package com.stripe.android.stripe3ds2.transaction;

import android.app.Activity;
import android.app.ProgressDialog;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jose.JWEObject;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.JWSVerifier;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.DirectEncrypter;
import com.nimbusds.jose.crypto.RSAEncrypter;
import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton;
import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory;
import com.nimbusds.jose.jca.JCAContext;
import com.nimbusds.jose.jwk.Curve;
import com.nimbusds.jose.jwk.ECKey;
import com.nimbusds.jose.jwk.KeyUse;
import com.nimbusds.jose.util.Base64;
import com.nimbusds.jose.util.X509CertUtils;
import com.nimbusds.jwt.JWTClaimsSet;
import com.stripe.android.stripe3ds2.exceptions.InvalidInputException;
import com.stripe.android.stripe3ds2.exceptions.SDKRuntimeException;
import com.stripe.android.stripe3ds2.init.Warning;
import com.stripe.android.stripe3ds2.init.ui.StripeUiCustomization;
import com.stripe.android.stripe3ds2.security.DiffieHellmanKeyGenerator;
import com.stripe.android.stripe3ds2.security.JweEcEncrypter;
import com.stripe.android.stripe3ds2.security.JweEncrypter;
import com.stripe.android.stripe3ds2.security.MessageTransformer;
import com.stripe.android.stripe3ds2.transaction.JwsValidator;
import com.stripe.android.stripe3ds2.transaction.StripeChallengeRequestExecutor;
import com.stripe.android.stripe3ds2.transaction.d;
import com.stripe.android.stripe3ds2.transactions.ChallengeResponseData;
import com.stripe.android.stripe3ds2.transactions.a;
import com.stripe.android.stripe3ds2.views.ProgressViewFactory;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeUnit;
import javax.crypto.SecretKey;
import kotlin.TypeCastException;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.Intrinsics;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes19.dex */
public final class r implements Transaction {
    private final b a;
    private final ProgressViewFactory b;
    private final h c;
    private final MessageVersionRegistry d;
    private final String e;
    private final JwsValidator f;
    private final m g;
    private final String h;
    private final PublicKey i;
    private final String j;
    private final String k;
    private final KeyPair l;
    private final boolean m;
    private final List<X509Certificate> n;
    private final MessageTransformer o;
    private final StripeUiCustomization p;
    private final ProgressViewFactory.a q;
    private String r;

    /* JADX INFO: Access modifiers changed from: package-private */
    public r(b bVar, ProgressViewFactory progressViewFactory, h hVar, MessageVersionRegistry messageVersionRegistry, String str, JwsValidator jwsValidator, m mVar, String str2, PublicKey publicKey, String str3, String str4, KeyPair keyPair, boolean z, List<X509Certificate> list, MessageTransformer messageTransformer, StripeUiCustomization stripeUiCustomization, ProgressViewFactory.a aVar) {
        this.a = bVar;
        this.b = progressViewFactory;
        this.c = hVar;
        this.d = messageVersionRegistry;
        this.e = str;
        this.f = jwsValidator;
        this.g = mVar;
        this.h = str2;
        this.i = publicKey;
        this.j = str3;
        this.k = str4;
        this.l = keyPair;
        this.m = z;
        this.n = list;
        this.o = messageTransformer;
        this.p = stripeUiCustomization;
        this.q = aVar;
    }

    static /* synthetic */ void a(r rVar, Activity activity, com.stripe.android.stripe3ds2.transactions.a aVar, ChallengeResponseData challengeResponseData, StripeUiCustomization stripeUiCustomization, d.a aVar2) {
        rVar.r = challengeResponseData.uiType != null ? challengeResponseData.uiType.f : null;
        g.a(activity, aVar, challengeResponseData, stripeUiCustomization, aVar2).a();
    }

    @Override // com.stripe.android.stripe3ds2.transaction.Transaction
    public final void close() {
    }

