package ru.yoomoney.sdk.yoopinning;

import android.content.Context;
import com.json.n4;
import io.appmetrica.analytics.coreutils.internal.StringUtils;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.List;
import javax.crypto.SecretKey;
import kotlin.Lazy;
import kotlin.LazyKt__LazyJVMKt;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.Unit;
import kotlin.collections.CollectionsKt__CollectionsKt;
import kotlin.collections.CollectionsKt___CollectionsKt;
import kotlin.io.CloseableKt;
import kotlin.io.TextStreamsKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import kotlin.text.StringsKt__StringsKt;
import kotlinx.coroutines.BuildersKt__Builders_commonKt;
import kotlinx.coroutines.CompletableJob;
import kotlinx.coroutines.CoroutineDispatcher;
import kotlinx.coroutines.CoroutineScopeKt;
import kotlinx.coroutines.JobKt__JobKt;
import kotlinx.coroutines.flow.MutableStateFlow;
import kotlinx.coroutines.flow.StateFlowKt;
import okio.Segment;
import org.jetbrains.annotations.NotNull;
import org.jose4j.base64url.Base64Url;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.keys.AesKey;
import ru.yoomoney.sdk.yoopinning.KidType;
import ru.yoomoney.sdk.yoopinning.PinningException;

@Metadata(d1 = {"\u0000Z\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0010 \n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\u0002\n\u0002\b\b\b\u0000\u0018\u0000 12\u00020\u0001:\u00011B\u0015\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006J\t\u0010\u0013\u001a\u00020\u0014H\u0082 J\u0010\u0010\u0015\u001a\u00020\u00142\u0006\u0010\u0016\u001a\u00020\u0014H\u0002J\u0016\u0010\u0017\u001a\b\u0012\u0004\u0012\u00020\u00140\u00182\u0006\u0010\u0019\u001a\u00020\u0014H\u0002J\u000e\u0010\u001a\u001a\b\u0012\u0004\u0012\u00020\u00140\u0018H\u0002J\u0010\u0010\u001b\u001a\u00020\u001c2\u0006\u0010\u001d\u001a\u00020\u001eH\u0002J\b\u0010\u001f\u001a\u00020\u0014H\u0002J\u000e\u0010 \u001a\b\u0012\u0004\u0012\u00020\u00140\u0018H\u0002J\t\u0010!\u001a\u00020\u0014H\u0082 J0\u0010\"\u001a\b\u0012\u0004\u0012\u00020\u00140\u00182\u0006\u0010#\u001a\u00020\u00142\u0018\u0010$\u001a\u0014\u0012\u0004\u0012\u00020\u0014\u0012\n\u0012\b\u0012\u0004\u0012\u00020\u00140\u00180%H\u0002J\t\u0010&\u001a\u00020\u0014H\u0082 J\t\u0010'\u001a\u00020\u0014H\u0082 J\t\u0010(\u001a\u00020\u0014H\u0082 J\b\u0010)\u001a\u00020*H\u0016J$\u0010+\u001a\u00020*2\f\u0010,\u001a\b\u0012\u0004\u0012\u00020\u00140\u00182\f\u0010-\u001a\b\u0012\u0004\u0012\u00020\u00140\u0018H\u0002J\t\u0010.\u001a\u00020\u0014H\u0082 J\u0018\u0010/\u001a\u00020*2\u0006\u00100\u001a\u00020\u00142\u0006\u0010#\u001a\u00020\u0014H\u0002R!\u0010\u0007\u001a\b\u0012\u0004\u0012\u00020\t0\b8VX\u0096\u0084\u0002¢\u0006\f\n\u0004\b\f\u0010\r\u001a\u0004\b\n\u0010\u000bR\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u001b\u0010\u000e\u001a\u00020\u000f8BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\u0012\u0010\r\u001a\u0004\b\u0010\u0010\u0011¨\u00062"}, d2 = {"Lru/yoomoney/sdk/yoopinning/CertRepositoryImpl;", "Lru/yoomoney/sdk/yoopinning/CertRepository;", "context", "Landroid/content/Context;", "coroutineDispatcher", "Lkotlinx/coroutines/CoroutineDispatcher;", "(Landroid/content/Context;Lkotlinx/coroutines/CoroutineDispatcher;)V", "certificates", "Lkotlinx/coroutines/flow/MutableStateFlow;", "Lru/yoomoney/sdk/yoopinning/CertificatesLists;", "getCertificates", "()Lkotlinx/coroutines/flow/MutableStateFlow;", "certificates$delegate", "Lkotlin/Lazy;", "secretKey", "Lorg/jose4j/keys/AesKey;", "getSecretKey", "()Lorg/jose4j/keys/AesKey;", "secretKey$delegate", "blackEncryptedCerts", "", "checkSignature", "value", "decryptCerts", "", "encryptedCerts", "getBlackList", "getPublicKey", "Ljava/security/Key;", "kid", "Lru/yoomoney/sdk/yoopinning/KidType;", "getServerAnswer", "getWhiteList", "primaryKey", "readList", n4.c.f70707b, "decrypt", "Lkotlin/Function1;", "secondaryKey", "secretAppKey", "secretCertKey", "updateCertificates", "", "updateLists", "blackList", "whiteList", "whiteEncryptedCerts", "writeToFile", "data", "Companion", "yoopinning_release"}, k = 1, mv = {1, 5, 1}, xi = 48)
/* loaded from: classes7.dex */
public final class CertRepositoryImpl implements CertRepository {

