package com.allawn.cryptography.authentication;

import com.allawn.cryptography.EncryptException;
import com.allawn.cryptography.exception.InvalidArgumentException;
import com.allawn.cryptography.groupkey.entity.GukConfig;
import com.allawn.cryptography.util.DateUtil;
import com.allawn.cryptography.util.HttpUtil;
import com.allawn.cryptography.util.LogUtil;
import com.allawn.cryptography.util.PackUtil;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeoutException;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class ChallengeClient {
    public final String mBiz;
    public final String mDeviceId;
    public final String mHostname;

    public ChallengeClient(String str, String str2, String str3) {
        this.mBiz = str;
        this.mDeviceId = str2;
        this.mHostname = str3;
    }

    public String getChallenge(String str) {
        try {
            String str2 = this.mBiz;
            if (str2 == null || str2.isEmpty()) {
                throw new InvalidArgumentException("the biz name must be non-null");
            }
            String str3 = this.mDeviceId;
            if (str3 == null || str3.isEmpty()) {
                throw new IllegalArgumentException("the device must be non-null");
            }
            String str4 = this.mHostname;
            if (str4 == null || str4.isEmpty()) {
                throw new InvalidArgumentException("the hostname must be non-null");
            }
            if (str == null) {
                throw new InvalidArgumentException("the api name must be non-null");
            }
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("bizId", this.mBiz);
            jSONObject.put("apiKey", str);
            jSONObject.put("deviceId", this.mDeviceId);
            long timestamp = getTimestamp();
            jSONObject.put("counter", timestamp);
            int sign = sign(jSONObject, PackUtil.concatWithoutSeparator(this.mBiz, str, this.mDeviceId, String.valueOf(timestamp)));
            String organizeURL = HttpUtil.organizeURL(this.mHostname, "/crypto/keysuit/auth/challenge");
            LogUtil.d("ChallengeClient", "getChallenge start to getChallenge online, auth type is " + sign);
            HttpUtil.HttpResponse post = HttpUtil.post(jSONObject.toString(), organizeURL);
            if (!post.isSuccess() && post.getCode() == 3004608) {
                long retrieveTimestamp = retrieveTimestamp();
                jSONObject.put("counter", retrieveTimestamp);
                String concatWithoutSeparator = PackUtil.concatWithoutSeparator(this.mBiz, str, this.mDeviceId, String.valueOf(retrieveTimestamp));
                jSONObject.remove("authType");
                jSONObject.remove("authMsg");
                LogUtil.d("ChallengeClient", "getChallenge recall getChallenge online, auth type is " + sign(jSONObject, concatWithoutSeparator));
                post = HttpUtil.post(jSONObject.toString(), organizeURL);
            }
            if (post.isSuccess()) {
                return post.getData();
            }
            throw new IOException("getChallenge post error: " + post.getBody());
        } catch (InvalidArgumentException | IOException | SignatureException | JSONException e) {
            throw new EncryptException(e);
        }
    }

    public final long getTimestamp() {
        long serviceTime = DateUtil.getServiceTime(this.mHostname);
        if (serviceTime != -1) {
            return serviceTime;
        }
        DateUtil.updateOpenServiceTime(this.mHostname);
        long serviceTime2 = DateUtil.getServiceTime(this.mHostname);
        return serviceTime2 == -1 ? DateUtil.now() : serviceTime2;
    }

    public final long retrieveTimestamp() {
        long serviceTime = DateUtil.updateOpenServiceTime(this.mHostname) ? DateUtil.getServiceTime(this.mHostname) : -1L;
        return serviceTime == -1 ? DateUtil.now() : serviceTime;
    }

    public final int sign(JSONObject jSONObject, String str) {
        String str2;
        int i;
        try {
            byte[] bArr = new byte[32];
            new SecureRandom().nextBytes(bArr);
            GukConfig gukConfig = new GukConfig();
            gukConfig.setInfo(this.mBiz.getBytes(StandardCharsets.UTF_8));
            gukConfig.setSalt(bArr);
            str2 = AuthenticationSignatureMethod.pskSign(str, gukConfig);
            i = 2;
        } catch (InterruptedException | ExecutionException | TimeoutException e) {
            LogUtil.d("ChallengeClient", "sign attempt to sign with the group key, but failed. " + e);
            str2 = null;
            i = 0;
        }
        if (str2 == null) {
            try {
                str2 = AuthenticationSignatureMethod.simpleSign(str, this.mBiz);
                i = 3;
            } catch (EncryptException e2) {
                LogUtil.e("ChallengeClient", "sign sign error using simple scheme. " + e2);
            }
        }
        if (str2 == null) {
            throw new SignatureException("Sign error, local key info sign failed");
        }
        jSONObject.put("authType", i);
        jSONObject.put("authMsg", str2);
        return i;
    }
}
