package com.microsoft.mmx.agents.ypp.pairing.statemachine.processor;

import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import com.google.gson.Gson;
import com.google.gson.JsonParseException;
import com.google.gson.reflect.TypeToken;
import com.microsoft.appmanager.telemetry.ILogger;
import com.microsoft.appmanager.telemetry.TraceContext;
import com.microsoft.appmanager.utils.AsyncOperation;
import com.microsoft.appmanager.ypp.pairing.PairingCryptoTrustType;
import com.microsoft.appmanager.ypp.pairing.PairingOption;
import com.microsoft.identity.common.internal.providers.microsoft.MicrosoftIdToken;
import com.microsoft.mmx.agents.ypp.authclient.crypto.CertificateUtils;
import com.microsoft.mmx.agents.ypp.authclient.crypto.CryptoException;
import com.microsoft.mmx.agents.ypp.authclient.crypto.CryptoManager;
import com.microsoft.mmx.agents.ypp.configuration.PlatformConfiguration;
import com.microsoft.mmx.agents.ypp.pairing.channel.IPairingPartnerListener;
import com.microsoft.mmx.agents.ypp.pairing.channel.PairingChannel;
import com.microsoft.mmx.agents.ypp.pairing.constant.FailureMethodConstants;
import com.microsoft.mmx.agents.ypp.pairing.constant.FailureReasonConstants;
import com.microsoft.mmx.agents.ypp.pairing.data.PairingCeremonyData;
import com.microsoft.mmx.agents.ypp.pairing.data.PairingResult;
import com.microsoft.mmx.agents.ypp.pairing.protocol.CryptoInfoExchangeMessage;
import com.microsoft.mmx.agents.ypp.pairing.protocol.NonceMessage;
import com.microsoft.mmx.agents.ypp.pairing.protocol.PairingResponseStatus;
import com.microsoft.mmx.agents.ypp.pairing.protocol.PairingStatus;
import com.microsoft.mmx.agents.ypp.pairing.protocol.SendPairingMessageResponseMessage;
import com.microsoft.mmx.agents.ypp.pairing.statemachine.PairingStateMachine;
import com.microsoft.mmx.agents.ypp.pairing.statemachine.data.PairingProcessResultWithDetail;
import com.microsoft.mmx.agents.ypp.pairing.statemachine.data.PairingState;
import com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.log.SendNonceStateProcessorLog;
import com.microsoft.mmx.agents.ypp.pairing.utils.NonceGenerator;
import com.microsoft.mmx.agents.ypp.signalr.HubSendException;
import com.microsoft.mmx.agents.ypp.utils.ExceptionUtils;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory;
import com.nimbusds.jose.util.JSONObjectUtils;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.concurrent.CancellationException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Executor;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import org.joda.time.Duration;

/* loaded from: classes3.dex */
public final class SendNonceStateProcessor extends BasePairingStateProcessor {
    private AsyncOperation<CryptoInfoExchangeMessage> cryptoMessageOperation;
    private final SendNonceStateProcessorLog log;
    private final PairingCeremonyData pairingCeremonyData;
    private final PairingChannel pairingChannel;
    private final PairingOption pairingOption;
    private final String selfNonce;
    private boolean shouldRetryAfterFailure;

    /* renamed from: com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.SendNonceStateProcessor$1 */
    /* loaded from: classes3.dex */
    public class AnonymousClass1 extends TypeToken<List<String>> {
        public AnonymousClass1(SendNonceStateProcessor sendNonceStateProcessor) {
        }
    }

    /* renamed from: com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.SendNonceStateProcessor$2 */
    /* loaded from: classes3.dex */
    public static /* synthetic */ class AnonymousClass2 {

