.class public Lcom/firemonkeys/cloudcellapi/Security; .super Ljava/lang/Object; .source "SourceFile" # annotations .annotation system Ldalvik/annotation/MemberClasses; value = { Lcom/firemonkeys/cloudcellapi/Security$VerifiedPurchase; } .end annotation # static fields .field private static final CLASSNAME:Ljava/lang/String; = "Security" .field private static final KEY_FACTORY_ALGORITHM:Ljava/lang/String; = "RSA" .field private static final RANDOM:Ljava/security/SecureRandom; .field private static final SIGNATURE_ALGORITHM:Ljava/lang/String; = "SHA1withRSA" .field private static sKnownNonces:Ljava/util/HashSet; .annotation system Ldalvik/annotation/Signature; value = { "Ljava/util/HashSet<", "Ljava/lang/Long;", ">;" } .end annotation .end field # direct methods .method static constructor ()V .locals 1 .line 43 new-instance v0, Ljava/security/SecureRandom; invoke-direct {v0}, Ljava/security/SecureRandom;->()V sput-object v0, Lcom/firemonkeys/cloudcellapi/Security;->RANDOM:Ljava/security/SecureRandom; .line 54 new-instance v0, Ljava/util/HashSet; invoke-direct {v0}, Ljava/util/HashSet;->()V sput-object v0, Lcom/firemonkeys/cloudcellapi/Security;->sKnownNonces:Ljava/util/HashSet; return-void .end method .method public constructor ()V .locals 0 .line 37 invoke-direct {p0}, Ljava/lang/Object;->()V return-void .end method .method public static generateNonce()J .locals 4 sget-object v0, Lcom/firemonkeys/cloudcellapi/Security;->RANDOM:Ljava/security/SecureRandom; .line 82 invoke-virtual {v0}, Ljava/util/Random;->nextLong()J move-result-wide v0 sget-object v2, Lcom/firemonkeys/cloudcellapi/Security;->sKnownNonces:Ljava/util/HashSet; .line 83 invoke-static {v0, v1}, Ljava/lang/Long;->valueOf(J)Ljava/lang/Long; move-result-object v3 invoke-virtual {v2, v3}, Ljava/util/HashSet;->add(Ljava/lang/Object;)Z return-wide v0 .end method .method public static generatePublicKey(Ljava/lang/String;)Ljava/security/PublicKey; .locals 3 const-string v0, "Security" .line 192 :try_start_0 invoke-static {p0}, Lcom/firemonkeys/cloudcellapi/util/Base64;->decode(Ljava/lang/String;)[B move-result-object p0 const-string v1, "RSA" .line 193 invoke-static {v1}, Ljava/security/KeyFactory;->getInstance(Ljava/lang/String;)Ljava/security/KeyFactory; move-result-object v1 .line 194 new-instance v2, Ljava/security/spec/X509EncodedKeySpec; invoke-direct {v2, p0}, Ljava/security/spec/X509EncodedKeySpec;->([B)V invoke-virtual {v1, v2}, Ljava/security/KeyFactory;->generatePublic(Ljava/security/spec/KeySpec;)Ljava/security/PublicKey; move-result-object p0 :try_end_0 .catch Ljava/security/NoSuchAlgorithmException; {:try_start_0 .. :try_end_0} :catch_2 .catch Ljava/security/spec/InvalidKeySpecException; {:try_start_0 .. :try_end_0} :catch_1 .catch Lcom/firemonkeys/cloudcellapi/util/Base64DecoderException; {:try_start_0 .. :try_end_0} :catch_0 return-object p0 :catch_0 move-exception p0 goto :goto_0 :catch_1 move-exception p0 goto :goto_1 :catch_2 move-exception p0 goto :goto_2 :goto_0 const-string v1, "Base64 decoding failed." .line 201 invoke-static {v0, v1}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V .line 202 new-instance v0, Ljava/lang/IllegalArgumentException; invoke-direct {v0, p0}, Ljava/lang/IllegalArgumentException;->(Ljava/lang/Throwable;)V throw v0 :goto_1 const-string v1, "Invalid key specification." .line 