package com.xiaomi.ai.transport;

import a.a.a.b.g;
import com.fasterxml.jackson.databind.m;
import com.xiaomi.ai.api.common.APIUtils;
import com.xiaomi.ai.core.a;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.X509EncodedKeySpec;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Formatter;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.TimeZone;
import java.util.UUID;
import java.util.zip.CRC32;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import okhttp3.c0;
import okhttp3.d0;
import okhttp3.e0;
import okhttp3.f;
import okhttp3.f0;
import okhttp3.s;
import okhttp3.w;
import okhttp3.x;
import okhttp3.z;

/* loaded from: classes2.dex */
public class a implements w {

    /* renamed from: a, reason: collision with root package name */
    private com.xiaomi.ai.core.b f13595a;

    /* renamed from: b, reason: collision with root package name */
    private b f13596b;

    /* renamed from: c, reason: collision with root package name */
    private byte[] f13597c;

    /* renamed from: d, reason: collision with root package name */
    private z f13598d = new z();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.xiaomi.ai.transport.a$a, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public class C0193a implements f {
        C0193a() {
        }

        @Override // okhttp3.f
        public void onFailure(okhttp3.e eVar, IOException iOException) {
            com.xiaomi.ai.log.a.b("LiteCryptInterceptor", com.xiaomi.ai.log.a.throwableToString(iOException));
        }

        @Override // okhttp3.f
        public void onResponse(okhttp3.e eVar, e0 e0Var) {
            try {
                if (!e0Var.isSuccessful()) {
                    com.xiaomi.ai.log.a.b("LiteCryptInterceptor", "refreshPublicKeyInfo: " + e0Var + ", body=" + e0Var.body().string());
                    throw new Exception(e0Var.toString());
                }
                String string = e0Var.body().string();
                m readTree = APIUtils.getObjectMapper().readTree(string);
                if (readTree.has("key_id") && readTree.has("expire_at") && readTree.has("public_key")) {
                    a.this.p(readTree.path("public_key").asText());
                    com.xiaomi.ai.log.a.c("LiteCryptInterceptor", "new public key is valid");
                    a.this.f13595a.getListener().a(a.this.f13595a, "pubkey_info", readTree.toString());
                    return;
                }
                com.xiaomi.ai.log.a.b("LiteCryptInterceptor", "refreshPublicKeyInfo: invalid body " + string);
                throw new Exception("invalid body " + string);
            } catch (Exception e3) {
                com.xiaomi.ai.log.a.b("LiteCryptInterceptor", com.xiaomi.ai.log.a.throwableToString(e3));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public class b {

        /* renamed from: a, reason: collision with root package name */
        byte[] f13600a;

        /* renamed from: b, reason: collision with root package name */
        String f13601b;

        private b(a aVar) {
        }

        /* synthetic */ b(a aVar, C0193a c0193a) {
            this(aVar);
        }
    }

    public a(com.xiaomi.ai.core.b bVar) {
        this.f13595a = bVar;
    }

    private String b(String str) {
        return new String(aesCrypt(2, a.a.a.b.a.a(str, 8)), Charset.forName("UTF-8"));
    }

    private String c(c0 c0Var) {
        String vVar = c0Var.url().toString();
        int indexOf = vVar.indexOf(63);
        if (indexOf <= 0) {
            return vVar;
        }
        return vVar.substring(0, indexOf) + "?data=" + m(vVar.substring(indexOf + 1));
    }

    private String d(d0 d0Var) {
        if (d0Var == null) {
            return null;
        }
        okio.c cVar = new okio.c();
        d0Var.writeTo(cVar);
        return cVar.readUtf8();
    }

    private String e(byte[] bArr) {
        CRC32 crc32 = new CRC32();
        crc32.update(bArr);
        long value = crc32.getValue();
        Formatter formatter = new Formatter();
        for (int i3 = 0; i3 < 4; i3++) {
            formatter.format("%02x", Byte.valueOf((byte) value));
            value >>= 8;
        }
        return formatter.toString();
    }