    @Override // com.stripe.android.stripe3ds2.transaction.Transaction
    public final void doChallenge(final Activity activity, ChallengeParameters challengeParameters, final ChallengeStatusReceiver challengeStatusReceiver, int i) throws InvalidInputException {
        boolean verify;
        try {
            if (i < 5) {
                throw new InvalidInputException(new RuntimeException("Timeout must be at least 5 minutes"));
            }
            this.c.a.put(this.k, challengeStatusReceiver);
            String jws = challengeParameters.getAcsSignedContent();
            boolean z = this.m;
            List<X509Certificate> rootCerts = this.n;
            Intrinsics.checkParameterIsNotNull(jws, "jws");
            Intrinsics.checkParameterIsNotNull(rootCerts, "rootCerts");
            JWSObject jwsObject = JWSObject.parse(jws);
            if (z) {
                Intrinsics.checkExpressionValueIsNotNull(jwsObject, "jwsObject");
                JWSHeader jwsHeader = jwsObject.getHeader();
                JwsValidator.a aVar = JwsValidator.a;
                Intrinsics.checkExpressionValueIsNotNull(jwsHeader, "jwsHeader");
                if (JwsValidator.a.a(jwsHeader.getX509CertChain(), rootCerts)) {
                    DefaultJWSVerifierFactory defaultJWSVerifierFactory = new DefaultJWSVerifierFactory();
                    JCAContext jCAContext = defaultJWSVerifierFactory.getJCAContext();
                    Intrinsics.checkExpressionValueIsNotNull(jCAContext, "verifierFactory.jcaContext");
                    jCAContext.setProvider(BouncyCastleProviderSingleton.getInstance());
                    List x509CertChain = jwsHeader.getX509CertChain();
                    Intrinsics.checkExpressionValueIsNotNull(x509CertChain, "jwsHeader.x509CertChain");
                    X509Certificate parseWithException = X509CertUtils.parseWithException(((Base64) CollectionsKt.first(x509CertChain)).decode());
                    Intrinsics.checkExpressionValueIsNotNull(parseWithException, "X509CertUtils.parseWithE…irst().decode()\n        )");
                    PublicKey publicKey = parseWithException.getPublicKey();
                    Intrinsics.checkExpressionValueIsNotNull(publicKey, "X509CertUtils.parseWithE…ode()\n        ).publicKey");
                    JWSVerifier createJWSVerifier = defaultJWSVerifierFactory.createJWSVerifier(jwsHeader, publicKey);
                    Intrinsics.checkExpressionValueIsNotNull(createJWSVerifier, "verifierFactory.createJW…KeyFromHeader(jwsHeader))");
                    verify = jwsObject.verify(createJWSVerifier);
                } else {
                    verify = false;
                }
                if (!verify) {
                    throw new IllegalStateException("Could not validate JWS");
                }
            }
            Intrinsics.checkExpressionValueIsNotNull(jwsObject, "jwsObject");
            AcsData a = AcsData.a(new JSONObject(jwsObject.getPayload().toString()));
            String str = challengeParameters.get3DSServerTransactionID();
            String acsTransactionID = challengeParameters.getAcsTransactionID();
            a.C0022a c0022a = new a.C0022a();
            c0022a.b = acsTransactionID;
            c0022a.a = str;
            c0022a.j = this.k;
            c0022a.g = this.d.getCurrent();
            com.stripe.android.stripe3ds2.transactions.a a2 = c0022a.a();
            String str2 = a.a;
            final p pVar = new p(str2);
            final u uVar = new u(challengeStatusReceiver, i, pVar, a2, v.a());
            uVar.g.a.put(uVar.f.j, uVar);
            uVar.b.postDelayed(uVar.c, TimeUnit.MINUTES.toMillis(uVar.a));
            final d.a aVar2 = new d.a(this.o, this.e, this.l.getPrivate().getEncoded(), a.b.getEncoded(), str2, a2);
            new StripeChallengeRequestExecutor.c().a(aVar2).a(a2, new d.c() { // from class: com.stripe.android.stripe3ds2.transaction.r.1
                @Override // com.stripe.android.stripe3ds2.transaction.d.c
                public final void a(com.stripe.android.stripe3ds2.transactions.a aVar3, ChallengeResponseData challengeResponseData) {
                    r rVar = r.this;
                    r.a(rVar, activity, aVar3, challengeResponseData, rVar.p, aVar2);
                }