198 invoke-static {v0, v1}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V .line 199 new-instance v0, Ljava/lang/IllegalArgumentException; invoke-direct {v0, p0}, Ljava/lang/IllegalArgumentException;->(Ljava/lang/Throwable;)V throw v0 .line 196 :goto_2 new-instance v0, Ljava/lang/RuntimeException; invoke-direct {v0, p0}, Ljava/lang/RuntimeException;->(Ljava/lang/Throwable;)V throw v0 .end method .method public static getVerifiedPurchaseList(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/util/ArrayList; .locals 21 .annotation system Ldalvik/annotation/Signature; value = { "(", "Ljava/lang/String;", "Ljava/lang/String;", "Ljava/lang/String;", ")", "Ljava/util/ArrayList<", "Lcom/firemonkeys/cloudcellapi/Security$VerifiedPurchase;", ">;" } .end annotation move-object/from16 v0, p1 const-string v1, "notificationId" const-string v2, "Security" const/4 v3, 0x0 if-nez p0, :cond_0 const-string v0, "public key is null" .line 109 invoke-static {v2, v0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V return-object v3 :cond_0 if-nez v0, :cond_1 const-string v0, "data is null" .line 113 invoke-static {v2, v0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V return-object v3 .line 117 :cond_1 new-instance v4, Ljava/lang/StringBuilder; invoke-direct {v4}, Ljava/lang/StringBuilder;->()V const-string v5, "signedData: " invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v4, v0}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v4}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object v4 invoke-static {v2, v4}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_INFO(Ljava/lang/Object;Ljava/lang/String;)V .line 120 invoke-static/range {p2 .. p2}, Landroid/text/TextUtils;->isEmpty(Ljava/lang/CharSequence;)Z move-result v4 const/4 v5, 0x0 if-nez v4, :cond_2 .line 121 invoke-static/range {p0 .. p0}, Lcom/firemonkeys/cloudcellapi/Security;->generatePublicKey(Ljava/lang/String;)Ljava/security/PublicKey; move-result-object v4 move-object/from16 v6, p2 .line 122 invoke-static {v4, v0, v6}, Lcom/firemonkeys/cloudcellapi/Security;->verify(Ljava/security/PublicKey;Ljava/lang/String;Ljava/lang/String;)Z move-result v4 if-nez v4, :cond_3 const-string v0, "signature does not match data." .line 124 invoke-static {v2, v0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_WARNING(Ljava/lang/Object;Ljava/lang/String;)V return-object v3 :cond_2 move v4, v5 .line 134 :cond_3 :try_start_0 new-instance v6, Lorg/json/JSONObject; invoke-direct {v6, v0}, Lorg/json/JSONObject;->(Ljava/lang/String;)V const-string v0, "nonce" .line 137 invoke-virtual {v6, v0}, Lorg/json/JSONObject;->optLong(Ljava/lang/String;)J move-result-wide v7 const-string v0, "orders" .line 138 invoke-virtual {v6, v0}, Lorg/json/JSONObject;->optJSONArray(Ljava/lang/String;)Lorg/json/JSONArray; move-result-object v0 if-eqz v0, :cond_4 .line 140 invoke-virtual {v0}, Lorg/json/JSONArray;->length()I move-result v6 :try_end_0 .catch Lorg/json/JSONException; {:try_start_0 .. :try_end_0} :catch_1 goto :goto_0 :cond_4 move v6, v5 .line 146 :goto_0 invoke-static {v7, v8}, Lcom/firemonkeys/cloudcellapi/Security;->isNonceKnown(J)Z move-result v9 if-nez v9, :cond_5 .line 147 new-instance v0, Ljava/lang/StringBuilder; invoke-direct {v0}, Ljava/lang/StringBuilder;->()V const-string v1, "Nonce not found: " invoke-virtual {v0, v1}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v0, v7, v8}, Ljava/lang/StringBuilder;->append(J)Ljava/lang/StringBuilder; invoke-virtual {v0}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object v0 invoke-static {v2, v0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_WARNING(Ljava/lang/Object;Ljava/lang/String;)V return-object v3 .line 151 :cond_5 new-instance v9, Ljava/util/ArrayList; invoke-direct {v9}, Ljava/util/ArrayList;->()V :goto_1 if-ge v5, v6, :cond_8 .line 154 :try_start_1 invoke-virtual {v0, v5}, Lorg/json/JSONArray;->getJSONObject(I)Lorg/json/JSONObject; move-result-object v10 const-string v11, "purchaseState" .line 155 invoke-virtual {v10, v11}, Lorg/json/JSONObject;->getInt(Ljava/lang/String;)I move-result v11 .line 156 invoke-static {v11}, Lcom/firemonkeys/cloudcellapi/Consts$PurchaseState;->valueOf(I)Lcom/firemonkeys/cloudcellapi/Consts$PurchaseState; move-result-object v13 const-string v11, "productId" .line 157 invoke-virtual {v10, v11}, Lorg/json/JSONObject;->getString(Ljava/lang/String;)Ljava/lang/String; move-result-object v15 const-string v11, "packageName" .line 158 invoke-virtual {v10, v11}, Lorg/json/JSONObject;->getString(Ljava/lang/String;)Ljava/lang/String; move-result-object v17 const-string v11, "purchaseTime" .line 159 invoke-virtual {v10, v11}, Lorg/json/JSONObject;->getLong(Ljava/lang/String;)J move-result-wide v18 const-string v11, "orderId" const-string v12, "" .line 160 invoke-virtual {v10, v11, v12}, Lorg/json/JSONObject;->optString(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; move-result-object v16 .line 162 invoke-virtual {v10, v1}, Lorg/json/JSONObject;->has(Ljava/lang/String;)Z move-result v11 if-eqz v11, :cond_6 .line 163 invoke-virtual {v10, v1}, Lorg/json/JSONObject;->getString(Ljava/lang/String;)Ljava/lang/String; move-result-object v11 move-object v14, v11 goto :goto_2 :catch_0 move-exception v0 goto :goto_4 :cond_6 move-object v14, v3 :goto_2 const-string v11, "developerPayload" .line 165 invoke-virtual {v10, v11, v3}, Lorg/json/JSONObject;->optString(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String; move-result-object v20 .line 169 sget-object v10, Lcom/firemonkeys/cloudcellapi/Consts$PurchaseState;->PURCHASED:Lcom/firemonkeys/cloudcellapi/Consts$PurchaseState; if-ne v13, v10, :cond_7 if-nez v4, :cond_7 goto :goto_3 .line 172 :cond_7 new-instance v10, Lcom/firemonkeys/cloudcellapi/Security$VerifiedPurchase; move-object v12, v10 invoke-direct/range {v12 .. v20}, Lcom/firemonkeys/cloudcellapi/Security$VerifiedPurchase;->(Lcom/firemonkeys/cloudcellapi/Consts$PurchaseState;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;JLjava/lang/String;)V invoke-virtual {v9, v10}, Ljava/util/ArrayList;->add(Ljava/lang/Object;)Z :try_end_1 .catch Lorg/json/JSONException; {:try_start_1 .. :try_end_1} :catch_0 :goto_3 add-int/lit8 v5, v5, 0x1 goto :goto_1 .line 176 :goto_4 new-instance v1, Ljava/lang/StringBuilder; invoke-direct {v1}, Ljava/lang/StringBuilder;->()V const-string v4, "JSON exception: " invoke-virtual {v1, v4}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v0}, Ljava/lang/Object;->toString()Ljava/lang/String; move-result-object v0 invoke-virtual {v1, v0}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object v0 invoke-static {v2, v0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V