package com.meizu.statsapp.v3.lib.plugin.secure;

import android.content.Context;
import android.content.SharedPreferences;
import android.text.TextUtils;
import android.util.Base64;
import com.meizu.statsapp.v3.lib.plugin.utils.log.Logger;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.ProtocolException;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.UUID;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class HttpKeyMgr {

    /* renamed from: a, reason: collision with root package name */
    private static final String f16310a = "HttpKeyMgr";

    /* renamed from: b, reason: collision with root package name */
    private static HttpKeyMgr f16311b;

    /* renamed from: c, reason: collision with root package name */
    private static final Object f16312c = new Object();

    /* renamed from: d, reason: collision with root package name */
    private byte[] f16313d;

    /* renamed from: e, reason: collision with root package name */
    private byte[] f16314e;

    /* renamed from: f, reason: collision with root package name */
    private byte[] f16315f;
    private byte[] g;
    private byte[] h;
    private X509Certificate i;
    private SharedPreferences j;
    private SharedPreferences k;
    private final String l = "com.meizu.statsapp.v3.httpkey";
    private final String m = "com.meizu.statsapp.v3.httpcert";
    private long n = 0;
    private Context o;

    private HttpKeyMgr(Context context) {
        this.o = context;
        this.j = context.getSharedPreferences("com.meizu.statsapp.v3.httpkey", 0);
        this.k = context.getSharedPreferences("com.meizu.statsapp.v3.httpcert", 0);
        b();
        byte[] bArr = this.f16313d;
        if (bArr == null || (bArr != null && bArr.length == 0)) {
            a(this.o);
            if (this.i != null) {
                c();
                return;
            } else {
                this.j.edit().clear().apply();
                this.k.edit().clear().apply();
                return;
            }
        }
        byte[] bArr2 = this.f16314e;
        if (bArr2 == null || (bArr2 != null && bArr2.length == 0)) {
            a(this.o);
            if (this.i != null) {
                e();
            }
        }
    }

    private String a(byte[] bArr) {
        return (bArr == null || bArr.length <= 0) ? "" : new String(Base64.encode(bArr, 0));
    }

    private void a() throws IOException {
        try {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL("https://uxip.meizu.com/api/v3/certificate").openConnection();
            httpsURLConnection.setDoInput(true);
            httpsURLConnection.setUseCaches(false);
            try {
                httpsURLConnection.setRequestMethod("GET");
            } catch (ProtocolException e2) {
                e2.printStackTrace();
            }
            httpsURLConnection.setRequestProperty("Charset", "UTF-8");
            InputStream inputStream = null;
            try {
                a("code = " + httpsURLConnection.getResponseCode());
                inputStream = httpsURLConnection.getInputStream();
                if (inputStream != null) {
                    String c2 = c(inputStream);
                    a("body = " + c2);
                    try {
                        JSONObject jSONObject = new JSONObject(c2);
                        if (jSONObject.getInt("code") == 200) {
                            JSONObject jSONObject2 = jSONObject.getJSONObject("value");
                            String string = jSONObject2.getString("certificate");
                            try {
                                b(new ByteArrayInputStream(string.getBytes()));
                                String string2 = jSONObject2.getString("version");
                                SharedPreferences.Editor edit = this.k.edit();
                                edit.putString("certificates", string);
                                edit.putString("version", string2);
                                edit.apply();
                            } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException unused) {
                            }
                        }
                    } catch (JSONException e3) {
                        e3.printStackTrace();
                    }
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException unused2) {
                    }
                }
                if (httpsURLConnection != null) {
                    httpsURLConnection.disconnect();
                }
            } finally {
            }
        } catch (MalformedURLException unused3) {
        }
    }

