package com.huawei.location.lite.common.http.sign.tss;

import android.text.TextUtils;
import com.huawei.hms.config.Server;
import com.huawei.hms.tss.inner.TssCallback;
import com.huawei.hms.tss.inner.TssInnerAPI;
import com.huawei.hms.tss.inner.TssInnerClient;
import com.huawei.hms.tss.inner.entity.GetCertificationKeyReq;
import com.huawei.hms.tss.inner.entity.GetCertificationKeyResponse;
import com.huawei.hms.tss.inner.entity.GetCertifiedCredentialReq;
import com.huawei.hms.tss.inner.entity.GetCertifiedCredentialResponse;
import com.huawei.hms.tss.inner.entity.base.BaseResp;
import com.huawei.location.lite.common.android.context.ContextUtil;
import com.huawei.location.lite.common.http.exception.AuthException;
import com.huawei.location.lite.common.http.exception.ErrorCode;
import com.huawei.location.lite.common.http.sign.Vw;
import com.huawei.location.lite.common.log.LogConsole;
import com.huawei.location.lite.common.util.CanonicalQueryString;
import com.huawei.location.lite.common.util.GsonUtil;
import com.huawei.location.lite.common.util.PreferencesHelper;
import com.huawei.secure.android.common.encrypt.hash.HMACSHA256;
import com.huawei.secure.android.common.util.HexUtil;
import com.huawei.secure.android.common.util.SafeBase64;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Locale;
import java.util.UUID;
import java.util.concurrent.CountDownLatch;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class TssSignHelper {
    private static final String APP_KEY_ID = "hmslocation";
    private static final String APP_PACKAGE_NAME = "com.huawei.hms.location";
    private static final int MAX_RETRY_TIMES = 3;
    private static final long NEED_UPDATE_PERIOD = 300000;
    private static final byte[] SYNC_LOCK = new byte[0];
    private static final String TAG = "TssSignHelper";
    private static volatile TssSignHelper instance;
    private ErrorCode errorCode = ErrorCode.valueOf(0);
    private CertifiedCredential mCertifiedCredential;
    private TssInnerAPI tssInnerAPI;

    private TssSignHelper() {
        init();
    }

    private String encryptAuthInfo(String str, String str2) {
        try {
            String str3 = new String(SafeBase64.encode(HexUtil.hexStr2ByteArray(HMACSHA256.hmacSHA256Encrypt(str, str2.getBytes(StandardCharsets.UTF_8))), 2), StandardCharsets.UTF_8);
            LogConsole.d(TAG, "encryptAuthInfo success ");
            return str3;
        } catch (Exception unused) {
            LogConsole.e(TAG, "encode Exception", true);
            return "";
        }
    }

    private String generateSignedString(Vw vw) throws AuthException {
        String format;
        try {
            URL url = new URL(vw.dC());
            String canonicalQueryString = new CanonicalQueryString(url.getQuery()).toString();
            String l = Long.toString(System.currentTimeMillis());
            if (url.getPath().startsWith("/map/")) {
                LogConsole.i(TAG, "request site kit server signature");
                format = String.format(Locale.ENGLISH, "%s&%s&%s&%s&appid=%s&timestamp=%s", vw.Vw(), url.getPath(), canonicalQueryString, vw.FB(), APP_KEY_ID, l);
            } else {
                LogConsole.i(TAG, "request location kit server signature");
                Locale locale = Locale.ENGLISH;
                String format2 = String.format(locale, "%s&%s&%s&%s&ak=%s&timestamp=%s", vw.Vw(), url.getPath(), canonicalQueryString, vw.FB(), this.mCertifiedCredential.getAccessKey(), l);
                format = !TextUtils.isEmpty(vw.yn()[0]) ? String.format(locale, "%s&%s", format2, vw.yn()[0]) : format2;
            }
            String encryptAuthInfo = encryptAuthInfo(format, this.mCertifiedCredential.getRawSecretKey());
            Locale locale2 = Locale.ENGLISH;
            String format3 = String.format(locale2, "CLOUDSOA-HMAC-SHA256 appid=%s,timestamp=%s,signature=%s,ak=%s", APP_KEY_ID, l, encryptAuthInfo, this.mCertifiedCredential.getAccessKey());
            return !TextUtils.isEmpty(vw.yn()[1]) ? String.format(locale2, "%s,signedHeaders=%s", format3, vw.yn()[1]) : format3;
        } catch (MalformedURLException unused) {
            LogConsole.e(TAG, "hostUrl is illeagel", true);
            throw new AuthException(ErrorCode.valueOf(ErrorCode.PARAM_ERROR_EMPTY));
        }
    }

    public static TssSignHelper getInstance() {
        if (instance == null) {
            synchronized (SYNC_LOCK) {
                if (instance == null) {
                    instance = new TssSignHelper();
                }
            }
        }
        return instance;
    }

