package com.aetherpal.enrollment.cert.messages;

import android.content.Context;
import com.aetherpal.core.cert.ApCertificate;
import com.aetherpal.core.exceptions.WebException;
import com.aetherpal.core.logger.ApLog;
import com.aetherpal.core.utils.CertUtils;
import com.aetherpal.core.utils.StringUtils;
import com.aetherpal.core.xml.annotations.XmlElement;
import com.aetherpal.core.xml.annotations.XmlRoot;
import com.aetherpal.core.xml.annotations.XmlSerializable;
import com.aetherpal.enrollment.AnchorWebMessage;
import com.aetherpal.enrollment.BaseWebMessage;
import com.aetherpal.enrollment.R;
import com.aetherpal.messages.signal.SignalParamNames;
import com.google.gson.annotations.SerializedName;
import com.google.gson.reflect.TypeToken;
import java.io.ByteArrayInputStream;
import java.io.FileOutputStream;
import java.lang.reflect.Type;
import java.security.cert.X509Certificate;

/* loaded from: classes.dex */
public class CertificateWebMessage {
    public static final String URL = "/pki/GetCert";
    private static int count = 0;

    @XmlSerializable
    @XmlRoot("Message")
    /* loaded from: classes.dex */
    public static class CertificateRequest extends BaseWebMessage {

        @XmlElement("Format")
        @SerializedName("Format")
        public int format;

        public CertificateRequest() {
            this.format = 1;
        }

        private CertificateRequest(int i) {
            this.format = 1;
            this.format = i;
        }

        @Override // com.aetherpal.enrollment.BaseWebMessage
        public Type getTypeToken() {
            return new TypeToken<AnchorWebMessage<CertificateRequest>>() { // from class: com.aetherpal.enrollment.cert.messages.CertificateWebMessage.CertificateRequest.1
            }.getType();
        }

        @Override // com.aetherpal.enrollment.BaseWebMessage
        public String getUrlPath() {
            return CertificateWebMessage.URL;
        }
    }

    @XmlSerializable
    @XmlRoot("Message")
    /* loaded from: classes.dex */
    public static class CertificateResponse extends BaseWebMessage {

        @XmlElement("Certificate")
        @SerializedName("Certificate")
        public byte[] certificate = null;

        @XmlElement(SignalParamNames.PKOI)
        @SerializedName(SignalParamNames.PKOI)
        public int pkoi;

        @XmlElement(SignalParamNames.PKOID)
        @SerializedName(SignalParamNames.PKOID)
        public int pkoid;

        @Override // com.aetherpal.enrollment.BaseWebMessage
        public Type getTypeToken() {
            return new TypeToken<AnchorWebMessage<CertificateResponse>>() { // from class: com.aetherpal.enrollment.cert.messages.CertificateWebMessage.CertificateResponse.1
            }.getType();
        }

        @Override // com.aetherpal.enrollment.BaseWebMessage
        public String getUrlPath() {
            return CertificateWebMessage.URL;
        }

        public String toString() {
            return String.format("Cert %s , pkoid %d, pkoi %d ", StringUtils.toHexString(this.certificate), Integer.valueOf(this.pkoid), Integer.valueOf(this.pkoi));
        }
    }

    public static ApCertificate getCertificate(Context context, String str, int i, int i2, boolean z) throws WebException {
        X509Certificate verifyCertChain;
        ApCertificate apCertificate = null;
        AnchorWebMessage anchorWebMessage = new AnchorWebMessage();
        anchorWebMessage.message = new CertificateRequest(i);
        AnchorWebMessage anchorWebMessage2 = new AnchorWebMessage();
        anchorWebMessage2.message = new CertificateResponse();
        AnchorWebMessage execute = anchorWebMessage.execute(BaseWebMessage.FORMAT, str, anchorWebMessage2, i2);
        if (execute == null || execute.message == 0) {
            ApLog.e("Failed to get Certificate");
            return null;
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(((CertificateResponse) execute.message).certificate);
            if (i == 0) {
                verifyCertChain = CertUtils.verifyCert(context, byteArrayInputStream, R.raw.root, R.raw.intermediate);
            } else {
                if (i != 1) {
                    return null;
                }
                try {
                    ApLog.d(String.format("Cert-%d.cer PKOID:%d PKOI:%d", Integer.valueOf(count), Integer.valueOf(((CertificateResponse) execute.message).pkoid), Integer.valueOf(((CertificateResponse) execute.message).pkoi)));
                    FileOutputStream openFileOutput = context.openFileOutput(String.format("Cert-%d.cer", Integer.valueOf(count)), 0);
                    openFileOutput.write(((CertificateResponse) execute.message).certificate);
                    openFileOutput.close();
                    count++;
                } catch (Exception e) {
                    ApLog.printStackTrace(e);
                }
                verifyCertChain = CertUtils.verifyCertChain(context, byteArrayInputStream, R.raw.root, R.raw.intermediate);
            }
            if (verifyCertChain != null) {
                ApCertificate apCertificate2 = new ApCertificate();
                try {
                    apCertificate2.setCertId(((CertificateResponse) execute.message).pkoid, ((CertificateResponse) execute.message).pkoi);
                    apCertificate2.setCert(verifyCertChain);
                    if (!z) {
                        apCertificate2.save(context);
                    }
                    apCertificate = apCertificate2;
                } catch (Exception e2) {
                    e = e2;
                    ApLog.printStackTrace(e);
                    return null;
                }
            }
            return apCertificate;
        } catch (Exception e3) {
            e = e3;
        }
    }
}
