? 1 : 0;
        int i2 = charArray2[0] == '/' ? 1 : 0;
        int i3 = i;
        for (int i4 = 0; i4 < charArray.length; i4++) {
            if (i2 >= charArray2.length) {
                return false;
            }
            if (charArray2[i2] != charArray[i3]) {
                if (charArray2[i2] != ',' && charArray2[i2] != '/') {
                    return false;
                }
                if (charArray[i3] != ',' && charArray[i3] != '/') {
                    return false;
                }
            }
            i2++;
            i3++;
        }
        return i3 == charArray.length || i2 == charArray2.length;
    }

    private boolean b(String str, String str2) {
        return str.equals(str2);
    }

    private static int[] b(String str) {
        int[] iArr = new int[3];
        String[] split = str.split("\\.");
        if (split.length < 1) {
            return null;
        }
        try {
            if (split.length == 1) {
                iArr[0] = Integer.parseInt(split[0]);
                iArr[2] = 0;
                iArr[1] = 0;
            } else if (split.length == 2) {
                iArr[0] = Integer.parseInt(split[0]);
                iArr[1] = Integer.parseInt(split[1]);
                iArr[2] = 0;
            } else {
                iArr[0] = Integer.parseInt(split[0]);
                iArr[1] = Integer.parseInt(split[1]);
                iArr[2] = Integer.parseInt(split[2]);
            }
            return iArr;
        } catch (NumberFormatException e) {
            return null;
        }
    }

    private static boolean c(String str) {
        return str.equals("PublishedApp") || str.equals("FullVM");
    }

    private byte[] i() {
        byte[] bArr = new byte[this.f.length + 4];
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        wrap.order(ByteOrder.BIG_ENDIAN);
        wrap.put(this.f);
        wrap.putInt(this.f.length);
        return bArr;
    }

    public String a(mobi.droidcloud.a.e eVar) {
        String str;
        if (!this.c.r) {
            return h();
        }
        if (this.h == null) {
            try {
                X509Certificate e = eVar.e();
                String algorithm = e.getPublicKey().getAlgorithm();
                if ("RSA".equals(algorithm)) {
                    str = "SHA256withRSA";
                } else {
                    if (!"EC".equals(algorithm)) {
                        mobi.droidcloud.h.e.c(f1487a, new InvalidKeyException("Key must be RSA or EC"), "Key must be RSA or EC", new Object[0]);
                        return null;
                    }
                    str = "SHA256withECDSA";
                }
                ArrayList arrayList = new ArrayList();
                arrayList.add(e);
                b.b.b.a.a aVar = new b.b.b.a.a(arrayList);
                b.b.c.e eVar2 = new b.b.c.e(this.j);
                b.b.c.j jVar = new b.b.c.j();
                jVar.a(new b.b.c.a.a(new b.b.e.a.d().a()).a(new b.b.e.a.a(str).a(eVar.f()), e));
                jVar.a(aVar);
                this.h = new String(Base64.encode(jVar.a(eVar2, true).a(), 2));
            } catch (b.b.c.c e2) {
                mobi.droidcloud.h.e.a(f1487a, e2, "Can't sign token using CMS", new Object[0]);
            } catch (b.b.e.g e3) {
                mobi.droidcloud.h.e.a(f1487a, e3, "Can't sign token using CMS", new Object[0]);
            } catch (IOException e4) {
                mobi.droidcloud.h.e.a(f1487a, e4, "Can't sign token using CMS", new Object[0]);
            } catch (CertificateEncodingException e5) {
                mobi.droidcloud.h.e.a(f1487a, e5, "Can't sign token using CMS", new Object[0]);
            }
        }
        return this.h;
    }

    public void a() {
        if (this.c.p == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            this.c.p = String.valueOf(mobi.droidcloud.h.g.a(bArr));
        }
    }

