package com.tfzq.networking.mgr.handshake;

import com.tfzq.networking.mgr.encrypt.RSAUtil;
import com.tfzq.networking.oksocket.HandshakeException;
import com.tfzq.networking.oksocket.NetException;
import com.tfzq.networking.oksocket.Platform;
import com.tfzq.networking.oksocket.ResponseHeaders;
import com.tfzq.networking.oksocket.internal.Util;
import java.io.ByteArrayInputStream;
import java.io.UnsupportedEncodingException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Random;
import okio.Buffer;
import okio.ByteString;

/* loaded from: classes5.dex */
public class ValidateCertificateStateHandler extends AbsTfBaseHandshakeStateHandler {
    private final byte[] certificateData;
    private final String mClientRandomNumber = get32UUID();
    private String mServerRandomNumber;
    private final String privateKey;
    private final byte[] serverCer;

    public ValidateCertificateStateHandler(byte[] bArr, byte[] bArr2, String str) {
        this.certificateData = bArr;
        this.serverCer = bArr2;
        this.privateKey = str;
    }

    public static byte[] cutArray(byte[] bArr, int i, int i2) {
        int i3 = i2 - i;
        byte[] bArr2 = new byte[i3];
        System.arraycopy(bArr, i, bArr2, 0, i3);
        return bArr2;
    }

    private String get32UUID() {
        StringBuilder sb = new StringBuilder();
        Random random = new Random();
        for (int i = 0; i < 32; i++) {
            sb.append(random.nextInt(10));
        }
        return sb.toString();
    }

    private PublicKey getPubKeyByCer(byte[] bArr) throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate generateCertificate = certificateFactory.generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        return generateCertificate.getPublicKey();
    }

    private byte[] packingFinalBody(byte[] bArr) throws Exception {
        return RSAUtil.encrypt(getPubKeyByCer(this.serverCer), bArr, "RSA/ECB/PKCS1Padding");
    }

    private Buffer packingOriginBody() {
        Buffer buffer = new Buffer();
        buffer.write(this.certificateData);
        buffer.write(this.mClientRandomNumber.getBytes());
        return buffer;
    }

    public String getClientRandomNumber() {
        return this.mClientRandomNumber;
    }

    public String getServerRandomNumber() {
        return this.mServerRandomNumber;
    }

    @Override // com.tfzq.networking.mgr.handshake.HandShakeStateHandler
    public void parseBody(ResponseHeaders responseHeaders, Buffer buffer) throws NetException {
        try {
            byte[] decrypt = RSAUtil.decrypt(KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(ByteString.decodeBase64(this.privateKey).toByteArray())), buffer.readByteArray(), "RSA/ECB/PKCS1Padding");
            byte[] cutArray = cutArray(decrypt, 0, responseHeaders.getOrigDataLen() - 32);
            byte[] cutArray2 = cutArray(decrypt, responseHeaders.getOrigDataLen() - 32, responseHeaders.getOrigDataLen());
            String md5Hex = Util.md5Hex(this.serverCer);
            String md5Hex2 = Util.md5Hex(cutArray);
            try {
                this.mServerRandomNumber = new String(cutArray2, "utf-8");
            } catch (UnsupportedEncodingException e2) {
                e2.printStackTrace();
            }
            Platform.get().log("localServerCerMd5:" + md5Hex + " remoteServerCerMd5:" + md5Hex2 + " mServerRandomNumber:" + this.mServerRandomNumber);
            if (!md5Hex.equals(md5Hex2)) {
                throw new HandshakeException("证书不匹配!", null);
            }
        } catch (Exception e3) {
            throw new HandshakeException("服务器证书解密失败!", e3);
        }
    }

    @Override // com.tfzq.networking.mgr.handshake.HandShakeStateHandler
    public Buffer prepareSendData() throws NetException {
        Buffer packingOriginBody = packingOriginBody();
        int size = (int) packingOriginBody.size();
        try {
            byte[] packingFinalBody = packingFinalBody(packingOriginBody.readByteArray());
            int length = packingFinalBody.length;
            Buffer buffer = new Buffer();
            buffer.write("TH".getBytes());
            buffer.writeIntLe(4);
            buffer.writeIntLe(size);
            buffer.writeIntLe(length);
            buffer.write(packingFinalBody);
            return buffer;
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new HandshakeException("公钥加密本地证书错误", e2);
        }
    }
}
