package com.xiaomi.accountsdk.account;

import android.util.Log;
import com.mipay.sdk.Mipay;
import com.xiaomi.account.data.PassportCAToken;
import com.xiaomi.account.exception.PassportCAException;
import com.xiaomi.accountsdk.request.IPUtil;
import com.xiaomi.accountsdk.request.InvalidResponseException;
import com.xiaomi.accountsdk.request.PassportRequestArguments;
import com.xiaomi.accountsdk.request.RequestWithIP;
import com.xiaomi.accountsdk.utils.AESWithIVCoder;
import com.xiaomi.accountsdk.utils.EasyMap;
import com.xiaomi.accountsdk.utils.IOUtils;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;
import java.util.UUID;
import javax.crypto.Cipher;
import org.apache.commons.codec.binary.Base64;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class PassportCATokenManager {
    private static final String a = PassportCATokenManager.class.getSimpleName();
    private static PassportCATokenManager b = new PassportCATokenManager();
    private PassportCAExternal c = null;

    /* loaded from: classes.dex */
    public static class NoCertException extends Exception {
    }

    PassportCATokenManager() {
    }

    public static PassportCATokenManager d() {
        return b;
    }

    protected PassportCAToken a(String str, int i) {
        String b2 = b();
        String b3 = b(b2, i);
        EasyMap easyMap = new EasyMap();
        easyMap.put("keyIndex", String.valueOf(i));
        easyMap.put("csecurity", b3);
        EasyMap easyMap2 = new EasyMap();
        easyMap2.a("x-mistats-header", UUID.randomUUID().toString());
        String format = String.format("http://%s/ca/getToken", str);
        PassportRequestArguments passportRequestArguments = new PassportRequestArguments();
        passportRequestArguments.a(format);
        passportRequestArguments.a(easyMap);
        passportRequestArguments.b(easyMap2);
        passportRequestArguments.a(true);
        JSONObject jSONObject = new JSONObject(new RequestWithIP.GetAsStringRequest(new IPUtil()).a(passportRequestArguments).b());
        int i2 = jSONObject.getInt(Mipay.KEY_CODE);
        if (i2 != 0) {
            if (i2 == 10008) {
                throw new PassportCAException("when getting Token server returns code: " + i2);
            }
            if (i2 != 81002) {
                throw new InvalidResponseException("error result");
            }
            int i3 = jSONObject.getInt("info");
            this.c.c(i3);
            return a(str, i3);
        }
        JSONObject jSONObject2 = jSONObject.getJSONObject("data");
        String string = jSONObject2.getString("passport_ca_token");
        String string2 = jSONObject2.getString("casecurity");
        AESWithIVCoder aESWithIVCoder = new AESWithIVCoder(b2);
        String a2 = aESWithIVCoder.a(string);
        String a3 = aESWithIVCoder.a(string2);
        this.c.c(i);
        return new PassportCAToken(a2, a3);
    }

    protected String a(byte[] bArr) {
        return new String(Base64.a(bArr));
    }

    public boolean a() {
        return this.c != null;
    }

    protected byte[] a(String str) {
        return Base64.b(str.getBytes());
    }

    protected String b() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return a(bArr);
    }

    protected String b(String str, int i) {
        InputStream inputStream = null;
        try {
            inputStream = this.c.a(i);
        } catch (IOException e) {
            Log.e(a, "openServerPublicKeyInputStream", e);
        }
        if (inputStream == null) {
            throw new NoCertException();
        }
        try {
            PublicKey publicKey = CertificateFactory.getInstance("X.509").generateCertificate(inputStream).getPublicKey();
            String algorithm = publicKey.getAlgorithm();
            if ("RSA".equalsIgnoreCase(algorithm)) {
                algorithm = "RSA/ECB/PKCS1Padding";
            }
            Cipher cipher = Cipher.getInstance(algorithm);
            cipher.init(1, publicKey);
            return a(cipher.doFinal(a(str)));
        } finally {
            IOUtils.a(inputStream);
        }
    }

    public PassportCAToken c(String str, int i) {
        if (this.c == null) {
            throw new IllegalStateException("passportCATokenExternal is null");
        }
        PassportCAToken a2 = this.c.a();
        if (a2 == null) {
            a2 = a(new URL(str).getHost(), this.c.b(i));
            if (a2 != null) {
                this.c.a(a2);
            }
        }
        return a2;
    }

    public void c() {
        if (this.c == null) {
            throw new IllegalStateException("passportCATokenExternal is null");
        }
        this.c.a(PassportCAToken.c);
    }
}
