package lv.euso.mobileeid.device.service.registration;

import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import java.net.URL;
import java.security.KeyPair;
import java.util.AbstractMap;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import lv.euso.mobileeid.MobileEidConstants;
import lv.euso.mobileeid.device.card.RegisteredSignatureDevice;
import lv.euso.mobileeid.device.card.TokenCertificate;
import lv.euso.mobileeid.device.card.TokenInfo;
import lv.euso.mobileeid.device.service.HttpTransport;
import lv.euso.mobileeid.device.service.registration.SignatureServiceRegistration;
import lv.euso.mobileeid.service.pojo.SigningTaskRequest;
import lv.euso.mobileeid.service.pojo.SigningTaskResult;
import lv.euso.mobileeid.service.registration.DeviceRegistrationEndpoint;
import lv.euso.mobileeid.service.registration.pojo.RegistrationChallengeResponse;
import lv.euso.mobileeid.service.registration.pojo.RegistrationChallengeResponseRequest;
import lv.euso.mobileeid.service.registration.pojo.RegistrationRequest;
import lv.euso.mobileeid.util.ByteUtil;
import lv.euso.mobileeid.util.JWTUtil;
import lv.euso.mobileeid.util.Serializer;
import org.bouncycastle.cms.CMSAttributeTableGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes3.dex */
public class NativeSignatureServiceRegistration extends SignatureServiceRegistration {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) NativeSignatureServiceRegistration.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lv.euso.mobileeid.device.service.registration.NativeSignatureServiceRegistration$1, reason: invalid class name */
    /* loaded from: classes3.dex */
    public class AnonymousClass1 implements HttpTransport.HttpTransportResponseHandler {
        final /* synthetic */ SignatureServiceRegistration.RegistrationHandler val$handler;
        final /* synthetic */ KeyPair val$keyPair;
        final /* synthetic */ String val$registrationUri;
        final /* synthetic */ RegistrationRequest val$request;
        final /* synthetic */ TokenInfo val$tokenInfo;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* renamed from: lv.euso.mobileeid.device.service.registration.NativeSignatureServiceRegistration$1$1, reason: invalid class name and collision with other inner class name */
        /* loaded from: classes3.dex */
        public class C00461 implements SignatureServiceRegistration.PlatformDependentTasks.ResultHandler<SigningTaskResult> {
            final /* synthetic */ RegistrationChallengeResponse val$challenge;
            final /* synthetic */ String val$digestKey;
            final /* synthetic */ RegistrationChallengeResponseRequest val$registrationRequest;

            C00461(RegistrationChallengeResponseRequest registrationChallengeResponseRequest, String str, RegistrationChallengeResponse registrationChallengeResponse) {
                this.val$registrationRequest = registrationChallengeResponseRequest;
                this.val$digestKey = str;
                this.val$challenge = registrationChallengeResponse;
            }

