package com.google.bitcoin.protocols.payments;

import ch.qos.logback.core.net.ssl.SSL;
import com.google.bitcoin.core.Address;
import com.google.bitcoin.core.NetworkParameters;
import com.google.bitcoin.core.Transaction;
import com.google.bitcoin.core.TransactionOutput;
import com.google.bitcoin.core.VerificationException;
import com.google.bitcoin.core.Wallet;
import com.google.bitcoin.params.MainNetParams;
import com.google.bitcoin.protocols.payments.PaymentRequestException;
import com.google.bitcoin.script.ScriptBuilder;
import com.google.bitcoin.uri.BitcoinURI;
import com.google.bitcoin.utils.Threading;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Joiner;
import com.google.common.collect.Lists;
import com.google.common.net.HttpHeaders;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.ListeningExecutorService;
import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import de.schildbach.wallet.util.PaymentProtocol;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.math.BigInteger;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.Callable;
import javax.annotation.Nullable;
import org.bitcoin.protocols.payments.Protos;
import org.spongycastle.asn1.ASN1String;
import org.spongycastle.asn1.x500.AttributeTypeAndValue;
import org.spongycastle.asn1.x500.RDN;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.style.RFC4519Style;

/* loaded from: classes.dex */
public class PaymentSession {
    private static ListeningExecutorService executor = Threading.THREAD_POOL;
    private NetworkParameters params;
    private Protos.PaymentDetails paymentDetails;
    private Protos.PaymentRequest paymentRequest;
    public PkiVerificationData pkiVerificationData;
    private BigInteger totalValue = BigInteger.ZERO;
    private String trustStorePath;

    /* loaded from: classes.dex */
    public class Ack {

        @Nullable
        private String memo;

        Ack(@Nullable String str) {
            this.memo = str;
        }

        @Nullable
        public String getMemo() {
            return this.memo;
        }
    }

    /* loaded from: classes.dex */
    public static class PkiVerificationData {
        public final PublicKey merchantSigningKey;
        public final String name;
        public final String orgName;
        public final TrustAnchor rootAuthority;
        public final String rootAuthorityName;

        private PkiVerificationData(@Nullable String str, @Nullable String str2, PublicKey publicKey, TrustAnchor trustAnchor) throws PaymentRequestException.PkiVerificationException {
            this.name = str;
            this.orgName = str2;
            this.merchantSigningKey = publicKey;
            this.rootAuthority = trustAnchor;
            this.rootAuthorityName = getNameFromCert(trustAnchor);
        }

        @Nullable
        private String getNameFromCert(TrustAnchor trustAnchor) throws PaymentRequestException.PkiVerificationException {
            String str = null;
            String str2 = null;
            String str3 = null;
            String str4 = null;
            for (RDN rdn : new X500Name(trustAnchor.getTrustedCert().getSubjectX500Principal().getName()).getRDNs()) {
                AttributeTypeAndValue first = rdn.getFirst();
                String string = ((ASN1String) first.getValue()).getString();
                if (first.getType().equals(RFC4519Style.cn)) {
                    str = string;
                } else if (first.getType().equals(RFC4519Style.o)) {
                    str2 = string;
                } else if (first.getType().equals(RFC4519Style.l)) {
                    str3 = string;
                } else if (first.getType().equals(RFC4519Style.c)) {
                    str4 = string;
                }
            }
            return str2 != null ? Joiner.on(", ").skipNulls().join(str2, str3, str4) : str;
        }
    }

    public PaymentSession(Protos.PaymentRequest paymentRequest) throws PaymentRequestException {
        parsePaymentRequest(paymentRequest);
        verifyPki();
    }

    public PaymentSession(Protos.PaymentRequest paymentRequest, boolean z) throws PaymentRequestException {
        parsePaymentRequest(paymentRequest);
        if (z) {
            verifyPki();
        }
    }

    public PaymentSession(Protos.PaymentRequest paymentRequest, boolean z, @Nullable String str) throws PaymentRequestException {
        this.trustStorePath = str;
        parsePaymentRequest(paymentRequest);
        if (z) {
            verifyPki();
        }
    }

    public static ListenableFuture<PaymentSession> createFromBitcoinUri(BitcoinURI bitcoinURI) throws PaymentRequestException {
        return createFromBitcoinUri(bitcoinURI, true, null);
    }

    public static ListenableFuture<PaymentSession> createFromBitcoinUri(BitcoinURI bitcoinURI, boolean z) throws PaymentRequestException {
        return createFromBitcoinUri(bitcoinURI, z, null);
    }

