package org.whispersystems.signalservice.internal.push;

import java.io.IOException;
import java.security.KeyStore;
import java.security.SignatureException;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.apache.http.client.methods.HttpPutHC4;
import org.whispersystems.curve25519.Curve25519;
import org.whispersystems.curve25519.Curve25519KeyPair;
import org.whispersystems.libsignal.util.Pair;
import org.whispersystems.signalservice.api.crypto.InvalidCiphertextException;
import org.whispersystems.signalservice.api.push.exceptions.NonSuccessfulResponseCodeException;
import org.whispersystems.signalservice.internal.contacts.crypto.Quote;
import org.whispersystems.signalservice.internal.contacts.crypto.RemoteAttestation;
import org.whispersystems.signalservice.internal.contacts.crypto.RemoteAttestationCipher;
import org.whispersystems.signalservice.internal.contacts.crypto.RemoteAttestationKeys;
import org.whispersystems.signalservice.internal.contacts.crypto.UnauthenticatedQuoteException;
import org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationRequest;
import org.whispersystems.signalservice.internal.contacts.entities.RemoteAttestationResponse;
import org.whispersystems.signalservice.internal.push.PushServiceSocket;
import org.whispersystems.signalservice.internal.util.JsonUtil;

/* loaded from: classes3.dex */
public final class RemoteAttestationUtil {
    private RemoteAttestationUtil() {
    }

    public static RemoteAttestation getAndVerifyRemoteAttestation(PushServiceSocket pushServiceSocket, PushServiceSocket.ClientSet clientSet, KeyStore keyStore, String str, String str2, String str3) throws IOException, Quote.InvalidQuoteFormatException, InvalidCiphertextException, UnauthenticatedQuoteException, SignatureException {
        Curve25519KeyPair generateKeyPair = Curve25519.getInstance(Curve25519.BEST).generateKeyPair();
        Pair<RemoteAttestationResponse, List<String>> remoteAttestation = getRemoteAttestation(pushServiceSocket, clientSet, str3, new RemoteAttestationRequest(generateKeyPair.getPublicKey()), str);
        RemoteAttestationResponse first = remoteAttestation.first();
        List<String> second = remoteAttestation.second();
        RemoteAttestationKeys remoteAttestationKeys = new RemoteAttestationKeys(generateKeyPair, first.getServerEphemeralPublic(), first.getServerStaticPublic());
        Quote quote = new Quote(first.getQuote());
        byte[] requestId = RemoteAttestationCipher.getRequestId(remoteAttestationKeys, first);
        RemoteAttestationCipher.verifyServerQuote(quote, first.getServerStaticPublic(), str2);
        RemoteAttestationCipher.verifyIasSignature(keyStore, first.getCertificates(), first.getSignatureBody(), first.getSignature(), quote);
        return new RemoteAttestation(requestId, remoteAttestationKeys, second);
    }

    private static Pair<RemoteAttestationResponse, List<String>> getRemoteAttestation(PushServiceSocket pushServiceSocket, PushServiceSocket.ClientSet clientSet, String str, RemoteAttestationRequest remoteAttestationRequest, String str2) throws IOException {
        Response makeRequest = pushServiceSocket.makeRequest(clientSet, str, new LinkedList(), "/v1/attestation/" + str2, HttpPutHC4.METHOD_NAME, JsonUtil.toJson(remoteAttestationRequest));
        ResponseBody body = makeRequest.body();
        List<String> headers = makeRequest.headers("Set-Cookie");
        LinkedList linkedList = new LinkedList();
        Iterator<String> it = headers.iterator();
        while (it.hasNext()) {
            linkedList.add(it.next().split(";")[0]);
        }
        if (body != null) {
            return new Pair<>(JsonUtil.fromJson(body.string(), RemoteAttestationResponse.class), linkedList);
        }
        throw new NonSuccessfulResponseCodeException("Empty response!");
    }
}