                @Override // com.stripe.android.stripe3ds2.transaction.d.c
                public final void a(com.stripe.android.stripe3ds2.transactions.c cVar) {
                    uVar.a();
                    pVar.a(cVar);
                    challengeStatusReceiver.protocolError(r.this.g.a(cVar));
                }

                @Override // com.stripe.android.stripe3ds2.transaction.d.c
                public final void a(Exception exc) {
                    challengeStatusReceiver.runtimeError(q.a(exc));
                }

                @Override // com.stripe.android.stripe3ds2.transaction.d.c
                public final void b(com.stripe.android.stripe3ds2.transactions.c cVar) {
                    uVar.a();
                    pVar.a(cVar);
                    challengeStatusReceiver.runtimeError(q.a(cVar));
                }
            });
        } catch (Exception e) {
            challengeStatusReceiver.runtimeError(q.a(e));
        }
    }

    @Override // com.stripe.android.stripe3ds2.transaction.Transaction
    public final AuthenticationRequestParameters getAuthenticationRequestParameters() {
        return new AuthenticationRequestParameters() { // from class: com.stripe.android.stripe3ds2.transaction.b.1
            final /* synthetic */ PublicKey a;
            final /* synthetic */ String b;
            final /* synthetic */ String c;
            final /* synthetic */ String d;
            final /* synthetic */ PublicKey e;

            public AnonymousClass1(PublicKey publicKey, String str, String str2, String str3, PublicKey publicKey2) {
                r2 = publicKey;
                r3 = str;
                r4 = str2;
                r5 = str3;
                r6 = publicKey2;
            }