    public static ListenableFuture<PaymentSession> createFromBitcoinUri(BitcoinURI bitcoinURI, boolean z, @Nullable String str) throws PaymentRequestException {
        String paymentRequestUrl = bitcoinURI.getPaymentRequestUrl();
        if (paymentRequestUrl == null) {
            throw new PaymentRequestException.InvalidPaymentRequestURL("No payment request URL (r= parameter) in BitcoinURI " + bitcoinURI);
        }
        try {
            return fetchPaymentRequest(new URI(paymentRequestUrl), z, str);
        } catch (URISyntaxException e) {
            throw new PaymentRequestException.InvalidPaymentRequestURL(e);
        }
    }

    public static ListenableFuture<PaymentSession> createFromUrl(String str) throws PaymentRequestException {
        return createFromUrl(str, true, null);
    }

    public static ListenableFuture<PaymentSession> createFromUrl(String str, boolean z) throws PaymentRequestException {
        return createFromUrl(str, z, null);
    }

    public static ListenableFuture<PaymentSession> createFromUrl(String str, boolean z, @Nullable String str2) throws PaymentRequestException {
        if (str == null) {
            throw new PaymentRequestException.InvalidPaymentRequestURL("null paymentRequestUrl");
        }
        try {
            return fetchPaymentRequest(new URI(str), z, str2);
        } catch (URISyntaxException e) {
            throw new PaymentRequestException.InvalidPaymentRequestURL(e);
        }
    }

    private KeyStore createKeyStore(@Nullable String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        Class<?> cls;
        String defaultType = KeyStore.getDefaultType();
        char[] charArray = SSL.DEFAULT_KEYSTORE_PASSWORD.toCharArray();
        if (str != null) {
            KeyStore keyStore = KeyStore.getInstance(defaultType);
            keyStore.load(new FileInputStream(str), charArray);
            return keyStore;
        }
        try {
            cls = Class.forName("android.os.Build$VERSION");
        } catch (ClassNotFoundException e) {
        } catch (IllegalAccessException e2) {
            throw new RuntimeException(e2);
        } catch (NoSuchFieldException e3) {
            throw new RuntimeException(e3);
        }
        if (cls.getDeclaredField("SDK_INT").getInt(cls) >= 14) {
            KeyStore keyStore2 = KeyStore.getInstance("AndroidCAStore");
            keyStore2.load(null, null);
            return keyStore2;
        }
        defaultType = "BKS";
        str = System.getProperty("java.home") + "/etc/security/cacerts.bks".replace('/', File.separatorChar);
        if (str == null) {
            str = System.getProperty("javax.net.ssl.trustStore");
        }
        if (str == null) {
            str = System.getProperty("java.home") + "/lib/security/cacerts".replace('/', File.separatorChar);
        }
        try {
            KeyStore keyStore3 = KeyStore.getInstance(defaultType);
            keyStore3.load(new FileInputStream(str), charArray);
            return keyStore3;
        } catch (FileNotFoundException e4) {
            KeyStore keyStore4 = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
            keyStore4.load(getClass().getResourceAsStream("cacerts"), charArray);
            return keyStore4;
        }
    }

    private static ListenableFuture<PaymentSession> fetchPaymentRequest(final URI uri, final boolean z, @Nullable final String str) {
        return executor.submit((Callable) new Callable<PaymentSession>() { // from class: com.google.bitcoin.protocols.payments.PaymentSession.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public PaymentSession call() throws Exception {
                HttpURLConnection httpURLConnection = (HttpURLConnection) uri.toURL().openConnection();
                httpURLConnection.setRequestProperty(HttpHeaders.ACCEPT, PaymentProtocol.MIMETYPE_PAYMENTREQUEST);
                httpURLConnection.setUseCaches(false);
                return new PaymentSession(Protos.PaymentRequest.parseFrom(httpURLConnection.getInputStream()), z, str);
            }
        });
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void parsePaymentRequest(Protos.PaymentRequest paymentRequest) throws PaymentRequestException {
        try {
            if (paymentRequest == null) {
                throw new PaymentRequestException("request cannot be null");
            }
            if (paymentRequest.getPaymentDetailsVersion() != 1) {
                throw new PaymentRequestException.InvalidVersion("Version 1 required. Received version " + paymentRequest.getPaymentDetailsVersion());
            }
            this.paymentRequest = paymentRequest;
            if (!paymentRequest.hasSerializedPaymentDetails()) {
                throw new PaymentRequestException("No PaymentDetails");
            }
            this.paymentDetails = ((Protos.PaymentDetails.Builder) Protos.PaymentDetails.newBuilder().mergeFrom(paymentRequest.getSerializedPaymentDetails())).build();
            if (this.paymentDetails == null) {
                throw new PaymentRequestException("Invalid PaymentDetails");
            }
            if (this.paymentDetails.hasNetwork()) {
                this.params = NetworkParameters.fromPmtProtocolID(this.paymentDetails.getNetwork());
            } else {
                this.params = MainNetParams.get();
            }
            if (this.params == null) {
                throw new PaymentRequestException.InvalidNetwork("Invalid network " + this.paymentDetails.getNetwork());
            }
            if (this.paymentDetails.getOutputsCount() < 1) {
                throw new PaymentRequestException.InvalidOutputs("No outputs");
            }
            for (Protos.Output output : this.paymentDetails.getOutputsList()) {
                if (output.hasAmount()) {
                    this.totalValue = this.totalValue.add(BigInteger.valueOf(output.getAmount()));
                }
            }
            if (this.totalValue.compareTo(NetworkParameters.MAX_MONEY) > 0) {
                throw new PaymentRequestException.InvalidOutputs("The outputs are way too big.");
            }
        } catch (InvalidProtocolBufferException e) {
            throw new PaymentRequestException(e);
        }
    }

