package com.squareup.cash.e2ee.signature.generator;

import app.cash.trifle.CertificateRequest$PKCS10Request;
import app.cash.trifle.KeyHandle;
import app.cash.trifle.protos.api.alpha.MobileCertificateRequest;
import app.cash.trifle.signers.jca.JCAContentSigner;
import com.fillr.v1;
import com.fillr.x0;
import com.google.android.gms.safetynet.SafetyNet;
import com.squareup.cash.api.ApiResult;
import com.squareup.cash.e2ee.signature.Signature;
import com.squareup.cash.e2ee.trifle.RealTrifleService;
import com.squareup.protos.cash.deviceintegritly.api.GetSignedCertificateRequest;
import com.squareup.protos.cash.deviceintegritly.api.GetSignedCertificateResponse;
import java.security.KeyPair;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import kotlin.NoWhenBranchMatchedException;
import kotlin.ResultKt;
import kotlin.Unit;
import kotlin.collections.CollectionsKt__IterablesKt;
import kotlin.coroutines.Continuation;
import kotlin.coroutines.intrinsics.CoroutineSingletons;
import kotlin.coroutines.jvm.internal.SuspendLambda;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import kotlinx.coroutines.CoroutineScope;
import okhttp3.HttpUrl;
import okio.ByteString;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;

/* loaded from: classes7.dex */
public final class SignatureGenerator$generate$2 extends SuspendLambda implements Function2 {
    public byte[] L$0;
    public int label;
    public final /* synthetic */ SignatureGenerator this$0;

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public SignatureGenerator$generate$2(SignatureGenerator signatureGenerator, Continuation continuation) {
        super(2, continuation);
        this.this$0 = signatureGenerator;
    }

    @Override // kotlin.coroutines.jvm.internal.BaseContinuationImpl
    public final Continuation create(Object obj, Continuation continuation) {
        return new SignatureGenerator$generate$2(this.this$0, continuation);
    }

    @Override // kotlin.jvm.functions.Function2
    public final Object invoke(Object obj, Object obj2) {
        return ((SignatureGenerator$generate$2) create((CoroutineScope) obj, (Continuation) obj2)).invokeSuspend(Unit.INSTANCE);
    }

    @Override // kotlin.coroutines.jvm.internal.BaseContinuationImpl
    public final Object invokeSuspend(Object obj) {
        byte[] bArr;
        CoroutineSingletons coroutineSingletons = CoroutineSingletons.COROUTINE_SUSPENDED;
        int i = this.label;
        SignatureGenerator signatureGenerator = this.this$0;
        if (i == 0) {
            ResultKt.throwOnFailure(obj);
            RealTrifleService realTrifleService = signatureGenerator.trifleService;
            realTrifleService.getClass();
            Intrinsics.checkNotNullParameter("E2EE_cert_singing_alias", "alias");
            v1 v1Var = realTrifleService.trifle;
            v1Var.getClass();
            KeyStore keyStore = KeyHandle.KEY_STORE;
            String reverseDomain = v1Var.a;
            Intrinsics.checkNotNullParameter(reverseDomain, "reverseDomain");
            byte[] key = new KeyHandle(reverseDomain + ".sign." + UUID.randomUUID()).tag.getBytes(Charsets.UTF_8);
            Intrinsics.checkNotNullExpressionValue(key, "this as java.lang.String).getBytes(charset)");
            RealTrifleService realTrifleService2 = signatureGenerator.trifleService;
            realTrifleService2.getClass();
            Intrinsics.checkNotNullParameter("E2EE_cert_singing_entity", "entity");
            Intrinsics.checkNotNullParameter(key, "key");
            v1 v1Var2 = realTrifleService2.trifle;
            KeyHandle keyHandle = SafetyNet.toKeyHandle(key);
            v1Var2.getClass();
            Intrinsics.checkNotNullParameter("E2EE_cert_singing_entity", "entity");
            Intrinsics.checkNotNullParameter(keyHandle, "keyHandle");
            KeyPair keyPair = (KeyPair) keyHandle.keyPair$delegate.getValue();
            Intrinsics.checkNotNullParameter(keyPair, "keyPair");
            x0 x0Var = new x0(new JCAContentSigner(keyPair));
            Intrinsics.checkNotNullParameter("E2EE_cert_singing_entity", "entityName");
            X500Name x500Name = new X500Name("CN=E2EE_cert_singing_entity");
            SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(((JCAContentSigner) x0Var.a).keyPair.getPublic().getEncoded());
            Intrinsics.checkNotNullExpressionValue(subjectPublicKeyInfo, "getInstance(\n      keyPair.public.encoded\n    )");
            PKCS10CertificationRequest build = new PKCS10CertificationRequestBuilder(x500Name, subjectPublicKeyInfo).build((JCAContentSigner) x0Var.a);
            ByteString byteString = ByteString.EMPTY;
            byte[] encoded = build.getEncoded();
            Intrinsics.checkNotNullExpressionValue(encoded, "pkcS10CertificationRequest.encoded");
            byte[] encoded2 = new CertificateRequest$PKCS10Request(HttpUrl.Companion.of$default(encoded)).pkcs10Req.getEncoded();
            Intrinsics.checkNotNullExpressionValue(encoded2, "pkcs10Req.encoded");
            ByteString of$default = HttpUrl.Companion.of$default(encoded2);
            ByteString byteString2 = ByteString.EMPTY;
            GetSignedCertificateRequest getSignedCertificateRequest = new GetSignedCertificateRequest(HttpUrl.Companion.of$default(new MobileCertificateRequest(0, of$default, byteString2).encode()), null, null, byteString2);
            this.L$0 = key;
            this.label = 1;
            Object signedCertificate = signatureGenerator.signingCertificateService.getSignedCertificate(getSignedCertificateRequest, this);
            if (signedCertificate == coroutineSingletons) {
                return coroutineSingletons;
            }
            bArr = key;
            obj = signedCertificate;
        } else {
            if (i != 1) {
                throw new IllegalStateException("call to 'resume' before 'invoke' with coroutine");
            }
            bArr = this.L$0;
            ResultKt.throwOnFailure(obj);
        }
        ApiResult apiResult = (ApiResult) obj;
        if (apiResult instanceof ApiResult.Success) {
            GetSignedCertificateResponse getSignedCertificateResponse = (GetSignedCertificateResponse) ((ApiResult.Success) apiResult).response;
            signatureGenerator.getClass();
            List list = getSignedCertificateResponse.trifle_certificate_chain;
            ArrayList arrayList = new ArrayList(CollectionsKt__IterablesKt.collectionSizeOrDefault(list, 10));
            Iterator it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(((ByteString) it.next()).toByteArray());
            }
            return new Signature(arrayList, bArr);
        }
        if (!(apiResult instanceof ApiResult.Failure.HttpFailure)) {
            if (apiResult instanceof ApiResult.Failure.NetworkFailure) {
                throw ((ApiResult.Failure.NetworkFailure) apiResult).error;
            }
            throw new NoWhenBranchMatchedException();
        }
        throw new IllegalStateException("Http Failure with code " + ((ApiResult.Failure.HttpFailure) apiResult).code);
    }
}
