package com.tutelatechnologies.utilities.security;

import android.content.Context;
import android.util.Base64;
import com.tutelatechnologies.utilities.TUConfiguration;
import com.tutelatechnologies.utilities.TUException;
import com.tutelatechnologies.utilities.logger.TUBaseLogCode;
import com.tutelatechnologies.utilities.logger.TULog;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes3.dex */
public class TUSecurity {
    private static final String TAG = "TUSecurity";
    public static final String VERSION_NUMBER = "_4";
    private static final String defaultCertificate = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApFT5CClGFiJPF3rPDb9FJatQ8fRw/S6ov/t/X/jr9YMD9gPY2TpRviJ7Z1z99tFYOJSKdUgbCVMIxhbqiV/h/1Z/QfGSmxWnLIwxgODSezH6M9EJ0OhIIUbWcCVf/ejWv4nD6d3QZyI1uRy7AgGAcl7cdk72ri5ibSZ8WqOopM6f2hFFSqcRNI+FdRSGpsfel9GSO9lf9oacMJVl1YuAxaq4xF7p7/0jvITnEVfDcJ9yBQd46RXWAA932D/htYDLqYgM4MweW08HiakZXaqGtMzdtxtlzDnz9beQklpQH64IBkDbOBk9qVmOBcxpEo8hgU0T3dmCVqaSuStr/nS7E4rhs+frszY3f+JZMR0GHy7rkswvahBHEkd/DGj1KmSQPKQoNuoPPPnToMEqhQCDzmQzxEeT0H1+KdD933SYkRGpnUDVs1H99TBcoHORL7R9JtHRWW31sTx3LaZMHNAO55Ya1vHzJE1ARbBj9zxlo3W9jDQuFyIF1yVux4lO8mqWJrzDj53LgnzUbxhiJe7axOOl2qQ0ytl7SacARfF1ZtU5hI0uI/u70akZiQFZab7j43n/Ohtopcktehl5hLEHnGgCb3vIm2uWRHMRSKOLw9HJKmVg3GjAtjlRyjcg3W+OMfiUlMlS7lTYXnLBqRmewXbEezLGiveZjm5WBjajoBkCAwEAAQ==";
    private static final String pinningCert = "0+0+0+1+0+0+0+20+-48+42+-40+-75+-6+-19+32+123+93+90+-53+-66+70+-63+-67+-71+15+-110+-90+-83+0+0+5+-111+1+0+2+99+97+0+0+1+76+-65+-116+-34+96+0+0+0+0+0+5+88+46+53+48+57+0+0+6+72+48+-126+6+68+48+-126+5+44+-96+3+2+1+2+2+7+39+-109+-51+33+-22+-13+79+48+13+6+9+42+-122+72+-122+-9+13+1+1+11+5+0+48+-127+-76+49+11+48+9+6+3+85+4+6+19+2+85+83+49+16+48+14+6+3+85+4+8+19+7+65+114+105+122+111+110+97+49+19+48+17+6+3+85+4+7+19+10+83+99+111+116+116+115+100+97+108+101+49+26+48+24+6+3+85+4+10+19+17+71+111+68+97+100+100+121+46+99+111+109+44+32+73+110+99+46+49+45+48+43+6+3+85+4+11+19+36+104+116+116+112+58+47+47+99+101+114+116+115+46+103+111+100+97+100+100+121+46+99+111+109+47+114+101+112+111+115+105+116+111+114+121+47+49+51+48+49+6+3+85+4+3+19+42+71+111+32+68+97+100+100+121+32+83+101+99+117+114+101+32+67+101+114+116+105+102+105+99+97+116+101+32+65+117+116+104+111+114+105+116+121+32+45+32+71+50+48+30+23+13+49+52+48+52+50+57+49+56+48+52+49+48+90+23+13+49+57+48+52+50+57+49+56+48+52+49+48+90+48+70+49+33+48+31+6+3+85+4+11+19+24+68+111+109+97+105+110+32+67+111+110+116+114+111+108+32+86+97+108+105+100+97+116+101+100+49+33+48+31+6+3+85+4+3+12+24+42+46+116+117+116+101+108+97+116+101+99+104+110+111+108+111+103+105+101+115+46+99+111+109+48+