    public Date getDate() {
        return new Date(this.paymentDetails.getTime() * 1000);
    }

    @Nullable
    public String getMemo() {
        if (this.paymentDetails.hasMemo()) {
            return this.paymentDetails.getMemo();
        }
        return null;
    }

    @Nullable
    public Protos.Payment getPayment(List<Transaction> list, @Nullable Address address, @Nullable String str) throws IOException {
        if (!this.paymentDetails.hasPaymentUrl()) {
            return null;
        }
        Protos.Payment.Builder newBuilder = Protos.Payment.newBuilder();
        if (this.paymentDetails.hasMerchantData()) {
            newBuilder.setMerchantData(this.paymentDetails.getMerchantData());
        }
        if (address != null) {
            Protos.Output.Builder newBuilder2 = Protos.Output.newBuilder();
            newBuilder2.setAmount(this.totalValue.longValue());
            newBuilder2.setScript(ByteString.copyFrom(ScriptBuilder.createOutputScript(address).getProgram()));
            newBuilder.addRefundTo(newBuilder2);
        }
        if (str != null) {
            newBuilder.setMemo(str);
        }
        for (Transaction transaction : list) {
            transaction.verify();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            transaction.bitcoinSerialize(byteArrayOutputStream);
            newBuilder.addTransactions(ByteString.copyFrom(byteArrayOutputStream.toByteArray()));
        }
        return newBuilder.build();
    }

    public Protos.PaymentDetails getPaymentDetails() {
        return this.paymentDetails;
    }

    public Protos.PaymentRequest getPaymentRequest() {
        return this.paymentRequest;
    }

    @Nullable
    public String getPaymentUrl() {
        if (this.paymentDetails.hasPaymentUrl()) {
            return this.paymentDetails.getPaymentUrl();
        }
        return null;
    }

    public Wallet.SendRequest getSendRequest() {
        Transaction transaction = new Transaction(this.params);
        for (Protos.Output output : this.paymentDetails.getOutputsList()) {
            transaction.addOutput(new TransactionOutput(this.params, transaction, BigInteger.valueOf(output.getAmount()), output.getScript().toByteArray()));
        }
        return Wallet.SendRequest.forTx(transaction);
    }

    public BigInteger getValue() {
        return this.totalValue;
    }

    public boolean isExpired() {
        return this.paymentDetails.hasExpires() && System.currentTimeMillis() / 1000 > this.paymentDetails.getExpires();
    }

    @VisibleForTesting
    protected ListenableFuture<Ack> sendPayment(final URL url, final Protos.Payment payment) {
        return executor.submit((Callable) new Callable<Ack>() { // from class: com.google.bitcoin.protocols.payments.PaymentSession.2
            /* JADX WARN: Can't rename method to resolve collision */
            /* JADX WARN: Multi-variable type inference failed */
            @Override // java.util.concurrent.Callable
            public Ack call() throws Exception {
                HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
                httpURLConnection.setRequestMethod("POST");
                httpURLConnection.setRequestProperty(HttpHeaders.CONTENT_TYPE, PaymentProtocol.MIMETYPE_PAYMENT);
                httpURLConnection.setRequestProperty(HttpHeaders.ACCEPT, PaymentProtocol.MIMETYPE_PAYMENTACK);
                httpURLConnection.setRequestProperty(HttpHeaders.CONTENT_LENGTH, Integer.toString(payment.getSerializedSize()));
                httpURLConnection.setUseCaches(false);
                httpURLConnection.setDoInput(true);
                httpURLConnection.setDoOutput(true);
                DataOutputStream dataOutputStream = new DataOutputStream(httpURLConnection.getOutputStream());
                payment.writeTo(dataOutputStream);
                dataOutputStream.flush();
                dataOutputStream.close();
                Protos.PaymentACK build = ((Protos.PaymentACK.Builder) Protos.PaymentACK.newBuilder().mergeFrom(httpURLConnection.getInputStream())).build();
                return new Ack(build.hasMemo() ? build.getMemo() : null);
            }
        });
    }

