package com.ubiqsecurity;

import com.google.gson.GsonBuilder;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.StringReader;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.time.Instant;
import java.time.ZoneOffset;
import java.time.format.DateTimeFormatter;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPatch;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.HttpClients;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.encodings.OAEPEncoding;
import org.bouncycastle.crypto.engines.RSAEngine;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPrivateCrtKey;
import org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPrivateKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.pkcs.PKCSException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/ubiqsecurity/UbiqWebServices.class */
public class UbiqWebServices {
    private UbiqCredentials ubiqCredentials;
    private String baseUrl;
    private boolean verbose = false;
    private final String applicationJson = "application/json";
    private final String restApiRoot = "api/v0";
    private final String restApiV3Root = "api/v3";
    private BouncyCastleProvider bcProvider = new BouncyCastleProvider();

    private static String print(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        sb.append("[ ");
        for (byte b : bArr) {
            sb.append(String.format("0x%02X ", Byte.valueOf(b)));
        }
        sb.append("]");
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public UbiqWebServices(UbiqCredentials ubiqCredentials) {
        this.ubiqCredentials = ubiqCredentials;
        if (this.ubiqCredentials.getHost().startsWith("http")) {
            this.baseUrl = this.ubiqCredentials.getHost();
        } else {
            this.baseUrl = String.format("https://%s", this.ubiqCredentials.getHost());
        }
    }