            @Override // com.stripe.android.stripe3ds2.transaction.AuthenticationRequestParameters
            public final String getDeviceData() {
                try {
                    JweEncrypter jweEncrypter = b.this.e;
                    b bVar = b.this;
                    JSONObject jSONObject = new JSONObject();
                    jSONObject.put("DV", "1.1");
                    jSONObject.put("DD", new JSONObject(bVar.a.a()));
                    jSONObject.put("DPNA", new JSONObject(bVar.b.a()));
                    ArrayList arrayList = new ArrayList();
                    Iterator<Warning> it = bVar.c.a().iterator();
                    while (it.hasNext()) {
                        arrayList.add(it.next().getID());
                    }
                    jSONObject.put("SW", new JSONArray((Collection) arrayList));
                    String payload = jSONObject.toString();
                    PublicKey acsPublicKey = r2;
                    String directoryServerId = r3;
                    String str = r4;
                    Intrinsics.checkParameterIsNotNull(payload, "payload");
                    Intrinsics.checkParameterIsNotNull(acsPublicKey, "acsPublicKey");
                    Intrinsics.checkParameterIsNotNull(directoryServerId, "directoryServerId");
                    if (acsPublicKey instanceof RSAPublicKey) {
                        RSAPublicKey publicKey = (RSAPublicKey) acsPublicKey;
                        Intrinsics.checkParameterIsNotNull(payload, "payload");
                        Intrinsics.checkParameterIsNotNull(publicKey, "publicKey");
                        Intrinsics.checkParameterIsNotNull(payload, "payload");
                        JWEObject jWEObject = new JWEObject(new JWEHeader.Builder(JWEAlgorithm.RSA_OAEP_256, EncryptionMethod.A128CBC_HS256).keyID(str).build(), new Payload(payload));
                        jWEObject.encrypt(new RSAEncrypter(publicKey));
                        String serialize = jWEObject.serialize();
                        Intrinsics.checkExpressionValueIsNotNull(serialize, "jwe.serialize()");
                        return serialize;
                    }
                    if (!(acsPublicKey instanceof ECPublicKey)) {
                        throw new SDKRuntimeException(new RuntimeException("Unsupported public key algorithm: " + acsPublicKey.getAlgorithm()));
                    }
                    JweEcEncrypter jweEcEncrypter = jweEncrypter.b;
                    ECPublicKey acsPublicKey2 = (ECPublicKey) acsPublicKey;
                    Intrinsics.checkParameterIsNotNull(payload, "payload");
                    Intrinsics.checkParameterIsNotNull(acsPublicKey2, "acsPublicKey");
                    Intrinsics.checkParameterIsNotNull(directoryServerId, "directoryServerId");
                    JWTClaimsSet.parse(payload);
                    KeyPair a = jweEcEncrypter.a.a();
                    DiffieHellmanKeyGenerator diffieHellmanKeyGenerator = jweEcEncrypter.b;
                    PrivateKey privateKey = a.getPrivate();
                    if (privateKey == null) {
                        throw new TypeCastException("null cannot be cast to non-null type java.security.interfaces.ECPrivateKey");
                    }
                    SecretKey a2 = diffieHellmanKeyGenerator.a(acsPublicKey2, (ECPrivateKey) privateKey, directoryServerId);
                    Curve curve = Curve.P_256;
                    PublicKey publicKey2 = a.getPublic();
                    if (publicKey2 == null) {
                        throw new TypeCastException("null cannot be cast to non-null type java.security.interfaces.ECPublicKey");
                    }
                    JWEObject jWEObject2 = new JWEObject(new JWEHeader.Builder(JWEAlgorithm.DIR, EncryptionMethod.A128CBC_HS256).ephemeralPublicKey(ECKey.parse(new ECKey.Builder(curve, (ECPublicKey) publicKey2).build().toJSONString())).build(), new Payload(payload));
                    jWEObject2.encrypt(new DirectEncrypter(a2));
                    String serialize2 = jWEObject2.serialize();
                    Intrinsics.checkExpressionValueIsNotNull(serialize2, "jweObject.serialize()");
                    return serialize2;
                } catch (JOSEException | ParseException | JSONException e) {
                    throw new SDKRuntimeException(new RuntimeException(e));
                }
            }

            @Override // com.stripe.android.stripe3ds2.transaction.AuthenticationRequestParameters
            public final String getMessageVersion() {
                return b.this.f.getCurrent();
            }

            @Override // com.stripe.android.stripe3ds2.transaction.AuthenticationRequestParameters
            public final String getSDKAppID() {
                return b.this.d.a().a;
            }

            @Override // com.stripe.android.stripe3ds2.transaction.AuthenticationRequestParameters
            public final String getSDKEphemeralPublicKey() {
                PublicKey publicKey = r6;
                return new ECKey.Builder(Curve.P_256, (ECPublicKey) publicKey).keyUse(KeyUse.SIGNATURE).keyID(r4).build().toPublicJWK().toJSONString();
            }

            @Override // com.stripe.android.stripe3ds2.transaction.AuthenticationRequestParameters
            public final String getSDKReferenceNumber() {
                return b.this.g;
            }

            @Override // com.stripe.android.stripe3ds2.transaction.AuthenticationRequestParameters
            public final String getSDKTransactionID() {
                return r5;
            }
        };
    }

    @Override // com.stripe.android.stripe3ds2.transaction.Transaction
    public final String getInitialChallengeUiType() {
        return this.r;
    }

    @Override // com.stripe.android.stripe3ds2.transaction.Transaction
    public final ProgressDialog getProgressView(Activity activity) throws InvalidInputException {
        return this.b.a(activity, this.q, this.p);
    }
}