-126+2+34+48+13+6+9+42+-122+72+-122+-9+13+1+1+1+5+0+3+-126+2+15+0+48+-126+2+10+2+-126+2+1+0+-92+84+-7+8+41+70+22+34+79+23+122+-49+13+-65+69+37+-85+80+-15+-12+112+-3+46+-88+-65+-5+127+95+-8+-21+-11+-125+3+-10+3+-40+-39+58+81+-66+34+123+103+92+-3+-10+-47+88+56+-108+-118+117+72+27+9+83+8+-58+22+-22+-119+95+-31+-1+86+127+65+-15+-110+-101+21+-89+44+-116+49+-128+-32+-46+123+49+-6+51+-47+9+-48+-24+72+33+70+-42+112+37+95+-3+-24+-42+-65+-119+-61+-23+-35+-48+103+34+53+-71+28+-69+2+1+-128+114+94+-36+118+78+-10+-82+46+98+109+38+124+90+-93+-88+-92+-50+-97+-38+17+69+74+-89+17+52+-113+-123+117+20+-122+-90+-57+-34+-105+-47+-110+59+-39+95+-10+-122+-100+48+-107+101+-43+-117+-128+-59+-86+-72+-60+94+-23+-17+-3+35+-68+-124+-25+17+87+-61+112+-97+114+5+7+120+-23+21+-42+0+15+119+-40+63+-31+-75+-128+-53+-87+-120+12+-32+-52+30+91+79+7+-119+-87+25+93+-86+-122+-76+-52+-35+-73+27+101+-52+57+-13+-11+-73+-112+-110+90+80+31+-82+8+6+64+-37+56+25+61+-87+89+-114+5+-52+105+18+-113+33+-127+77+19+-35+-39+-126+86+-90+-110+-71+43+107+-2+116+-69+19+-118+-31+-77+-25+-21+-77+54+55+127+-30+89+49+29+6+31+46+-21+-110+-52+47+106+16+71+18+71+127+12+104+-11+42+100+-112+60+-92+40+54+-22+15+60+-7+-45+-96+-63+42+-123+0+-125+-50+100+51+-60+71+-109+-48+125+126+41+-48+-3+-33+116+-104+-111+17+-87+-99+64+-43+-77+81+-3+-11+48+92+-96+115+-111+47+-76+125+38+-47+-47+89+109+-11+-79+60+119+45+-90+76+28+-48+14+-25+-106+26+-42+-15+-13+36+77+64+69+-80+99+-9+60+101+-93+117+-67+-116+52+46+23+34+5+-41+37+110+-57+-119+78+-14+106+-106+38+-68+-61+-113+-99+-53+-126+124+-44+111+24+98+37+-18+-38+-60+-29+-91+-38+-92+52+-54+-39+123+73+-89+0+69+-15+117+102+-43+57+-124+-115+46+35+-5+-69+-47+-87+25+-119+1+89+105+-66+-29+-29+121+-1+58+27+104+-91+-55+45+122+25+121+-124+-79+7+-100+104+2+111+123+-56+-101+107+-106+68+115+17+72+-93+-117+-61+-47+-55+42+101+96+-36+104+-64+-74+57+81+-54+55+32+-35+111+-114+49+-8+-108+-108+-55+82+-18+84+-40+94+114+-63+-87+25+-98+-63+118+-60+123+50+-58+-118+-9+-103+-114+110+86+6+54+-93+-96+25+2+3+1+0+1+-93+-126+1+-58+48+-126+1+-62+48+15+6+3+85+29+19+1+1+-1+4+5+48+3+1+1+0+48+29+6+3+85+29+37+4+22+48+20+6+8+43+6+1+5+5+7+3+1+6+8+43+6+1+5+5+7+3+2+48+14+6+3+85+29+15+1+1+-1+4+4+3+2+5+-96+48+54+6+3+85+29+31+4+47+48+45+48+43+-96+41+-96+39+-122+37+104+116+116+112+58+47+47+99+114+108+46+103+111+100+97+100+100+121+46+99+111+109+47+103+100+105+103+50+115+49+45+53+48+46+99+114+108+48+83+6+3+85+29+32+4+76+48+74+48+72+6+11+96+-122+72+1+-122+-3+109+1+7+23+1+48+57+48+55+6+8+43+6+1+5+5+7+2+1+22+43+104+116+116+112+58+47+47+99+101+114+116+105+102+105+99+97+116+101+115+46+103+111+100+97+100+100+121+46+99+111+109+47+114+101+112+111+115+105