    public static String encode(String str) {
        try {
            return URLEncoder.encode(str, StandardCharsets.UTF_8.toString()).replaceAll("\\+", "%20");
        } catch (UnsupportedEncodingException e) {
            return "Issue while encoding: " + e.getMessage();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getUnwrappedKey(String str, String str2) {
        byte[] bArr = {0};
        if (this.verbose) {
            System.out.println("Unwrapping key");
        }
        try {
            bArr = unwrapKey(str, str2, this.ubiqCredentials.getSecretCryptoAccessKey());
            return bArr;
        } catch (Exception e) {
            System.out.println(String.format("getUnwrappedKey exception: %s", e.getMessage()));
            return bArr;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public FPEBillingResponse sendTrackingEvents(String str) {
        getClass();
        String format = String.format("%s/%s/tracking/events", this.baseUrl, "api/v3");
        if (this.verbose) {
            System.out.printf("%s  urlString: %s\n", "sendTrackingEvents", format);
        }
        FPEBillingResponse fPEBillingResponse = new FPEBillingResponse(200, "");
        try {
            String submitHttpRequest = submitHttpRequest(buildSignedHttpRequest("POST", format, "", str, this.ubiqCredentials.getAccessKeyId(), this.ubiqCredentials.getSecretSigningKey()), 200);
            if (this.verbose) {
                System.out.println("    sendBilling jsonResponse: " + submitHttpRequest);
            }
            if (submitHttpRequest != null && !submitHttpRequest.isEmpty()) {
                if (this.verbose) {
                    System.out.println("    jsonResponse is NOT NULL");
                }
                fPEBillingResponse = new FPEBillingResponse(200, submitHttpRequest);
                if (this.verbose) {
                    System.out.println("  RETURN  status: " + fPEBillingResponse.status + ", message: " + fPEBillingResponse.message);
                }
            }
            return fPEBillingResponse;
        } catch (Exception e) {
            return new FPEBillingResponse(400, "Server Error: " + e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JsonObject getFpeDefKeys(String str) {
        String format = String.format("ffs_name=%s&papi=%s", encode(str), encode(this.ubiqCredentials.getAccessKeyId()));
        getClass();
        String format2 = String.format("%s/%s/fpe/def_keys?%s", this.baseUrl, "api/v0", format);
        if (0 != 0) {
            System.out.println("\n    urlString: " + format2 + "\n");
        }
        if (0 != 0) {
            System.out.println("\n    params: " + format + "\n");
        }
        try {
            String submitHttpRequest = submitHttpRequest(buildSignedHttpRequest("GET", format2, format, "", this.ubiqCredentials.getAccessKeyId(), this.ubiqCredentials.getSecretSigningKey()), 200);
            if (0 != 0) {
                System.out.println("\n    getFpeDefKeys: " + submitHttpRequest + "\n");
            }
            return new JsonParser().parse(submitHttpRequest).getAsJsonObject();
        } catch (Exception e) {
            System.out.println(String.format("getFpeDefKeys exception: %s", e.getMessage()));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public FFS_Record getFFSDefinition(String str) {
        String format = String.format("ffs_name=%s&papi=%s", encode(str), encode(this.ubiqCredentials.getAccessKeyId()));
        getClass();
        String format2 = String.format("%s/%s/ffs?%s", this.baseUrl, "api/v0", format);
        if (this.verbose) {
            System.out.println("\n    urlString: " + format2 + "\n");
        }
        if (this.verbose) {
            System.out.println("\n    params: " + format + "\n");
        }
        try {
            String submitHttpRequest = submitHttpRequest(buildSignedHttpRequest("GET", format2, format, "", this.ubiqCredentials.getAccessKeyId(), this.ubiqCredentials.getSecretSigningKey()), 200);
            if (this.verbose) {
                System.out.println("\n    getFFSDefinition: " + submitHttpRequest + "\n");
            }
            FFS_Record parse = FFS_Record.parse(submitHttpRequest);
            if (this.verbose) {
                System.out.println("\n    getFFSDefinition(ffsRecord): " + submitHttpRequest + "\n");
            }
            return parse;
        } catch (Exception e) {
            System.out.println(String.format("getFFSDefinition exception: %s", e.getMessage()));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public FPEKeyResponse getFPEEncryptionKey(String str) {
        String format = String.format("ffs_name=%s&papi=%s", encode(str), encode(this.ubiqCredentials.getAccessKeyId()));
        getClass();
        try {
            return (FPEKeyResponse) new GsonBuilder().setPrettyPrinting().create().fromJson(submitHttpRequest(buildSignedHttpRequest("GET", String.format("%s/%s/fpe/key?%s", this.baseUrl, "api/v0", format), format, "", this.ubiqCredentials.getAccessKeyId(), this.ubiqCredentials.getSecretSigningKey()), 200), FPEKeyResponse.class);
        } catch (Exception e) {
            System.out.println(String.format("getFPEEncryptionKey exception: %s", e.getMessage()));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public FPEKeyResponse getFPEDecryptionKey(String str, int i) {
        String format = String.format("ffs_name=%s&papi=%s&key_number=%d", encode(str), encode(this.ubiqCredentials.getAccessKeyId()), Integer.valueOf(i));
        getClass();
        String format2 = String.format("%s/%s/fpe/key?%s", this.baseUrl, "api/v0", format);
        if (this.verbose) {
            System.out.println("getFPEDecryptionKey  params: " + format);
        }
        try {
            String submitHttpRequest = submitHttpRequest(buildSignedHttpRequest("GET", format2, format, "", this.ubiqCredentials.getAccessKeyId(), this.ubiqCredentials.getSecretSigningKey()), 200);
            if (this.verbose) {
                System.out.println("\n    getFPEDecryptionKey: " + submitHttpRequest + "\n");
            }
            return (FPEKeyResponse) new GsonBuilder().setPrettyPrinting().create().fromJson(submitHttpRequest, FPEKeyResponse.class);
        } catch (Exception e) {
            System.out.println(String.format("getFPEDecryptionKey exception: %s", e.getMessage()));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptionKeyResponse getEncryptionKey(int i) {
        getClass();
        try {
            String submitHttpRequest = submitHttpRequest(buildSignedHttpRequest("POST", String.format("%s/%s/encryption/key", this.baseUrl, "api/v0"), "", String.format("{\"uses\": %s}", Integer.valueOf(i)), this.ubiqCredentials.getAccessKeyId(), this.ubiqCredentials.getSecretSigningKey()), 201);
            if (this.verbose) {
                System.out.println(submitHttpRequest);
            }
            EncryptionKeyResponse encryptionKeyResponse = (EncryptionKeyResponse) new GsonBuilder().setPrettyPrinting().create().fromJson(submitHttpRequest, EncryptionKeyResponse.class);
            encryptionKeyResponse.UnwrappedDataKey = unwrapKey(encryptionKeyResponse.EncryptedPrivateKey, encryptionKeyResponse.WrappedDataKey, this.ubiqCredentials.getSecretCryptoAccessKey());
            encryptionKeyResponse.EncryptedDataKeyBytes = Base64.getDecoder().decode(encryptionKeyResponse.EncryptedDataKey);
            return encryptionKeyResponse;
        } catch (Exception e) {
            System.out.println(String.format("getEncryptionKey exception: %s", e.getMessage()));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DecryptionKeyResponse getDecryptionKey(byte[] bArr) {
        getClass();
        try {
            DecryptionKeyResponse decryptionKeyResponse = (DecryptionKeyResponse) new GsonBuilder().setPrettyPrinting().create().fromJson(submitHttpRequest(buildSignedHttpRequest("POST", String.format("%s/%s/decryption/key", this.baseUrl, "api/v0"), "", String.format("{\"encrypted_data_key\": \"%s\"}", Base64.getEncoder().encodeToString(bArr)), this.ubiqCredentials.getAccessKeyId(), this.ubiqCredentials.getSecretSigningKey()), 200), DecryptionKeyResponse.class);
            decryptionKeyResponse.UnwrappedDataKey = new byte[0];
            return decryptionKeyResponse;
        } catch (Exception e) {
            System.out.println(String.format("getDecryptionKey exception: %s", e.getMessage()));
            return null;
        }
    }