    private void getRawCertificationKey(String str) {
        LogConsole.i(TAG, "begin to get raw certificationKey");
        if (!this.mCertifiedCredential.isEncryptedCredentialPrepared()) {
            LogConsole.e(TAG, "EncryptedCertified is not Prepared");
            this.errorCode = ErrorCode.valueOf(105);
            return;
        }
        GetCertificationKeyReq getCertificationKeyReq = new GetCertificationKeyReq();
        getCertificationKeyReq.setKek(this.mCertifiedCredential.getKek());
        getCertificationKeyReq.setDataKey(this.mCertifiedCredential.getDataKey());
        getCertificationKeyReq.setSecretKey(this.mCertifiedCredential.getSecretKey());
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        this.tssInnerAPI.getCertificationKey(Server.getHmsAppId(), str, getCertificationKeyReq, new TssCallback() { // from class: com.huawei.location.lite.common.http.sign.tss.TssSignHelper$$ExternalSyntheticLambda0
            public final void onResult(int i, BaseResp baseResp) {
                TssSignHelper.this.m283x38a96c58(countDownLatch, i, baseResp);
            }
        });
        try {
            countDownLatch.await();
        } catch (InterruptedException unused) {
            LogConsole.e(TAG, "getCertificationKey InterruptedException");
        }
    }

    private void getSecretKey(String str) {
        GetCertifiedCredentialReq getCertifiedCredentialReq = new GetCertifiedCredentialReq();
        getCertifiedCredentialReq.setPackageName("com.huawei.hms.location");
        LogConsole.i(TAG, "getCertifiedCredential:start");
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        this.tssInnerAPI.getCertifiedCredential(Server.getHmsAppId(), str, getCertifiedCredentialReq, new TssCallback() { // from class: com.huawei.location.lite.common.http.sign.tss.TssSignHelper$$ExternalSyntheticLambda1
            public final void onResult(int i, BaseResp baseResp) {
                TssSignHelper.this.m284xe2e1ef19(countDownLatch, i, baseResp);
            }
        });
        try {
            countDownLatch.await();
        } catch (InterruptedException unused) {
            LogConsole.e(TAG, "InterruptedException");
        }
        getRawCertificationKey(str);
    }

    private void init() {
        this.tssInnerAPI = TssInnerClient.getTssInnerApi(ContextUtil.getHMSContext(), TAG);
        String string = new PreferencesHelper("location_credential").getString("location_credential");
        if (TextUtils.isEmpty(string)) {
            return;
        }
        LogConsole.i(TAG, "local LocationCredential is not empty");
        try {
            this.mCertifiedCredential = (CertifiedCredential) GsonUtil.getInstance().fromJson(string, CertifiedCredential.class);
        } catch (Exception unused) {
            LogConsole.e(TAG, "json parse failed", true);
        }
    }

    private boolean isNeedUpdate(Long l) {
        return System.currentTimeMillis() > l.longValue() || l.longValue() - System.currentTimeMillis() < 300000;
    }

    private boolean isSignMessageReqValid(Vw vw) {
        if (vw != null && !TextUtils.isEmpty(vw.Vw()) && !TextUtils.isEmpty(vw.dC()) && !TextUtils.isEmpty(vw.LW())) {
            return true;
        }
        LogConsole.e(TAG, "SignRequest is  invalid");
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$preBindTssService$0(CountDownLatch countDownLatch, int i, BaseResp baseResp) {
        LogConsole.i(TAG, "ret:" + i);
        countDownLatch.countDown();
    }

    public void clearLocalCertifiedCredential() {
        synchronized (SYNC_LOCK) {
            LogConsole.d(TAG, "clearLocalCertifiedCredential");
            CertifiedCredential certifiedCredential = this.mCertifiedCredential;
            if (certifiedCredential != null) {
                certifiedCredential.clearValues();
            }
            new PreferencesHelper("location_credential").remove("location_credential");
        }
    }

    public String getSignature(Vw vw) throws AuthException {
        String generateSignedString;
        synchronized (SYNC_LOCK) {
            if (!isSignMessageReqValid(vw)) {
                LogConsole.e(TAG, "sign message request is invalid");
                throw new AuthException(ErrorCode.valueOf(ErrorCode.PARAM_ERROR_EMPTY));
            }
            String LW = vw.LW();
            LogConsole.i(TAG, "begin to signature, transId = " + LW);
            int i = 0;
            while (true) {
                if (i >= 3) {
                    break;
                }
                LogConsole.i(TAG, "get certified credential times:" + i);
                CertifiedCredential certifiedCredential = this.mCertifiedCredential;
                if (certifiedCredential == null || isNeedUpdate(certifiedCredential.getExpireTime())) {
                    LogConsole.i(TAG, "need to request certifiedCredential");
                    this.mCertifiedCredential = new CertifiedCredential();
                    getSecretKey(LW);
                }
                if (TextUtils.isEmpty(this.mCertifiedCredential.getRawSecretKey())) {
                    LogConsole.i(TAG, "get RawSecretKey from sp, to decrypted");
                    getRawCertificationKey(LW);
                }
                if (this.mCertifiedCredential.isInitOk()) {
                    LogConsole.e(TAG, "mCertifiedCredential init ok");
                    break;
                }
                i++;
            }
            if (this.errorCode.code != 0) {
                LogConsole.e(TAG, "get sk, throw error code");
                throw new AuthException(this.errorCode);
            }
            if (!this.mCertifiedCredential.isInitOk()) {
                LogConsole.e(TAG, "mCertifiedCredential init failed");
                this.mCertifiedCredential.clearValues();
                throw new AuthException(ErrorCode.valueOf(116));
            }
            generateSignedString = generateSignedString(vw);
        }
        return generateSignedString;
    }