            @Override // lv.euso.mobileeid.device.service.registration.SignatureServiceRegistration.PlatformDependentTasks.ResultHandler
            public void handleResult(SigningTaskResult signingTaskResult) {
                int i = AnonymousClass2.$SwitchMap$lv$euso$mobileeid$service$pojo$SigningTaskResult$Status[signingTaskResult.getStatus().ordinal()];
                if (i == 1) {
                    this.val$registrationRequest.setResponseAuth(signingTaskResult.getSignatures().get(this.val$digestKey));
                } else {
                    if (i == 2) {
                        AnonymousClass1.this.val$handler.registrationCanceled();
                        return;
                    }
                    AnonymousClass1.this.val$handler.registrationError(new Exception(signingTaskResult.getError()));
                }
                AnonymousClass1.this.val$handler.calculateSignature(new SigningTaskRequest(null, AnonymousClass1.this.val$tokenInfo.getCert(this.val$challenge.getSignCertId()).getId(), "", "pop_sign_key", Collections.singletonMap(this.val$digestKey, this.val$registrationRequest.getChallenge()), "", true, true), new SignatureServiceRegistration.PlatformDependentTasks.ResultHandler<SigningTaskResult>() { // from class: lv.euso.mobileeid.device.service.registration.NativeSignatureServiceRegistration.1.1.1
                    @Override // lv.euso.mobileeid.device.service.registration.SignatureServiceRegistration.PlatformDependentTasks.ResultHandler
                    public void handleResult(SigningTaskResult signingTaskResult2) {
                        int i2 = AnonymousClass2.$SwitchMap$lv$euso$mobileeid$service$pojo$SigningTaskResult$Status[signingTaskResult2.getStatus().ordinal()];
                        if (i2 != 1) {
                            if (i2 != 2) {
                                AnonymousClass1.this.val$handler.registrationError(new Exception(signingTaskResult2.getError()));
                                return;
                            } else {
                                AnonymousClass1.this.val$handler.registrationCanceled();
                                return;
                            }
                        }
                        C00461.this.val$registrationRequest.setResponseSign(signingTaskResult2.getSignatures().get(C00461.this.val$digestKey));
                        String json = Serializer.toJson(C00461.this.val$registrationRequest);
                        NativeSignatureServiceRegistration.this.httpTransport.execute(DeviceRegistrationEndpoint.getRegistrationURI(ByteUtil.toHexString(C00461.this.val$registrationRequest.getChallenge())), HttpTransport.METHOD_POST, HttpTransport.CONTENT_TYPE_JSON, JWTUtil.createNativeDeviceBearer(Keys.hmacShaKeyFor(DeviceRegistrationEndpoint.registrationSecret), null, null), json, new HttpTransport.HttpTransportResponseHandler() { // from class: lv.euso.mobileeid.device.service.registration.NativeSignatureServiceRegistration.1.1.1.1
                            @Override // lv.euso.mobileeid.device.service.HttpTransport.HttpTransportResponseHandler
                            public void error(Exception exc) {
                                AnonymousClass1.this.val$handler.registrationError(exc);
                            }

                            @Override // lv.euso.mobileeid.device.service.HttpTransport.HttpTransportResponseHandler
                            public void handle(HttpTransport.HttpTransportResponse httpTransportResponse) {
                                if (httpTransportResponse.code != 201) {
                                    error(new Exception("Unexpected response code: " + httpTransportResponse.code));
                                    return;
                                }
                                RegisteredSignatureDevice registeredSignatureDevice = new RegisteredSignatureDevice(httpTransportResponse.headers.get("Location"), AnonymousClass1.this.val$tokenInfo);
                                registeredSignatureDevice.setPublicKey(AnonymousClass1.this.val$request.getProxyPublicKey());
                                registeredSignatureDevice.setPrivateKey(AnonymousClass1.this.val$keyPair.getPrivate().getEncoded());
                                AnonymousClass1.this.val$handler.deviceRegistered(registeredSignatureDevice);
                            }
                        });
                    }
                });
            }
        }

        AnonymousClass1(TokenInfo tokenInfo, String str, SignatureServiceRegistration.RegistrationHandler registrationHandler, RegistrationRequest registrationRequest, KeyPair keyPair) {
            this.val$tokenInfo = tokenInfo;
            this.val$registrationUri = str;
            this.val$handler = registrationHandler;
            this.val$request = registrationRequest;
            this.val$keyPair = keyPair;
        }

        @Override // lv.euso.mobileeid.device.service.HttpTransport.HttpTransportResponseHandler
        public void error(Exception exc) {
            this.val$handler.registrationError(exc);
        }

