package com.trustonic.components.thpagent.agent;

import android.content.Context;
import android.util.Base64;
import com.trustonic.components.thpagent.R;
import com.trustonic.components.thpagent.api.tamanager.KnownParameterIds;
import com.trustonic.components.thpagent.api.tamanager.KnownPayloadIds;
import com.trustonic.components.thpagent.api.tamanager.TAManager;
import com.trustonic.components.thpagent.exception.NotPermittedException;
import com.trustonic.components.thpagent.exception.OutcomeException;
import com.trustonic.components.thpagent.exception.SDKException;
import com.trustonic.utils.CertificateSplitter;
import com.trustonic.utils.HexUtils;
import com.trustonic.utils.IOUtils;
import com.trustonic.utils.httpclient.AndroidHttpClient;
import com.trustonic.utils.httpclient.HttpException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes5.dex */
public class NoBundleTAManager implements TAManager {
    private final String ERROR_MESSAGE_DEV_CERT_RETRIEVAL_FAILURE = "Unable to retrieve certificate chain from %s for device with SUID %s and certPath %s";
    private final ConnectionParameters authTokenServiceConnectionParameters;
    private final AndroidHttpClient client;
    private final Configuration configuration;
    private final Context ctx;
    private final ConnectionParameters devCertRepoConnectionParameters;
    private final Logger log;

    /* JADX INFO: Access modifiers changed from: package-private */
    public NoBundleTAManager(Configuration configuration, Context context, AndroidHttpClient androidHttpClient, ConnectionParameters connectionParameters, ConnectionParameters connectionParameters2) {
        this.configuration = configuration;
        this.log = new Logger(configuration.getLogLevel(), "NOBUNDLE_TA_MANAGER", configuration.getUseCase());
        this.ctx = context;
        this.client = androidHttpClient;
        this.authTokenServiceConnectionParameters = connectionParameters;
        this.devCertRepoConnectionParameters = connectionParameters2;
    }

    private String buildMessage(String str, String str2, String str3) {
        if (str2 == null) {
            str2 = "<unknown>";
        }
        if (str3 == null) {
            str3 = "<unknown>";
        }
        StringBuilder sb = new StringBuilder(String.format(this.ERROR_MESSAGE_DEV_CERT_RETRIEVAL_FAILURE, this.devCertRepoConnectionParameters.getBaseURL(), str2, str3));
        if (str == null) {
            return sb.toString();
        }
        sb.append(": ");
        sb.append(str);
        return sb.toString();
    }

    private List<byte[]> getAuthToken(Map<String, String> map) throws IOException, NotPermittedException, SDKException {
        try {
            JSONArray jSONArray = new JSONObject(new String(new OnlineHelper(new OnlineParameters().setSuid(HexUtils.toHexString(Base64.decode(map.get(KnownParameterIds.DEVICE_SUID), 2))).setKinibiVersionString(map.get(KnownParameterIds.KINIBI_VERSION)), this.ctx, this.configuration, OnlineUseCases.GET_AUTHTOKEN, this.authTokenServiceConnectionParameters, this.client).getCommand(), Charset.forName("UTF-8"))).getJSONArray("authtoken");
            if (jSONArray != null && jSONArray.length() != 0) {
                if (this.log.isLoggable(LogLevel.TRACE)) {
                    this.log.trace("t-dir returned a json array with %d elements", Integer.valueOf(jSONArray.length()));
                }
                ArrayList arrayList = new ArrayList(jSONArray.length());
                for (int i = 0; i < jSONArray.length(); i++) {
                    if (!jSONArray.isNull(i)) {
                        String string = jSONArray.getString(i);
                        if (this.log.isLoggable(LogLevel.TRACE)) {
                            this.log.trace("trying to decode %s", jSONArray.getString(i));
                        }
                        try {
                            byte[] decode = Base64.decode(string, 0);
                            if (decode != null && decode.length > 0) {
                                arrayList.add(decode);
                            } else if (this.log.isLoggable(LogLevel.TRACE)) {
                                this.log.trace("decoding %s resulted in a null byte[]: is it valid Base64?", string);
                            }
                        } catch (Exception unused) {
                            if (this.log.isLoggable(LogLevel.TRACE)) {
                                this.log.trace("unable to decode base64. moving to the next if available", new Object[0]);
                            }
                        }
                    }
                }
                if (arrayList.size() == 0) {
                    return null;
                }
                return arrayList;
            }
            if (this.log.isLoggable(LogLevel.TRACE)) {
                this.log.trace("the list of ATs is null or empty", new Object[0]);
            }
            return null;
        } catch (JSONException e) {
            throw new SDKException("the authtoken(s) returned by the server could not be parsed", e);
        }
    }