    @NotNull
    private static final String BLACK_CERT_LIST = "black_cert_list";

    @NotNull
    private static final String BLACK_KEY_LIST = "black_key_list";

    @NotNull
    private static final String WHITE_CERT_LIST = "white_cert_list";

    /* renamed from: certificates$delegate, reason: from kotlin metadata */
    @NotNull
    private final Lazy certificates;

    @NotNull
    private final Context context;

    @NotNull
    private final CoroutineDispatcher coroutineDispatcher;

    /* renamed from: secretKey$delegate, reason: from kotlin metadata */
    @NotNull
    private final Lazy secretKey;

    @Metadata(k = 3, mv = {1, 5, 1}, xi = 48)
    /* loaded from: classes7.dex */
    public /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[KidType.values().length];
            iArr[KidType.PRIMARY.ordinal()] = 1;
            iArr[KidType.SECONDARY.ordinal()] = 2;
            $EnumSwitchMapping$0 = iArr;
        }
    }

    static {
        System.loadLibrary("native-keys-pinning-container");
    }

    public CertRepositoryImpl(@NotNull Context context, @NotNull CoroutineDispatcher coroutineDispatcher) {
        Lazy b2;
        Lazy b3;
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(coroutineDispatcher, "coroutineDispatcher");
        this.context = context;
        this.coroutineDispatcher = coroutineDispatcher;
        b2 = LazyKt__LazyJVMKt.b(new Function0<AesKey>() { // from class: ru.yoomoney.sdk.yoopinning.CertRepositoryImpl$secretKey$2
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            /* renamed from: b, reason: merged with bridge method [inline-methods] */
            public final AesKey invoke() {
                String secretAppKey;
                String secretCertKey;
                CryptUtils cryptUtils = CryptUtils.INSTANCE;
                secretAppKey = CertRepositoryImpl.this.secretAppKey();
                SecretKey decodeAppSecretKey$yoopinning_release = cryptUtils.decodeAppSecretKey$yoopinning_release(secretAppKey);
                secretCertKey = CertRepositoryImpl.this.secretCertKey();
                return new AesKey(Base64Url.g(cryptUtils.decryptCertSecretKey$yoopinning_release(decodeAppSecretKey$yoopinning_release, secretCertKey)));
            }
        });
        this.secretKey = b2;
        b3 = LazyKt__LazyJVMKt.b(new Function0<MutableStateFlow<CertificatesLists>>() { // from class: ru.yoomoney.sdk.yoopinning.CertRepositoryImpl$certificates$2
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            /* renamed from: b, reason: merged with bridge method [inline-methods] */
            public final MutableStateFlow invoke() {
                List whiteList;
                List blackList;
                whiteList = CertRepositoryImpl.this.getWhiteList();
                blackList = CertRepositoryImpl.this.getBlackList();
                return StateFlowKt.a(new CertificatesLists(whiteList, blackList));
            }
        });
        this.certificates = b3;
    }

    private final native String blackEncryptedCerts();

