package com.amazonaws.services.sns.util;

import com.amazonaws.SdkClientException;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.internal.SdkThreadLocalsRegistry;
import com.amazonaws.util.Base64;
import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonToken;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.SortedMap;
import java.util.TreeMap;

@ThreadSafe
@Deprecated
/* loaded from: input_file:WEB-INF/lib/aws-java-sdk-sns-1.12.657.jar:com/amazonaws/services/sns/util/SignatureChecker.class */
public class SignatureChecker {
    private static final ThreadLocal<Signature> SHA1_SIG_CHECKER = SdkThreadLocalsRegistry.register(new ThreadLocal<Signature>() { // from class: com.amazonaws.services.sns.util.SignatureChecker.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public Signature initialValue() {
            try {
                return Signature.getInstance("SHA1withRSA");
            } catch (NoSuchAlgorithmException e) {
                throw new SdkClientException("Could not create RSA Signature", e);
            }
        }
    });
    private static final ThreadLocal<Signature> SHA256_SIG_CHECKER = SdkThreadLocalsRegistry.register(new ThreadLocal<Signature>() { // from class: com.amazonaws.services.sns.util.SignatureChecker.2
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public Signature initialValue() {
            try {
                return Signature.getInstance("SHA256withRSA");
            } catch (NoSuchAlgorithmException e) {
                throw new SdkClientException("Could not create RSA Signature", e);
            }
        }
    });
    private final String NOTIFICATION_TYPE = "Notification";
    private final String SUBSCRIBE_TYPE = "SubscriptionConfirmation";
    private final String UNSUBSCRIBE_TYPE = "UnsubscribeConfirmation";
    private final String TYPE = "Type";
    private final String SUBSCRIBE_URL = "SubscribeURL";
    private final String MESSAGE = "Message";
    private final String TIMESTAMP = "Timestamp";
    private final String SIGNATURE_VERSION = "SignatureVersion";
    private final String SIGNATURE = "Signature";
    private final String MESSAGE_ID = "MessageId";
    private final String SUBJECT = "Subject";
    private final String TOPIC = "TopicArn";
    private final String TOKEN = "Token";
    private final Set<String> INTERESTING_FIELDS = new HashSet(Arrays.asList("Type", "SubscribeURL", "Message", "Timestamp", "Signature", "SignatureVersion", "MessageId", "Subject", "TopicArn", "Token"));

    public boolean verifyMessageSignature(String str, PublicKey publicKey) {
        return verifySignature(parseJSON(str), publicKey);
    }

    public boolean verifySignature(Map<String, String> map, PublicKey publicKey) {
        String stringToSign;
        String str = map.get("SignatureVersion");
        String str2 = map.get("Type");
        String str3 = map.get("Signature");
        if (str == null || str2 == null || str3 == null) {
            throw new RuntimeException("Message cannot have null values");
        }
        if (str2.equals("Notification")) {
            stringToSign = stringToSign(publishMessageValues(map));
        } else if (str2.equals("SubscriptionConfirmation")) {
            stringToSign = stringToSign(subscribeMessageValues(map));
        } else {
            if (!str2.equals("UnsubscribeConfirmation")) {
                throw new RuntimeException("Cannot process message of type " + str2);
            }
            stringToSign = stringToSign(subscribeMessageValues(map));
        }
        return verifySignature(stringToSign, str3, SignatureVersion.fromValue(str), publicKey);
    }

    public boolean verifySignature(String str, String str2, SignatureVersion signatureVersion, PublicKey publicKey) {
        boolean verifySignature;
        switch (signatureVersion) {
            case SHA1:
                verifySignature = verifySignature(str, str2, publicKey, SHA1_SIG_CHECKER.get());
                break;
            case SHA256:
                verifySignature = verifySignature(str, str2, publicKey, SHA256_SIG_CHECKER.get());
                break;
            default:
                throw new RuntimeException("Invalid SignatureVersion value");
        }
        return verifySignature;
    }

    public boolean verifySignature(String str, String str2, PublicKey publicKey) {
        return verifySignature(str, str2, publicKey, SHA1_SIG_CHECKER.get());
    }

    private boolean verifySignature(String str, String str2, PublicKey publicKey, Signature signature) {
        boolean z = false;
        try {
            byte[] decode = Base64.decode(str2.getBytes());
            signature.initVerify(publicKey);
            signature.update(str.getBytes());
            z = signature.verify(decode);
        } catch (InvalidKeyException e) {
        } catch (SignatureException e2) {
        }
        return z;
    }

    protected String stringToSign(SortedMap<String, String> sortedMap) {
        StringBuilder sb = new StringBuilder();
        for (String str : sortedMap.keySet()) {
            sb.append(str).append("\n");
            sb.append(sortedMap.get(str)).append("\n");
        }
        return sb.toString();
    }

    private Map<String, String> parseJSON(String str) {
        String text;
        HashMap hashMap = new HashMap();
        try {
            JsonParser createParser = new JsonFactory().createParser(str);
            createParser.nextToken();
            while (createParser.nextToken() != JsonToken.END_OBJECT) {
                String currentName = createParser.getCurrentName();
                if (this.INTERESTING_FIELDS.contains(currentName)) {
                    createParser.nextToken();
                    if (createParser.getCurrentToken() == JsonToken.START_ARRAY) {
                        text = "";
                        boolean z = true;
                        while (createParser.nextToken() != JsonToken.END_ARRAY) {
                            if (!z) {
                                text = text + ",";
                            }
                            z = false;
                            text = text + createParser.getText();
                        }
                    } else {
                        text = createParser.getText();
                    }
                    hashMap.put(currentName, text);
                } else {
                    createParser.skipChildren();
                }
            }
        } catch (IOException e) {
        } catch (JsonParseException e2) {
            e2.printStackTrace();
        }
        return hashMap;
    }

    private TreeMap<String, String> publishMessageValues(Map<String, String> map) {
        TreeMap<String, String> treeMap = new TreeMap<>();
        for (String str : new String[]{"Message", "MessageId", "Subject", "Type", "Timestamp", "TopicArn"}) {
            if (map.containsKey(str)) {
                treeMap.put(str, map.get(str));
            }
        }
        return treeMap;
    }

    private TreeMap<String, String> subscribeMessageValues(Map<String, String> map) {
        TreeMap<String, String> treeMap = new TreeMap<>();
        for (String str : new String[]{"SubscribeURL", "Message", "MessageId", "Type", "Timestamp", "Token", "TopicArn"}) {
            if (map.containsKey(str)) {
                treeMap.put(str, map.get(str));
            }
        }
        return treeMap;
    }
}