    private void a(Context context) {
        a("load certs from preference");
        String string = this.k.getString("certificates", "");
        if (!TextUtils.isEmpty(string)) {
            try {
                b(new ByteArrayInputStream(string.getBytes()));
            } catch (InvalidKeyException e2) {
                b("load Certificates from preference Exception, " + e2.getMessage());
            } catch (NoSuchAlgorithmException e3) {
                b("load Certificates from preference Exception, " + e3.getMessage());
            } catch (NoSuchProviderException e4) {
                b("load Certificates from preference Exception, " + e4.getMessage());
            } catch (SignatureException e5) {
                b("load Certificates from preference Exception, " + e5.getMessage());
            } catch (CertificateException e6) {
                b("load Certificates from preference Exception, " + e6.getMessage());
            }
        }
        if (this.i == null) {
            try {
                a("load certs from uxipcerts.java");
                b(new ByteArrayInputStream(UxipCerts.f16328a.getBytes()));
            } catch (InvalidKeyException e7) {
                b("load Certificates from asset Exception, " + e7.getMessage());
            } catch (NoSuchAlgorithmException e8) {
                b("load Certificates from asset Exception, " + e8.getMessage());
            } catch (NoSuchProviderException e9) {
                b("load Certificates from asset Exception, " + e9.getMessage());
            } catch (SignatureException e10) {
                b("load Certificates from asset Exception, " + e10.getMessage());
            } catch (CertificateException e11) {
                b("load Certificates from asset Exception, " + e11.getMessage());
            }
        }
    }

    private void a(InputStream inputStream) throws CertificateException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        a("loadAvailableCert");
        try {
            Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X509").generateCertificates(inputStream);
            X509Certificate[] x509CertificateArr = (X509Certificate[]) generateCertificates.toArray(new X509Certificate[generateCertificates.size()]);
            int i = 0;
            while (i < x509CertificateArr.length) {
                a("* --------------------");
                a("* Subject DN: " + x509CertificateArr[i].getSubjectDN());
                a("* Signature Algorithm: " + x509CertificateArr[i].getSigAlgName());
                a("* Valid from: " + x509CertificateArr[i].getNotBefore());
                a("* Valid until: " + x509CertificateArr[i].getNotAfter());
                a("* Issuer: " + x509CertificateArr[i].getIssuerDN());
                a("* PublicKey: " + x509CertificateArr[i].getPublicKey());
                int i2 = i + 1;
                if (i2 < x509CertificateArr.length) {
                    x509CertificateArr[i].verify(x509CertificateArr[i2].getPublicKey());
                } else if (a(x509CertificateArr[i])) {
                    x509CertificateArr[0].checkValidity();
                    this.i = x509CertificateArr[0];
                    a("***** AVAILABLE CERTIFICATE:");
                    a("***** --------------------");
                    a("***** Subject DN: " + this.i.getSubjectDN());
                    a("***** Signature Algorithm: " + this.i.getSigAlgName());
                    a("***** Valid from: " + this.i.getNotBefore());
                    a("***** Valid until: " + this.i.getNotAfter());
                    a("***** Issuer: " + this.i.getIssuerDN());
                    a("***** PublicKey: " + this.i.getPublicKey());
                    Calendar calendar = Calendar.getInstance();
                    calendar.add(5, 30);
                    if (calendar.getTime().after(this.i.getNotAfter())) {
                        try {
                            a();
                        } catch (IOException e2) {
                            e2.printStackTrace();
                        }
                    }
                }
                i = i2;
            }
            try {
                inputStream.close();
            } catch (IOException e3) {
                e3.printStackTrace();
            }
        } catch (Throwable th) {
            try {
                inputStream.close();
            } catch (IOException e4) {
                e4.printStackTrace();
            }
            throw th;
        }
    }