    /* JADX INFO: Access modifiers changed from: private */
    public final String checkSignature(String value) {
        JsonWebSignature jsonWebSignature = new JsonWebSignature();
        jsonWebSignature.q(value);
        KidType.Companion companion = KidType.INSTANCE;
        String j2 = jsonWebSignature.j();
        Intrinsics.checkNotNullExpressionValue(j2, "jws.keyIdHeaderValue");
        jsonWebSignature.v(getPublicKey(companion.fromString(j2)));
        if (!jsonWebSignature.L()) {
            throw PinningException.SignatureNotVerifyException.INSTANCE;
        }
        String C = jsonWebSignature.C();
        Intrinsics.checkNotNullExpressionValue(C, "jws.payload");
        return C;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final List<String> decryptCerts(String encryptedCerts) {
        List<String> K0;
        List<String> m2;
        if (encryptedCerts.length() == 0) {
            m2 = CollectionsKt__CollectionsKt.m();
            return m2;
        }
        K0 = StringsKt__StringsKt.K0(CryptUtils.INSTANCE.decrypt$yoopinning_release(encryptedCerts, getSecretKey()), new String[]{StringUtils.COMMA}, false, 0, 6, null);
        return K0;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final List<String> getBlackList() {
        List<String> m2;
        try {
            List<String> readList = readList(BLACK_CERT_LIST, new CertRepositoryImpl$getBlackList$cachedList$1(this));
            if (readList.isEmpty()) {
                readList = decryptCerts(blackEncryptedCerts());
            }
            return readList;
        } catch (Exception e2) {
            e2.printStackTrace();
            m2 = CollectionsKt__CollectionsKt.m();
            return m2;
        }
    }

    private final Key getPublicKey(KidType kid) {
        List n1;
        String C0;
        List<String> readList = readList(BLACK_KEY_LIST, new Function1<String, List<? extends String>>() { // from class: ru.yoomoney.sdk.yoopinning.CertRepositoryImpl$getPublicKey$blackKeyList$1
            @Override // kotlin.jvm.functions.Function1
            /* renamed from: b, reason: merged with bridge method [inline-methods] */
            public final List invoke(String data) {
                List K0;
                Intrinsics.checkNotNullParameter(data, "data");
                K0 = StringsKt__StringsKt.K0(data, new String[]{StringUtils.COMMA}, false, 0, 6, null);
                return K0;
            }
        });
        String primaryKey = primaryKey();
        int i2 = WhenMappings.$EnumSwitchMapping$0[kid.ordinal()];
        if (i2 != 1) {
            if (i2 != 2) {
                throw new NoWhenBranchMatchedException();
            }
            if (!readList.contains(CryptUtils.INSTANCE.decrypt$yoopinning_release(primaryKey, getSecretKey()))) {
                n1 = CollectionsKt___CollectionsKt.n1(readList);
                n1.add(primaryKey);
                Unit unit = Unit.f114124a;
                C0 = CollectionsKt___CollectionsKt.C0(n1, StringUtils.COMMA, null, null, 0, null, null, 62, null);
                writeToFile(C0, BLACK_KEY_LIST);
            }
            primaryKey = secondaryKey();
        }
        String decrypt$yoopinning_release = CryptUtils.INSTANCE.decrypt$yoopinning_release(primaryKey, getSecretKey());
        if (readList.contains(decrypt$yoopinning_release)) {
            throw PinningException.KeyInBlackListException.INSTANCE;
        }
        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64Url.g(decrypt$yoopinning_release)));
        Intrinsics.checkNotNullExpressionValue(generatePublic, "factory.generatePublic(pubKeySpec)");
        return generatePublic;
    }

