package com.sankuai.meituan.tte;

import android.support.annotation.NonNull;
import android.support.annotation.VisibleForTesting;
import android.util.Pair;
import com.meituan.android.common.dfingerprint.DFPConfigs;
import com.meituan.android.common.unionid.oneid.util.DeviceInfo;
import com.meituan.robust.ChangeQuickRedirect;
import com.meituan.robust.PatchProxy;
import com.sankuai.meituan.tte.TTE;
import com.sankuai.meituan.tte.i;
import com.sankuai.meituan.tte.v;
import java.io.IOException;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.SignatureException;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.ScheduledExecutorService;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public final class TKeyAgreement {
    public static ChangeQuickRedirect changeQuickRedirect;
    public final TTE.a a;
    public final i b;
    public final String c;
    public final u d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public static class HttpStatusException extends IOException {
        public static ChangeQuickRedirect changeQuickRedirect;
        public final int code;

        public HttpStatusException(String str, int i) {
            super(str);
            this.code = i;
        }
    }

    static {
        com.meituan.android.paladin.b.a(-7715231734899821037L);
    }

    public TKeyAgreement(TTE.a aVar) {
        this.a = aVar;
        this.b = aVar.b == TTE.CipherSuite.SM ? k.a(aVar.a) : j.a(aVar.a);
        this.c = (aVar.a == TTE.Env.PROD ? "https://tte.meituan.com" : "https://tte.inf.test.sankuai.com") + (aVar.b == TTE.CipherSuite.SM ? "/api/v1/tte/gmt" : "/api/v1/tte/fips");
        this.d = new u("TKeyAgreement", this.a.a());
    }

    private boolean a(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws Exception {
        Object[] objArr = {bArr, bArr2, bArr3, bArr4};
        ChangeQuickRedirect changeQuickRedirect2 = changeQuickRedirect;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect2, 3075122398280649043L)) {
            return ((Boolean) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect2, 3075122398280649043L)).booleanValue();
        }
        try {
            return this.b.a(w.a(bArr, bArr2, bArr3), bArr4);
        } catch (Throwable th) {
            this.d.a("verify signature failed", th);
            return false;
        }
    }

    @VisibleForTesting
    public final ScheduledExecutorService a() {
        Object[] objArr = new Object[0];
        ChangeQuickRedirect changeQuickRedirect2 = changeQuickRedirect;
        return PatchProxy.isSupport(objArr, this, changeQuickRedirect2, 4764597939239473654L) ? (ScheduledExecutorService) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect2, 4764597939239473654L) : g.a();
    }

    public final JSONObject a(String str, byte[] bArr) throws IOException, JSONException {
        Object[] objArr = {str, bArr};
        ChangeQuickRedirect changeQuickRedirect2 = changeQuickRedirect;
        return PatchProxy.isSupport(objArr, this, changeQuickRedirect2, 4929966186399603811L) ? (JSONObject) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect2, 4929966186399603811L) : new JSONObject(new String(a(str, Arrays.asList(new Pair("Content-Type", DFPConfigs.UPLOAD_CT_JSON)), bArr)));
    }

