package com.hihonor.android.security.service;

import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.os.Bundle;
import android.text.TextUtils;
import com.hihonor.android.commonlib.hn.base.HnApplication;
import com.hihonor.android.commonlib.util.SyncLogger;
import com.hihonor.android.constant.CommonBase;
import com.hihonor.android.constant.CommonConstants;
import com.hihonor.android.exception.SyncCommonException;
import com.hihonor.android.security.bean.UserKeyObject;
import com.hihonor.android.security.encrypt.TrustCircleUtils;
import com.hihonor.android.trustcircle.TrustCircleManager;
import com.hihonor.base.common.HiHonorSafeIntent;
import com.hihonor.base.common.ParseUtil;
import com.hihonor.base.security.random.ByteRandomGenerator;
import com.hihonor.request.userk.UserKeyInterface;
import com.hihonor.request.userk.bean.UserKeyResp;
import com.hihonor.secure.android.common.intent.SafeBundle;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Locale;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;

/* loaded from: classes.dex */
public class TrustCircleUserKey {
    private static final short DEFAULT_TA_VERSION = 1;
    private static final String KEY_TA_VERSION = "TAVersion";
    private static final String KEY_TCISID = "tcisID";
    private static final String TAG = "TrustCircleUserKey";
    private static final String TRUSTCIRCLE_LOGIN_ACTION = "com.huawei.trustcircle.intent.action.TCIS_LOGIN";

    /* loaded from: classes.dex */
    static class TrustCircleManagerCallback implements TrustCircleManager.KaCallback {
        private final UserKeyObject key;
        private final CountDownLatch keyAgreementLatch;
        private final byte[] randomByte;

        TrustCircleManagerCallback(byte[] bArr, UserKeyObject userKeyObject, CountDownLatch countDownLatch) {
            this.randomByte = bArr != null ? (byte[]) bArr.clone() : new byte[0];
            this.key = userKeyObject;
            this.keyAgreementLatch = countDownLatch;
        }

        @Override // com.hihonor.android.trustcircle.TrustCircleManager.KaCallback
        public void onKaError(long j, int i) {
            SyncLogger.e(TrustCircleUserKey.TAG, "errorCode = " + i);
            CountDownLatch countDownLatch = this.keyAgreementLatch;
            if (countDownLatch != null) {
                countDownLatch.countDown();
            }
        }

        @Override // com.hihonor.android.trustcircle.TrustCircleManager.KaCallback
        public void onKaResult(long j, int i, byte[] bArr, byte[] bArr2) {
            CountDownLatch countDownLatch;
            try {
                try {
                    byte[] decryptPayload = TrustCircleUtils.decryptPayload(bArr2, this.randomByte, bArr);
                    UserKeyObject userKeyObject = this.key;
                    if (userKeyObject != null) {
                        userKeyObject.setUserKey(decryptPayload);
                    }
                    SyncLogger.d(TrustCircleUserKey.TAG, "requestTrustCircleSyncUser1:" + Arrays.toString(decryptPayload));
                    countDownLatch = this.keyAgreementLatch;
                    if (countDownLatch == null) {
                        return;
                    }
                } catch (Exception unused) {
                    SyncLogger.e(TrustCircleUserKey.TAG, "requestTrustCircleSyncUser Exception");
                    countDownLatch = this.keyAgreementLatch;
                    if (countDownLatch == null) {
                        return;
                    }
                }
                countDownLatch.countDown();
            } catch (Throwable th) {
                CountDownLatch countDownLatch2 = this.keyAgreementLatch;
                if (countDownLatch2 != null) {
                    countDownLatch2.countDown();
                }
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static class TrustcircleBroadcastReceiver extends BroadcastReceiver {
        private final CountDownLatch loginLatch;

        TrustcircleBroadcastReceiver(CountDownLatch countDownLatch) {
            this.loginLatch = countDownLatch;
        }

        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            if (TrustCircleUserKey.TRUSTCIRCLE_LOGIN_ACTION.equalsIgnoreCase(new HiHonorSafeIntent(intent).getAction())) {
                SyncLogger.i(TrustCircleUserKey.TAG, "Receive trustcircle login broadcast");
                CountDownLatch countDownLatch = this.loginLatch;
                if (countDownLatch != null) {
                    countDownLatch.countDown();
                }
            }
        }
    }

    private static String bytes2Hex(byte[] bArr) {
        if (bArr == null) {
            return "";
        }
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            String hexString = Integer.toHexString(b & 255);
            if (hexString.length() == 1) {
                sb.append("0");
            }
            sb.append(hexString);
        }
        return sb.toString();
    }

    private static String getApkSignatureHash(Context context) {
        try {
            PackageInfo packageInfo = context.getPackageManager().getPackageInfo(CommonBase.HIDISK_PACKAGE_NAME, 64);
            if (packageInfo == null) {
                return "";
            }
            StringBuilder sb = new StringBuilder(packageInfo.packageName);
            Signature[] signatureArr = packageInfo.signatures;
            if (signatureArr != null) {
                for (Signature signature : signatureArr) {
                    sb.append(CommonConstants.STRING_COLON);
                    sb.append(bytes2Hex(signature.toByteArray()));
                }
            }
            return getSHA256(sb.toString().toLowerCase(Locale.US));
        } catch (Exception unused) {
            SyncLogger.e(TAG, "getApkSignatureHash Exception");
            return "";
        }
    }

