package com.platform.usercenter.network.interceptor;

import com.platform.usercenter.BaseApp;
import com.platform.usercenter.basic.provider.UCCommonXor8Provider;
import com.platform.usercenter.network.header.DeviceSecurityHeader;
import com.platform.usercenter.network.header.HeaderConstant;
import com.platform.usercenter.network.header.IBizHeaderManager;
import com.platform.usercenter.network.header.UCHeaderHelperV1;
import com.platform.usercenter.network.header.UCHeaderHelperV2;
import com.platform.usercenter.tools.algorithm.MD5Util;
import com.platform.usercenter.tools.datastructure.StringUtil;
import com.platform.usercenter.tools.log.UCLogUtil;
import com.platform.usercenter.tools.security.AESUtilTest;
import com.platform.usercenter.tools.security.RsaCoder;
import java.io.IOException;
import java.net.URLEncoder;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import js.c;
import org.json.JSONObject;
import wr.a0;
import wr.b0;
import wr.s;
import wr.u;
import wr.v;
import wr.y;
import wr.z;

/* loaded from: classes3.dex */
public class SecurityRequestInterceptor implements u {
    private static final String FORMAT_CONTENT_TYPE = "%s; charset=%s";
    private static final String HEADER_PROTOCOL_VERSION = "3.0";
    private static final int RETRY_NUM = 2;
    private static final int STATUS_CODE_DECRYPT_FAIL = 222;
    private static final String TAG = "SecurityRequestInterceptor";
    private static final String UTF_8 = "UTF-8";
    private static final String X_R_K = UCCommonXor8Provider.getProviderKeyXor8();
    private final IBizHeaderManager mBizHeaderManager;
    private volatile SecurityKey mSecurityKey;

    /* loaded from: classes3.dex */
    public static class Header {
        private static final String CHAR = "\\/";
        private static final String CHAR_L = "/";
        private static final String HEADER_PROTOCOL_VERSION = "3.0";
        public static final String HEADER_X_SESSION_TICKET = "X-Session-Ticket";
        private static final String X_PROTOCOL = "X-Protocol";

        /* JADX INFO: Access modifiers changed from: private */
        public Map<String, String> newHeader(SecurityKey securityKey, String str) {
            HashMap hashMap = new HashMap(4);
            hashMap.put(HeaderConstant.HEADER_X_PROTOCOL_VERSION, HEADER_PROTOCOL_VERSION);
            hashMap.put(UCHeaderHelperV2.X_PROTOCOL_VERSION, HEADER_PROTOCOL_VERSION);
            String encrypt = SecurityKey.encrypt(securityKey, str);
            if (encrypt == null) {
                hashMap.put(HeaderConstant.HEAD_K_ACCEPT, HeaderConstant.HEAD_V_APPLICATION_JSON);
                return hashMap;
            }
            securityKey.setHeaderSignatureV1(encrypt);
            hashMap.put(HeaderConstant.HEAD_K_ACCEPT, HeaderConstant.HEADER_SECURITY_CONTENT_TYPE);
            hashMap.put("X-Security", encrypt);
            hashMap.put(UCHeaderHelperV1.HEADER_X_KEY, securityKey.mRsa);
            hashMap.put(UCHeaderHelperV1.HEADER_X_I_V, securityKey.mIvStr);
            if (securityKey.mSecurityTicket != null && !"".equals(securityKey.mSecurityTicket)) {
                hashMap.put(HEADER_X_SESSION_TICKET, securityKey.mSecurityTicket);
            }
            try {
                JSONObject jSONObject = new JSONObject();
                jSONObject.put(SecurityRequestInterceptor.X_R_K, securityKey.mRsa);
                jSONObject.put("iv", securityKey.mIvStr);
                jSONObject.put("sessionTicket", securityKey.mSecurityTicket);
                String jSONObject2 = jSONObject.toString();
                if (jSONObject2.contains(CHAR)) {
                    jSONObject2 = jSONObject2.replace(CHAR, "/");
                }
                String encode = URLEncoder.encode(jSONObject2, "UTF-8");
                String encode2 = URLEncoder.encode(encrypt, "UTF-8");
                securityKey.setHeaderSignatureV2(encode2);
                hashMap.put(UCHeaderHelperV2.X_SAFETY, encode2);
                hashMap.put("X-Protocol", encode);
            } catch (Exception e10) {
                hashMap.put(UCHeaderHelperV2.X_SAFETY, "");
                hashMap.put("X-Protocol", "");
                UCLogUtil.e(SecurityRequestInterceptor.TAG, "v2 header is error = " + e10);
            }
            return hashMap;
        }
    }