+116+111+114+121+47+48+118+6+8+43+6+1+5+5+7+1+1+4+106+48+104+48+36+6+8+43+6+1+5+5+7+48+1+-122+24+104+116+116+112+58+47+47+111+99+115+112+46+103+111+100+97+100+100+121+46+99+111+109+47+48+64+6+8+43+6+1+5+5+7+48+2+-122+52+104+116+116+112+58+47+47+99+101+114+116+105+102+105+99+97+116+101+115+46+103+111+100+97+100+100+121+46+99+111+109+47+114+101+112+111+115+105+116+111+114+121+47+103+100+105+103+50+46+99+114+116+48+31+6+3+85+29+35+4+24+48+22+-128+20+64+-62+-67+39+-114+-52+52+-125+48+-94+51+-41+-5+108+-77+-16+-76+44+-128+-50+48+59+6+3+85+29+17+4+52+48+50+-126+24+42+46+116+117+116+101+108+97+116+101+99+104+110+111+108+111+103+105+101+115+46+99+111+109+-126+22+116+117+116+101+108+97+116+101+99+104+110+111+108+111+103+105+101+115+46+99+111+109+48+29+6+3+85+29+14+4+22+4+20+-115+-83+-102+-40+114+6+-108+-105+65+109+-86+118+-128+75+-95+-58+76+71+-75+62+48+13+6+9+42+-122+72+-122+-9+13+1+1+11+5+0+3+-126+1+1+0+22+23+-10+32+-70+95+61+54+43+-88+20+-47+-86+-33+-102+92+62+11+122+-106+95+-37+-77+106+66+112+-35+-20+-124+55+51+82+-39+-33+-51+-117+-113+25+123+40+115+14+-92+55+111+-88+-25+-46+89+-29+-52+-24+-18+-68+-41+-62+-40+66+53+-75+-68+-110+56+-82+33+41+-63+-125+-39+-97+105+79+-60+-112+48+-109+28+108+-78+111+12+-10+102+-50+25+62+58+-49+16+111+63+89+-11+-108+-47+111+-114+21+-116+94+-93+-128+-48+68+122+-13+99+-112+-25+26+69+-127+-29+-106+-37+80+69+-61+-66+74+-57+-75+-57+111+114+-24+-107+-56+35+24+89+-3+71+24+121+-36+94+-116+-103+108+-74+11+91+111+-117+108+121+71+102+-28+95+-24+27+-86+81+8+-8+102+-9+-90+10+84+85+35+107+78+-90+41+-26+-107+42+125+-37+32+123+82+-51+20+-38+-50+-17+123+-25+13+-91+-34+101+-82+119+23+26+122+40+-17+66+81+-71+-62+-128+-46+40+91+-100+-41+60+-47+-48+-21+-88+-15+-71+36+-96+80+-61+15+107+35+35+-110+-27+-27+4+107+59+-49+48+-113+-14+4+94+-106+-96+75+-93+95+13+5+-37+51+6+120+25+5+-56+94+70+-4+127+74+-4+68+-125+-115+-127+39+0+-33+35+49+12+109+91+-126+-124+96+-96+-127+-106+49+23+-32+-45+79+-67+-16+-60";
    private static final String sharedPreferenceGetCertificate = "com.tutelatechnologies.GetCertificate";
    private static String DefaultCoSigningCertificate = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqns8TpoJkrcvZX4AZa33W/4NSdagbgi5VBBSwB1WUu1vq/Clx4RQb6tZCxEfBd9upYDEnETxfj/Vqw0KkmIq5+4/60NXFrX2Rde8uuv+Bh3ikHqI+SjFAmQlZrl9jftpjenGQHQcGvjzN3WaY8hwXGzCJl9S2jtzP5kVGLg677gRc0ctCEYonBiwCgnGJJx78K5iSY/DLCrCRkxGddQU0T4qY16xejp0FA/h8yAE9u60vtsbLt0k4ihqKTy8FogdrBHiglDycZkGGvptI8AJJxRDPVZ2HDIl9NmjunMZxSbi4Ytw7UFUWyvxCIZKIuL40DK6Aa83pRUpj9NUN+xC0QIDAQAB";
    private static String sharedPreferenceGetNonTutelaUploadCertificate = "GetNonTutelaUploadCertificate";