        /* renamed from: a */
        public static final /* synthetic */ int[] f4037a;

        static {
            int[] iArr = new int[PairingResponseStatus.values().length];
            f4037a = iArr;
            try {
                iArr[PairingResponseStatus.ChannelNotFound.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f4037a[PairingResponseStatus.PartnerDisconnected.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f4037a[PairingResponseStatus.PartnerDisconnectedWaitTimeExceeded.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    public SendNonceStateProcessor(@NonNull Executor executor, @NonNull ILogger iLogger, @NonNull PairingChannel pairingChannel, @NonNull NonceGenerator nonceGenerator, @NonNull PairingCeremonyData pairingCeremonyData, @NonNull PairingOption pairingOption, @NonNull PlatformConfiguration platformConfiguration) {
        super(PairingState.JOINER_SEND_NONCE, executor, platformConfiguration);
        this.log = new SendNonceStateProcessorLog(iLogger);
        this.pairingChannel = pairingChannel;
        this.selfNonce = nonceGenerator.generate();
        this.pairingCeremonyData = pairingCeremonyData;
        this.pairingOption = pairingOption;
    }

    private PairingResult checkResponseMessageOperation(@NonNull AsyncOperation<SendPairingMessageResponseMessage> asyncOperation, @NonNull TraceContext traceContext) {
        try {
            SendPairingMessageResponseMessage sendPairingMessageResponseMessage = asyncOperation.get();
            if (sendPairingMessageResponseMessage.pairingResponseStatus.equals(PairingResponseStatus.Success)) {
                return PairingResult.SUCCESS;
            }
            this.log.nonceResponseErrorException(new IllegalStateException(sendPairingMessageResponseMessage.failureReason), traceContext);
            int i2 = AnonymousClass2.f4037a[sendPairingMessageResponseMessage.pairingResponseStatus.ordinal()];
            if (i2 == 1) {
                return PairingResult.CHANNEL_NOT_FOUND;
            }
            if (i2 == 2) {
                this.shouldRetryAfterFailure = true;
                return PairingResult.PARTNER_DISCONNECTED;
            }
            if (i2 == 3) {
                return PairingResult.PARTNER_DISCONNECTED;
            }
            this.shouldRetryAfterFailure = true;
            return PairingResult.SEND_PAIR_MESSAGE_SERVICE_ERROR;
        } catch (InterruptedException | ExecutionException e2) {
            this.log.nonceResponseErrorException(e2, traceContext);
            this.shouldRetryAfterFailure = true;
            return ExceptionUtils.containsException(e2, HubSendException.class) ? PairingResult.NETWORK_UNAVAILABLE : PairingResult.CLIENT_UNKNOWN_ERROR;
        }
    }

    private void handlePartnerMessage(@NonNull AsyncOperation<PairingProcessResultWithDetail> asyncOperation, @NonNull CryptoInfoExchangeMessage cryptoInfoExchangeMessage, @NonNull TraceContext traceContext) {
        if (cryptoInfoExchangeMessage.pairingStatus == PairingStatus.Success) {
            validateCryptoJwt(cryptoInfoExchangeMessage, asyncOperation, traceContext);
            return;
        }
        IllegalStateException illegalStateException = new IllegalStateException(cryptoInfoExchangeMessage.pairingStatus.toString());
        this.log.partnerCryptoMessageError(illegalStateException, traceContext);
        asyncOperation.complete(PairingProcessResultWithDetail.failedWithThrowable(PairingProcessResultWithDetail.formatResultDetail(FailureMethodConstants.HANDLE_PARTNER_MESSAGE, "PairingStatusIsUnsuccessful"), PairingResult.CLIENT_UNKNOWN_ERROR, illegalStateException));
    }