    @Deprecated
    public String getSignature(String str, String str2, String str3) throws AuthException {
        LogConsole.i(TAG, "create transId");
        return getSignature(new Vw.C0052Vw(str3, str, UUID.randomUUID().toString()).yn(str2).yn());
    }

    /* renamed from: lambda$getRawCertificationKey$2$com-huawei-location-lite-common-http-sign-tss-TssSignHelper, reason: not valid java name */
    public /* synthetic */ void m283x38a96c58(CountDownLatch countDownLatch, int i, BaseResp baseResp) {
        String str;
        if (i != 0 || !(baseResp instanceof GetCertificationKeyResponse)) {
            LogConsole.e(TAG, "getRawCertificationKey error = " + baseResp.getRtnCode() + ", errorReason = " + baseResp.getErrorReason(), true);
            this.mCertifiedCredential.clearValues();
            this.errorCode = ErrorCode.valueOf(1);
            return;
        }
        LogConsole.i(TAG, "get certification Key successful", true);
        try {
            try {
                Object obj = new JSONObject(((GetCertificationKeyResponse) baseResp).getRawCredential()).get("rawSecretKey");
                this.mCertifiedCredential.setRawSecretKey(obj instanceof String ? (String) obj : null);
                this.errorCode = ErrorCode.valueOf(0);
                LogConsole.i(TAG, "get RawSecretKey successful");
            } catch (JSONException unused) {
                this.errorCode = ErrorCode.valueOf(ErrorCode.JSON_PARSE_FAILED);
                str = "json parse failed";
                LogConsole.e(TAG, str, true);
            } catch (Exception unused2) {
                this.errorCode = ErrorCode.valueOf(10000);
                str = "exception when getSecretKey";
                LogConsole.e(TAG, str, true);
            }
        } finally {
            countDownLatch.countDown();
        }
    }

    /* renamed from: lambda$getSecretKey$1$com-huawei-location-lite-common-http-sign-tss-TssSignHelper, reason: not valid java name */
    public /* synthetic */ void m284xe2e1ef19(CountDownLatch countDownLatch, int i, BaseResp baseResp) {
        String str;
        LogConsole.i(TAG, "ret:" + i);
        if (i != 0 || !(baseResp instanceof GetCertifiedCredentialResponse)) {
            LogConsole.e(TAG, "getCertifiedCredential error = " + baseResp.getRtnCode() + ", errorReason = " + baseResp.getErrorReason(), true);
            this.errorCode = ErrorCode.valueOf(1);
            return;
        }
        LogConsole.i(TAG, "get certifiedCredential successful", true);
        String credential = ((GetCertifiedCredentialResponse) baseResp).getCredential();
        PreferencesHelper preferencesHelper = new PreferencesHelper("location_credential");
        try {
            try {
                Object obj = new JSONObject(credential).get("credential");
                if (obj instanceof String) {
                    String str2 = (String) obj;
                    LogConsole.i(TAG, "save certifiedCredential to sp");
                    preferencesHelper.saveString("location_credential", str2);
                    this.mCertifiedCredential = (CertifiedCredential) GsonUtil.getInstance().fromJson(str2, CertifiedCredential.class);
                }
            } catch (JSONException unused) {
                this.errorCode = ErrorCode.valueOf(ErrorCode.JSON_PARSE_FAILED);
                str = "json parse failed";
                LogConsole.e(TAG, str, true);
            } catch (Exception unused2) {
                this.errorCode = ErrorCode.valueOf(10000);
                str = "exception when getSecretKey";
                LogConsole.e(TAG, str, true);
            }
        } finally {
            countDownLatch.countDown();
        }
    }

    public boolean preBindTssService() {
        synchronized (SYNC_LOCK) {
            GetCertifiedCredentialReq getCertifiedCredentialReq = new GetCertifiedCredentialReq();
            getCertifiedCredentialReq.setPackageName("com.huawei.hms.location");
            LogConsole.i(TAG, "getCertifiedCredential:start");
            final CountDownLatch countDownLatch = new CountDownLatch(1);
            this.tssInnerAPI.getCertifiedCredential(Server.getHmsAppId(), UUID.randomUUID().toString(), getCertifiedCredentialReq, new TssCallback() { // from class: com.huawei.location.lite.common.http.sign.tss.TssSignHelper$$ExternalSyntheticLambda2
                public final void onResult(int i, BaseResp baseResp) {
                    TssSignHelper.lambda$preBindTssService$0(countDownLatch, i, baseResp);
                }
            });
            try {
                countDownLatch.await();
            } catch (InterruptedException unused) {
                LogConsole.e(TAG, "InterruptedException");
                return false;
            }
        }
        return true;
    }
}
