package io.getlime.security.powerauth.lib.cmd.steps;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.io.BaseEncoding;
import com.mashape.unirest.http.HttpResponse;
import com.mashape.unirest.http.Unirest;
import com.mashape.unirest.http.exceptions.UnirestException;
import io.getlime.security.powerauth.crypto.client.keyfactory.PowerAuthClientKeyFactory;
import io.getlime.security.powerauth.crypto.client.signature.PowerAuthClientSignature;
import io.getlime.security.powerauth.crypto.lib.config.PowerAuthConfiguration;
import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
import io.getlime.security.powerauth.crypto.lib.generator.KeyGenerator;
import io.getlime.security.powerauth.http.PowerAuthHttpBody;
import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
import io.getlime.security.powerauth.http.PowerAuthRequestCanonizationUtils;
import io.getlime.security.powerauth.lib.cmd.logging.StepLogger;
import io.getlime.security.powerauth.lib.cmd.util.EncryptedStorageUtil;
import io.getlime.security.powerauth.lib.cmd.util.HttpUtil;
import io.getlime.security.powerauth.lib.cmd.util.RestClientConfiguration;
import io.getlime.security.powerauth.provider.CryptoProviderUtil;
import java.io.FileWriter;
import java.net.URI;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Paths;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.SecretKey;
import org.json.simple.JSONObject;

/* loaded from: input_file:io/getlime/security/powerauth/lib/cmd/steps/VerifySignatureStep.class */
public class VerifySignatureStep implements BaseStep {
    private static final CryptoProviderUtil keyConversion = PowerAuthConfiguration.INSTANCE.getKeyConvertor();
    private static final KeyGenerator keyGenerator = new KeyGenerator();
    private static final PowerAuthClientSignature signature = new PowerAuthClientSignature();
    private static final PowerAuthClientKeyFactory keyFactory = new PowerAuthClientKeyFactory();
    private static final ObjectMapper mapper = new ObjectMapper();

    @Override // io.getlime.security.powerauth.lib.cmd.steps.BaseStep
    public JSONObject execute(StepLogger stepLogger, Map<String, Object> map) throws Exception {
        byte[] bArr;
        JSONObject jSONObject = (JSONObject) map.get("STATUS_OBJECT");
        String str = (String) map.get("URI_STRING");
        String str2 = (String) map.get("STATUS_FILENAME");
        String str3 = (String) map.get("APPLICATION_KEY");
        String str4 = (String) map.get("APPLICATION_SECRET");
        String upperCase = ((String) map.get("HTTP_METHOD")).toUpperCase();
        String str5 = (String) map.get("ENDPOINT");
        String str6 = (String) map.get("SIGNATURE_TYPE");
        String str7 = (String) map.get("DATA_FILE_NAME");
        String str8 = (String) map.get("PASSWORD");
        if (stepLogger != null) {
            stepLogger.writeItem("Signature Validation Started", null, "OK", null);
        }
        String str9 = (String) jSONObject.get("activationId");
        long longValue = ((Long) jSONObject.get("counter")).longValue();
        byte[] decode = BaseEncoding.base64().decode((String) jSONObject.get("signaturePossessionKey"));
        byte[] decode2 = BaseEncoding.base64().decode((String) jSONObject.get("signatureBiometryKey"));
        byte[] decode3 = BaseEncoding.base64().decode((String) jSONObject.get("signatureKnowledgeKeySalt"));
        byte[] decode4 = BaseEncoding.base64().decode((String) jSONObject.get("signatureKnowledgeKeyEncrypted"));
        char[] readPassword = str8 == null ? System.console().readPassword("Enter your password to unlock the knowledge related key: ", new Object[0]) : str8.toCharArray();
        SecretKey convertBytesToSharedSecretKey = keyConversion.convertBytesToSharedSecretKey(decode);
        SecretKey signatureKnowledgeKey = EncryptedStorageUtil.getSignatureKnowledgeKey(readPassword, decode4, decode3, keyGenerator);
        SecretKey convertBytesToSharedSecretKey2 = keyConversion.convertBytesToSharedSecretKey(decode2);
        byte[] generateRandomBytes = keyGenerator.generateRandomBytes(16);
        if ("GET".equals(upperCase.toUpperCase())) {
            String canonizeGetParameters = PowerAuthRequestCanonizationUtils.canonizeGetParameters(new URI(str).getRawQuery());
            if (canonizeGetParameters != null) {
                bArr = canonizeGetParameters.getBytes("UTF-8");
            } else {
                bArr = new byte[0];
