package com.youku.passport.utils;

import android.content.Context;
import android.support.annotation.WorkerThread;
import android.text.TextUtils;
import android.util.Base64;
import com.alibaba.wireless.security.open.SecException;
import com.alibaba.wireless.security.open.SecurityGuardManager;
import com.alibaba.wireless.security.open.securitybody.ISecurityBodyComponent;
import com.alibaba.wireless.security.open.staticdataencrypt.IStaticDataEncryptComponent;
import com.youku.passport.Env;
import com.youku.passport.misc.Settings;
import com.youku.passport.statistics.OttMonitor;
import com.yunos.tv.common.utils.StringUtils;
import java.io.File;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.HashMap;
import java.util.HashSet;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class SecurityUtil {
    public static final String AES_INIT_IV = "0122030405660708";
    public static final String DEFAULT_AUTH_CODE = "";
    public static final String LOGIN_DATA = ".logindata";
    public static final String TAG = "SecurityUtil";
    public static String sPkgKeyDigest;
    public static volatile boolean sUmidTokenInited;
    public static final HashMap<String, String> sSignMap = new HashMap<>();
    public static final HashSet<Integer> sGrantedCacheSet = new HashSet<>();

    static {
        sSignMap.put("27196e386b875e76adf700e7ea84e4c6eee33dfa", "account_mb_d");
        sSignMap.put("835631d2fbb137fc5fe6381219db6597fc8cdd54", "account_mb_r");
        sSignMap.put("aaacf792bf8e7ddb9ca0e196d9917a412e058a39", "account_hr_r");
        sSignMap.put("90a3dd2eed3f4a388e1b1927a2cff75b8d291208", "account_ch_r");
        sSignMap.put("0a2db79dcce9d718af0d196575fa03b28a238998", "account_oversea_r");
        sSignMap.put("6e40ba7ff7907d40c2f16d12e463e5e4a3f15a01", "account_kk_r");
        sSignMap.put("d5c76fc87fb752dfcecc5f326ecac005ce124b98", "account_to_r");
        sSignMap.put("59eee8cc4d951ac4bb8014aee9afa0aefb243627", "account_as_r");
        sSignMap.put("e7cd1e0ef913a85d6a5e25da3a38569bb5ff8cb6", "account_na");
        sSignMap.put("7868e8a22ae346f23dd266460db8916dd9b19aa6", "account_xp_r");
        sSignMap.put("e12c70f6b2f5753c42b285f8fe013b1fc4703cfe", "account_fc_r");
        sSignMap.put("986f5f761664c9e43fd312f03098d92795c03297", "account_edu");
        sSignMap.put("477da20228991fe0c5d7858a8f8ccd9a56f05b62", "account_pm");
        sSignMap.put("a03c3b6de740add117ad3bad96b6d5040300a5a9", "account_dmode");
        sSignMap.put("8f65a477f75cd43248d2f85ee1c1a2013dc0dcd2", "account_cibn");
        sSignMap.put("da0e2d4bd62a3bcf1129c4167ef7503d115b4c23", "account_kj_r");
        sSignMap.put("717844c717c19079ff81e72c442414a7ddd6eb2f", "youku_child");
        sSignMap.put("baa4ebc0a3504b3acabdbcefc36ba4fbb2c2a54e", "ottvideochat");
        sSignMap.put("ad2b6f15319cb0d7866678210a6c6915db4be4c0", "ottvideochat_debug");
    }