    private HttpRequestBase buildSignedHttpRequest(String str, String str2, String str3, String str4, String str5, String str6) throws URISyntaxException, NoSuchAlgorithmException, InvalidKeyException, IOException {
        HttpPatch httpPatch = null;
        URI uri = new URI(str2);
        StringEntity stringEntity = new StringEntity(str4, ContentType.APPLICATION_JSON);
        HashMap hashMap = new HashMap();
        String unixTimeAsString = unixTimeAsString();
        hashMap.put("Content-Type", ContentType.APPLICATION_JSON.toString());
        boolean z = -1;
        switch (str.hashCode()) {
            case 70454:
                if (str.equals("GET")) {
                    z = true;
                    break;
                }
                break;
            case 79599:
                if (str.equals("PUT")) {
                    z = 4;
                    break;
                }
                break;
            case 2461856:
                if (str.equals("POST")) {
                    z = false;
                    break;
                }
                break;
            case 75900968:
                if (str.equals("PATCH")) {
                    z = 2;
                    break;
                }
                break;
            case 2012838315:
                if (str.equals("DELETE")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                httpPatch = new HttpPost(uri);
                ((HttpEntityEnclosingRequestBase) httpPatch).setEntity(stringEntity);
                hashMap.put("Content-Length", String.valueOf(stringEntity.getContentLength()));
                break;
            case true:
                httpPatch = new HttpGet(uri);
                break;
            case true:
                httpPatch = new HttpPatch(uri);
                ((HttpEntityEnclosingRequestBase) httpPatch).setEntity(stringEntity);
                hashMap.put("Content-Length", String.valueOf(stringEntity.getContentLength()));
                break;
            case true:
                httpPatch = new HttpDelete(uri);
                break;
            case true:
                httpPatch = new HttpPut(uri);
                ((HttpEntityEnclosingRequestBase) httpPatch).setEntity(stringEntity);
                hashMap.put("Content-Length", String.valueOf(stringEntity.getContentLength()));
                break;
        }
        hashMap.put("Accept", ContentType.APPLICATION_JSON.toString());
        hashMap.put("User-Agent", "ubiq-java/" + Version.VERSION);
        String host = uri.getHost();
        if (uri.getPort() != -1) {
            host = host + ":" + uri.getPort();
        }
        hashMap.put("Host", host);
        hashMap.put("Digest", buildDigestValue(str4.getBytes(StandardCharsets.UTF_8)));
        hashMap.put("Signature", buildSignature(hashMap, unixTimeAsString, (str3 == null || str3 == "") ? buildRequestTarget(str, uri) : buildRequestTarget(str, uri) + "?" + str3, str5, str6));
        hashMap.remove("Content-Length");
        hashMap.remove("Host");
        for (String str7 : hashMap.keySet()) {
            httpPatch.addHeader(str7, (String) hashMap.get(str7));
        }
        return httpPatch;
    }