                if (stepLogger != null) {
                    stepLogger.writeItem("Empty data", "No GET query parameters found in provided URL, signature will contain no data", "WARNING", null);
                }
            }
        } else if (str7 == null || !Files.exists(Paths.get(str7, new String[0]), new LinkOption[0])) {
            bArr = new byte[0];
            if (stepLogger != null) {
                stepLogger.writeItem("Empty data", "Data file was not found, signature will contain no data", "WARNING", null);
            }
        } else {
            bArr = Files.readAllBytes(Paths.get(str7, new String[0]));
        }
        String powerAuthSignatureHTTPHeader = PowerAuthHttpHeader.getPowerAuthSignatureHTTPHeader(str9, str3, BaseEncoding.base64().encode(generateRandomBytes), PowerAuthSignatureTypes.getEnumFromString(str6).toString(), signature.signatureForData((PowerAuthHttpBody.getSignatureBaseString(upperCase.toUpperCase(), str5, generateRandomBytes, bArr) + "&" + str4).getBytes("UTF-8"), keyFactory.keysForSignatureType(str6, convertBytesToSharedSecretKey, signatureKnowledgeKey, convertBytesToSharedSecretKey2), longValue), "2.0");
        jSONObject.put("counter", Long.valueOf(longValue + 1));
        String writeValueAsString = mapper.writerWithDefaultPrettyPrinter().writeValueAsString(jSONObject);
        FileWriter fileWriter = new FileWriter(str2);
        Throwable th = null;
        try {
            try {
                fileWriter.write(writeValueAsString);
                if (fileWriter != null) {
                    if (0 != 0) {
                        try {
                            fileWriter.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileWriter.close();
                    }
                }
                try {
                    HashMap hashMap = new HashMap();
                    hashMap.put("Accept", "application/json");
                    hashMap.put("Content-Type", "application/json");
                    hashMap.put("X-PowerAuth-Authorization", powerAuthSignatureHTTPHeader);
                    if (stepLogger != null) {
                        stepLogger.writeServerCall(str, upperCase.toUpperCase(), new String(bArr, "UTF-8"), hashMap);
                    }
                    HttpResponse asString = "GET".equals(upperCase) ? Unirest.get(str).headers(hashMap).asString() : Unirest.post(str).headers(hashMap).body(bArr).asString();
                    Map map2 = (Map) RestClientConfiguration.defaultMapper().readValue(asString.getRawBody(), new TypeReference<Map<String, Object>>() { // from class: io.getlime.security.powerauth.lib.cmd.steps.VerifySignatureStep.1
                    });
                    if (asString.getStatus() == 200) {
                        if (stepLogger != null) {
                            stepLogger.writeServerCallOK(map2, HttpUtil.flattenHttpHeaders(asString.getHeaders()));
                            stepLogger.writeItem("Signature verified", "Activation signature was verified successfully", "OK", null);
                            stepLogger.writeDoneOK();
                        }
                        return jSONObject;
                    }
                    if (stepLogger == null) {
                        return null;
                    }
                    stepLogger.writeServerCallError(asString.getStatus(), asString.getBody(), HttpUtil.flattenHttpHeaders(asString.getHeaders()));
                    stepLogger.writeDoneFailed();
                    return null;
                } catch (Exception e) {
                    if (stepLogger == null) {
                        return null;
                    }
                    stepLogger.writeError(e);
                    stepLogger.writeDoneFailed();
                    return null;
                } catch (UnirestException e2) {
                    if (stepLogger == null) {
                        return null;
                    }
                    stepLogger.writeServerCallConnectionError(e2);
                    stepLogger.writeDoneFailed();
                    return null;
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (fileWriter != null) {
                if (th != null) {
                    try {
                        fileWriter.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    fileWriter.close();
                }
            }
            throw th4;
        }
    }
}
