package com.allawn.cryptography.keymanager;

import android.content.Context;
import com.allawn.cryptography.EncryptException;
import com.allawn.cryptography.algorithm.CertUtil;
import com.allawn.cryptography.entity.CertParameters;
import com.allawn.cryptography.exception.InvalidArgumentException;
import com.allawn.cryptography.keymanager.entity.UpgradeCertRequest;
import com.allawn.cryptography.keymanager.entity.UpgradeCertResponse;
import com.allawn.cryptography.util.HttpUtil;
import com.allawn.cryptography.util.LogUtil;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class CertUpgradeManager {
    public final Context mContext;
    public String mHost;
    public final UpgradeCertRequest mUpgradeCertRequest;

    public CertUpgradeManager(Context context) {
        this(context, new UpgradeCertRequest());
    }

    public CertUpgradeManager(Context context, UpgradeCertRequest upgradeCertRequest) {
        this.mContext = context;
        this.mUpgradeCertRequest = upgradeCertRequest;
    }

    public final void checkParameter() throws InvalidArgumentException {
        if (this.mHost == null) {
            throw new InvalidArgumentException("Hostname cannot be empty");
        }
        if (this.mUpgradeCertRequest.getBiz() == null) {
            throw new InvalidArgumentException("Biz name cannot be empty");
        }
    }

    public final int extractCertificate(JSONObject jSONObject, UpgradeCertResponse upgradeCertResponse) throws JSONException, CertificateException, IOException, EncryptException, InvalidArgumentException {
        JSONObject jSONObject2 = jSONObject.getJSONObject("data");
        String optString = jSONObject2.optString("cert4Sign");
        String optString2 = jSONObject2.optString("cert4Encrypt");
        long optLong = jSONObject2.optLong("version");
        if (optString.isEmpty() || optString2.isEmpty()) {
            return -1;
        }
        X509Certificate readCertificate = CertUtil.readCertificate(optString.getBytes(StandardCharsets.UTF_8));
        X509Certificate readCertificate2 = CertUtil.readCertificate(optString2.getBytes(StandardCharsets.UTF_8));
        CertParameters build = new CertParameters.Builder().setContext(this.mContext).setEndCertificate(readCertificate).build();
        CertParameters build2 = new CertParameters.Builder().setContext(this.mContext).setEndCertificate(readCertificate2).build();
        if (!CertUtil.checkCertChain(build) || !CertUtil.checkCertChain(build2)) {
            LogUtil.d("CertUpgradeManager", "extractCertificate request " + this.mUpgradeCertRequest.getBiz() + " certificate online succeed and certificate verification failed.");
            return -1;
        }
        LogUtil.d("CertUpgradeManager", "extractCertificate request " + this.mUpgradeCertRequest.getBiz() + " certificate online succeed and certificate verification passed.");
        upgradeCertResponse.assign(this.mUpgradeCertRequest.getBiz(), readCertificate, readCertificate2, optLong);
        return 200;
    }

    public final int parseResponse(Response response, UpgradeCertResponse upgradeCertResponse) throws IOException, JSONException, InvalidArgumentException, CertificateException, EncryptException {
        int code = response.code();
        LogUtil.d("CertUpgradeManager", "parseResponse postServer server response code " + code);
        if (code == 200) {
            ResponseBody body = response.body();
            if (body == null) {
                LogUtil.e("CertUpgradeManager", "parseResponse returns null on responses");
                return -1;
            }
            JSONObject jSONObject = new JSONObject(body.string());
            int i = jSONObject.getInt("code");
            if (i == 200) {
                LogUtil.d("CertUpgradeManager", "parseResponse ok.");
                return extractCertificate(jSONObject, upgradeCertResponse);
            }
            if (i == 304 || i == 3001403) {
                LogUtil.d("CertUpgradeManager", "parseResponse not modified.");
                return i;
            }
            LogUtil.e("CertUpgradeManager", "parseResponse error, code = " + i + ", message = " + jSONObject.optString("message") + ", traceId = " + jSONObject.optString("traceId"));
        } else {
            LogUtil.e("CertUpgradeManager", "parseResponse request error, status: " + code + " " + response.message());
        }
        return -1;
    }

    public final int post(String str, String str2, UpgradeCertResponse upgradeCertResponse) throws InvalidArgumentException {
        if (str == null) {
            throw new InvalidArgumentException("Missing available url");
        }
        Response response = null;
        try {
            try {
                response = HttpUtil.netPostRequest(str, str2);
                int parseResponse = parseResponse(response, upgradeCertResponse);
                if (response != null) {
                    response.close();
                }
                return parseResponse;
            } catch (EncryptException | InvalidArgumentException | CertificateException | JSONException e) {
                LogUtil.e("CertUpgradeManager", "post parseResponse error. " + e);
                if (response == null) {
                    return -1;
                }
                response.close();
                return -1;
            } catch (IOException e2) {
                LogUtil.e("CertUpgradeManager", "post execute fail: " + e2.getClass().getName());
                if (response == null) {
                    return -1;
                }
                response.close();
                return -1;
            }
        } catch (Throwable th) {
            if (response != null) {
                response.close();
            }
            throw th;
        }
    }

    public void setBiz(String str) {
        this.mUpgradeCertRequest.setBiz(str);
    }

    public void setHostname(String str) {
        this.mHost = str;
    }

    public void setVersion(long j) {
        this.mUpgradeCertRequest.setVersion(j);
    }

    public int upgradeCert(UpgradeCertResponse upgradeCertResponse) throws InvalidArgumentException, JSONException {
        if (upgradeCertResponse == null) {
            throw new InvalidArgumentException("UpgradeCertResponse is null");
        }
        checkParameter();
        String organizeURL = HttpUtil.organizeURL(this.mHost, "/crypto/cert/upgrade");
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("biz", this.mUpgradeCertRequest.getBiz());
        if (this.mUpgradeCertRequest.getVersion().longValue() != 0) {
            jSONObject.put("version", this.mUpgradeCertRequest.getVersion());
        }
        LogUtil.d("CertUpgradeManager", "upgradeCert start to request " + this.mUpgradeCertRequest.getBiz() + " certificate online.");
        return post(organizeURL, jSONObject.toString(), upgradeCertResponse);
    }
}