    /* JADX WARN: Code restructure failed: missing block: B:40:0x00eb, code lost:
    
        if (r12.contains(r1) != false) goto L28;
     */
    /* JADX WARN: Removed duplicated region for block: B:31:0x0106  */
    /* JADX WARN: Removed duplicated region for block: B:34:0x0110  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static boolean checkPermission(android.content.Context r12, @android.support.annotation.Nullable java.lang.String r13) {
        /*
            Method dump skipped, instructions count: 283
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.youku.passport.utils.SecurityUtil.checkPermission(android.content.Context, java.lang.String):boolean");
    }

    public static String decryptAES(String str, String str2) throws Exception {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        return new String(decryptAES(Base64.decode(str, 0), getKey(str2)));
    }

    public static byte[] decryptAES(byte[] bArr, SecretKeySpec secretKeySpec) throws Exception {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(2, secretKeySpec, new IvParameterSpec(AES_INIT_IV.getBytes()));
        return cipher.doFinal(bArr);
    }

    public static String encryptAES(String str, String str2) throws Exception {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(1, getKey(str2), new IvParameterSpec(AES_INIT_IV.getBytes()));
        return Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
    }

    public static String encryptMD5(String str, boolean z) {
        try {
            return encryptMD5(str.getBytes(), z);
        } catch (Exception e2) {
            Logger.w("encryptMD5 Exception", e2, new Object[0]);
            return "";
        }
    }

    public static String encryptMD5(byte[] bArr, boolean z) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(StringUtils.MESSAGEDIGEST_TYPE);
            messageDigest.reset();
            messageDigest.update(bArr);
            return toHexString(messageDigest.digest(), z);
        } catch (NoSuchAlgorithmException e2) {
            Logger.w("encryptMD5 Exception", e2, new Object[0]);
            return "";
        }
    }

    public static String encryptSHA256(String str, boolean z) {
        try {
            return encryptSHA256(str.getBytes(), z);
        } catch (Exception e2) {
            Logger.w("encryptSHA256 Exception", e2, new Object[0]);
            return null;
        }
    }

    public static String encryptSHA256(byte[] bArr, boolean z) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.reset();
            messageDigest.update(bArr);
            return toHexString(messageDigest.digest(), z);
        } catch (NoSuchAlgorithmException e2) {
            Logger.w("encryptSHA256 Exception", e2, new Object[0]);
            return null;
        }
    }

    public static String getApkPublicKeyDigest(Context context) {
        if (context != null && TextUtils.isEmpty(sPkgKeyDigest)) {
            sPkgKeyDigest = getApkPublicKeyDigest(context, context.getPackageName());
        }
        return sPkgKeyDigest;
    }

    public static String getApkPublicKeyDigest(Context context, String str) {
        Certificate certificate = getCertificate(context, str);
        if (certificate != null) {
            return encryptMD5(certificate.getPublicKey().toString(), true);
        }
        return null;
    }