    public static boolean checkSignature(String str, String str2, String str3, String str4, String str5) throws TUException {
        try {
            if (str == null || str2 == null || str3 == null || str4 == null || str5 == null) {
                throw new TUException(TUException.SecurityCheckException);
            }
            byte[] decode = Base64.decode(str3, 0);
            byte[] bytes = str2.getBytes("UTF-8");
            byte[] decode2 = TUConversions.decode(TUConversions.encode(str.getBytes("UTF-8")));
            byte[] decode3 = TUConversions.decode(str4);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(decode2.length + decode3.length + bytes.length);
            byteArrayOutputStream.write(decode2, 0, decode2.length);
            byteArrayOutputStream.write(decode3, 0, decode3.length);
            byteArrayOutputStream.write(bytes, 0, bytes.length);
            return verifySignature(byteArrayOutputStream.toByteArray(), decode, TUConversions.hexStringToByteArray(str5));
        } catch (UnsupportedEncodingException e) {
            TULog.utilitiesLog(TUBaseLogCode.WARNING.low, TAG, e.getMessage(), e);
            return false;
        }
    }

    private static String getCertificate(Context context) {
        String valueFromPreferenceKey = TUConfiguration.getValueFromPreferenceKey(context, TUConfiguration.getMultiSDKPreferenceFileName(context), sharedPreferenceGetCertificate);
        return (valueFromPreferenceKey == null || valueFromPreferenceKey.equals("")) ? DefaultCoSigningCertificate : valueFromPreferenceKey;
    }

    static KeyStore getKeyStore() {
        try {
            return KeyStore.getInstance("BKS");
        } catch (KeyStoreException e) {
            return null;
        }
    }

    public static String getNonTutelaUploadDataCertificate(Context context) {
        String valueFromPreferenceKey = TUConfiguration.getValueFromPreferenceKey(context, sharedPreferenceGetNonTutelaUploadCertificate);
        if (valueFromPreferenceKey == null || valueFromPreferenceKey.equals("")) {
            return null;
        }
        return valueFromPreferenceKey;
    }

    static InputStream getPinCertInputStream() throws TUException, NoSuchAlgorithmException, CertificateException, IOException {
        try {
            String[] split = pinningCert.split("\\+");
            byte[] bArr = new byte[split.length];
            for (int i = 0; i < split.length; i++) {
                bArr[i] = Byte.valueOf(split[i]).byteValue();
            }
            return new ByteArrayInputStream(bArr);
        } catch (Exception e) {
            throw new TUException(TUException.InvalidCertificateException);
        }
    }

    public static SSLSocketFactory getSSLFactory(InputStream inputStream) throws Exception {
        KeyStore loadKeyStore = loadKeyStore(getKeyStore(), "", inputStream);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(loadKeyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
        return sSLContext.getSocketFactory();
    }

    static KeyStore loadKeyStore(KeyStore keyStore, String str, InputStream inputStream) throws TUException, NoSuchAlgorithmException, CertificateException, IOException {
        InputStream pinCertInputStream = inputStream == null ? getPinCertInputStream() : inputStream;
        keyStore.load(pinCertInputStream, str != null ? str.toCharArray() : "".toCharArray());
        pinCertInputStream.close();
        return keyStore;
    }

    public static boolean passesSecurityCheck(Context context, String str, String str2, String str3, String str4) throws TUException {
        if (!checkSignature(str + VERSION_NUMBER, str2, defaultCertificate, str3, str4)) {
            return false;
        }
        String certificate = getCertificate(context);
        int lastIndexOf = str2.lastIndexOf("}") + 1;
        return checkSignature("", str2.substring(0, lastIndexOf), certificate, "", str2.substring(lastIndexOf, str2.length()));
    }

    static void removeCertificate(Context context) {
        TUConfiguration.removeValueFromPreferenceKey(context, TUConfiguration.getMultiSDKPreferenceFileName(context), sharedPreferenceGetCertificate);
    }

    public static void setCertificate(Context context, String str) {
        TUConfiguration.setValueFromPreferenceKey(context, TUConfiguration.getMultiSDKPreferenceFileName(context), sharedPreferenceGetCertificate, str);
    }

    public static void setNonTutelaUploadCertificate(Context context, int i) {
        TUConfiguration.setValueFromPreferenceKey(context, sharedPreferenceGetNonTutelaUploadCertificate, String.valueOf(i));
    }

    private static boolean verifySignature(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        try {
            PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr2));
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initVerify(generatePublic);
            signature.update(bArr, 0, bArr.length);
            return signature.verify(bArr3);
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException | InvalidKeySpecException e) {
            TULog.utilitiesLog(TUBaseLogCode.WARNING.high, TAG, "Error verify signature.", e);
            return false;
        }
    }
}