    private final AesKey getSecretKey() {
        return (AesKey) this.secretKey.getValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final String getServerAnswer() {
        return new CertificateRequest(new ETagRepositoryImpl(this.context)).getCertificates(this.context);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final List<String> getWhiteList() {
        List<String> m2;
        try {
            List<String> readList = readList(WHITE_CERT_LIST, new CertRepositoryImpl$getWhiteList$cachedList$1(this));
            if (readList.isEmpty()) {
                readList = decryptCerts(whiteEncryptedCerts());
            }
            return readList;
        } catch (Exception e2) {
            e2.printStackTrace();
            m2 = CollectionsKt__CollectionsKt.m();
            return m2;
        }
    }

    private final native String primaryKey();

    private final List<String> readList(String fileName, Function1<? super String, ? extends List<String>> decrypt) {
        List<String> m2;
        List<String> m3;
        try {
            FileInputStream stream = this.context.openFileInput(fileName);
            try {
                Intrinsics.checkNotNullExpressionValue(stream, "stream");
                Reader inputStreamReader = new InputStreamReader(stream, Charsets.UTF_8);
                BufferedReader bufferedReader = inputStreamReader instanceof BufferedReader ? (BufferedReader) inputStreamReader : new BufferedReader(inputStreamReader, Segment.SIZE);
                try {
                    String f2 = TextStreamsKt.f(bufferedReader);
                    CloseableKt.a(bufferedReader, null);
                    List<String> list = (List) decrypt.invoke(f2);
                    CloseableKt.a(stream, null);
                    return list;
                } finally {
                }
            } finally {
            }
        } catch (FileNotFoundException unused) {
            m3 = CollectionsKt__CollectionsKt.m();
            return m3;
        } catch (Exception e2) {
            e2.printStackTrace();
            m2 = CollectionsKt__CollectionsKt.m();
            return m2;
        }
    }

    private final native String secondaryKey();

    /* JADX INFO: Access modifiers changed from: private */
    public final native String secretAppKey();

    /* JADX INFO: Access modifiers changed from: private */
    public final native String secretCertKey();

    /* JADX INFO: Access modifiers changed from: private */
    public final void updateLists(List<String> blackList, List<String> whiteList) {
        String C0;
        String C02;
        CryptUtils cryptUtils = CryptUtils.INSTANCE;
        C0 = CollectionsKt___CollectionsKt.C0(whiteList, StringUtils.COMMA, null, null, 0, null, null, 62, null);
        String encrypt$yoopinning_release = cryptUtils.encrypt$yoopinning_release(C0, getSecretKey());
        C02 = CollectionsKt___CollectionsKt.C0(blackList, StringUtils.COMMA, null, null, 0, null, null, 62, null);
        writeToFile(cryptUtils.encrypt$yoopinning_release(C02, getSecretKey()), BLACK_CERT_LIST);
        writeToFile(encrypt$yoopinning_release, WHITE_CERT_LIST);
    }

    private final native String whiteEncryptedCerts();

    private final void writeToFile(String data, String fileName) {
        FileOutputStream openFileOutput = this.context.openFileOutput(fileName, 0);
        try {
            Charset charset = Charsets.UTF_8;
            if (data == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = data.getBytes(charset);
            Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
            openFileOutput.write(bytes);
            Unit unit = Unit.f114124a;
            CloseableKt.a(openFileOutput, null);
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                CloseableKt.a(openFileOutput, th);
                throw th2;
            }
        }
    }

    @Override // ru.yoomoney.sdk.yoopinning.CertRepository
    @NotNull
    public MutableStateFlow<CertificatesLists> getCertificates() {
        return (MutableStateFlow) this.certificates.getValue();
    }

    @Override // ru.yoomoney.sdk.yoopinning.CertRepository
    public void updateCertificates() {
        CompletableJob b2;
        b2 = JobKt__JobKt.b(null, 1, null);
        BuildersKt__Builders_commonKt.d(CoroutineScopeKt.a(b2), null, null, new CertRepositoryImpl$updateCertificates$1(this, null), 3, null);
    }
}