    private void handleWaitForPartnerMessageException(@NonNull AsyncOperation<PairingProcessResultWithDetail> asyncOperation, @NonNull Exception exc, @NonNull AsyncOperation<SendPairingMessageResponseMessage> asyncOperation2, @NonNull TraceContext traceContext) {
        if (exc instanceof TimeoutException) {
            PairingResult handleWaitForPartnerMessageTimeoutException = handleWaitForPartnerMessageTimeoutException(asyncOperation2, traceContext);
            if (handleWaitForPartnerMessageTimeoutException.equals(PairingResult.TIMEOUT_ERROR)) {
                asyncOperation.complete(PairingProcessResultWithDetail.timeout(PairingProcessResultWithDetail.formatResultDetail(FailureMethodConstants.WAIT_FOR_PARTNER_MESSAGE, FailureReasonConstants.TIMEOUT_EXCEPTION), handleWaitForPartnerMessageTimeoutException));
                return;
            } else {
                asyncOperation.complete(PairingProcessResultWithDetail.failed(PairingProcessResultWithDetail.formatResultDetail("SendNonceMessage", FailureReasonConstants.TIMEOUT_EXCEPTION), handleWaitForPartnerMessageTimeoutException));
                return;
            }
        }
        if ((exc instanceof ExecutionException) || (exc instanceof InterruptedException)) {
            this.shouldRetryAfterFailure = true;
            asyncOperation.complete(PairingProcessResultWithDetail.failedWithThrowable(PairingProcessResultWithDetail.formatResultDetail(FailureMethodConstants.WAIT_FOR_PARTNER_MESSAGE, FailureReasonConstants.UNKNOWN_EXCEPTION), PairingResult.CLIENT_UNKNOWN_ERROR, exc));
        }
    }

    private PairingResult handleWaitForPartnerMessageTimeoutException(@NonNull AsyncOperation<SendPairingMessageResponseMessage> asyncOperation, @NonNull TraceContext traceContext) {
        if (!asyncOperation.isDone()) {
            return PairingResult.TIMEOUT_ERROR;
        }
        PairingResult checkResponseMessageOperation = checkResponseMessageOperation(asyncOperation, traceContext);
        return checkResponseMessageOperation.equals(PairingResult.SUCCESS) ? PairingResult.TIMEOUT_ERROR : checkResponseMessageOperation;
    }

    public static /* synthetic */ void lambda$processInternal$0(AsyncOperation asyncOperation, PairingResult pairingResult) {
        asyncOperation.complete(PairingProcessResultWithDetail.failedWithPartnerPairingResult(PairingProcessResultWithDetail.formatResultDetail(FailureMethodConstants.PROCESS_INTERNAL, FailureReasonConstants.PARTNER_EXITED), PairingResult.PARTNER_EXITED, pairingResult));
    }

    public /* synthetic */ void lambda$processInternal$1(IPairingPartnerListener iPairingPartnerListener, PairingProcessResultWithDetail pairingProcessResultWithDetail, Throwable th) throws Throwable {
        this.pairingChannel.removePartnerListener(iPairingPartnerListener);
    }

    @Nullable
    private List<X509Certificate> parseCertChain(Map<String, Object> map) {
        String str = (String) map.get("RootCertificateChain");
        try {
            List list = (List) new Gson().fromJson(str, new TypeToken<List<String>>(this) { // from class: com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.SendNonceStateProcessor.1
                public AnonymousClass1(SendNonceStateProcessor this) {
                }
            }.getType());
            LinkedList linkedList = new LinkedList();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                try {
                    linkedList.add(CertificateUtils.getDecodedCertFromB64((String) it.next()));
                } catch (CryptoException unused) {
                    return null;
                }
            }
            return linkedList;
        } catch (JsonParseException unused2) {
            return null;
        }
    }

    /* renamed from: sendNonceInner */
    public void lambda$processInternal$2(@NonNull AsyncOperation<PairingProcessResultWithDetail> asyncOperation, @NonNull TraceContext traceContext) {
        this.cryptoMessageOperation = this.pairingChannel.waitForCryptoInfoExchangeMessageAsync();
        waitForCryptoExchangeMessage(asyncOperation, this.pairingChannel.sendNonceMessageAsync(new NonceMessage(this.selfNonce, PairingStatus.Success), traceContext), traceContext);
    }

