package de.rki.coronawarnapp.dccticketing.core.service.processor;

import de.rki.coronawarnapp.contactdiary.retention.ContactDiaryCleanTask$$ExternalSyntheticOutline0;
import de.rki.coronawarnapp.dccticketing.core.allowlist.data.DccTicketingValidationServiceAllowListEntry;
import de.rki.coronawarnapp.dccticketing.core.check.DccTicketingServerCertificateChecker;
import de.rki.coronawarnapp.dccticketing.core.server.DccTicketingServer;
import de.rki.coronawarnapp.dccticketing.core.server.DccTicketingServerParser;
import de.rki.coronawarnapp.dccticketing.core.transaction.DccJWK;
import de.rki.coronawarnapp.dccticketing.core.transaction.DccTicketingServiceIdentityDocument;
import de.rki.coronawarnapp.dccticketing.core.transaction.DccTicketingVerificationMethod;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import kotlin.collections.CollectionsKt___CollectionsKt;
import kotlin.collections.EmptySet;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Regex;
import okhttp3.ResponseBody;
import retrofit2.Response;
import timber.log.Timber;

/* compiled from: ValidationServiceRequestProcessor.kt */
/* loaded from: classes.dex */
public final class ValidationServiceRequestProcessor {
    public static final String TAG = ContactDiaryCleanTask$$ExternalSyntheticOutline0.m(ValidationServiceRequestProcessor.class);
    public final DccTicketingServer dccTicketingServer;
    public final DccTicketingServerParser dccTicketingServerParser;
    public final Regex regexRSAOAEPWithSHA256AESCBC;
    public final Regex regexRSAOAEPWithSHA256AESGCM;
    public final DccTicketingServerCertificateChecker serverCertificateChecker;

    /* compiled from: ValidationServiceRequestProcessor.kt */
    /* loaded from: classes.dex */
    public static final class ValidationServiceResult {
        public final Set<DccJWK> validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESCBC;
        public final Set<DccJWK> validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESGCM;
        public final Set<DccJWK> validationServiceSignKeyJwkSet;

        public ValidationServiceResult(Set<DccJWK> set, Set<DccJWK> set2, Set<DccJWK> set3) {
            this.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESCBC = set;
            this.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESGCM = set2;
            this.validationServiceSignKeyJwkSet = set3;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof ValidationServiceResult)) {
                return false;
            }
            ValidationServiceResult validationServiceResult = (ValidationServiceResult) obj;
            return Intrinsics.areEqual(this.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESCBC, validationServiceResult.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESCBC) && Intrinsics.areEqual(this.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESGCM, validationServiceResult.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESGCM) && Intrinsics.areEqual(this.validationServiceSignKeyJwkSet, validationServiceResult.validationServiceSignKeyJwkSet);
        }

        public int hashCode() {
            return this.validationServiceSignKeyJwkSet.hashCode() + ((this.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESGCM.hashCode() + (this.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESCBC.hashCode() * 31)) * 31);
        }

        public String toString() {
            return "ValidationServiceResult(validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESCBC=" + this.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESCBC + ", validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESGCM=" + this.validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESGCM + ", validationServiceSignKeyJwkSet=" + this.validationServiceSignKeyJwkSet + ")";
        }
    }

    public ValidationServiceRequestProcessor(DccTicketingServer dccTicketingServer, DccTicketingServerCertificateChecker serverCertificateChecker, DccTicketingServerParser dccTicketingServerParser) {
        Intrinsics.checkNotNullParameter(dccTicketingServer, "dccTicketingServer");
        Intrinsics.checkNotNullParameter(serverCertificateChecker, "serverCertificateChecker");
        Intrinsics.checkNotNullParameter(dccTicketingServerParser, "dccTicketingServerParser");
        this.dccTicketingServer = dccTicketingServer;
        this.serverCertificateChecker = serverCertificateChecker;
        this.dccTicketingServerParser = dccTicketingServerParser;
        this.regexRSAOAEPWithSHA256AESCBC = new Regex("ValidationServiceEncScheme-RSAOAEPWithSHA256AESCBC$");
        this.regexRSAOAEPWithSHA256AESGCM = new Regex("ValidationServiceEncScheme-RSAOAEPWithSHA256AESGCM$");
    }

    public final Set<DccJWK> findValidationServiceEncKeyJwkSet(DccTicketingServiceIdentityDocument dccTicketingServiceIdentityDocument, Set<String> set) {
        Timber.Forest forest = Timber.Forest;
        forest.tag(TAG);
        forest.d("findValidationServiceEncKeyJwkSet=%s", set);
        List<DccTicketingVerificationMethod> verificationMethod = dccTicketingServiceIdentityDocument.getVerificationMethod();
        ArrayList arrayList = new ArrayList();
        for (Object obj : verificationMethod) {
            if (set.contains(((DccTicketingVerificationMethod) obj).getId())) {
                arrayList.add(obj);
            }
        }
        ArrayList arrayList2 = new ArrayList();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            DccJWK publicKeyJwk = ((DccTicketingVerificationMethod) it.next()).getPublicKeyJwk();
            if (publicKeyJwk != null) {
                arrayList2.add(publicKeyJwk);
            }
        }
        return CollectionsKt___CollectionsKt.toSet(arrayList2);
    }