    private void a(String str) {
        Logger.d(f16310a, str);
    }

    private boolean a(X509Certificate x509Certificate) {
        TrustManager[] trustManagerArr = null;
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        }
        if (trustManagerArr.length != 1 || !(trustManagerArr[0] instanceof X509TrustManager)) {
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagerArr));
        }
        for (X509Certificate x509Certificate2 : ((X509TrustManager) trustManagerArr[0]).getAcceptedIssuers()) {
            try {
                x509Certificate.verify(x509Certificate2.getPublicKey());
                a("### root CA: " + ("S:" + x509Certificate2.getSubjectDN().getName() + "\nI:" + x509Certificate2.getIssuerDN().getName()));
                return true;
            } catch (InvalidKeyException e4) {
                b(e4.getMessage());
            } catch (NoSuchAlgorithmException e5) {
                b(e5.getMessage());
            } catch (NoSuchProviderException e6) {
                b(e6.getMessage());
            } catch (SignatureException e7) {
                b(e7.getMessage());
            } catch (CertificateException e8) {
                b(e8.getMessage());
            }
        }
        return false;
    }

    private void b() {
        a("loadKeys");
        String string = this.j.getString("sKey64", "");
        a("saved sKey64: " + string);
        if (!TextUtils.isEmpty(string)) {
            this.h = string.getBytes();
        }
        String string2 = this.j.getString("aKey64", "");
        a("saved aKey64: " + string2);
        if (!TextUtils.isEmpty(string2)) {
            this.g = string2.getBytes();
            this.f16314e = Base64.decode(this.g, 2);
        }
        String string3 = this.j.getString("rKey64", "");
        a("saved rKey64: " + string3);
        if (TextUtils.isEmpty(string3)) {
            return;
        }
        this.f16315f = string3.getBytes();
        this.f16313d = Base64.decode(this.f16315f, 2);
    }

    private void b(InputStream inputStream) throws CertificateException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        a("loadAvailableCertWithoutVerify");
        try {
            Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X509").generateCertificates(inputStream);
            this.i = ((X509Certificate[]) generateCertificates.toArray(new X509Certificate[generateCertificates.size()]))[0];
            a("***** AVAILABLE CERTIFICATE:");
            a("***** --------------------");
            a("***** Subject DN: " + this.i.getSubjectDN());
            a("***** Signature Algorithm: " + this.i.getSigAlgName());
            a("***** Valid from: " + this.i.getNotBefore());
            a("***** Valid until: " + this.i.getNotAfter());
            a("***** Issuer: " + this.i.getIssuerDN());
            a("***** PublicKey: " + this.i.getPublicKey());
            try {
                inputStream.close();
            } catch (IOException e2) {
                e2.printStackTrace();
            }
        } catch (Throwable th) {
            try {
                inputStream.close();
            } catch (IOException e3) {
                e3.printStackTrace();
            }
            throw th;
        }
    }

    private void b(String str) {
        Logger.e(f16310a, str);
    }

    private String c(InputStream inputStream) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (true) {
            try {
                try {
                    int read = inputStream.read();
                    if (read == -1) {
                        String byteArrayOutputStream2 = byteArrayOutputStream.toString();
                        try {
                            byteArrayOutputStream.close();
                            return byteArrayOutputStream2;
                        } catch (IOException unused) {
                            return byteArrayOutputStream2;
                        }
                    }
                    byteArrayOutputStream.write(read);
                } catch (IOException unused2) {
                    return null;
                }
            } catch (IOException unused3) {
                byteArrayOutputStream.close();
                return null;
            } catch (Throwable th) {
                try {
                    byteArrayOutputStream.close();
                } catch (IOException unused4) {
                }
                throw th;
            }
        }
    }

    private void c() {
        d();
        e();
    }

    private void d() {
        this.f16313d = UUID.randomUUID().toString().substring(0, 16).getBytes();
        this.f16315f = Base64.encode(this.f16313d, 2);
        a("***** rKey64: " + new String(this.f16315f));
        SharedPreferences.Editor edit = this.j.edit();
        edit.putString("rKey64", new String(this.f16315f));
        edit.apply();
    }

