package org.bitcoinj.protocols.payments;

import com.google.a.a.ai;
import com.google.a.b.cf;
import com.google.b.fo;
import com.google.b.i;
import java.io.Serializable;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.bitcoin.c.a.c;
import org.bitcoin.c.a.e;
import org.bitcoin.c.a.g;
import org.bitcoin.c.a.j;
import org.bitcoin.c.a.l;
import org.bitcoin.c.a.n;
import org.bitcoin.c.a.p;
import org.bitcoin.c.a.s;
import org.bitcoin.c.a.u;
import org.bitcoin.c.a.w;
import org.bitcoin.c.a.y;
import org.bitcoinj.core.Address;
import org.bitcoinj.core.Coin;
import org.bitcoinj.core.NetworkParameters;
import org.bitcoinj.core.Transaction;
import org.bitcoinj.core.Utils;
import org.bitcoinj.crypto.X509Utils;
import org.bitcoinj.protocols.payments.PaymentProtocolException;
import org.bitcoinj.script.ScriptBuilder;

/* loaded from: classes3.dex */
public class PaymentProtocol {
    public static final String MIMETYPE_PAYMENT = "application/bitcoin-payment";
    public static final String MIMETYPE_PAYMENTACK = "application/bitcoin-paymentack";
    public static final String MIMETYPE_PAYMENTREQUEST = "application/bitcoin-paymentrequest";

    /* loaded from: classes3.dex */
    public class Ack {
        private final String memo;

        Ack(String str) {
            this.memo = str;
        }

        public String getMemo() {
            return this.memo;
        }
    }

    /* loaded from: classes3.dex */
    public class Output implements Serializable {
        public final Coin amount;
        public final byte[] scriptData;

        public Output(Coin coin, byte[] bArr) {
            this.amount = coin;
            this.scriptData = bArr;
        }
    }

    /* loaded from: classes3.dex */
    public class PkiVerificationData {
        public final String displayName;
        public final PublicKey merchantSigningKey;
        public final TrustAnchor rootAuthority;
        public final String rootAuthorityName;

        private PkiVerificationData(String str, PublicKey publicKey, TrustAnchor trustAnchor) throws PaymentProtocolException.PkiVerificationException {
            try {
                this.displayName = str;
                this.merchantSigningKey = publicKey;
                this.rootAuthority = trustAnchor;
                this.rootAuthorityName = X509Utils.getDisplayNameFromCertificate(trustAnchor.getTrustedCert(), true);
            } catch (CertificateParsingException e2) {
                throw new PaymentProtocolException.PkiVerificationException(e2);
            }
        }

        public String toString() {
            return ai.a(this).a("displayName", this.displayName).a("rootAuthorityName", this.rootAuthorityName).a("merchantSigningKey", this.merchantSigningKey).a("rootAuthority", this.rootAuthority).toString();
        }
    }

    public static c createPayToAddressOutput(Coin coin, Address address) {
        e newBuilder = c.newBuilder();
        if (coin != null) {
            NetworkParameters parameters = address.getParameters();
            if (parameters.hasMaxMoney() && coin.compareTo(parameters.getMaxMoney()) > 0) {
                throw new IllegalArgumentException("Amount too big: " + coin);
            }
            newBuilder.a(coin.value);
        } else {
            newBuilder.a(0L);
        }
        newBuilder.a(i.a(ScriptBuilder.createOutputScript(address).getProgram()));
        return newBuilder.buildPartial();
    }

    public static j createPaymentAck(g gVar, String str) {
        l newBuilder = j.newBuilder();
        newBuilder.a(gVar);
        if (str != null) {
            newBuilder.a(str);
        }
        return newBuilder.buildPartial();
    }

    public static g createPaymentMessage(List<Transaction> list, List<c> list2, String str, byte[] bArr) {
        org.bitcoin.c.a.i newBuilder = g.newBuilder();
        for (Transaction transaction : list) {
            transaction.verify();
            newBuilder.b(i.a(transaction.unsafeBitcoinSerialize()));
        }
        if (list2 != null) {
            Iterator<c> it = list2.iterator();
            while (it.hasNext()) {
                newBuilder.a(it.next());
            }
        }
        if (str != null) {
            newBuilder.a(str);
        }
        if (bArr != null) {
            newBuilder.a(i.a(bArr));
        }
        return newBuilder.buildPartial();
    }

    public static g createPaymentMessage(List<Transaction> list, Coin coin, Address address, String str, byte[] bArr) {
        if (address == null) {
            return createPaymentMessage(list, null, str, bArr);
        }
        if (coin == null) {
            throw new IllegalArgumentException("Specify refund amount if refund address is specified.");
        }
        return createPaymentMessage(list, cf.of(createPayToAddressOutput(coin, address)), str, bArr);
    }

    public static u createPaymentRequest(NetworkParameters networkParameters, List<c> list, String str, String str2, byte[] bArr) {
        p newBuilder = n.newBuilder();
        newBuilder.a(networkParameters.getPaymentProtocolId());
        Iterator<c> it = list.iterator();
        while (it.hasNext()) {
            newBuilder.a(it.next());
        }
        if (str != null) {
            newBuilder.b(str);
        }
        if (str2 != null) {
            newBuilder.c(str2);
        }
        if (bArr != null) {
            newBuilder.a(i.a(bArr));
        }
        newBuilder.a(Utils.currentTimeSeconds());
        u newBuilder2 = s.newBuilder();
        newBuilder2.b(newBuilder.buildPartial().toByteString());
        return newBuilder2;
    }