    /* loaded from: classes3.dex */
    public static class RequestWrapper {
        static final int REQUEST_ENCRYPT_BODY_FAIL = 11095220;
        static final int REQUEST_ENCRYPT_HEAD_FAIL = 11095221;
        static final int REQUEST_SUCCESS = 11095219;
        final int code;
        final String message;
        final y request;

        private RequestWrapper(int i10, String str, y yVar) {
            this.code = i10;
            this.message = str;
            this.request = yVar;
        }

        public static RequestWrapper create(int i10, String str, y yVar) {
            return new RequestWrapper(i10, str, yVar);
        }
    }

    /* loaded from: classes3.dex */
    public static class ResponseWrapper {
        static final int BODY_IS_NULL = 10095221;
        static final int FAIL_DECRYPT = 10095224;
        static final int FAIL_SIGNATURE_NOT_FOUND = 10095222;
        static final int FAIL_SIGNATURE_VERIFY = 10095223;
        static final int HTTP_FAIL = 10095220;
        static final int SUCCESS = 10095219;
        final int code;
        final String message;
        final a0 response;

        private ResponseWrapper(int i10, String str, a0 a0Var) {
            this.code = i10;
            this.message = str;
            this.response = a0Var;
        }

        public static ResponseWrapper create(int i10, String str, a0 a0Var) {
            return new ResponseWrapper(i10, str, a0Var);
        }
    }

    /* loaded from: classes3.dex */
    public static class SecurityKey {
        private static final String TAG = "SecurityKey";
        private final String mAes;
        private String mHeaderSignatureV1;
        private String mHeaderSignatureV2;
        private final byte[] mIv;
        private final String mIvStr;
        private final String mRsa;
        private String mSecurityTicket;

        private SecurityKey() {
            this.mSecurityTicket = "";
            this.mHeaderSignatureV1 = "";
            this.mHeaderSignatureV2 = "";
            byte[] generateRandom16byte = generateRandom16byte();
            this.mIv = generateRandom16byte;
            this.mIvStr = AESUtilTest.base64EncodeSafe(generateRandom16byte);
            String base64EncodeSafe = AESUtilTest.base64EncodeSafe(generateRandom16byte());
            this.mAes = base64EncodeSafe;
            this.mRsa = RsaCoder.encrypt(base64EncodeSafe, RsaCoder.Key);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static String decrypt(SecurityKey securityKey, String str) {
            try {
                return AESUtilTest.aesDecryptWithPassKey(str, securityKey.mAes, securityKey.mIv);
            } catch (Exception e10) {
                UCLogUtil.e(TAG, "decrypt = " + e10);
                return null;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static String encrypt(SecurityKey securityKey, String str) {
            try {
                return AESUtilTest.aesEncryptWithPassKey(str, securityKey.mAes, securityKey.mIv);
            } catch (Exception e10) {
                UCLogUtil.e(TAG, "encrypt" + e10);
                return null;
            }
        }

        private byte[] generateRandom16byte() {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            return bArr;
        }

        public void setHeaderSignatureV1(String str) {
            this.mHeaderSignatureV1 = str;
        }

        public void setHeaderSignatureV2(String str) {
            this.mHeaderSignatureV2 = str;
        }

        public void setSecurityTicket(String str) {
            this.mSecurityTicket = str;
        }
    }

    public SecurityRequestInterceptor(IBizHeaderManager iBizHeaderManager) {
        this.mBizHeaderManager = iBizHeaderManager;
    }

    private static String bodyToString(z zVar) {
        try {
            c cVar = new c();
            zVar.writeTo(cVar);
            return cVar.V0();
        } catch (Exception e10) {
            UCLogUtil.e(TAG, "body is parse error = " + e10.getMessage());
            return null;
        }
    }