return-object v3 .line 179 :cond_8 invoke-static {v7, v8}, Lcom/firemonkeys/cloudcellapi/Security;->removeNonce(J)V return-object v9 :catch_1 return-object v3 .end method .method public static isNonceKnown(J)Z .locals 1 sget-object v0, Lcom/firemonkeys/cloudcellapi/Security;->sKnownNonces:Ljava/util/HashSet; .line 92 invoke-static {p0, p1}, Ljava/lang/Long;->valueOf(J)Ljava/lang/Long; move-result-object p0 invoke-virtual {v0, p0}, Ljava/util/HashSet;->contains(Ljava/lang/Object;)Z move-result p0 return p0 .end method .method public static removeNonce(J)V .locals 1 sget-object v0, Lcom/firemonkeys/cloudcellapi/Security;->sKnownNonces:Ljava/util/HashSet; .line 88 invoke-static {p0, p1}, Ljava/lang/Long;->valueOf(J)Ljava/lang/Long; move-result-object p0 invoke-virtual {v0, p0}, Ljava/util/HashSet;->remove(Ljava/lang/Object;)Z return-void .end method .method public static verify(Ljava/security/PublicKey;Ljava/lang/String;Ljava/lang/String;)Z .locals 3 .line 216 new-instance v0, Ljava/lang/StringBuilder; invoke-direct {v0}, Ljava/lang/StringBuilder;->()V const-string v1, "signature: " invoke-virtual {v0, v1}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v0, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; invoke-virtual {v0}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object v0 const-string v1, "Security" invoke-static {v1, v0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_INFO(Ljava/lang/Object;Ljava/lang/String;)V const/4 v0, 0x0 :try_start_0 const-string v2, "SHA1withRSA" .line 219 invoke-static {v2}, Ljava/security/Signature;->getInstance(Ljava/lang/String;)Ljava/security/Signature; move-result-object v2 .line 220 invoke-virtual {v2, p0}, Ljava/security/Signature;->initVerify(Ljava/security/PublicKey;)V .line 221 invoke-virtual {p1}, Ljava/lang/String;->getBytes()[B move-result-object p0 invoke-virtual {v2, p0}, Ljava/security/Signature;->update([B)V .line 222 invoke-static {p2}, Lcom/firemonkeys/cloudcellapi/util/Base64;->decode(Ljava/lang/String;)[B move-result-object p0 invoke-virtual {v2, p0}, Ljava/security/Signature;->verify([B)Z move-result p0 if-nez p0, :cond_0 const-string p0, "Signature verification failed." .line 223 invoke-static {v1, p0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V :try_end_0 .catch Ljava/security/NoSuchAlgorithmException; {:try_start_0 .. :try_end_0} :catch_3 .catch Ljava/security/InvalidKeyException; {:try_start_0 .. :try_end_0} :catch_2 .catch Ljava/security/SignatureException; {:try_start_0 .. :try_end_0} :catch_1 .catch Lcom/firemonkeys/cloudcellapi/util/Base64DecoderException; {:try_start_0 .. :try_end_0} :catch_0 return v0 :cond_0 const/4 p0, 0x1 return p0 :catch_0 const-string p0, "Base64 decoding failed." .line 234 invoke-static {v1, p0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V goto :goto_0 :catch_1 const-string p0, "Signature exception." .line 232 invoke-static {v1, p0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V goto :goto_0 :catch_2 const-string p0, "Invalid key specification." .line 230 invoke-static {v1, p0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V goto :goto_0 :catch_3 const-string p0, "NoSuchAlgorithmException." .line 228 invoke-static {v1, p0}, Lcom/firemonkeys/cloudcellapi/Logging;->CC_ERROR(Ljava/lang/Object;Ljava/lang/String;)V :goto_0 return v0 .end method