    public boolean a(X509Certificate x509Certificate) {
        String str;
        String str2;
        if (this.i == null) {
            mobi.droidcloud.h.e.d(f1487a, "Hashing algorithm can't be null", new Object[0]);
            return false;
        }
        if (this.i.equals("SHA-1")) {
            str = "SHA1";
        } else if (this.i.equals("SHA-256")) {
            str = "SHA256";
        } else if (this.i.equals("SHA-384")) {
            str = "SHA384";
        } else {
            if (!this.i.equals("SHA-512")) {
                mobi.droidcloud.h.e.d(f1487a, "Unknown Hashing algorithm = %s", this.i);
                return false;
            }
            str = "SHA512";
        }
        if (this.d == null) {
            mobi.droidcloud.h.e.d(f1487a, "Signature can't be null", new Object[0]);
            return false;
        }
        byte[] i = i();
        if (i == null) {
            mobi.droidcloud.h.e.d(f1487a, "failed to get bytes to verify", new Object[0]);
            return false;
        }
        try {
            if (x509Certificate.getPublicKey().getAlgorithm().equals("RSA")) {
                str2 = str + "withRSA";
            } else if (x509Certificate.getPublicKey().getAlgorithm().equals("EC")) {
                str2 = str + "withECDSA";
            } else {
                if (!x509Certificate.getPublicKey().getAlgorithm().equals("DSA")) {
                    mobi.droidcloud.h.e.d(f1487a, "Unsupported public key type: %s", x509Certificate.getPublicKey().getAlgorithm());
                    return false;
                }
                str2 = str + "withDSA";
            }
            Signature signature = Signature.getInstance(str2);
            try {
                signature.initVerify(x509Certificate);
                try {
                    signature.update(i);
                    try {
                        boolean verify = signature.verify(this.d);
                        if (verify) {
                            return verify;
                        }
                        mobi.droidcloud.h.e.d(f1487a, "Invalid signature for %s", x509Certificate.getSubjectDN());
                        return verify;
                    } catch (SignatureException e) {
                        mobi.droidcloud.h.e.c(f1487a, e, "Invalid signature for %s", x509Certificate.getSubjectDN());
                        return false;
                    }
                } catch (SignatureException e2) {
                    mobi.droidcloud.h.e.c(f1487a, e2, "Invalid Signature for %s", x509Certificate.getSubjectDN());
                    return false;
                }
            } catch (InvalidKeyException e3) {
                mobi.droidcloud.h.e.c(f1487a, e3, "Invalid Key in the certificate for %s", x509Certificate.getSubjectDN());
                return false;
            }
        } catch (NoSuchAlgorithmException e4) {
            mobi.droidcloud.h.e.c(f1487a, e4, "Error getting signature algorithm", new Object[0]);
            return false;
        }
    }

    public boolean a(X509Certificate x509Certificate, String str, String str2, String str3) {
        if ((x509Certificate != null && !a(x509Certificate)) || !this.c.e.equals(str)) {
            return false;
        }
        if (str2 == null || !a(this.c.m, str2)) {
            return str3 == null || !b(str3, this.c.k);
        }
        mobi.droidcloud.h.e.b(f1487a, "Subjects don't match/verify: %s != %s", this.c.m, str2);
        return false;
    }

    public boolean b() {
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        if (currentTimeMillis <= this.c.h) {
            return false;
        }
        mobi.droidcloud.h.e.b(f1487a, "Token has expired: %d, %d", Long.valueOf(currentTimeMillis), Long.valueOf(this.c.h));
        return true;
    }

    public String c() {
        if (this.c != null) {
            return this.c.i;
        }
        return null;
    }

    public int d() {
        if (this.c != null) {
            return this.c.j;
        }
        return -1;
    }

    public String e() {
        if (this.c != null) {
            return this.c.m;
        }
        return null;
    }

    public String f() {
        if (this.c != null) {
            return this.c.q;
        }
        return null;
    }

    public String g() {
        throw new RuntimeException(f1487a + " toBase64 not implemented yet");
    }

    public String h() {
        return this.e != null ? this.e : g();
    }

    public String toString() {
        return h();
    }
}