    public static u createPaymentRequest(NetworkParameters networkParameters, Coin coin, Address address, String str, String str2, byte[] bArr) {
        return createPaymentRequest(networkParameters, cf.of(createPayToAddressOutput(coin, address)), str, str2, bArr);
    }

    public static Ack parsePaymentAck(j jVar) {
        return new Ack(jVar.hasMemo() ? jVar.getMemo() : null);
    }

    public static PaymentSession parsePaymentRequest(s sVar) throws PaymentProtocolException {
        return new PaymentSession(sVar, false, null);
    }

    public static List<Transaction> parseTransactionsFromPaymentMessage(NetworkParameters networkParameters, g gVar) {
        ArrayList arrayList = new ArrayList(gVar.getTransactionsCount());
        Iterator<i> it = gVar.getTransactionsList().iterator();
        while (it.hasNext()) {
            arrayList.add(networkParameters.getDefaultSerializer().makeTransaction(it.next().e()));
        }
        return arrayList;
    }

    public static void signPaymentRequest(u uVar, X509Certificate[] x509CertificateArr, PrivateKey privateKey) {
        try {
            y newBuilder = w.newBuilder();
            for (X509Certificate x509Certificate : x509CertificateArr) {
                newBuilder.a(i.a(x509Certificate.getEncoded()));
            }
            uVar.a("x509+sha256");
            uVar.a(newBuilder.buildPartial().toByteString());
            uVar.c(i.f20651b);
            s buildPartial = uVar.buildPartial();
            if (!"RSA".equalsIgnoreCase(privateKey.getAlgorithm())) {
                throw new IllegalStateException(privateKey.getAlgorithm());
            }
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(privateKey);
            signature.update(buildPartial.toByteArray());
            uVar.c(i.a(signature.sign()));
        } catch (GeneralSecurityException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static PkiVerificationData verifyPaymentRequestPki(s sVar, KeyStore keyStore) throws PaymentProtocolException {
        ArrayList arrayList;
        CertPathValidatorException e2;
        String str;
        try {
            try {
                String pkiType = sVar.getPkiType();
                if ("none".equals(pkiType)) {
                    return null;
                }
                if ("x509+sha256".equals(pkiType)) {
                    str = "SHA256withRSA";
                } else {
                    if (!"x509+sha1".equals(pkiType)) {
                        throw new PaymentProtocolException.InvalidPkiType("Unsupported PKI type: " + pkiType);
                    }
                    str = "SHA1withRSA";
                }
                w parseFrom = w.parseFrom(sVar.getPkiData());
                if (parseFrom.getCertificateCount() == 0) {
                    throw new PaymentProtocolException.InvalidPkiData("No certificates provided in message: server config error");
                }
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                ArrayList arrayList2 = new ArrayList();
                try {
                    Iterator<i> it = parseFrom.getCertificateList().iterator();
                    while (it.hasNext()) {
                        arrayList2.add((X509Certificate) certificateFactory.generateCertificate(it.next().h()));
                    }
                    CertPath generateCertPath = certificateFactory.generateCertPath(arrayList2);
                    PKIXParameters pKIXParameters = new PKIXParameters(keyStore);
                    pKIXParameters.setRevocationEnabled(false);
                    PKIXCertPathValidatorResult pKIXCertPathValidatorResult = (PKIXCertPathValidatorResult) CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
                    PublicKey publicKey = pKIXCertPathValidatorResult.getPublicKey();
                    Signature signature = Signature.getInstance(str);
                    signature.initVerify(publicKey);
                    u builder = sVar.toBuilder();
                    builder.c(i.f20651b);
                    signature.update(builder.buildPartial().toByteArray());
                    if (!signature.verify(sVar.getSignature().e())) {
                        throw new PaymentProtocolException.PkiVerificationException("Invalid signature, this payment request is not valid.");
                    }
                    String displayNameFromCertificate = X509Utils.getDisplayNameFromCertificate((X509Certificate) arrayList2.get(0), true);
                    if (displayNameFromCertificate == null) {
                        throw new PaymentProtocolException.PkiVerificationException("Could not extract name from certificate");
                    }
                    return new PkiVerificationData(displayNameFromCertificate, publicKey, pKIXCertPathValidatorResult.getTrustAnchor());
                } catch (CertPathValidatorException e3) {
                    e2 = e3;
                    arrayList = arrayList2;
                    throw new PaymentProtocolException.PkiVerificationException(e2, arrayList);
                }
            } catch (CertPathValidatorException e4) {
                arrayList = null;
                e2 = e4;
            }
        } catch (fo e5) {
            throw new PaymentProtocolException.InvalidPkiData(e5);
        } catch (InvalidAlgorithmParameterException e6) {
            throw new RuntimeException(e6);
        } catch (InvalidKeyException e7) {
            throw new PaymentProtocolException.PkiVerificationException(e7);
        } catch (KeyStoreException e8) {
            throw new RuntimeException(e8);
        } catch (NoSuchAlgorithmException e9) {
            throw new RuntimeException(e9);
        } catch (SignatureException e10) {
            throw new PaymentProtocolException.PkiVerificationException(e10);
        } catch (CertificateException e11) {
            throw new PaymentProtocolException.PkiVerificationException(e11);
        }
    }
}
