package com.sankuai.meituan.tte;

import android.support.annotation.NonNull;
import android.support.annotation.VisibleForTesting;
import android.util.Pair;
import com.meituan.android.common.babel.Babel;
import com.meituan.android.common.dfingerprint.DFPConfigs;
import com.meituan.android.common.unionid.oneid.util.DeviceInfo;
import com.meizu.cloud.pushsdk.platform.message.BasicPushStatus;
import com.sankuai.meituan.tte.j;
import com.sankuai.meituan.tte.x;
import com.sankuai.meituan.tte.y;
import java.io.IOException;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.SignatureException;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.Callable;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import org.json.JSONException;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: TKeyAgreement.java */
/* loaded from: classes3.dex */
public class s {
    private final y.e a;
    private final j b;
    private final String c;
    private final w d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: TKeyAgreement.java */
    /* loaded from: classes3.dex */
    public class a implements Runnable {
        final /* synthetic */ AtomicInteger a;
        final /* synthetic */ p b;

        a(AtomicInteger atomicInteger, p pVar) {
            this.a = atomicInteger;
            this.b = pVar;
        }

        @Override // java.lang.Runnable
        public void run() {
            int andIncrement = this.a.getAndIncrement();
            x.b c = x.c("tte.keyAgreement.finalResult", "keyAgreement");
            x.d(c);
            try {
                try {
                    m c2 = s.this.c();
                    c.complete();
                    this.b.onResult(c2);
                } finally {
                    x.d(null);
                }
            } catch (IOException e) {
                f e2 = f.e(y.c());
                if (andIncrement < e2.i()) {
                    s.this.e().schedule(this, e2.k(), TimeUnit.MILLISECONDS);
                }
            } finally {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: TKeyAgreement.java */
    /* loaded from: classes3.dex */
    public class b implements Callable<Boolean> {
        final /* synthetic */ m a;

        b(m mVar) {
            this.a = mVar;
        }

        @Override // java.util.concurrent.Callable
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public Boolean call() throws Exception {
            return Boolean.valueOf(s.this.i(this.a, false));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: TKeyAgreement.java */
    /* loaded from: classes3.dex */
    public static class c extends IOException {
        public final int a;

        public c(String str, int i) {
            super(str);
            this.a = i;
        }
    }

    static {
        com.meituan.android.paladin.b.c(-7715231734899821037L);
    }

    public s(y.e eVar) {
        this.a = eVar;
        y.d dVar = eVar.b;
        y.d dVar2 = y.d.SM;
        this.b = dVar == dVar2 ? l.i(eVar.a) : k.d(eVar.a);
        this.c = (eVar.a == y.g.PROD ? "https://tte.meituan.com" : "https://tte.inf.test.sankuai.com") + (eVar.b == dVar2 ? "/api/v1/tte/gmt" : "/api/v1/tte/fips");
        this.d = new w("TKeyAgreement", eVar.b());
    }

    private m a(byte[] bArr, byte[] bArr2) throws Exception {
        if (bArr == null || bArr.length == 0 || bArr2 == null) {
            throw new IllegalArgumentException("tempDK is null");
        }
        String[] split = new String(this.b.a(bArr, bArr2)).split("###");
        if (split.length != 2) {
            throw new InvalidKeyException("wrong key format");
        }
        byte[] b2 = z.b(split[0]);
        if (b2 == null || b2.length == 0) {
            throw new InvalidKeyException("dk is null");
        }
        byte[] b3 = z.b(split[1]);
        if (b3 == null || b3.length == 0) {
            throw new InvalidKeyException("edk is null");
        }
        y.e eVar = this.a;
        m mVar = new m(eVar.a, eVar.b.a, b2, b3);
        mVar.e = System.currentTimeMillis();
        return mVar;
    }

    private boolean k(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws Exception {
        try {
            return this.b.b(z.e(bArr, bArr2, bArr3), bArr4);
        } catch (Throwable th) {
            this.d.f("verify signature failed", th);
            return false;
        }
    }

    @NonNull
    m b() throws Exception {
        x.b a2 = x.a();
        if (a2 == null) {
            a2 = x.c;
        }
        try {
            a2.a("algo", this.b.name());
            a2.a("bizCode", "-1");
            a2.a("httpCode", "-1");
            a2.a("code", "0");
            try {
                try {
                    j.a c2 = this.b.c();
                    try {
                        JSONObject jSONObject = new JSONObject();
                        jSONObject.put("protVer", 1);
                        jSONObject.put("serKeyVer", 1);
                        jSONObject.put("cliKeyVer", 1);
                        jSONObject.put("cliTempPubKey", z.c(c2.h()));
                        jSONObject.put("otherData", new JSONObject().put("platform", "android").put("appId", "" + z.a()).put("uuid", z.k()));
                        byte[] bytes = jSONObject.toString().getBytes();
                        try {
                            JSONObject g = g(this.c + "/ka", bytes);
                            this.d.a("resp: " + g);
                            a2.a("httpCode", BasicPushStatus.SUCCESS_CODE);
                            int optInt = g.optInt("code");
                            a2.a("bizCode", String.valueOf(optInt));
                            if (optInt != 200) {
                                a2.a("code", "1");
                                throw new IOException("api exception, status code: " + optInt + ", msg:" + g.optString("msg", ""));
                            }
                            try {
                                JSONObject jSONObject2 = g.getJSONObject("data");
                                byte[] b2 = z.b(jSONObject2.getString("serTempPubKey"));
                                byte[] b3 = z.b(jSONObject2.getString("keyCipher"));
                                if (!k(bytes, b2, b3, z.b(jSONObject2.getString(DeviceInfo.SIGN)))) {
                                    a2.a("code", "1002");
                                    throw new SignatureException("invalid signature");
                                }
                                try {
                                    byte[] l = c2.l(b2);
                                    this.d.e("tempDK: " + z.c(l));
                                    try {
                                        m a3 = a(b3, l);
                                        z.d(c2);
                                        return a3;
                                    } catch (Exception e) {
                                        a2.a("code", "1003");
                                        throw e;
                                    }
                                } catch (Exception e2) {
                                    a2.a("code", "1001");
                                    throw e2;
                                }
                            } catch (Exception e3) {
                                a2.a("code", "1008");
                                throw e3;
                            }
                        } catch (c e4) {
                            a2.a("httpCode", String.valueOf(e4.a));
                            a2.a("code", "2");
                            throw e4;
                        } catch (Exception e5) {
                            a2.a("code", "2");
                            throw e5;
                        }
                    } catch (Exception e6) {
                        a2.a("code", "1009");
                        throw e6;
                    }
                } catch (Exception e7) {
                    a2.a("code", "1004");
                    throw e7;
                }
            } catch (Throwable th) {
                z.d(null);
                throw th;
            }
        } finally {
            a2.stop();
        }
    }