    private Context getContext() {
        return HnApplication.getInstance().getContext().getApplicationContext();
    }

    private Bundle getDataFromTrustCircle(TrustCircleManager trustCircleManager) throws Exception {
        Bundle tcisInfo = trustCircleManager.getTcisInfo();
        if (tcisInfo == null) {
            throw new SyncCommonException("getTcisInfo bundle is null");
        }
        if (TextUtils.isEmpty(new SafeBundle(tcisInfo).getString("hwUserId"))) {
            waitForTrustCircleLogin();
        }
        Bundle tcisInfo2 = trustCircleManager.getTcisInfo();
        if (tcisInfo2 == null) {
            throw new SyncCommonException("getTcisInfo bundle is null");
        }
        if (TextUtils.isEmpty(new SafeBundle(tcisInfo2).getString("hwUserId"))) {
            throw new SyncCommonException("hwUserId is null, use old interface");
        }
        return tcisInfo2;
    }

    private static String getSHA256(String str) {
        String str2;
        if (str != null && !str.isEmpty()) {
            try {
                return bytes2Hex(MessageDigest.getInstance("SHA256").digest(str.getBytes("utf-8")));
            } catch (UnsupportedEncodingException unused) {
                str2 = "Unsupported utf-8 Encoding.";
                SyncLogger.e(TAG, str2);
                return "";
            } catch (GeneralSecurityException unused2) {
                str2 = "messageDigest GeneralSecurityException.";
                SyncLogger.e(TAG, str2);
                return "";
            }
        }
        return "";
    }

    private boolean isTrustCircleExist() {
        try {
            getContext().getPackageManager().getPackageInfo("com.huawei.trustcircle", 1);
            return true;
        } catch (PackageManager.NameNotFoundException unused) {
            return false;
        }
    }

    private void waitForTrustCircleLogin() {
        CountDownLatch countDownLatch = new CountDownLatch(1);
        TrustcircleBroadcastReceiver trustcircleBroadcastReceiver = new TrustcircleBroadcastReceiver(countDownLatch);
        try {
            if (!countDownLatch.await(4L, TimeUnit.SECONDS)) {
                SyncLogger.w(TAG, "waitForTrustCircleLogin await failed");
            }
        } catch (InterruptedException unused) {
            SyncLogger.e(TAG, "waitForTrustCircleLogin InterruptedException");
        }
        getContext().unregisterReceiver(trustcircleBroadcastReceiver);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserKeyObject requestTrustCircleSyncUser(UserKeyInterface userKeyInterface, int i, String str, int i2, String str2) throws Exception {
        if (!isTrustCircleExist()) {
            throw new SyncCommonException("TrustCircle doesn't exist, use old interface");
        }
        UserKeyObject userKeyObject = new UserKeyObject();
        TrustCircleManager trustCircleManager = TrustCircleManager.getInstance();
        Bundle dataFromTrustCircle = getDataFromTrustCircle(trustCircleManager);
        String string = dataFromTrustCircle.getString(KEY_TCISID);
        short s = dataFromTrustCircle.getShort(KEY_TA_VERSION, (short) -1);
        long parseLong = ParseUtil.parseLong(dataFromTrustCircle.getString("hwUserId"));
        if (TextUtils.isEmpty(string) || s < 1) {
            throw new SyncCommonException("tcisID is empty or TA not support, use old interface");
        }
        String apkSignatureHash = getApkSignatureHash(getContext());
        UserKeyResp trustCircleUserKey = userKeyInterface.getTrustCircleUserKey(i, str, i2, string, s, apkSignatureHash);
        userKeyObject.setUserKeyGuid(trustCircleUserKey.getGuid());
        String[] split = trustCircleUserKey.getUserKey().split(CommonConstants.STRING_COLON);
        int parseInt = ParseUtil.parseInt(split[0]);
        String str3 = split[1];
        SyncLogger.d(TAG, "hash: " + apkSignatureHash + ", TAVersion: " + ((int) s) + ", KAVersion: " + parseInt + ", userId: " + parseLong + ", kaInfo: " + str3);
        byte[] generateRandomByte = ByteRandomGenerator.generateRandomByte(16);
        byte[] encryptUsingPublicKey = TrustCircleUtils.encryptUsingPublicKey(generateRandomByte);
        CountDownLatch countDownLatch = new CountDownLatch(1);
        trustCircleManager.initKeyAgreement(new TrustCircleManagerCallback(generateRandomByte, userKeyObject, countDownLatch), parseInt, parseLong, encryptUsingPublicKey, str3);
        try {
            if (!countDownLatch.await(5L, TimeUnit.SECONDS)) {
                SyncLogger.w(TAG, "requestTrustCircleSyncUser await failed");
            }
        } catch (InterruptedException unused) {
            SyncLogger.e(TAG, "initKeyAgreement InterruptedException");
        }
        SyncLogger.d(TAG, "requestTrustCircleSyncUser:" + Arrays.toString(userKeyObject.getUserKey()) + ", userKeyGuid:" + userKeyObject.getUserKeyGuid());
        if (userKeyObject.getUserKey() == null) {
            throw new SyncCommonException("requestTrustCircleSyncUser failed, use old interface");
        }
        SyncLogger.i(TAG, "requestTrustCircleSyncUser succeed");
        return userKeyObject;
    }
}
