package com.allawn.cryptography.keymanager;

import android.content.Context;
import com.allawn.cryptography.exception.InvalidArgumentException;
import com.allawn.cryptography.keymanager.entity.UpgradeCertResponse;
import com.allawn.cryptography.security.cert.CertUtils;
import com.allawn.cryptography.security.cert.CertificateTrustManager;
import com.allawn.cryptography.security.cert.TrustCAListEnum;
import com.allawn.cryptography.util.HttpUtil;
import com.allawn.cryptography.util.LogUtil;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class CertUpgradeManager {
    public String mBiz;
    public final Context mContext;
    public String mHostname;
    public long mVersion = 0;

    public CertUpgradeManager(Context context) {
        this.mContext = context;
    }

    public final void checkParameter() {
        if (this.mHostname == null) {
            throw new InvalidArgumentException("Hostname cannot be empty");
        }
        if (this.mBiz == null) {
            throw new InvalidArgumentException("Biz name cannot be empty");
        }
    }

    public final UpgradeCertResponse extractCertificate(String str, UpgradeCertResponse upgradeCertResponse) {
        JSONObject jSONObject = new JSONObject(str).getJSONObject("data");
        String string = jSONObject.getString("cert4Sign");
        String string2 = jSONObject.getString("cert4Encrypt");
        long j = jSONObject.getLong("version");
        Charset charset = StandardCharsets.UTF_8;
        X509Certificate readCertificate = CertUtils.readCertificate(string.getBytes(charset));
        X509Certificate readCertificate2 = CertUtils.readCertificate(string2.getBytes(charset));
        CertificateTrustManager certificateTrustManager = new CertificateTrustManager(TrustCAListEnum.OPLUS_LIST);
        certificateTrustManager.setContext(this.mContext);
        try {
            certificateTrustManager.check(readCertificate);
            certificateTrustManager.check(readCertificate2);
            LogUtil.d("CertUpgradeManager", "extractCertificate request " + this.mBiz + " certificate online succeed and certificate verification passed");
            upgradeCertResponse.assign(this.mBiz, readCertificate, readCertificate2, j);
            return upgradeCertResponse;
        } catch (CertificateException e) {
            LogUtil.d("CertUpgradeManager", "extractCertificate " + this.mBiz + " certificate online succeed but certificate verification failed." + e);
            throw e;
        }
    }

    public final UpgradeCertResponse post(String str, String str2, UpgradeCertResponse upgradeCertResponse) {
        HttpUtil.HttpResponse postAndGetBody = HttpUtil.postAndGetBody(str2, str);
        if (postAndGetBody.isSuccess()) {
            LogUtil.d("CertUpgradeManager", "post ok");
            return extractCertificate(postAndGetBody.getBody(), upgradeCertResponse);
        }
        if (postAndGetBody.getCode() == 304 || postAndGetBody.getCode() == 3001403) {
            LogUtil.d("CertUpgradeManager", "post not modified");
            return upgradeCertResponse;
        }
        throw new IOException("Upgrade certificate post error: " + postAndGetBody.getBody());
    }

    public void setBiz(String str) {
        this.mBiz = str;
    }

    public void setHostname(String str) {
        this.mHostname = str;
    }

    public void setVersion(long j) {
        this.mVersion = j;
    }

    public UpgradeCertResponse upgradeCert() {
        checkParameter();
        String organizeURL = HttpUtil.organizeURL(this.mHostname, "/crypto/cert/upgrade");
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("biz", this.mBiz);
        long j = this.mVersion;
        if (j != 0) {
            jSONObject.put("version", j);
        }
        LogUtil.d("CertUpgradeManager", "upgradeCert start to request " + this.mBiz + " certificate online");
        return post(organizeURL, jSONObject.toString(), new UpgradeCertResponse());
    }
}
