package com.cainiao.android.totp;

import android.content.Context;
import android.text.TextUtils;
import com.cainiao.android.totp.Totp;
import com.cainiao.android.totp.network.HttpHelper;
import com.cainiao.android.totp.network.HttpResponse;
import com.cainiao.android.totp.network.model.UserSecret;
import com.cainiao.android.totp.network.reqeust.SyncSecretRequest;
import com.cainiao.otp.totp.TimeBasedOTPGenerator;
import com.taobao.wireless.security.sdk.SecurityGuardManager;
import com.taobao.wireless.security.sdk.dynamicdatastore.IDynamicDataStoreComponent;
import com.taobao.wireless.security.sdk.staticdatastore.IStaticDataStoreComponent;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.concurrent.TimeUnit;

/* loaded from: classes2.dex */
public class TotpService {
    private static String keyPre = "totp_user_$_";
    private static final Totp.Param rootKeyParam;

    static {
        Totp.Param param = new Totp.Param();
        rootKeyParam = param;
        param.passwordLen = 8;
        rootKeyParam.timeStep = 3L;
        rootKeyParam.timeStepUnit = TimeUnit.SECONDS;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String paddingCode(int i, int i2) {
        String valueOf = String.valueOf(i);
        if (valueOf.length() == i2) {
            return valueOf;
        }
        int length = i2 - valueOf.length();
        StringBuilder sb = new StringBuilder();
        for (int i3 = 0; i3 < length; i3++) {
            sb.append(0);
        }
        sb.append(i);
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String recoverRootKey(String str, Context context, String str2) {
        IStaticDataStoreComponent staticDataStoreComp;
        SecurityGuardManager securityGuardManager = SecurityGuardManager.getInstance(context);
        if (securityGuardManager == null || (staticDataStoreComp = securityGuardManager.getStaticDataStoreComp()) == null) {
            return str2;
        }
        String extraData = staticDataStoreComp.getExtraData(str);
        if (extraData != null) {
            return extraData;
        }
        Totp.getInstance().getConfig().logger.e("TotpService", "获取不到根密钥");
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String recoverUserSecretKey(Context context, Totp.Param param) {
        IDynamicDataStoreComponent dynamicDataStoreComp;
        SecurityGuardManager securityGuardManager = SecurityGuardManager.getInstance(context);
        if (securityGuardManager == null || (dynamicDataStoreComp = securityGuardManager.getDynamicDataStoreComp()) == null) {
            return null;
        }
        return dynamicDataStoreComp.getStringDDpEx(keyPre + param.userId + "_" + param.appCode, 0);
    }

    private static void storageUserSecretKey(Context context, Totp.Param param, String str) {
        IDynamicDataStoreComponent dynamicDataStoreComp;
        SecurityGuardManager securityGuardManager = SecurityGuardManager.getInstance(context);
        if (securityGuardManager == null || (dynamicDataStoreComp = securityGuardManager.getDynamicDataStoreComp()) == null) {
            return;
        }
        if (dynamicDataStoreComp.putStringDDpEx(keyPre + param.userId + "_" + param.appCode, str, 0)) {
            return;
        }
        Totp.getInstance().getConfig().logger.e("TotpService", "存储用户密钥失败");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    public static boolean updateUserSecretKey(Context context, Totp.Param param) throws NoSuchAlgorithmException, InvalidKeyException {
        String recoverRootKey = recoverRootKey(Totp.getInstance().getConfig().rootSecretKeyIndex, context, null);
        TimeBasedOTPGenerator timeBasedOTPGenerator = new TimeBasedOTPGenerator(rootKeyParam.timeStep, rootKeyParam.timeStepUnit, rootKeyParam.passwordLen, "HmacSHA256");
        String paddingCode = paddingCode(timeBasedOTPGenerator.generateOneTimePassword(recoverRootKey.getBytes(Charset.forName("utf-8")), new Date(TimeSyncService.getTime(context))), rootKeyParam.passwordLen);
        String recoverUserSecretKey = recoverUserSecretKey(context, param);
        String paddingCode2 = TextUtils.isEmpty(recoverUserSecretKey) ? null : paddingCode(timeBasedOTPGenerator.generateOneTimePassword(recoverUserSecretKey.getBytes(Charset.forName("utf-8")), new Date(TimeSyncService.getTime(context))), rootKeyParam.passwordLen);
        SyncSecretRequest syncSecretRequest = new SyncSecretRequest();
        syncSecretRequest.bizCode = param.appCode;
        syncSecretRequest.infoIndex = param.userId;
        syncSecretRequest.rootSecretKey = Totp.getInstance().getConfig().rootKeyVersion;
        syncSecretRequest.authSecretTotpCode = paddingCode2;
        syncSecretRequest.rootSecretTotpCode = paddingCode;
        syncSecretRequest.sessionCode = param.sessionCode;
        HttpResponse syncRequest = HttpHelper.syncRequest(syncSecretRequest, UserSecret.class, param);
        if (syncRequest.isSuccess && syncRequest.data != 0 && !TextUtils.isEmpty(((UserSecret) syncRequest.data).secret)) {
            storageUserSecretKey(context, param, ((UserSecret) syncRequest.data).secret);
        }
        return syncRequest.isSuccess;
    }
}