    public final Set<String> findVerificationMethods(DccTicketingServiceIdentityDocument dccTicketingServiceIdentityDocument, Regex regex) {
        Set<String> set;
        Object obj;
        List<String> verificationMethods;
        Timber.Forest forest = Timber.Forest;
        forest.tag(TAG);
        forest.d("findVerificationMethods(forRegex=%s)", regex);
        Iterator<T> it = dccTicketingServiceIdentityDocument.getVerificationMethod().iterator();
        while (true) {
            set = null;
            if (!it.hasNext()) {
                obj = null;
                break;
            }
            obj = it.next();
            String input = ((DccTicketingVerificationMethod) obj).getId();
            Objects.requireNonNull(regex);
            Intrinsics.checkNotNullParameter(input, "input");
            if (regex.nativePattern.matcher(input).find()) {
                break;
            }
        }
        DccTicketingVerificationMethod dccTicketingVerificationMethod = (DccTicketingVerificationMethod) obj;
        if (dccTicketingVerificationMethod != null && (verificationMethods = dccTicketingVerificationMethod.getVerificationMethods()) != null) {
            set = CollectionsKt___CollectionsKt.toSet(verificationMethods);
        }
        return set == null ? EmptySet.INSTANCE : set;
    }

    /* JADX WARN: Removed duplicated region for block: B:18:0x003c  */
    /* JADX WARN: Removed duplicated region for block: B:9:0x0025  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final java.lang.Object getServiceIdentityDocument(java.lang.String r10, java.util.Set<de.rki.coronawarnapp.dccticketing.core.allowlist.data.DccTicketingValidationServiceAllowListEntry> r11, kotlin.coroutines.Continuation<? super de.rki.coronawarnapp.dccticketing.core.transaction.DccTicketingServiceIdentityDocument> r12) {
        /*
            Method dump skipped, instructions count: 214
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor.getServiceIdentityDocument(java.lang.String, java.util.Set, kotlin.coroutines.Continuation):java.lang.Object");
    }