    public static String getAppKeyByIndex(Context context, int i) {
        try {
            SecurityGuardManager securityGuardManager = SecurityGuardManager.getInstance(context);
            if (securityGuardManager != null) {
                return securityGuardManager.getStaticDataStoreComp().getAppKeyByIndex(i, Settings.authCode);
            }
            return null;
        } catch (SecException e2) {
            Logger.e("getAppKeyByIndex fail", "errorCode", Integer.valueOf(e2.getErrorCode()));
            return null;
        } catch (Throwable th) {
            Logger.e("getAppKeyByIndex fail", th, new Object[0]);
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:27:0x0048 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.cert.Certificate getCertificate(android.content.Context r3, java.lang.String r4) {
        /*
            android.content.pm.PackageManager r3 = r3.getPackageManager()
            r0 = 64
            r1 = 0
            r2 = 0
            android.content.pm.PackageInfo r3 = com.aliott.agileplugin.redirect.PackageManager.getPackageInfo(r3, r4, r0)     // Catch: java.lang.Throwable -> L2e java.lang.Throwable -> L31
            java.io.ByteArrayInputStream r4 = new java.io.ByteArrayInputStream     // Catch: java.lang.Throwable -> L2e java.lang.Throwable -> L31
            android.content.pm.Signature[] r3 = r3.signatures     // Catch: java.lang.Throwable -> L2e java.lang.Throwable -> L31
            r3 = r3[r1]     // Catch: java.lang.Throwable -> L2e java.lang.Throwable -> L31
            byte[] r3 = r3.toByteArray()     // Catch: java.lang.Throwable -> L2e java.lang.Throwable -> L31
            r4.<init>(r3)     // Catch: java.lang.Throwable -> L2e java.lang.Throwable -> L31
            java.lang.String r3 = "X.509"
            java.security.cert.CertificateFactory r3 = java.security.cert.CertificateFactory.getInstance(r3)     // Catch: java.lang.Throwable -> L2c java.lang.Throwable -> L45
            java.security.cert.Certificate r3 = r3.generateCertificate(r4)     // Catch: java.lang.Throwable -> L2c java.lang.Throwable -> L45
            r4.close()     // Catch: java.io.IOException -> L27
            goto L2b
        L27:
            r4 = move-exception
            r4.printStackTrace()
        L2b:
            return r3
        L2c:
            r3 = move-exception
            goto L33
        L2e:
            r3 = move-exception
            r4 = r2
            goto L46
        L31:
            r3 = move-exception
            r4 = r2
        L33:
            java.lang.String r0 = "SecurityUtil"
            java.lang.Object[] r1 = new java.lang.Object[r1]     // Catch: java.lang.Throwable -> L45
            com.youku.passport.utils.Logger.w(r0, r3, r1)     // Catch: java.lang.Throwable -> L45
            if (r4 == 0) goto L44
            r4.close()     // Catch: java.io.IOException -> L40
            goto L44
        L40:
            r3 = move-exception
            r3.printStackTrace()
        L44:
            return r2
        L45:
            r3 = move-exception
        L46:
            if (r4 == 0) goto L50
            r4.close()     // Catch: java.io.IOException -> L4c
            goto L50
        L4c:
            r4 = move-exception
            r4.printStackTrace()
        L50:
            throw r3
        */
        throw new UnsupportedOperationException("Method not decompiled: com.youku.passport.utils.SecurityUtil.getCertificate(android.content.Context, java.lang.String):java.security.cert.Certificate");
    }

    public static String getExtraData(Context context, String str) {
        try {
            SecurityGuardManager securityGuardManager = SecurityGuardManager.getInstance(context);
            if (securityGuardManager != null) {
                return securityGuardManager.getStaticDataStoreComp().getExtraData(str, Settings.authCode);
            }
            return null;
        } catch (SecException e2) {
            Logger.e("getExtraData fail", "errorCode", Integer.valueOf(e2.getErrorCode()));
            return null;
        } catch (Throwable th) {
            Logger.e("getExtraData fail", th, new Object[0]);
            return null;
        }
    }

    public static String getFingerprint(Context context, String str) {
        Certificate certificate = getCertificate(context, str);
        if (certificate == null) {
            return null;
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(certificate.getEncoded());
            return toHexString(messageDigest.digest(), false);
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        } catch (CertificateEncodingException e3) {
            e3.printStackTrace();
            return null;
        }
    }

    public static SecretKeySpec getKey(String str) throws Exception {
        byte[] bytes = str.getBytes();
        int roundUpToPowerOfTwo = roundUpToPowerOfTwo(bytes.length);
        if (roundUpToPowerOfTwo < 16) {
            roundUpToPowerOfTwo = 16;
        }
        byte[] bArr = new byte[roundUpToPowerOfTwo];
        for (int i = 0; i < bytes.length; i++) {
            bArr[i] = bytes[i];
        }
        return new SecretKeySpec(bArr, "AES");
    }

    public static String getUMID(final Context context) {
        int i = Settings.env == Env.PREPARE ? 1 : Settings.env == Env.TEST ? 2 : 0;
        if (!sUmidTokenInited) {
            ThreadPool.getInstance().executeParallel(new Runnable() { // from class: com.youku.passport.utils.SecurityUtil.1
                @Override // java.lang.Runnable
                public void run() {
                    if (SecurityUtil.sUmidTokenInited) {
                        return;
                    }
                    SecurityUtil.initUMID(context);
                }
            });
            return null;
        }
        try {
            return SecurityGuardManager.getInstance(context).getUMIDComp().getSecurityToken(i);
        } catch (SecException e2) {
            Logger.e("ali security getUMID exception!", "errorCode", Integer.valueOf(e2.getErrorCode()));
            return null;
        } catch (Exception e3) {
            Logger.e("ali security getUMID exception!", e3, new Object[0]);
            return null;
        }
    }

