package com.sankuai.meituan.tte;

import android.support.annotation.NonNull;
import android.support.annotation.VisibleForTesting;
import android.util.Pair;
import com.meituan.android.common.unionid.oneid.util.DeviceInfo;
import com.sankuai.meituan.tte.TTE;
import com.sankuai.meituan.tte.o;
import java.io.IOException;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.SignatureException;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import org.json.JSONException;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class TKeyAgreement {
    private final TTE.a a;
    private final j b;
    private final String c;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static class HttpStatusException extends IOException {
        public final int code;

        public HttpStatusException(String str, int i) {
            super(str);
            this.code = i;
        }
    }

    static {
        com.meituan.android.paladin.b.a(-7715231734899821037L);
    }

    public TKeyAgreement(TTE.a aVar) {
        this.a = aVar;
        this.b = j.a(aVar.a);
        this.c = (aVar.a == TTE.Env.PROD ? "https://tte.meituan.com" : "https://tte.inf.test.sankuai.com") + "/api/v1/tte/gmt";
    }

    private f a(byte[] bArr, byte[] bArr2) throws Exception {
        if (bArr == null || bArr.length == 0 || bArr2 == null) {
            throw new IllegalArgumentException("tempDK is null");
        }
        String[] split = new String(this.b.b(bArr, bArr2)).split("###");
        if (split.length != 2) {
            throw new InvalidKeyException("wrong key format");
        }
        byte[] a = p.a(split[0]);
        if (a == null || a.length == 0) {
            throw new InvalidKeyException("dk is null");
        }
        byte[] a2 = p.a(split[1]);
        if (a2 == null || a2.length == 0) {
            throw new InvalidKeyException("edk is null");
        }
        f fVar = new f(this.a.a, this.a.b.dataCipher, a, a2);
        fVar.e = System.currentTimeMillis();
        return fVar;
    }

    private boolean a(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) throws Exception {
        try {
            return this.b.a(p.a(bArr, bArr2, bArr3), bArr4);
        } catch (Throwable th) {
            n.a("TKeyAgreement", "verify signature failed", th);
            return false;
        }
    }

    @VisibleForTesting
    protected ScheduledExecutorService a() {
        return e.a();
    }

    protected JSONObject a(String str, byte[] bArr) throws IOException, JSONException {
        return new JSONObject(new String(a(str, Arrays.asList(new Pair("Content-Type", "application/json")), bArr)));
    }

    public void a(final i<f> iVar) {
        final AtomicInteger atomicInteger = new AtomicInteger(0);
        a().execute(new Runnable() { // from class: com.sankuai.meituan.tte.TKeyAgreement.1
            @Override // java.lang.Runnable
            public void run() {
                int andIncrement = atomicInteger.getAndIncrement();
                o.a a = o.a("tte.keyAgreement.finalResult", "keyAgreement");
                o.a(a);
                try {
                    try {
                        try {
                            f b = TKeyAgreement.this.b();
                            a.b();
                            iVar.a((i) b);
                        } catch (Throwable th) {
                            a.b();
                            iVar.a(th);
                        }
                    } catch (IOException e) {
                        d a2 = d.a(TTE.a());
                        if (andIncrement < a2.i()) {
                            TKeyAgreement.this.a().schedule(this, a2.j(), TimeUnit.MILLISECONDS);
                        } else {
                            a.b();
                            iVar.a((Throwable) e);
                        }
                    }
                } finally {
                    o.a(null);
                }
            }
        });
    }

    boolean a(f fVar) {
        return a(fVar, true);
    }

    boolean a(f fVar, boolean z) {
        k a;
        String str;
        byte[] bytes;
        if (d.a(TTE.a()).e()) {
            n.b("TKeyAgreement", "verifyKey: disable");
            return true;
        }
        o.a a2 = o.a("tte.keyVerify.result", "keyVerify");
        try {
            a2.a("algo", "SM2");
            a2.a("type", z ? "2" : "1");
            a2.a("bizCode", "0");
            a2.a("httpCode", "0");
            a2.a("code", "0");
            try {
                try {
                    try {
                        a = fVar.b.a();
                        str = this.c + "/verify";
                        bytes = "Client Hello".getBytes();
                    } catch (IOException e) {
                        n.a("TKeyAgreement", "verifyKey", e);
                    }
                } catch (CipherException e2) {
                    n.b("TKeyAgreement", "verifyKey", e2);
                    if (e2.a() == -10100) {
                        a2.a("code", "1004");
                        a2.b();
                        return false;
                    }
                    a2.a("code", "1005");
                }
            } catch (JSONException e3) {
                a2.a("code", "1003");
                n.a("TKeyAgreement", "verifyKey", e3);
            } catch (Throwable th) {
                a2.a("code", "1100");
                n.b("TKeyAgreement", "verifyKey", th);
            }
            try {
                JSONObject a3 = a(str, new JSONObject().put("cipher", p.a(a.a(bytes, fVar.c))).put("edk", p.a(fVar.d)).toString().getBytes());
                int i = a3.getInt("code");
                a2.a("bizCode", "" + i);
                if (i == 200) {
                    if (!Arrays.equals(a.b(p.a(a3.getJSONObject("data").getString("serCipher")), fVar.c), bytes)) {
                        a2.a("code", "1001");
                        n.b("TKeyAgreement", "verifyKey: dec error", null);
                        a2.b();
                        return false;
                    }
                    n.b("TKeyAgreement", "verifyKey: ok");
                    a2.b();
                    return true;
                }
                a2.a("code", "1");
                n.b("TKeyAgreement", "verifyKey: code error, code=" + i + ", msg=" + a3.optString("msg", ""), null);
                a2.b();
                return false;
            } catch (HttpStatusException e4) {
                a2.a("httpCode", "" + e4.code);
                a2.a("code", "2");
                throw e4;
            } catch (Exception e5) {
                a2.a("code", "2");
                throw e5;
            }
        } catch (Throwable th2) {
            a2.b();
            throw th2;
        }
    }