    public final boolean a(l lVar, boolean z) {
        q cipher;
        String str;
        byte[] bytes;
        Object[] objArr = {lVar, Byte.valueOf(z ? (byte) 1 : (byte) 0)};
        ChangeQuickRedirect changeQuickRedirect2 = changeQuickRedirect;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect2, 8358717130308667117L)) {
            return ((Boolean) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect2, 8358717130308667117L)).booleanValue();
        }
        if (e.a(TTE.a()).a(this.a.b).c()) {
            this.d.b("verifyKey: disable");
            return true;
        }
        v.a a = v.a("tte.keyVerify.result", "keyVerify");
        try {
            a.a("algo", this.b.a());
            a.a("type", z ? "2" : "1");
            a.a("bizCode", "-1");
            a.a("httpCode", "-1");
            a.a("code", "0");
            try {
                try {
                    cipher = lVar.b.getCipher();
                    str = this.c + "/verify";
                    bytes = "Client Hello".getBytes();
                } catch (CipherException e) {
                    this.d.b("verifyKey", e);
                    if (e.getCode() == -10100) {
                        a.a("code", "1004");
                        a.b();
                        return false;
                    }
                    a.a("code", "1005");
                } catch (IOException e2) {
                    this.d.a("verifyKey", e2);
                }
            } catch (JSONException e3) {
                a.a("code", "1003");
                this.d.a("verifyKey", e3);
            } catch (Throwable th) {
                a.a("code", "1100");
                this.d.b("verifyKey", th);
            }
            try {
                JSONObject a2 = a(str, new JSONObject().put("cipher", w.a(cipher.a(bytes, lVar.c))).put("edk", w.a(lVar.d)).toString().getBytes());
                a.a("httpCode", "200");
                int i = a2.getInt("code");
                StringBuilder sb = new StringBuilder();
                sb.append(i);
                a.a("bizCode", sb.toString());
                if (i == 200) {
                    if (!Arrays.equals(cipher.b(w.a(a2.getJSONObject("data").getString("serCipher")), lVar.c), bytes)) {
                        a.a("code", "1001");
                        this.d.b("verifyKey: dec error", null);
                        a.b();
                        return false;
                    }
                    this.d.b("verifyKey: ok");
                    a.b();
                    return true;
                }
                a.a("code", "1");
                this.d.b("verifyKey: code error, code=" + i + ", msg=" + a2.optString("msg", ""), null);
                a.b();
                return false;
            } catch (HttpStatusException e4) {
                StringBuilder sb2 = new StringBuilder();
                sb2.append(e4.code);
                a.a("httpCode", sb2.toString());
                a.a("code", "2");
                throw e4;
            } catch (Exception e5) {
                a.a("code", "2");
                throw e5;
            }
        } catch (Throwable th2) {
            a.b();
            throw th2;
        }
    }

    @VisibleForTesting
    public final byte[] a(String str, List<Pair<String, String>> list, byte[] bArr) throws IOException {
        Object[] objArr = {str, list, bArr};
        ChangeQuickRedirect changeQuickRedirect2 = changeQuickRedirect;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect2, -1785268147437182331L)) {
            return (byte[]) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect2, -1785268147437182331L);
        }
        this.d.a("post[" + str + "] => " + new String(bArr));
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setConnectTimeout(15000);
        httpURLConnection.setReadTimeout(15000);
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setDoOutput(true);
        if (list != null) {
            for (Pair<String, String> pair : list) {
                httpURLConnection.addRequestProperty((String) pair.first, (String) pair.second);
            }
        }
        OutputStream outputStream = null;
        try {
            outputStream = httpURLConnection.getOutputStream();
            outputStream.write(bArr);
            w.a(outputStream);
            int responseCode = httpURLConnection.getResponseCode();
            this.d.b("post[" + str + "] <= " + responseCode);
            if (responseCode / 100 == 2) {
                return w.a(httpURLConnection.getInputStream());
            }
            throw new HttpStatusException(httpURLConnection.getResponseMessage(), responseCode);
        } catch (Throwable th) {
            w.a(outputStream);
            throw th;
        }
    }