    private c0 g(c0 c0Var, String str) {
        d0 build;
        byte[] bArr = this.f13596b.f13600a;
        c0.a addHeader = c0Var.newBuilder().url(c(c0Var)).removeHeader("Date").addHeader("Date", str);
        String str2 = this.f13596b.f13601b;
        if (str2 == null) {
            addHeader.addHeader("AIVS-Encryption-Key", l()).addHeader("AIVS-Encryption-CRC", e(bArr));
        } else {
            addHeader.addHeader("AIVS-Encryption-Token", str2);
        }
        List<String> headers = c0Var.headers("Authorization");
        addHeader.removeHeader("Authorization");
        Iterator<String> it = headers.iterator();
        while (it.hasNext()) {
            addHeader.addHeader("Authorization", m(it.next()));
        }
        if (c0Var.method().equals("GET")) {
            addHeader.get();
        } else if (c0Var.method().equals("POST")) {
            d0 body = c0Var.body();
            x contentType = body.contentType();
            if ("application".equals(contentType.type()) && "json".equals(contentType.subtype())) {
                build = d0.create(contentType, String.format("{ \"data\": \"%s\"}", m(d(body))));
            } else if (body instanceof s) {
                s.a aVar = new s.a();
                aVar.add("data", m(d(body)));
                build = aVar.build();
            }
            addHeader.post(build);
        }
        return addHeader.build();
    }

    private e0 h(e0 e0Var) {
        f0 body = e0Var.body();
        if (body == null) {
            return e0Var;
        }
        for (okhttp3.m mVar : okhttp3.m.parseAll(e0Var.request().url(), e0Var.headers())) {
            if (mVar.name().equals("AIVS-Encryption-Token")) {
                updateAesToken(mVar.value(), mVar.expiresAt());
            }
        }
        if (!e0Var.header("AIVS-Encryption-Body", "false").equals("true")) {
            return e0Var;
        }
        return e0Var.newBuilder().body(f0.create(body.contentType(), b(body.string()))).build();
    }

    private byte[] i() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.setSeed(UUID.randomUUID().toString().getBytes());
        keyGenerator.init(128, secureRandom);
        return keyGenerator.generateKey().getEncoded();
    }

    private byte[] j(byte[] bArr, Key key) {
        return k(bArr, key, true);
    }

    private byte[] k(byte[] bArr, Key key, boolean z3) {
        int i3 = z3 ? 1 : 2;
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(i3, key);
        return cipher.doFinal(bArr);
    }

    private String l() {
        m r3 = r();
        return "pubkeyid:" + r3.path("key_id").asText() + ",key:" + a.a.a.b.a.c(j(this.f13596b.f13600a, p(r3.path("public_key").asText())), 10);
    }

    private String m(String str) {
        return a.a.a.b.a.c(aesCrypt(1, str.getBytes(Charset.forName("UTF-8"))), 10);
    }

    private byte[] n(byte[] bArr) {
        try {
            return MessageDigest.getInstance(miuix.security.a.f18221b).digest(bArr);
        } catch (NoSuchAlgorithmException e3) {
            com.xiaomi.ai.log.a.b("LiteCryptInterceptor", com.xiaomi.ai.log.a.throwableToString(e3));
            return null;
        }
    }

    private b o() {
        b bVar;
        synchronized ("aes_key_info") {
            try {
                bVar = new b(this, null);
                String a4 = this.f13595a.getListener().a(this.f13595a, "aes_key");
                String a5 = this.f13595a.getListener().a(this.f13595a, "aes_token");
                String a6 = this.f13595a.getListener().a(this.f13595a, "aes_expire_at");
                long parseLong = g.a(a6) ? 0L : Long.parseLong(a6);
                if (a4 == null || (a5 != null && parseLong - System.currentTimeMillis() < 10000)) {
                    com.xiaomi.ai.log.a.c("LiteCryptInterceptor", "getCurrentAesKeyOrToken: expireAt=" + parseLong + " , refresh aes key");
                    bVar.f13600a = i();
                    clearAes();
                    this.f13595a.getListener().a(this.f13595a, "aes_key", a.a.a.b.a.c(bVar.f13600a, 0));
                } else {
                    com.xiaomi.ai.log.a.c("LiteCryptInterceptor", "getCurrentAesKeyOrToken: expireAt=" + parseLong + " , use cached aes key");
                    bVar.f13600a = a.a.a.b.a.a(a4, 0);
                    bVar.f13601b = a5;
                }
            } catch (Exception e3) {
                com.xiaomi.ai.log.a.b("LiteCryptInterceptor", com.xiaomi.ai.log.a.throwableToString(e3));
                throw new IOException(e3.toString());
            }
        }
        return bVar;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public PublicKey p(String str) {
        return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(a.a.a.b.a.a(str.replace("-----BEGIN PUBLIC KEY-----\n", "").replace("-----END PUBLIC KEY-----", "").replace("\n", ""), 0)));
    }

