package com.max.security;

import android.content.Context;
import android.content.SharedPreferences;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.alipay.zoloz.smile2pay.ZolozConfig;
import com.alipay.zoloz.smile2pay.booth.BoothView;
import com.sunmi.analytics.sdk.network.model.Constant;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.eclipse.paho.client.mqttv3.MqttTopic;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public final class SecuritySDK {
    private static Map<String, JSONObject> CACHED_LICENSE = null;
    private static final String CACHE_KEY_PREFIX_LICENSE = "max-security-license#";
    private static final String CACHE_NAME = "max-security-sdk";
    private static final String LICENSE_AES_IV = "acfc32bd75c07c7b";
    private static final String LICENSE_AES_KEY = "7mkxDNjhpmJ66rCiAWhfoee6E5LOmrr1";
    private static final String PATH_GET_LICENSE = "/auth/getLicense";
    private static final String TAG = "SecuritySDK";
    private static final OkHttpClient sClient;

    /* loaded from: classes3.dex */
    public interface Callback {
        void onFailure(String str);

        void onSuccess(String str);
    }

    static {
        System.loadLibrary("max-security");
        CACHED_LICENSE = new ConcurrentHashMap();
        sClient = new OkHttpClient.Builder().connectTimeout(60L, TimeUnit.SECONDS).readTimeout(60L, TimeUnit.SECONDS).writeTimeout(60L, TimeUnit.SECONDS).callTimeout(60L, TimeUnit.SECONDS).build();
    }

    private static String aesDecrypt(String str, String str2, String str3) {
        try {
            IvParameterSpec ivParameterSpec = new IvParameterSpec(str3.getBytes(StandardCharsets.UTF_8));
            SecretKeySpec secretKeySpec = new SecretKeySpec(str2.getBytes(StandardCharsets.UTF_8), "AES");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            return new String(cipher.doFinal(Base64.decode(str, 0)));
        } catch (Exception e) {
            throw new RuntimeException("AES decrypt failed", e);
        }
    }

    private static String aesEncrypt(String str, String str2, String str3) {
        try {
            IvParameterSpec ivParameterSpec = new IvParameterSpec(str3.getBytes(StandardCharsets.UTF_8));
            SecretKeySpec secretKeySpec = new SecretKeySpec(str2.getBytes(StandardCharsets.UTF_8), "AES");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(1, secretKeySpec, ivParameterSpec);
            return Base64.encodeToString(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)), 2);
        } catch (Exception e) {
            throw new RuntimeException("AES encrypt failed", e);
        }
    }

    private static void cacheLicense(String str, String str2, String str3) {
        SharedPreferences.Editor edit = getSharedPref().edit();
        edit.putString(getLicenseCacheKey(str, str2), str3);
        edit.commit();
        CACHED_LICENSE.remove(getLicenseCacheKey(str, str2));
    }

    private static String calcSign(String str, String str2, String str3, String str4, String str5, String str6, String str7) {
        if (str == null) {
            Log.e(TAG, "appId is null");
            return null;
        }
        if (str2 == null) {
            Log.e(TAG, "body is null");
            return null;
        }
        if (str3 == null) {
            Log.e(TAG, "timestamp is null");
            return null;
        }
        if (str4 == null) {
            Log.e(TAG, "nonce is null");
            return null;
        }
        if (str5 == null) {
            Log.e(TAG, "androidId is null");
            return null;
        }
        if (str6 == null) {
            Log.e(TAG, "sn is null");
            return null;
        }
        if (str7 != null) {
            return native_sign(str, str2, str3, str4, str5, str6, str7);
        }
        Log.e(TAG, "token is null");
        return null;
    }

    public static void clear() {
        getSharedPref().edit().clear().commit();
        CACHED_LICENSE = new ConcurrentHashMap();
    }

    private static String getCachedToken(String str, String str2) {
        String licenseCacheKey = getLicenseCacheKey(str, str2);
        JSONObject jSONObject = CACHED_LICENSE.get(licenseCacheKey);
        if (jSONObject == null) {
            String string = getSharedPref().getString(licenseCacheKey, "");
            if (TextUtils.isEmpty(string)) {
                return null;
            }
            jSONObject = getLicenseJsonObject(string);
            CACHED_LICENSE.put(licenseCacheKey, jSONObject);
        }
        String optString = jSONObject.optString("token");
        String optString2 = jSONObject.optString("deadline");
        if (System.currentTimeMillis() < Long.parseLong(jSONObject.optString("time"))) {
            Log.w(TAG, "System time is behind license time");
            return null;
        }
        if (System.currentTimeMillis() <= Long.parseLong(optString2) - 300000) {
            return optString;
        }
        Log.w(TAG, "License token expired");
        return null;
    }

    private static String getLicenseCacheKey(String str, String str2) {
        return CACHE_KEY_PREFIX_LICENSE + str + MqttTopic.MULTI_LEVEL_WILDCARD + str2;
    }

    private static String getLicenseData(Response response) throws IOException {
        if (!response.isSuccessful()) {
            throw new RuntimeException("Unexpected code returned while getting license:" + response);
        }
        ResponseBody body = response.body();
        if (body == null) {
            throw new RuntimeException("Empty response body returned while getting license");
        }
        String string = body.string();
        try {
            JSONObject jSONObject = new JSONObject(string);
            if (!"1".equals(jSONObject.optString("code"))) {
                throw new RuntimeException("Error occurred while getting license:" + string);
            }
            String optString = jSONObject.optString("data");
            if (!TextUtils.isEmpty(optString)) {
                return optString;
            }
            throw new RuntimeException("License info is empty while getting license:" + string);
        } catch (Exception unused) {
            throw new RuntimeException("Response body not in correct JSON format:" + string);
        }
    }