    private byte[] unwrapKey(String str, String str2, String str3) throws IOException, OperatorCreationException, PKCSException, InvalidCipherTextException {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(this.bcProvider);
        }
        PEMParser pEMParser = new PEMParser(new StringReader(str));
        Throwable th = null;
        try {
            Object readObject = pEMParser.readObject();
            if (!(readObject instanceof PKCS8EncryptedPrivateKeyInfo)) {
                throw new RuntimeException("Unrecognized Encrypted Private Key format");
            }
            BCRSAPrivateKey privateKey = new JcaPEMKeyConverter().setProvider(this.bcProvider).getPrivateKey(((PKCS8EncryptedPrivateKeyInfo) readObject).decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider(this.bcProvider).build(str3.toCharArray())));
            if (!(privateKey instanceof BCRSAPrivateCrtKey)) {
                throw new RuntimeException("Unrecognized Private Key format: " + privateKey.getClass().getName() + " ");
            }
            BCRSAPrivateKey bCRSAPrivateKey = privateKey;
            RSAKeyParameters rSAKeyParameters = new RSAKeyParameters(true, bCRSAPrivateKey.getModulus(), bCRSAPrivateKey.getPrivateExponent());
            OAEPEncoding oAEPEncoding = new OAEPEncoding(new RSAEngine(), new SHA1Digest(), new SHA1Digest(), (byte[]) null);
            oAEPEncoding.init(false, rSAKeyParameters);
            byte[] decode = Base64.getDecoder().decode(str2);
            byte[] processBlock = oAEPEncoding.processBlock(decode, 0, decode.length);
            if (pEMParser != null) {
                if (0 != 0) {
                    try {
                        pEMParser.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    pEMParser.close();
                }
            }
            return processBlock;
        } catch (Throwable th3) {
            if (pEMParser != null) {
                if (0 != 0) {
                    try {
                        pEMParser.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    pEMParser.close();
                }
            }
            throw th3;
        }
    }

    private static String submitHttpRequest(HttpRequestBase httpRequestBase, int i) throws IOException, InterruptedException {
        HttpResponse execute = HttpClients.createDefault().execute(httpRequestBase);
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(execute.getEntity().getContent()));
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            }
            stringBuffer.append(readLine);
        }
        bufferedReader.close();
        String stringBuffer2 = stringBuffer.toString();
        if (execute.getStatusLine().getStatusCode() != i) {
            throw new IOException("{\"status\" : " + execute.getStatusLine().getStatusCode() + ", \"message\" : \"" + String.format(stringBuffer2, new Object[0]) + "\"}");
        }
        return stringBuffer2;
    }

    private static String buildDateValue() {
        return DateTimeFormatter.ofPattern("EEE, dd MMM yyyy HH:mm:ss 'GMT'").format(Instant.now().atZone(ZoneOffset.UTC));
    }

    private static String unixTimeAsString() {
        return String.valueOf(System.currentTimeMillis() / 1000);
    }

    private static String buildRequestTarget(String str, URI uri) {
        return str.toLowerCase() + " " + uri.getPath();
    }

    private static String buildDigestValue(byte[] bArr) throws NoSuchAlgorithmException {
        return "SHA-512=" + Base64.getEncoder().encodeToString(MessageDigest.getInstance("SHA-512").digest(bArr));
    }

    private static String buildSignature(Map<String, String> map, String str, String str2, String str3, String str4) throws IOException, NoSuchAlgorithmException, InvalidKeyException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Throwable th = null;
        try {
            try {
                writeHashableBytes(byteArrayOutputStream, "(created)", str);
                writeHashableBytes(byteArrayOutputStream, "(request-target)", str2);
                writeHashableBytes(byteArrayOutputStream, "Content-Type", map.get("Content-Type"));
                writeHashableBytes(byteArrayOutputStream, "Digest", map.get("Digest"));
                writeHashableBytes(byteArrayOutputStream, "Host", map.get("Host"));
                SecretKeySpec secretKeySpec = new SecretKeySpec(str4.getBytes(StandardCharsets.UTF_8), "HmacSHA512");
                Mac mac = Mac.getInstance("HmacSHA512");
                mac.init(secretKeySpec);
                String str5 = String.format("keyId=\"%s\"", str3) + ", algorithm=\"hmac-sha512\"" + String.format(", created=%s", str) + ", headers=\"(created) (request-target) content-type digest host\"" + String.format(", signature=\"%s\"", Base64.getEncoder().encodeToString(mac.doFinal(byteArrayOutputStream.toByteArray())));
                if (byteArrayOutputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        byteArrayOutputStream.close();
                    }
                }
                return str5;
            } finally {
            }
        } catch (Throwable th3) {
            if (byteArrayOutputStream != null) {
                if (th != null) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    byteArrayOutputStream.close();
                }
            }
            throw th3;
        }
    }

    private static void writeHashableBytes(ByteArrayOutputStream byteArrayOutputStream, String str, String str2) {
        byte[] bytes = (str.toLowerCase() + ": " + str2 + "\n").getBytes(StandardCharsets.UTF_8);
        byteArrayOutputStream.write(bytes, 0, bytes.length);
    }
}
