package com.uid2.shared.secure;

import com.uid2.shared.Utils;
import com.uid2.shared.secure.azurecc.IMaaTokenSignatureValidator;
import com.uid2.shared.secure.azurecc.IPolicyValidator;
import com.uid2.shared.secure.azurecc.MaaTokenPayload;
import com.uid2.shared.secure.azurecc.MaaTokenSignatureValidator;
import com.uid2.shared.secure.azurecc.PolicyValidator;
import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import java.nio.charset.StandardCharsets;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/uid2/shared/secure/AzureCCCoreAttestationService.class */
public class AzureCCCoreAttestationService implements ICoreAttestationService {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(AzureCCCoreAttestationService.class);
    private final Set<String> allowedEnclaveIds;
    private final IMaaTokenSignatureValidator tokenSignatureValidator;
    private final IPolicyValidator policyValidator;

    public AzureCCCoreAttestationService(String str, String str2) {
        this(new MaaTokenSignatureValidator(str), new PolicyValidator(str2));
    }

    protected AzureCCCoreAttestationService(IMaaTokenSignatureValidator iMaaTokenSignatureValidator, IPolicyValidator iPolicyValidator) {
        this.allowedEnclaveIds = new HashSet();
        this.tokenSignatureValidator = iMaaTokenSignatureValidator;
        this.policyValidator = iPolicyValidator;
    }

    @Override // com.uid2.shared.secure.ICoreAttestationService
    public void attest(byte[] bArr, byte[] bArr2, Handler<AsyncResult<AttestationResult>> handler) {
        try {
            String str = new String(bArr, StandardCharsets.US_ASCII);
            log.debug("Validating signature...");
            MaaTokenPayload validate = this.tokenSignatureValidator.validate(str);
            log.debug("Validating policy...");
            String validate2 = this.policyValidator.validate(validate, Utils.toBase64String(bArr2));
            if (this.allowedEnclaveIds.contains(validate2)) {
                log.info("Successfully attested azure-cc against registered enclaves, enclave id: {}", validate2);
                handler.handle(Future.succeededFuture(new AttestationResult(bArr2, validate2)));
            } else {
                log.warn("Got unsupported azure-cc enclave id: {}", validate2);
                handler.handle(Future.succeededFuture(new AttestationResult(AttestationFailure.FORBIDDEN_ENCLAVE)));
            }
        } catch (AttestationClientException e) {
            handler.handle(Future.succeededFuture(new AttestationResult(e)));
        } catch (AttestationException e2) {
            handler.handle(Future.failedFuture(e2));
        } catch (Exception e3) {
            handler.handle(Future.failedFuture(new AttestationException(e3)));
        }
    }

    @Override // com.uid2.shared.secure.ICoreAttestationService
    public void registerEnclave(String str) throws AttestationException {
        try {
            this.allowedEnclaveIds.add(str);
        } catch (Exception e) {
            throw new AttestationException(e);
        }
    }

    @Override // com.uid2.shared.secure.ICoreAttestationService
    public void unregisterEnclave(String str) throws AttestationException {
        try {
            this.allowedEnclaveIds.remove(str);
        } catch (Exception e) {
            throw new AttestationException(e);
        }
    }

    @Override // com.uid2.shared.secure.ICoreAttestationService
    public Collection<String> getEnclaveAllowlist() {
        return this.allowedEnclaveIds;
    }
}