    /* JADX WARN: Removed duplicated region for block: B:21:0x0034  */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0022  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final java.lang.Object requestValidationService(de.rki.coronawarnapp.dccticketing.core.transaction.DccTicketingService r6, java.util.Set<de.rki.coronawarnapp.dccticketing.core.transaction.DccJWK> r7, java.util.Set<de.rki.coronawarnapp.dccticketing.core.allowlist.data.DccTicketingValidationServiceAllowListEntry> r8, kotlin.coroutines.Continuation<? super de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor.ValidationServiceResult> r9) throws de.rki.coronawarnapp.dccticketing.core.common.DccTicketingException {
        /*
            r5 = this;
            boolean r0 = r9 instanceof de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor$requestValidationService$1
            if (r0 == 0) goto L13
            r0 = r9
            de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor$requestValidationService$1 r0 = (de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor$requestValidationService$1) r0
            int r1 = r0.label
            r2 = -2147483648(0xffffffff80000000, float:-0.0)
            r3 = r1 & r2
            if (r3 == 0) goto L13
            int r1 = r1 - r2
            r0.label = r1
            goto L18
        L13:
            de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor$requestValidationService$1 r0 = new de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor$requestValidationService$1
            r0.<init>(r5, r9)
        L18:
            java.lang.Object r9 = r0.result
            kotlin.coroutines.intrinsics.CoroutineSingletons r1 = kotlin.coroutines.intrinsics.CoroutineSingletons.COROUTINE_SUSPENDED
            int r2 = r0.label
            r3 = 0
            r4 = 1
            if (r2 == 0) goto L34
            if (r2 != r4) goto L2c
            java.lang.Object r6 = r0.L$0
            de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor r6 = (de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor) r6
            kotlin.ResultKt.throwOnFailure(r9)
            goto L5d
        L2c:
            java.lang.IllegalStateException r6 = new java.lang.IllegalStateException
            java.lang.String r7 = "call to 'resume' before 'invoke' with coroutine"
            r6.<init>(r7)
            throw r6
        L34:
            kotlin.ResultKt.throwOnFailure(r9)
            timber.log.Timber$Forest r9 = timber.log.Timber.Forest
            java.lang.String r2 = de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor.TAG
            r9.tag(r2)
            r2 = 3
            java.lang.Object[] r2 = new java.lang.Object[r2]
            r2[r3] = r6
            r2[r4] = r7
            r7 = 2
            r2[r7] = r8
            java.lang.String r7 = "requestValidationService(validationService=%s, validationServiceJwkSet=%s, validationServiceAllowList=%s)"
            r9.d(r7, r2)
            java.lang.String r6 = r6.getServiceEndpoint()
            r0.L$0 = r5
            r0.label = r4
            java.lang.Object r9 = r5.getServiceIdentityDocument(r6, r8, r0)
            if (r9 != r1) goto L5c
            return r1
        L5c:
            r6 = r5
        L5d:
            de.rki.coronawarnapp.dccticketing.core.transaction.DccTicketingServiceIdentityDocument r9 = (de.rki.coronawarnapp.dccticketing.core.transaction.DccTicketingServiceIdentityDocument) r9
            de.rki.coronawarnapp.dccticketing.core.common.DccTicketingException$ErrorCode r7 = de.rki.coronawarnapp.dccticketing.core.common.DccTicketingException.ErrorCode.VS_ID_EMPTY_X5C
            de.rki.coronawarnapp.dccticketing.core.service.processor.DccTicketingRequestServiceHelpersKt.verifyJwks(r9, r7)
            kotlin.text.Regex r7 = r6.regexRSAOAEPWithSHA256AESCBC
            java.util.Set r7 = r6.findVerificationMethods(r9, r7)
            java.util.Set r7 = r6.findValidationServiceEncKeyJwkSet(r9, r7)
            timber.log.Timber$Forest r8 = timber.log.Timber.Forest
            java.lang.String r0 = de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor.TAG
            r8.tag(r0)
            java.lang.Object[] r1 = new java.lang.Object[r4]
            r1[r3] = r7
            java.lang.String r2 = "validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESCBC=%s"
            r8.d(r2, r1)
            kotlin.text.Regex r1 = r6.regexRSAOAEPWithSHA256AESGCM
            java.util.Set r1 = r6.findVerificationMethods(r9, r1)
            java.util.Set r6 = r6.findValidationServiceEncKeyJwkSet(r9, r1)
            r8.tag(r0)
            java.lang.Object[] r1 = new java.lang.Object[r4]
            r1[r3] = r6
            java.lang.String r2 = "validationServiceEncKeyJwkSetForRSAOAEPWithSHA256AESGCM=%s"
            r8.d(r2, r1)
            boolean r1 = r7.isEmpty()
            if (r1 == 0) goto Lb6
            boolean r1 = r6.isEmpty()
            if (r1 != 0) goto La3
            goto Lb6
        La3:
            r8.tag(r0)
            java.lang.Object[] r6 = new java.lang.Object[r3]
            java.lang.String r7 = "Didn't find encryption keys, aborting"
            r8.d(r7, r6)
            de.rki.coronawarnapp.dccticketing.core.common.DccTicketingException r6 = new de.rki.coronawarnapp.dccticketing.core.common.DccTicketingException
            de.rki.coronawarnapp.dccticketing.core.common.DccTicketingException$ErrorCode r7 = de.rki.coronawarnapp.dccticketing.core.common.DccTicketingException.ErrorCode.VS_ID_NO_ENC_KEY
            r8 = 0
            r6.<init>(r7, r8)
            throw r6
        Lb6:
            de.rki.coronawarnapp.dccticketing.core.service.processor.JwkSetType r1 = de.rki.coronawarnapp.dccticketing.core.service.processor.JwkSetType.ValidationServiceSignKeyJwkSet
            java.util.Set r9 = de.rki.coronawarnapp.dccticketing.core.service.processor.DccTicketingRequestServiceHelpersKt.findJwkSet(r9, r1)
            de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor$ValidationServiceResult r1 = new de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor$ValidationServiceResult
            r1.<init>(r7, r6, r9)
            r8.tag(r0)
            java.lang.Object[] r6 = new java.lang.Object[r4]
            r6[r3] = r1
            java.lang.String r7 = "Returning %s"
            r8.d(r7, r6)
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: de.rki.coronawarnapp.dccticketing.core.service.processor.ValidationServiceRequestProcessor.requestValidationService(de.rki.coronawarnapp.dccticketing.core.transaction.DccTicketingService, java.util.Set, java.util.Set, kotlin.coroutines.Continuation):java.lang.Object");
    }

    public final void validateAgainstAllowlist(Response<ResponseBody> response, Set<DccTicketingValidationServiceAllowListEntry> set) {
        Timber.Forest forest = Timber.Forest;
        forest.tag(TAG);
        forest.d("Validating response against allow list=%s", set);
        DccTicketingServerCertificateChecker dccTicketingServerCertificateChecker = this.serverCertificateChecker;
        okhttp3.Response response2 = response.rawResponse;
        Intrinsics.checkNotNullExpressionValue(response2, "raw()");
        dccTicketingServerCertificateChecker.checkCertificateAgainstAllowlist(response2, set);
    }
}