    private String q() {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss 'GMT'", Locale.US);
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        return simpleDateFormat.format(new Date());
    }

    private m r() {
        m mVar;
        synchronized ("pubkey_info") {
            String a4 = this.f13595a.getListener().a(this.f13595a, "pubkey_info");
            if (g.a(a4)) {
                mVar = null;
            } else {
                mVar = APIUtils.getObjectMapper().readTree(a4);
                if (mVar != null && mVar.has("expire_at") && mVar.has("public_key")) {
                    long asLong = mVar.path("expire_at").asLong();
                    new SecureRandom().setSeed(UUID.randomUUID().toString().getBytes());
                    long nextInt = r4.nextInt(1800000) + 10000;
                    com.xiaomi.ai.log.a.c("LiteCryptInterceptor", "getPubkeyInfo: expireAt:" + asLong + ", now:" + System.currentTimeMillis() + " , aheadTime:" + nextInt);
                    if (asLong - System.currentTimeMillis() >= nextInt) {
                        return mVar;
                    }
                    com.xiaomi.ai.log.a.d("LiteCryptInterceptor", "getPubkeyInfo: public key expired");
                }
            }
            m t3 = t();
            if (t3 != null) {
                return t3;
            }
            if (mVar == null) {
                throw new Exception("refreshPublicKeyInfo failed!");
            }
            com.xiaomi.ai.log.a.d("LiteCryptInterceptor", "getPubkeyInfo: get public key failed, use expired key");
            return mVar;
        }
    }

    private String s() {
        StringBuilder sb = new StringBuilder();
        sb.append(this.f13595a.getAivsConfig().getInt(com.xiaomi.ai.core.a.f13403b) == 2 ? "http://account-staging.ai.xiaomi.com/ws/session/rsa/public" : "https://account.ai.xiaomi.com/ws/session/rsa/public");
        String string = this.f13595a.getAivsConfig().getString(a.b.f13435a);
        if (!this.f13595a.getClientInfo().getDeviceId().isPresent()) {
            throw new IllegalArgumentException("device id not set");
        }
        String str = this.f13595a.getClientInfo().getDeviceId().get();
        sb.append("?client_id=");
        sb.append(string);
        sb.append("&key_length=2048&device_id=");
        sb.append(str);
        return sb.toString();
    }