    public static String getWUA(Context context) {
        try {
            return ((ISecurityBodyComponent) SecurityGuardManager.getInstance(context.getApplicationContext()).getInterface(ISecurityBodyComponent.class)).getSecurityBodyDataEx(null, null, "", null, 4, 0);
        } catch (SecException e2) {
            Logger.e("ali security getWUA exception!", "errorCode", Integer.valueOf(e2.getErrorCode()));
            return null;
        } catch (Exception e3) {
            Logger.e("ali security getWUA exception!", e3, new Object[0]);
            return null;
        }
    }

    @WorkerThread
    public static void initUMID(Context context) {
        try {
            SecurityGuardManager.getInstance(context).getUMIDComp().initUMIDSync(Settings.env == Env.PREPARE ? 1 : Settings.env == Env.TEST ? 2 : 0);
            sUmidTokenInited = true;
        } catch (SecException e2) {
            Logger.e("ali init UMID exception!", "errorCode", Integer.valueOf(e2.getErrorCode()));
        } catch (Exception e3) {
            Logger.e("ali init UMID exception!", e3, new Object[0]);
        }
    }

    public static String loadLoginData(Context context) {
        String loginData = AccountPref.getLoginData(context);
        boolean isEmpty = TextUtils.isEmpty(loginData);
        Logger.cache("spld:" + isEmpty);
        try {
            File file = new File(context.getFilesDir(), LOGIN_DATA);
            Logger.cache("ldExists:" + file.exists() + " ldSize:" + file.length());
            if (isEmpty) {
                loginData = FileUtil.readFile(file.getPath());
            }
        } catch (Throwable th) {
            Logger.w(TAG, th, new Object[0]);
        }
        String staticDecrypt = staticDecrypt(context, loginData);
        Logger.cache("encryptDataEmpty:" + TextUtils.isEmpty(loginData) + " loginDataEmpty:" + TextUtils.isEmpty(staticDecrypt));
        if (!TextUtils.isEmpty(loginData) && TextUtils.isEmpty(staticDecrypt)) {
            Logger.e(TAG, "decrypt error when load login data");
        }
        return staticDecrypt;
    }

    public static String readEx(Context context, String str) {
        try {
            return SecurityGuardManager.getInstance(context.getApplicationContext()).getDynamicDataStoreComp().getStringDDpEx(str, 0);
        } catch (SecException e2) {
            int errorCode = e2.getErrorCode();
            Logger.cache("readEx ErrCode:" + errorCode);
            Logger.e("ali security read exception!", "errorCode", Integer.valueOf(errorCode));
            OttMonitor.commitEncryptionError("dynamicDecrypt:" + errorCode);
            return null;
        } catch (Exception e3) {
            Logger.cache("readEx ec:" + e3.getCause() + " em:" + e3.getMessage());
            Logger.e("ali security read exception!", e3, new Object[0]);
            return null;
        }
    }

    public static int roundUpToPowerOfTwo(int i) {
        int i2 = i - 1;
        int i3 = i2 | (i2 >>> 1);
        int i4 = i3 | (i3 >>> 2);
        int i5 = i4 | (i4 >>> 4);
        int i6 = i5 | (i5 >>> 8);
        return (i6 | (i6 >>> 16)) + 1;
    }