    @Nullable
    public ListenableFuture<Ack> sendPayment(List<Transaction> list, @Nullable Address address, @Nullable String str) throws PaymentRequestException, VerificationException, IOException {
        Protos.Payment payment = getPayment(list, address, str);
        if (payment == null) {
            return null;
        }
        if (isExpired()) {
            throw new PaymentRequestException.Expired("PaymentRequest is expired");
        }
        try {
            return sendPayment(new URL(this.paymentDetails.getPaymentUrl()), payment);
        } catch (MalformedURLException e) {
            throw new PaymentRequestException.InvalidPaymentURL(e);
        }
    }

    @Nullable
    public PkiVerificationData verifyPki() throws PaymentRequestException {
        String str;
        try {
            if (this.pkiVerificationData != null) {
                return this.pkiVerificationData;
            }
            if (this.paymentRequest.getPkiType().equals("none")) {
                return null;
            }
            if (this.paymentRequest.getPkiType().equals("x509+sha256")) {
                str = "SHA256withRSA";
            } else {
                if (!this.paymentRequest.getPkiType().equals("x509+sha1")) {
                    throw new PaymentRequestException.InvalidPkiType("Unsupported PKI type: " + this.paymentRequest.getPkiType());
                }
                str = "SHA1withRSA";
            }
            Protos.X509Certificates parseFrom = Protos.X509Certificates.parseFrom(this.paymentRequest.getPkiData());
            if (parseFrom.getCertificateCount() == 0) {
                throw new PaymentRequestException.InvalidPkiData("No certificates provided in message: server config error");
            }
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            ArrayList newArrayList = Lists.newArrayList();
            Iterator<ByteString> it = parseFrom.getCertificateList().iterator();
            while (it.hasNext()) {
                newArrayList.add((X509Certificate) certificateFactory.generateCertificate(it.next().newInput()));
            }
            CertPath generateCertPath = certificateFactory.generateCertPath(newArrayList);
            PKIXParameters pKIXParameters = new PKIXParameters(createKeyStore(this.trustStorePath));
            pKIXParameters.setRevocationEnabled(false);
            PKIXCertPathValidatorResult pKIXCertPathValidatorResult = (PKIXCertPathValidatorResult) CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
            PublicKey publicKey = pKIXCertPathValidatorResult.getPublicKey();
            Signature signature = Signature.getInstance(str);
            signature.initVerify(publicKey);
            Protos.PaymentRequest.Builder builder = this.paymentRequest.toBuilder();
            builder.setSignature(ByteString.EMPTY);
            signature.update(builder.build().toByteArray());
            if (!signature.verify(this.paymentRequest.getSignature().toByteArray())) {
                throw new PaymentRequestException.PkiVerificationException("Invalid signature, this payment request is not valid.");
            }
            String str2 = null;
            String str3 = null;
            for (RDN rdn : new X500Name(((X509Certificate) newArrayList.get(0)).getSubjectX500Principal().getName()).getRDNs()) {
                AttributeTypeAndValue first = rdn.getFirst();
                if (first.getType().equals(RFC4519Style.cn)) {
                    str2 = ((ASN1String) first.getValue()).getString();
                } else if (first.getType().equals(RFC4519Style.o)) {
                    str3 = ((ASN1String) first.getValue()).getString();
                }
            }
            if (str2 == null && str3 == null) {
                throw new PaymentRequestException.PkiVerificationException("Invalid certificate, no CN or O fields");
            }
            PkiVerificationData pkiVerificationData = new PkiVerificationData(str2, str3, publicKey, pKIXCertPathValidatorResult.getTrustAnchor());
            this.pkiVerificationData = pkiVerificationData;
            return pkiVerificationData;
        } catch (InvalidProtocolBufferException e) {
            throw new PaymentRequestException.InvalidPkiData(e);
        } catch (IOException e2) {
            throw new PaymentRequestException.PkiVerificationException(e2);
        } catch (InvalidAlgorithmParameterException e3) {
            throw new RuntimeException(e3);
        } catch (InvalidKeyException e4) {
            throw new PaymentRequestException.PkiVerificationException(e4);
        } catch (KeyStoreException e5) {
            throw new RuntimeException(e5);
        } catch (NoSuchAlgorithmException e6) {
            throw new RuntimeException(e6);
        } catch (SignatureException e7) {
            throw new PaymentRequestException.PkiVerificationException(e7);
        } catch (CertPathValidatorException e8) {
            throw new PaymentRequestException.PkiVerificationException(e8);
        } catch (CertificateException e9) {
            throw new PaymentRequestException.PkiVerificationException(e9);
        }
    }
}