    private List<byte[]> getByteArrayResource(Context context, int i, String str) throws OutcomeException {
        InputStream inputStream = null;
        try {
            try {
                inputStream = context.getResources().openRawResource(i);
                ArrayList arrayList = new ArrayList();
                arrayList.add(IOUtils.inputStreamToByteArray(inputStream));
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException unused) {
                    }
                }
                return arrayList;
            } catch (IOException e) {
                this.log.error("error getting %s from THPAgent: %s", str, e.getMessage());
                SDKException sDKException = new SDKException("unable to load native binaries from THPAgent");
                throw new OutcomeException(sDKException, sDKException.getMessage());
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException unused2) {
                }
            }
            throw th;
        }
    }

    private List<byte[]> getDeviceCertificate(Map<String, String> map) throws IOException {
        String hexString = HexUtils.toHexString(Base64.decode(map.get(KnownParameterIds.DEVICE_SUID), 0));
        String str = map.get(KnownParameterIds.CERTIFICATE_PATH);
        CertificateSplitter certificateSplitter = new CertificateSplitter();
        try {
            return new DeviceCertChainRetriever(str, hexString, this.client, this.devCertRepoConnectionParameters, certificateSplitter, this.log).getCertChainForDevice();
        } catch (HttpException e) {
            if (404 != e.getHttpCode()) {
                throw new IOException(buildMessage(e.getMessage(), hexString, str), e);
            }
            try {
                return new DeviceCertChainRetriever(str, hexString, this.client, new ConnectionParameters().setBaseURL("http://se.cgbe-test.trustonic.com"), certificateSplitter, this.log).getCertChainForDevice();
            } catch (IOException e2) {
                throw new IOException(buildMessage(e.getMessage(), hexString, str), e2);
            } catch (KeyManagementException e3) {
                throw new IOException(buildMessage(e.getMessage(), hexString, str), e3);
            } catch (KeyStoreException e4) {
                throw new IOException(buildMessage(e.getMessage(), hexString, str), e4);
            } catch (CertificateException e5) {
                throw new IOException(buildMessage(e.getMessage(), hexString, str), e5);
            }
        } catch (IOException e6) {
            throw new IOException(buildMessage(e6.getMessage(), hexString, str), e6);
        } catch (KeyManagementException e7) {
            throw new IOException(buildMessage(e7.getMessage(), hexString, str), e7);
        } catch (KeyStoreException e8) {
            throw new IOException(buildMessage(e8.getMessage(), hexString, str), e8);
        } catch (CertificateException e9) {
            throw new IOException(buildMessage(e9.getMessage(), hexString, str), e9);
        }
    }

    @Override // com.trustonic.components.thpagent.api.tamanager.TAManager
    public List<byte[]> getPayload(String str, Map<String, String> map) throws Exception {
        if (KnownPayloadIds.GET_TEE_DEFINITION.equals(str)) {
            ArrayList arrayList = new ArrayList(1);
            arrayList.add(HexUtils.toByteArray("771202021600300C0201016007020216007F6100"));
            return arrayList;
        }
        if (KnownPayloadIds.GET_AUTHTOKEN.equals(str)) {
            return getAuthToken(map);
        }
        if (KnownPayloadIds.BINARY_SDTA.equals(str)) {
            return getByteArrayResource(this.ctx, R.raw.sdta, "sdta");
        }
        if (KnownPayloadIds.BINARY_LTA.equals(str)) {
            return getByteArrayResource(this.ctx, R.raw.lta, "lta");
        }
        if (KnownPayloadIds.BINARY_GETAT.equals(str)) {
            return getByteArrayResource(this.ctx, R.raw.mwgetat, "mwgetat");
        }
        if (KnownPayloadIds.DEVICE_CERTIFICATE.equals(str)) {
            return getDeviceCertificate(map);
        }
        return null;
    }
}