    public static boolean saveEx(Context context, String str, String str2) {
        try {
            return SecurityGuardManager.getInstance(context.getApplicationContext()).getDynamicDataStoreComp().putStringDDpEx(str, str2, 0);
        } catch (SecException e2) {
            int errorCode = e2.getErrorCode();
            Logger.e("saveEx exception!", "errorCode", Integer.valueOf(errorCode));
            OttMonitor.commitEncryptionError("dynamicEncrypt:" + errorCode);
            return false;
        } catch (Exception e3) {
            Logger.e("saveEx exception!", e3, new Object[0]);
            return false;
        }
    }

    public static void saveLoginData(Context context, String str) {
        if (context == null) {
            return;
        }
        String staticEncrypt = staticEncrypt(context, str);
        Logger.e(TAG, "plainLoginDataIsEmpty:" + TextUtils.isEmpty(str) + " encryptLoginDataIsEmpty:" + TextUtils.isEmpty(staticEncrypt));
        if (TextUtils.isEmpty(staticEncrypt)) {
            return;
        }
        AccountPref.putLoginData(context, staticEncrypt);
        String str2 = null;
        try {
            str2 = new File(context.getFilesDir(), LOGIN_DATA).getPath();
        } catch (Throwable th) {
            Logger.w(TAG, th, new Object[0]);
        }
        FileUtil.writeFile(str2, staticEncrypt);
    }

    public static String staticDecrypt(Context context, String str) {
        IStaticDataEncryptComponent staticDataEncryptComp;
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        try {
            String cipherKey = SysUtil.getCipherKey();
            SecurityGuardManager securityGuardManager = SecurityGuardManager.getInstance(context);
            if (securityGuardManager == null || (staticDataEncryptComp = securityGuardManager.getStaticDataEncryptComp()) == null) {
                return null;
            }
            return staticDataEncryptComp.staticSafeDecrypt(16, cipherKey, str, Settings.authCode);
        } catch (SecException e2) {
            int errorCode = e2.getErrorCode();
            Logger.cache("staticDecrypt:" + errorCode);
            Logger.e("staticDecrypt fail", "errorCode", Integer.valueOf(errorCode));
            OttMonitor.commitEncryptionError("staticDecrypt:" + errorCode);
            return null;
        } catch (Throwable th) {
            Logger.e("staticDecrypt fail", th, new Object[0]);
            return null;
        }
    }

    public static String staticEncrypt(Context context, String str) {
        IStaticDataEncryptComponent staticDataEncryptComp;
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        try {
            String cipherKey = SysUtil.getCipherKey();
            SecurityGuardManager securityGuardManager = SecurityGuardManager.getInstance(context);
            if (securityGuardManager == null || (staticDataEncryptComp = securityGuardManager.getStaticDataEncryptComp()) == null) {
                return null;
            }
            return staticDataEncryptComp.staticSafeEncrypt(16, cipherKey, str, Settings.authCode);
        } catch (SecException e2) {
            int errorCode = e2.getErrorCode();
            Logger.e("staticEncrypt fail", "errorCode", Integer.valueOf(errorCode));
            OttMonitor.commitEncryptionError("staticEncrypt:" + errorCode);
            return null;
        } catch (Throwable th) {
            Logger.e("staticEncrypt fail", th, new Object[0]);
            return null;
        }
    }

    public static String toHexString(byte[] bArr, String str, boolean z) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < bArr.length; i++) {
            String hexString = Integer.toHexString(bArr[i] & 255);
            if (z) {
                hexString = hexString.toUpperCase();
            }
            if (hexString.length() == 1) {
                sb.append("0");
            }
            sb.append(hexString);
            if (i != bArr.length - 1) {
                sb.append(str);
            }
        }
        return sb.toString();
    }

    public static String toHexString(byte[] bArr, boolean z) {
        StringBuilder sb = new StringBuilder();
        for (byte b2 : bArr) {
            String hexString = Integer.toHexString(b2 & 255);
            if (z) {
                hexString = hexString.toUpperCase();
            }
            if (hexString.length() == 1) {
                sb.append("0");
            }
            sb.append(hexString);
        }
        return sb.toString();
    }
}