        @Override // lv.euso.mobileeid.device.service.HttpTransport.HttpTransportResponseHandler
        public void handle(HttpTransport.HttpTransportResponse httpTransportResponse) {
            if (httpTransportResponse.code != 200) {
                error(new Exception("Unexpected response code: " + httpTransportResponse.code));
                return;
            }
            try {
                RegistrationChallengeResponse registrationChallengeResponse = (RegistrationChallengeResponse) Serializer.fromJson(httpTransportResponse.content, RegistrationChallengeResponse.class);
                RegistrationChallengeResponseRequest registrationChallengeResponseRequest = new RegistrationChallengeResponseRequest();
                registrationChallengeResponseRequest.setChallenge(registrationChallengeResponse.getChallenge());
                this.val$handler.calculateSignature(new SigningTaskRequest(null, this.val$tokenInfo.getCert(registrationChallengeResponse.getAuthCertId()).getId(), new URL(this.val$registrationUri).getHost(), "pop_auth_key", Collections.singletonMap(CMSAttributeTableGenerator.DIGEST, registrationChallengeResponseRequest.getChallenge()), "", true, false), new C00461(registrationChallengeResponseRequest, CMSAttributeTableGenerator.DIGEST, registrationChallengeResponse));
            } catch (Exception e) {
                error(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lv.euso.mobileeid.device.service.registration.NativeSignatureServiceRegistration$2, reason: invalid class name */
    /* loaded from: classes3.dex */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$lv$euso$mobileeid$service$pojo$SigningTaskResult$Status;

        static {
            int[] iArr = new int[SigningTaskResult.Status.values().length];
            $SwitchMap$lv$euso$mobileeid$service$pojo$SigningTaskResult$Status = iArr;
            try {
                iArr[SigningTaskResult.Status.ok.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$lv$euso$mobileeid$service$pojo$SigningTaskResult$Status[SigningTaskResult.Status.user_refused.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public NativeSignatureServiceRegistration(HttpTransport httpTransport, Map<String, String> map) {
        super(httpTransport, map);
        DeviceRegistrationEndpoint.init(map.get(SignatureServiceRegistration.KEY_REGISTRATION_URL));
    }

    @Override // lv.euso.mobileeid.device.service.registration.SignatureServiceRegistration
    public void register(TokenInfo tokenInfo, SignatureServiceRegistration.RegistrationHandler registrationHandler) {
        try {
            MobileEidConstants.ProxyOS valueOf = MobileEidConstants.ProxyOS.valueOf(this.configuration.get(SignatureServiceRegistration.KEY_PROXY_OS));
            KeyPair keyPairFor = Keys.keyPairFor(SignatureAlgorithm.ES256);
            TokenCertificate authCert = tokenInfo.getAuthCert();
            AbstractMap.SimpleImmutableEntry simpleImmutableEntry = new AbstractMap.SimpleImmutableEntry(authCert.getId(), authCert.getCertEncoded());
            TokenCertificate signCert = tokenInfo.getSignCert();
            AbstractMap.SimpleImmutableEntry simpleImmutableEntry2 = new AbstractMap.SimpleImmutableEntry(signCert.getId(), signCert.getCertEncoded());
            HashMap hashMap = new HashMap();
            String[] strArr = {MobileEidConstants.KEY_PROXY_SUBSCRIBER, MobileEidConstants.KEY_PROXY_ENVIRONMENT};
            for (int i = 0; i < 2; i++) {
                String str = strArr[i];
                if (this.configuration.containsKey(str)) {
                    hashMap.put(str, this.configuration.get(str));
                }
            }
            RegistrationRequest registrationRequest = new RegistrationRequest(valueOf, keyPairFor.getPublic(), simpleImmutableEntry, simpleImmutableEntry2, hashMap);
            String registrationURI = DeviceRegistrationEndpoint.getRegistrationURI();
            this.httpTransport.execute(registrationURI, HttpTransport.METHOD_POST, HttpTransport.CONTENT_TYPE_JSON, JWTUtil.createNativeDeviceBearer(Keys.hmacShaKeyFor(DeviceRegistrationEndpoint.registrationSecret), null, null), Serializer.toJson(registrationRequest), new AnonymousClass1(tokenInfo, registrationURI, registrationHandler, registrationRequest, keyPairFor));
        } catch (Exception e) {
            registrationHandler.registrationError(e);
        }
    }
}