    private static JSONObject getLicenseJsonObject(String str) {
        try {
            return new JSONObject(aesDecrypt(str, LICENSE_AES_KEY, LICENSE_AES_IV));
        } catch (Exception e) {
            throw new RuntimeException("License info parse error:" + str, e);
        }
    }

    private static SharedPreferences getSharedPref() {
        return SecurityUtils.getAppContext().getSharedPreferences(CACHE_NAME, 0);
    }

    public static void initialize(Context context) {
        initialize(context, null, null);
    }

    public static void initialize(Context context, String str, String str2) {
        SecurityUtils.setAppContext(context);
        SecurityUtils.setHost(str);
        SecurityUtils.setAppId(str2);
        getSharedPref().registerOnSharedPreferenceChangeListener(new SharedPreferences.OnSharedPreferenceChangeListener() { // from class: com.max.security.SecuritySDK$$ExternalSyntheticLambda0
            @Override // android.content.SharedPreferences.OnSharedPreferenceChangeListener
            public final void onSharedPreferenceChanged(SharedPreferences sharedPreferences, String str3) {
                SecuritySDK.lambda$initialize$0(sharedPreferences, str3);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$initialize$0(SharedPreferences sharedPreferences, String str) {
        if (CACHED_LICENSE.get(str) != null) {
            CACHED_LICENSE.remove(str);
        }
    }

    private static native String native_sign(String str, String str2, String str3, String str4, String str5, String str6, String str7);

    private static synchronized void refreshLicense(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) {
        synchronized (SecuritySDK.class) {
            if (!TextUtils.isEmpty(getCachedToken(str, str2))) {
                return;
            }
            String signEncrypt = signEncrypt(str2, str3, str4, str7, str8, str5, str6, calcSign(str2, "", str3, str4, str5, str6, ""), "");
            String str9 = "https://";
            if (str.toLowerCase().startsWith("http")) {
                str9 = "";
            } else if (!str.toLowerCase().contains("biot-apps.com")) {
                str9 = "http://";
            }
            try {
                Response execute = sClient.newCall(new Request.Builder().url(str9 + str + PATH_GET_LICENSE).addHeader(Constant.KEY_MAX_SIGN, signEncrypt).addHeader(Constant.KEY_MAX_SIGN_TYPE, "2").post(RequestBody.create("", MediaType.get("application/json; charset=utf-8"))).build()).execute();
                try {
                    cacheLicense(str, str2, getLicenseData(execute));
                    if (execute != null) {
                        execute.close();
                    }
                } finally {
                }
            } catch (Exception e) {
                throw new RuntimeException("Failed to refresh license", e);
            }
        }
    }

    public static String sign(String str) {
        return sign(SecurityUtils.getHost(), SecurityUtils.getAppId(), str);
    }

    public static String sign(String str, String str2, String str3) {
        validate(str, str2);
        String str4 = str3 == null ? "" : str3;
        String valueOf = String.valueOf(System.currentTimeMillis());
        String valueOf2 = String.valueOf((int) (Math.random() * 1000000.0d));
        String androidID = SecurityUtils.getAndroidID();
        String msn = SecurityUtils.getMSN();
        String cachedToken = getCachedToken(str, str2);
        String packageName = SecurityUtils.getPackageName();
        String certificateMD5Fingerprint = SecurityUtils.getCertificateMD5Fingerprint();
        if (TextUtils.isEmpty(cachedToken)) {
            refreshLicense(str, str2, valueOf, valueOf2, androidID, msn, packageName, certificateMD5Fingerprint);
            cachedToken = getCachedToken(str, str2);
        }
        String str5 = cachedToken;
        try {
            return signEncrypt(str2, valueOf, valueOf2, packageName, certificateMD5Fingerprint, androidID, msn, calcSign(str2, str4, valueOf, valueOf2, androidID, msn, str5), str5);
        } catch (Exception e) {
            Log.e(TAG, Log.getStackTraceString(e));
            throw new RuntimeException("Failed to sign", e);
        }
    }

    public static void sign(String str, Callback callback) {
        sign(SecurityUtils.getHost(), SecurityUtils.getAppId(), str, callback);
    }

    public static void sign(String str, String str2, String str3, Callback callback) {
        try {
            callback.onSuccess(sign(str, str2, str3));
        } catch (Exception e) {
            Log.d(TAG, "sign failed", e);
            callback.onFailure(e.getMessage());
        }
    }

    private static String signEncrypt(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9) {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("appId", str);
            jSONObject.put("timestamp", str2);
            jSONObject.put("nonce", str3);
            jSONObject.put(BoothView.KEY_PACKAGE_NAME, str4);
            jSONObject.put("packageSign", str5);
            jSONObject.put("androidId", str6);
            jSONObject.put("deviceId", str7);
            jSONObject.put("token", str9);
            jSONObject.put(ZolozConfig.FaceMode.SIGN, str8);
            return Uri.encode(aesEncrypt(jSONObject.toString(), LICENSE_AES_KEY, LICENSE_AES_IV));
        } catch (JSONException e) {
            throw new RuntimeException("JSON error while sign encrypting", e);
        }
    }

    private static void validate(String str, String str2) {
        if (SecurityUtils.getAppContext() == null) {
            throw new RuntimeException("SDK not initialized");
        }
        if (TextUtils.isEmpty(str)) {
            throw new IllegalArgumentException("Host not specified, it's null or empty");
        }
        if (TextUtils.isEmpty(str2)) {
            throw new IllegalArgumentException("AppId not specified, it's null or empty");
        }
    }
}