    private m t() {
        com.xiaomi.ai.log.a.c("LiteCryptInterceptor", "refreshPublicKeyInfo");
        this.f13598d.newCall(new c0.a().url(s()).get().build()).enqueue(new C0193a());
        try {
            return this.f13595a.getAivsConfig().getInt(com.xiaomi.ai.core.a.f13403b) == 2 ? APIUtils.getObjectMapper().readTree("{\"key_id\": \"iJne1qqnSWxYsjJq54vnKg==\",\"public_key\": \"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHVeIxKvdR/x6jljxTrk\\nWEh1pAEj1ZQy1m+myMfxOeRMuYd9OTOE60UC79lx2qt5qmUZegBqVM3Oorcurzy7\\ndCVtWOJE8AuXrlRtMbGGeitpKD8pc3keOXJKEwZ/I47Ara/5isjYfZ0aWxBVyhYj\\nNXku/JT0VjzgYWAc5a1almaPSPG4WY76K8qSvJIvvB4nOC0YzEPtX2WPk7/cU8k9\\n91Wn0wK7n+0xVxhrSn00iNu8cvChXP6ePjL5869z2P5Gv3YONvSiDbcDlW+cxKZM\\nabaRLxqDH6zoiUE/3aTwb80M3QCuqBW1/857yv8QcA/C+JdHPwpZheOLj4rd8ST7\\nVQIDAQAB\\n-----END PUBLIC KEY-----\\n\"}") : APIUtils.getObjectMapper().readTree("{\"key_id\": \"CZWhJoB4ihbNyMcTTbWh/g==\",\"public_key\": \"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsca6B9KeE39zsuIuE+iH\\nXPR0QDjb7Tq0nBYP9USiWFfPE+ER1CwmIXPEHMpN2YumgzatonnScJJs3d1ZyuTH\\nlIpe6bjmQl7TaQGlMBhjKAhsSSFfIud62nW7UCNsBpqBaW4XmQ6DKUc9OorNA2ME\\ngsNtW9b9L8VFXfH0vrEH8gKjSwUOkBQNAg8H9vPh5bUY+JN/ELNsFDMMTzCxJy7K\\n+/o/bLvkOt137knMeR1kCNzBwcVZusnn3CsQ89+P4YU6AaE6MTDJqDOpud1MMwDH\\nnzXGHK3GFhp0uDjFdE374tOrNp/A8y8IYkfKNJoRA+mRQnvp+X6H79wj9/jIXxrn\\nHwIDAQAB\\n-----END PUBLIC KEY-----\\n\"}");
        } catch (IOException e3) {
            com.xiaomi.ai.log.a.b("LiteCryptInterceptor", com.xiaomi.ai.log.a.throwableToString(e3));
            return null;
        }
    }

    public byte[] aesCrypt(int i3, byte[] bArr) {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(i3, new SecretKeySpec(this.f13596b.f13600a, "AES"), new IvParameterSpec(this.f13597c));
        return cipher.doFinal(bArr);
    }

    public void clearAes() {
        synchronized ("aes_key_info") {
            this.f13595a.getListener().b(this.f13595a, "aes_key");
            this.f13595a.getListener().b(this.f13595a, "aes_token");
            this.f13595a.getListener().b(this.f13595a, "aes_expire_at");
        }
    }

    public void clearPubkey() {
        synchronized ("pubkey_info") {
            this.f13595a.getListener().b(this.f13595a, "pubkey_info");
        }
    }

    public Map<String, String> getAuthHeaders(boolean z3) {
        String str;
        HashMap hashMap = new HashMap();
        String a4 = this.f13595a.getAuthProvider().a(z3, true, hashMap);
        if (a4 == null) {
            return null;
        }
        try {
            this.f13596b = o();
            String q3 = q();
            hashMap.put("Date", q3);
            this.f13597c = n(q3.getBytes("UTF-8"));
            b bVar = this.f13596b;
            byte[] bArr = bVar.f13600a;
            String str2 = bVar.f13601b;
            if (str2 == null) {
                str2 = e(bArr);
                hashMap.put("AIVS-Encryption-Key", l());
                str = "AIVS-Encryption-CRC";
            } else {
                str = "AIVS-Encryption-Token";
            }
            hashMap.put(str, str2);
            hashMap.put("Authorization", m(a4));
        } catch (Exception e3) {
            e3.printStackTrace();
        }
        return hashMap;
    }

    @Override // okhttp3.w
    public e0 intercept(w.a aVar) {
        this.f13596b = o();
        String q3 = q();
        this.f13597c = n(q3.getBytes("UTF-8"));
        try {
            return h(aVar.proceed(g(aVar.request(), q3)));
        } catch (Exception e3) {
            com.xiaomi.ai.log.a.b("LiteCryptInterceptor", com.xiaomi.ai.log.a.throwableToString(e3));
            clearAes();
            clearPubkey();
            com.xiaomi.ai.log.a.b("LiteCryptInterceptor", "clear all auth info");
            throw new IOException(e3);
        }
    }

    public void updateAesToken(String str, long j3) {
        synchronized ("aes_key_info") {
            com.xiaomi.ai.log.a.c("LiteCryptInterceptor", "update aes token");
            this.f13595a.getListener().a(this.f13595a, "aes_token", str);
            this.f13595a.getListener().a(this.f13595a, "aes_expire_at", Long.toString(j3));
        }
    }
}