    @NonNull
    public final l b() throws Exception {
        l lVar;
        Object[] objArr = new Object[0];
        ChangeQuickRedirect changeQuickRedirect2 = changeQuickRedirect;
        if (PatchProxy.isSupport(objArr, this, changeQuickRedirect2, 5767147776201769841L)) {
            return (l) PatchProxy.accessDispatch(objArr, this, changeQuickRedirect2, 5767147776201769841L);
        }
        v.a b = v.b();
        if (b == null) {
            b = v.c;
        }
        try {
            b.a("algo", this.b.a());
            b.a("bizCode", "-1");
            b.a("httpCode", "-1");
            b.a("code", "0");
            try {
                try {
                    i.a b2 = this.b.b();
                    try {
                        JSONObject jSONObject = new JSONObject();
                        jSONObject.put("protVer", 1);
                        jSONObject.put("serKeyVer", 1);
                        jSONObject.put("cliKeyVer", 1);
                        jSONObject.put("cliTempPubKey", w.a(b2.a()));
                        JSONObject put = new JSONObject().put("platform", "android");
                        StringBuilder sb = new StringBuilder();
                        sb.append(w.b());
                        jSONObject.put("otherData", put.put("appId", sb.toString()).put("uuid", w.c()));
                        byte[] bytes = jSONObject.toString().getBytes();
                        try {
                            JSONObject a = a(this.c + "/ka", bytes);
                            this.d.b("resp: " + a);
                            b.a("httpCode", "200");
                            int optInt = a.optInt("code");
                            b.a("bizCode", String.valueOf(optInt));
                            if (optInt != 200) {
                                b.a("code", "1");
                                throw new IOException("api exception, status code: " + optInt + ", msg:" + a.optString("msg", ""));
                            }
                            try {
                                JSONObject jSONObject2 = a.getJSONObject("data");
                                byte[] a2 = w.a(jSONObject2.getString("serTempPubKey"));
                                byte[] a3 = w.a(jSONObject2.getString("keyCipher"));
                                if (!a(bytes, a2, a3, w.a(jSONObject2.getString(DeviceInfo.SIGN)))) {
                                    b.a("code", "1002");
                                    throw new SignatureException("invalid signature");
                                }
                                try {
                                    byte[] a4 = b2.a(a2);
                                    this.d.a("tempDK: " + w.a(a4));
                                    try {
                                        Object[] objArr2 = {a3, a4};
                                        ChangeQuickRedirect changeQuickRedirect3 = changeQuickRedirect;
                                        if (PatchProxy.isSupport(objArr2, this, changeQuickRedirect3, -3973189511314846552L)) {
                                            lVar = (l) PatchProxy.accessDispatch(objArr2, this, changeQuickRedirect3, -3973189511314846552L);
                                        } else {
                                            if (a3 == null || a3.length == 0 || a4 == null) {
                                                throw new IllegalArgumentException("tempDK is null");
                                            }
                                            String[] split = new String(this.b.b(a3, a4)).split("###");
                                            if (split.length != 2) {
                                                throw new InvalidKeyException("wrong key format");
                                            }
                                            byte[] a5 = w.a(split[0]);
                                            if (a5 == null || a5.length == 0) {
                                                throw new InvalidKeyException("dk is null");
                                            }
                                            byte[] a6 = w.a(split[1]);
                                            if (a6 == null || a6.length == 0) {
                                                throw new InvalidKeyException("edk is null");
                                            }
                                            l lVar2 = new l(this.a.a, this.a.b.dataCipher, a5, a6);
                                            lVar2.e = System.currentTimeMillis();
                                            lVar = lVar2;
                                        }
                                        w.a(b2);
                                        return lVar;
                                    } catch (Exception e) {
                                        b.a("code", "1003");
                                        throw e;
                                    }
                                } catch (Exception e2) {
                                    b.a("code", "1001");
                                    throw e2;
                                }
                            } catch (Exception e3) {
                                b.a("code", "1008");
                                throw e3;
                            }
                        } catch (HttpStatusException e4) {
                            b.a("httpCode", String.valueOf(e4.code));
                            b.a("code", "2");
                            throw e4;
                        } catch (Exception e5) {
                            b.a("code", "2");
                            throw e5;
                        }
                    } catch (Exception e6) {
                        b.a("code", "1009");
                        throw e6;
                    }
                } catch (Exception e7) {
                    b.a("code", "1004");
                    throw e7;
                }
            } catch (Throwable th) {
                w.a((AutoCloseable) null);
                throw th;
            }
        } finally {
            b.a();
        }
    }
}
