package e.d.c.a.b.l;

import e.d.c.a.b.c;
import e.d.c.a.b.l.b;
import e.d.c.a.d.f0;
import e.d.c.a.d.n;
import e.d.c.a.d.o;
import e.d.c.a.d.q;
import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class a extends e.d.c.a.b.l.b {
    private final byte[] signatureBytes;
    private final byte[] signedContentBytes;

    /* renamed from: e.d.c.a.b.l.a$a, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public static class C0105a extends b.a {

        @q("alg")
        private String algorithm;

        @q("crit")
        private List<String> critical;

        @q("jwk")
        private String jwk;

        @q("jku")
        private String jwkUrl;

        @q("kid")
        private String keyId;

        @q("x5c")
        private ArrayList<String> x509Certificates;

        @q("x5t")
        private String x509Thumbprint;

        @q("x5u")
        private String x509Url;

        @Override // e.d.c.a.b.l.b.a
        /* renamed from: d */
        public b.a set(String str, Object obj) {
            return (C0105a) super.set(str, obj);
        }

        @Override // e.d.c.a.b.l.b.a, e.d.c.a.b.b, e.d.c.a.d.n, java.util.AbstractMap
        /* renamed from: f, reason: merged with bridge method [inline-methods] */
        public C0105a clone() {
            return (C0105a) super.clone();
        }

        public final String g() {
            return this.algorithm;
        }

        public final List<String> h() {
            return new ArrayList(this.x509Certificates);
        }

        public C0105a i(String str) {
            this.algorithm = str;
            return this;
        }

        public C0105a j(String str) {
            this.keyId = str;
            return this;
        }

        @Override // e.d.c.a.b.l.b.a, e.d.c.a.b.b, e.d.c.a.d.n
        public e.d.c.a.b.b set(String str, Object obj) {
            return (C0105a) super.set(str, obj);
        }

        @Override // e.d.c.a.b.l.b.a, e.d.c.a.b.b, e.d.c.a.d.n
        public n set(String str, Object obj) {
            return (C0105a) super.set(str, obj);
        }
    }

    /* loaded from: classes.dex */
    public static final class b {
        public final c a;
        public Class<? extends C0105a> b = C0105a.class;

        /* renamed from: c, reason: collision with root package name */
        public Class<? extends b.C0106b> f10400c = b.C0106b.class;

        public b(c cVar) {
            Objects.requireNonNull(cVar);
            this.a = cVar;
        }

        public a a(String str) {
            int indexOf = str.indexOf(46);
            e.d.b.c.a.g(indexOf != -1);
            byte[] w = e.d.b.c.a.w(str.substring(0, indexOf));
            int i2 = indexOf + 1;
            int indexOf2 = str.indexOf(46, i2);
            e.d.b.c.a.g(indexOf2 != -1);
            int i3 = indexOf2 + 1;
            e.d.b.c.a.g(str.indexOf(46, i3) == -1);
            byte[] w2 = e.d.b.c.a.w(str.substring(i2, indexOf2));
            byte[] w3 = e.d.b.c.a.w(str.substring(i3));
            byte[] a = f0.a(str.substring(0, indexOf2));
            C0105a c0105a = (C0105a) this.a.b(new ByteArrayInputStream(w)).L(this.b);
            e.d.b.c.a.g(c0105a.g() != null);
            return new a(c0105a, (b.C0106b) this.a.b(new ByteArrayInputStream(w2)).L(this.f10400c), w3, a);
        }
    }

    public a(C0105a c0105a, b.C0106b c0106b, byte[] bArr, byte[] bArr2) {
        super(c0105a, c0106b);
        Objects.requireNonNull(bArr);
        this.signatureBytes = bArr;
        Objects.requireNonNull(bArr2);
        this.signedContentBytes = bArr2;
    }

    private static X509TrustManager getDefaultX509TrustManager() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
        } catch (KeyStoreException | NoSuchAlgorithmException unused) {
        }
        return null;
    }

    public static a parse(c cVar, String str) {
        return parser(cVar).a(str);
    }

    public static b parser(c cVar) {
        return new b(cVar);
    }

    public static String signUsingRsaSha256(PrivateKey privateKey, c cVar, C0105a c0105a, b.C0106b c0106b) {
        String str = e.d.b.c.a.A(cVar.f(c0105a, false).toByteArray()) + "." + e.d.b.c.a.A(cVar.f(c0106b, false).toByteArray());
        byte[] a = f0.a(str);
        Signature i2 = o.i();
        i2.initSign(privateKey);
        i2.update(a);
        byte[] sign = i2.sign();
        StringBuilder B = e.a.b.a.a.B(str, ".");
        B.append(e.d.b.c.a.A(sign));
        return B.toString();
    }

    @Override // e.d.c.a.b.l.b
    public C0105a getHeader() {
        return (C0105a) super.getHeader();
    }

    public final byte[] getSignatureBytes() {
        byte[] bArr = this.signatureBytes;
        return Arrays.copyOf(bArr, bArr.length);
    }

    public final byte[] getSignedContentBytes() {
        byte[] bArr = this.signedContentBytes;
        return Arrays.copyOf(bArr, bArr.length);
    }

    public final X509Certificate verifySignature() {
        X509TrustManager defaultX509TrustManager = getDefaultX509TrustManager();
        if (defaultX509TrustManager == null) {
            return null;
        }
        return verifySignature(defaultX509TrustManager);
    }

    public final X509Certificate verifySignature(X509TrustManager x509TrustManager) {
        boolean z;
        ArrayList arrayList = (ArrayList) getHeader().h();
        if (arrayList.isEmpty() || !"RS256".equals(getHeader().g())) {
            return null;
        }
        Signature i2 = o.i();
        byte[] bArr = this.signatureBytes;
        byte[] bArr2 = this.signedContentBytes;
        try {
            CertificateFactory k2 = o.k();
            X509Certificate[] x509CertificateArr = new X509Certificate[arrayList.size()];
            Iterator it = arrayList.iterator();
            int i3 = 0;
            while (it.hasNext()) {
                Certificate generateCertificate = k2.generateCertificate(new ByteArrayInputStream(e.d.b.c.a.w((String) it.next())));
                if (!(generateCertificate instanceof X509Certificate)) {
                    return null;
                }
                x509CertificateArr[i3] = (X509Certificate) generateCertificate;
                i3++;
            }
            x509TrustManager.checkServerTrusted(x509CertificateArr, "RSA");
            i2.initVerify(x509CertificateArr[0].getPublicKey());
            i2.update(bArr2);
            try {
                z = i2.verify(bArr);
            } catch (SignatureException unused) {
                z = false;
            }
            if (z) {
                return x509CertificateArr[0];
            }
            return null;
        } catch (CertificateException unused2) {
            return null;
        }
    }

    public final boolean verifySignature(PublicKey publicKey) {
        if ("RS256".equals(getHeader().g())) {
            Signature i2 = o.i();
            byte[] bArr = this.signatureBytes;
            byte[] bArr2 = this.signedContentBytes;
            i2.initVerify(publicKey);
            i2.update(bArr2);
            try {
                return i2.verify(bArr);
            } catch (SignatureException unused) {
            }
        }
        return false;
    }
}