    private void validateCryptoJwt(@NonNull CryptoInfoExchangeMessage cryptoInfoExchangeMessage, @NonNull AsyncOperation<PairingProcessResultWithDetail> asyncOperation, @NonNull TraceContext traceContext) {
        try {
            validateCryptoJwt(cryptoInfoExchangeMessage.getJwt(), asyncOperation, traceContext);
        } catch (JOSEException | CertificateException | ParseException e2) {
            this.log.partnerCryptoMessageError(e2, traceContext);
            asyncOperation.complete(PairingProcessResultWithDetail.failedWithThrowable(PairingProcessResultWithDetail.formatResultDetail(FailureMethodConstants.VALID_CRYPTO_JWT, "ParseOrCertificateOrJOSEException"), PairingResult.CRYPTO_JWT_INVALID, e2));
        }
    }

    private void validateCryptoJwt(@NonNull String str, @NonNull AsyncOperation<PairingProcessResultWithDetail> asyncOperation, @NonNull TraceContext traceContext) throws ParseException, CertificateException, JOSEException {
        JWSObject parse = JWSObject.parse(str);
        Map<String, Object> jSONObject = parse.getPayload().toJSONObject();
        Map<String, Object> parse2 = JSONObjectUtils.parse((String) jSONObject.get("Data"));
        String str2 = (String) parse2.get("Nonce");
        if (!this.selfNonce.equals(str2)) {
            this.log.partnerCryptoMessageError(new SecurityException(a.a.r("validateCryptoJwt error mismatched: ", str2)), traceContext);
            asyncOperation.complete(PairingProcessResultWithDetail.failed(PairingProcessResultWithDetail.formatResultDetail(FailureMethodConstants.VALID_CRYPTO_JWT, "NonceInvalid"), PairingResult.NONCE_INVALID));
            return;
        }
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(Base64.decode((String) parse2.get("Certificate"), 0)));
        if (!parse.verify(new DefaultJWSVerifierFactory().createJWSVerifier(parse.getHeader(), x509Certificate.getPublicKey()))) {
            asyncOperation.complete(PairingProcessResultWithDetail.failed(PairingProcessResultWithDetail.formatResultDetail(FailureMethodConstants.VALID_CRYPTO_JWT, "VerifyFailed"), PairingResult.CRYPTO_JWT_INVALID));
            return;
        }
        String str3 = (String) jSONObject.get(MicrosoftIdToken.ISSUER);
        String clientIdFromCertificate = CryptoManager.getClientIdFromCertificate(x509Certificate);
        if (clientIdFromCertificate == null || !clientIdFromCertificate.equals(str3)) {
            SecurityException securityException = new SecurityException(String.format("validateCryptoJwt claims error iss %s, cid %s", str3, clientIdFromCertificate));
            this.log.partnerCryptoMessageError(securityException, traceContext);
            asyncOperation.complete(PairingProcessResultWithDetail.failedWithThrowable(PairingProcessResultWithDetail.formatResultDetail(FailureMethodConstants.VALID_CRYPTO_JWT, "NonceInvalid"), PairingResult.CRYPTO_JWT_INVALID, securityException));
            return;
        }
        this.pairingCeremonyData.setPartnerCertificate(x509Certificate);
        this.pairingCeremonyData.setPartnerClientId(str3);
        this.pairingCeremonyData.setPartnerNonce((String) parse2.get("NonceToSign"));
        if (this.pairingOption.getCryptoTrustType().equals(PairingCryptoTrustType.ROOT)) {
            List<X509Certificate> parseCertChain = parseCertChain(parse2);
            if (parseCertChain == null || parseCertChain.isEmpty()) {
                this.log.partnerCryptoMessageError(new SecurityException("validateCryptoJwtWithCertChain can't parse cert chain"), traceContext);
                asyncOperation.complete(PairingProcessResultWithDetail.failed(PairingProcessResultWithDetail.formatResultDetail("validateCryptoJwtWithCertChain", "PartnerCertChainInvalid"), PairingResult.CRYPTO_JWT_INVALID));
                return;
            }
            this.pairingCeremonyData.setPartnerCertificateChain(parseCertChain);
        }
        asyncOperation.complete(PairingProcessResultWithDetail.success());
    }