    @VisibleForTesting
    protected byte[] a(String str, List<Pair<String, String>> list, byte[] bArr) throws IOException {
        n.a("TKeyAgreement", "post[" + str + "] => " + new String(bArr));
        HttpURLConnection httpURLConnection = (HttpURLConnection) com.meituan.metrics.traffic.hurl.b.a(new URL(str).openConnection());
        httpURLConnection.setConnectTimeout(15000);
        httpURLConnection.setReadTimeout(15000);
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setDoOutput(true);
        if (list != null) {
            for (Pair<String, String> pair : list) {
                httpURLConnection.addRequestProperty((String) pair.first, (String) pair.second);
            }
        }
        OutputStream outputStream = null;
        try {
            OutputStream outputStream2 = httpURLConnection.getOutputStream();
            try {
                outputStream2.write(bArr);
                p.a(outputStream2);
                int responseCode = httpURLConnection.getResponseCode();
                n.b("TKeyAgreement", "post[" + str + "] <= " + responseCode);
                if (responseCode / 100 == 2) {
                    return p.a(httpURLConnection.getInputStream());
                }
                throw new HttpStatusException(httpURLConnection.getResponseMessage(), responseCode);
            } catch (Throwable th) {
                th = th;
                outputStream = outputStream2;
                p.a(outputStream);
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    @NonNull
    f b() throws Exception {
        f c = c();
        n.b("TKeyAgreement", "result: " + c);
        if (a(c)) {
            return c;
        }
        throw new InvalidKeyException("verify key failed");
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v4, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r1v6, types: [java.lang.AutoCloseable] */
    /* JADX WARN: Type inference failed for: r1v8, types: [com.sankuai.meituan.tte.j$a, java.lang.AutoCloseable] */
    @NonNull
    f c() throws Exception {
        o.a b = o.b();
        if (b == null) {
            b = o.b;
        }
        try {
            b.a("algo", "SM2");
            b.a("bizCode", "0");
            b.a("httpCode", "0");
            ?? r1 = "code";
            b.a("code", "0");
            try {
                try {
                    r1 = this.b.a();
                    try {
                        try {
                            JSONObject jSONObject = new JSONObject();
                            jSONObject.put("protVer", 1);
                            jSONObject.put("serKeyVer", 1);
                            jSONObject.put("cliKeyVer", 1);
                            jSONObject.put("cliTempPubKey", p.a(r1.a()));
                            jSONObject.put("otherData", new JSONObject().put("platform", "android").put("appId", "" + p.b()).put("uuid", p.c()));
                            byte[] bytes = jSONObject.toString().getBytes();
                            try {
                                JSONObject a = a(this.c + "/ka", bytes);
                                n.b("TKeyAgreement", "resp: " + a);
                                int i = a.getInt("code");
                                b.a("bizCode", "" + i);
                                if (i != 200) {
                                    b.a("code", "1");
                                    throw new IOException("api exception, status code: " + i + ", msg:" + a.optString("msg", ""));
                                }
                                JSONObject jSONObject2 = a.getJSONObject("data");
                                byte[] a2 = p.a(jSONObject2.getString("serTempPubKey"));
                                byte[] a3 = p.a(jSONObject2.getString("keyCipher"));
                                if (!a(bytes, a2, a3, p.a(jSONObject2.getString(DeviceInfo.SIGN)))) {
                                    throw new SignatureException("invalid signature");
                                }
                                byte[] a4 = r1.a(a2);
                                n.a("TKeyAgreement", "tempDK: " + p.a(a4));
                                return a(a3, a4);
                            } catch (HttpStatusException e) {
                                b.a("httpCode", "" + e.code);
                                b.a("code", "2");
                                throw e;
                            } catch (Exception e2) {
                                b.a("code", "2");
                                throw e2;
                            }
                        } catch (Exception e3) {
                            b.a("code", "1100");
                            throw e3;
                        }
                    } catch (IllegalStateException e4) {
                        b.a("code", "1001");
                        throw e4;
                    } catch (InvalidKeyException e5) {
                        b.a("code", "1003");
                        throw e5;
                    } catch (SignatureException e6) {
                        b.a("code", "1002");
                        throw e6;
                    }
                } finally {
                    p.a((AutoCloseable) r1);
                }
            } catch (Exception e7) {
                b.a("code", "1001");
                throw e7;
            }
        } finally {
            b.a();
        }
    }
}