    private void e() {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, this.i.getPublicKey());
            this.f16314e = cipher.doFinal(this.f16313d);
            this.g = Base64.encode(this.f16314e, 2);
            a("***** aKey64: " + new String(this.g));
            SharedPreferences.Editor edit = this.j.edit();
            edit.putString("aKey64", new String(this.g));
            edit.apply();
        } catch (InvalidKeyException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (BadPaddingException e4) {
            e4.printStackTrace();
        } catch (IllegalBlockSizeException e5) {
            e5.printStackTrace();
        } catch (NoSuchPaddingException e6) {
            e6.printStackTrace();
        }
    }

    public static HttpKeyMgr get() {
        HttpKeyMgr httpKeyMgr = f16311b;
        if (httpKeyMgr != null) {
            return httpKeyMgr;
        }
        throw new IllegalStateException("KeyMgr is not initialised - invoke at least once with parameterised init/get");
    }

    public static void init(Context context) {
        if (f16311b == null) {
            synchronized (f16312c) {
                if (f16311b == null) {
                    f16311b = new HttpKeyMgr(context);
                }
            }
        }
    }

    public byte[] decrypt(byte[] bArr) {
        byte[] bArr2 = this.f16313d;
        if (bArr2 == null || (bArr2 != null && bArr2.length == 0)) {
            b("rKey null!");
            return null;
        }
        if (bArr == null || (bArr != null && bArr.length == 0)) {
            b("input null!");
            return null;
        }
        a(">>>>>>>>>> decrypt input >>>>>>>>>>\n" + a(bArr));
        a("<<<<<<<<<< decrypt input <<<<<<<<<<");
        try {
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(2, new SecretKeySpec(this.f16313d, "AES"));
            byte[] doFinal = cipher.doFinal(bArr);
            a(">>>>>>>>>> decrypt output >>>>>>>>>>\n" + a(doFinal));
            a("<<<<<<<<<< decrypt output <<<<<<<<<<");
            return doFinal;
        } catch (InvalidKeyException e2) {
            e2.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            return null;
        } catch (BadPaddingException e4) {
            e4.printStackTrace();
            return null;
        } catch (IllegalBlockSizeException e5) {
            e5.printStackTrace();
            return null;
        } catch (NoSuchPaddingException e6) {
            e6.printStackTrace();
            return null;
        }
    }

    public byte[] encrypt(byte[] bArr) {
        byte[] bArr2 = this.f16313d;
        if (bArr2 == null || (bArr2 != null && bArr2.length == 0)) {
            b("rKey null!");
            return null;
        }
        if (bArr == null || (bArr != null && bArr.length == 0)) {
            b("input null!");
            return null;
        }
        a(">>>>>>>>>> encrypt input >>>>>>>>>>\n" + a(bArr));
        a("<<<<<<<<<< encrypt input <<<<<<<<<<");
        try {
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(1, new SecretKeySpec(this.f16313d, "AES"));
            byte[] doFinal = cipher.doFinal(bArr);
            a(">>>>>>>>>> encrypt output >>>>>>>>>>\n" + a(doFinal));
            a("<<<<<<<<<< encrypt output <<<<<<<<<<");
            return doFinal;
        } catch (InvalidKeyException e2) {
            e2.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            return null;
        } catch (BadPaddingException e4) {
            e4.printStackTrace();
            return null;
        } catch (IllegalBlockSizeException e5) {
            e5.printStackTrace();
            return null;
        } catch (NoSuchPaddingException e6) {
            e6.printStackTrace();
            return null;
        }
    }

    public byte[] getaKey64() {
        return this.g;
    }

    public byte[] getsKey64() {
        return this.h;
    }

    public synchronized void reInitKeys() {
        a("reInitKeys");
        if (this.n == 0 || System.currentTimeMillis() - this.n > 180000) {
            SharedPreferences.Editor edit = this.j.edit();
            edit.clear();
            edit.apply();
            this.n = System.currentTimeMillis();
            if (this.i != null) {
                c();
            }
        }
    }

    public void saveSKey(String str) {
        this.h = str.getBytes();
        SharedPreferences.Editor edit = this.j.edit();
        edit.putString("sKey64", new String(this.h));
        edit.apply();
    }
}