    private void waitForCryptoExchangeMessage(@NonNull AsyncOperation<PairingProcessResultWithDetail> asyncOperation, @NonNull AsyncOperation<SendPairingMessageResponseMessage> asyncOperation2, @NonNull TraceContext traceContext) {
        try {
            handlePartnerMessage(asyncOperation, this.cryptoMessageOperation.get(this.platformConfiguration.getWaitForPartnerMessageTimeoutInterval().getMillis(), TimeUnit.MILLISECONDS), traceContext);
        } catch (InterruptedException e2) {
            e = e2;
            this.log.partnerCryptoMessageError(e, traceContext);
            handleWaitForPartnerMessageException(asyncOperation, e, asyncOperation2, traceContext);
        } catch (CancellationException unused) {
            this.log.operationCanceledWhenGetCryptoMessage();
        } catch (ExecutionException e3) {
            e = e3;
            this.log.partnerCryptoMessageError(e, traceContext);
            handleWaitForPartnerMessageException(asyncOperation, e, asyncOperation2, traceContext);
        } catch (TimeoutException e4) {
            e = e4;
            this.log.partnerCryptoMessageError(e, traceContext);
            handleWaitForPartnerMessageException(asyncOperation, e, asyncOperation2, traceContext);
        }
    }

    @Override // com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.BasePairingStateProcessor, com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.IPairingStateProcessor
    public void cancelProcess() {
        AsyncOperation<CryptoInfoExchangeMessage> asyncOperation = this.cryptoMessageOperation;
        if (asyncOperation != null) {
            asyncOperation.cancel(true);
        }
        super.cancelProcess();
    }

    @Override // com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.BasePairingStateProcessor, com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.IPairingStateProcessor
    public /* bridge */ /* synthetic */ int getCurrentRetryCount() {
        return super.getCurrentRetryCount();
    }

    @Override // com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.BasePairingStateProcessor, com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.IPairingStateProcessor
    public /* bridge */ /* synthetic */ int getMaxRetryCount() {
        return super.getMaxRetryCount();
    }

    @Override // com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.BasePairingStateProcessor, com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.IPairingStateProcessor
    public Duration getTimeoutInterval() {
        return this.platformConfiguration.getExchangePairingMessageTimeoutInterval();
    }

    @Override // com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.BasePairingStateProcessor, com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.IPairingStateProcessor
    public boolean needRetryAfterFailure() {
        return this.shouldRetryAfterFailure;
    }

    @Override // com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.BasePairingStateProcessor, com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.IPairingStateProcessor
    public /* bridge */ /* synthetic */ boolean needRetryAfterTimeout() {
        return super.needRetryAfterTimeout();
    }

    @Override // com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.BasePairingStateProcessor, com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.IPairingStateProcessor
    public /* bridge */ /* synthetic */ AsyncOperation processAsync(@NonNull PairingStateMachine pairingStateMachine, @NonNull TraceContext traceContext) {
        return super.processAsync(pairingStateMachine, traceContext);
    }

    @Override // com.microsoft.mmx.agents.ypp.pairing.statemachine.processor.BasePairingStateProcessor
    public void processInternal(@NonNull PairingStateMachine pairingStateMachine, @NonNull AsyncOperation<PairingProcessResultWithDetail> asyncOperation, @NonNull TraceContext traceContext) {
        this.shouldRetryAfterFailure = false;
        e eVar = new e(asyncOperation, 3);
        this.pairingChannel.addPartnerListener(eVar);
        asyncOperation.whenComplete(new com.microsoft.appmanager.authenticate.b(this, eVar, 20));
        AsyncOperation.runAsync(new a(this, asyncOperation, traceContext, 4));
    }
}