    private RequestWrapper buildRequest(y yVar, SecurityKey securityKey, String str) {
        String str2;
        String str3;
        if ("".equals(str)) {
            str2 = null;
            str3 = "request body is empty";
        } else {
            str2 = SecurityKey.encrypt(securityKey, str);
            str3 = str2 == null ? "encrypt body fail" : "encrypt body success";
        }
        Map newHeader = new Header().newHeader(securityKey, DeviceSecurityHeader.getDeviceSecurityHeader(BaseApp.mContext, this.mBizHeaderManager));
        if (HeaderConstant.HEAD_V_APPLICATION_JSON.equals(newHeader.get(HeaderConstant.HEAD_K_ACCEPT))) {
            return RequestWrapper.create(11095221, "head is encrypt fail", plainTextRequest(yVar));
        }
        s.a d10 = yVar.h().d();
        for (Map.Entry entry : newHeader.entrySet()) {
            d10.h((String) entry.getKey(), (String) entry.getValue());
        }
        y.a g10 = yVar.m().g(d10.e());
        if (str2 != null) {
            g10.j(z.create(v.g(formatContentType(true)), str2));
        }
        return RequestWrapper.create(11095219, str3, g10.b());
    }

    private String formatContentType(boolean z10) {
        return String.format(FORMAT_CONTENT_TYPE, z10 ? HeaderConstant.HEADER_SECURITY_CONTENT_TYPE : HeaderConstant.HEAD_V_APPLICATION_JSON, "UTF-8");
    }

    private ResponseWrapper handlerResponse(a0 a0Var, SecurityKey securityKey) {
        String str;
        b0 c10 = a0Var.c();
        if (c10 == null) {
            return ResponseWrapper.create(10095221, "responseBody is null", a0Var);
        }
        int l10 = a0Var.l();
        if (!a0Var.U()) {
            return ResponseWrapper.create(10095220, "response code is " + l10, a0Var);
        }
        if (l10 != 222) {
            try {
                str = c10.string();
            } catch (IOException e10) {
                UCLogUtil.e(TAG, "responseBody.string error = " + e10.getMessage());
                str = null;
            }
            String decrypt = SecurityKey.decrypt(securityKey, str);
            if (decrypt == null) {
                return ResponseWrapper.create(10095224, "decrypt is null", a0Var);
            }
            String a10 = a0Var.R().a(Header.HEADER_X_SESSION_TICKET);
            securityKey.setSecurityTicket(a10 != null ? a10 : "");
            return ResponseWrapper.create(10095219, "decrypt is success", a0Var.c0().b(b0.create(c10.contentType(), decrypt)).c());
        }
        String a11 = a0Var.R().a("X-Signature");
        if (a11 == null || "".equals(a11)) {
            return ResponseWrapper.create(10095222, "signature is null", a0Var);
        }
        boolean z10 = !StringUtil.isEmpty(securityKey.mHeaderSignatureV1);
        boolean z11 = !StringUtil.isEmpty(securityKey.mHeaderSignatureV2);
        if (z10 && z11) {
            String md5Hex = MD5Util.md5Hex(securityKey.mHeaderSignatureV1);
            String md5Hex2 = MD5Util.md5Hex(securityKey.mHeaderSignatureV2);
            String str2 = RsaCoder.Key;
            if (!RsaCoder.doCheck(md5Hex, a11, str2) && !RsaCoder.doCheck(md5Hex2, a11, str2)) {
                return ResponseWrapper.create(10095223, "v1 v2 decryptResponse code is signature is" + a11, a0Var);
            }
        } else if (z10 && !RsaCoder.doCheck(MD5Util.md5Hex(securityKey.mHeaderSignatureV1), a11, RsaCoder.Key)) {
            return ResponseWrapper.create(10095223, "v1 decryptResponse code is signature is" + a11, a0Var);
        }
        return ResponseWrapper.create(l10, "response decrypt downgrade", a0Var);
    }

    private y plainTextRequest(y yVar) {
        this.mSecurityKey = null;
        return yVar.m().a(HeaderConstant.HEAD_K_ACCEPT, HeaderConstant.HEAD_V_APPLICATION_JSON).a(UCHeaderHelperV2.X_PROTOCOL_VERSION, HEADER_PROTOCOL_VERSION).b();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:25:0x008d  */
    /* JADX WARN: Removed duplicated region for block: B:28:0x0096  */
    @Override // wr.u
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public wr.a0 intercept(wr.u.a r11) {
        /*
            Method dump skipped, instructions count: 339
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.platform.usercenter.network.interceptor.SecurityRequestInterceptor.intercept(wr.u$a):wr.a0");
    }
}