    @NonNull
    m c() throws Exception {
        m b2 = b();
        this.d.a("result: " + b2);
        if (!h(b2)) {
            throw new InvalidKeyException("verify key failed");
        }
        b2.h.set(true);
        return b2;
    }

    public void d(p<m> pVar) {
        e().execute(new a(new AtomicInteger(0), pVar));
    }

    @VisibleForTesting
    protected ScheduledExecutorService e() {
        return h.b();
    }

    @VisibleForTesting
    protected byte[] f(String str, List<Pair<String, String>> list, byte[] bArr) throws IOException {
        this.d.e("post[" + str + "] => " + new String(bArr));
        HttpURLConnection httpURLConnection = (HttpURLConnection) com.meituan.metrics.traffic.hurl.b.b(new URL(str).openConnection());
        httpURLConnection.setConnectTimeout(Babel.FILE_UPLOAD_DELAY_MS);
        httpURLConnection.setReadTimeout(Babel.FILE_UPLOAD_DELAY_MS);
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setDoOutput(true);
        if (list != null) {
            for (Pair<String, String> pair : list) {
                httpURLConnection.addRequestProperty((String) pair.first, (String) pair.second);
            }
        }
        OutputStream outputStream = null;
        try {
            outputStream = httpURLConnection.getOutputStream();
            outputStream.write(bArr);
            z.d(outputStream);
            int responseCode = httpURLConnection.getResponseCode();
            this.d.a("post[" + str + "] <= " + responseCode);
            if (responseCode / 100 == 2) {
                return z.j(httpURLConnection.getInputStream());
            }
            throw new c(httpURLConnection.getResponseMessage(), responseCode);
        } catch (Throwable th) {
            z.d(outputStream);
            throw th;
        }
    }

    protected JSONObject g(String str, byte[] bArr) throws IOException, JSONException {
        return new JSONObject(new String(f(str, Arrays.asList(new Pair("Content-Type", DFPConfigs.UPLOAD_CT_JSON)), bArr)));
    }

    boolean h(m mVar) {
        return i(mVar, true);
    }

    boolean i(m mVar, boolean z) {
        r e;
        String str;
        byte[] bytes;
        if (f.e(y.c()).a(this.a.b).l()) {
            this.d.a("verifyKey: disable");
            return true;
        }
        x.b c2 = x.c("tte.keyVerify.result", "keyVerify");
        try {
            c2.a("algo", this.b.name());
            c2.a("type", z ? "2" : "1");
            c2.a("bizCode", "-1");
            c2.a("httpCode", "-1");
            c2.a("code", "0");
            try {
                try {
                    try {
                        try {
                            e = mVar.b.e();
                            str = this.c + "/verify";
                            bytes = "Client Hello".getBytes();
                        } catch (IOException e2) {
                            this.d.f("verifyKey", e2);
                        }
                    } catch (JSONException e3) {
                        c2.a("code", "1003");
                        this.d.f("verifyKey", e3);
                    }
                } catch (d e4) {
                    this.d.b("verifyKey", e4);
                    if (e4.a() == -10100) {
                        c2.a("code", "1004");
                        c2.complete();
                        return false;
                    }
                    c2.a("code", "1005");
                }
            } catch (Throwable th) {
                c2.a("code", "1100");
                this.d.b("verifyKey", th);
            }
            try {
                JSONObject g = g(str, new JSONObject().put("cipher", z.c(e.b(bytes, mVar.c))).put("edk", z.c(mVar.d)).toString().getBytes());
                c2.a("httpCode", BasicPushStatus.SUCCESS_CODE);
                int i = g.getInt("code");
                c2.a("bizCode", "" + i);
                if (i == 200) {
                    if (!Arrays.equals(e.a(z.b(g.getJSONObject("data").getString("serCipher")), mVar.c), bytes)) {
                        c2.a("code", "1001");
                        this.d.b("verifyKey: dec error", null);
                        c2.complete();
                        return false;
                    }
                    this.d.a("verifyKey: ok");
                    c2.complete();
                    return true;
                }
                c2.a("code", "1");
                this.d.b("verifyKey: code error, code=" + i + ", msg=" + g.optString("msg", ""), null);
                c2.complete();
                return false;
            } catch (c e5) {
                c2.a("httpCode", "" + e5.a);
                c2.a("code", "2");
                throw e5;
            } catch (Exception e6) {
                c2.a("code", "2");
                throw e6;
            }
        } catch (Throwable th2) {
            c2.complete();
            throw th2;
        }
    }

    public void j(m mVar, p<Boolean> pVar) {
        h.a(new b(mVar), e(), pVar);
    }
}
