package com.alibaba.wireless.security.open;

import android.content.Context;
import android.util.Base64;
import com.alibaba.sdk.android.SdkConstants;
import com.alibaba.sdk.android.initialization.InitializationHandler;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.Datastore;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.DefaultSecretHolder;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.SecretHolder;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.SecurityInitHandler;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.SharedPreferenceDatastore;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.components.DynamicDataComponent;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.components.SecureSignatureComponent;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.components.StaticDataComponent;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.components.UMIDComponent;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.util.EncryptUtil;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.util.MessageDigestUtils;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.util.PackageSignatureUtil;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.util.Predicate;
import com.alibaba.sdk.android.plugin.weaksecurity.impl.util.StringUtils;
import com.alibaba.sdk.android.trace.AliSDKLogger;
import com.alibaba.sdk.android.util.CommonUtils;
import com.alibaba.wireless.security.open.dynamicdataencrypt.IDynamicDataEncryptComponent;
import com.alibaba.wireless.security.open.dynamicdatastore.IDynamicDataStoreComponent;
import com.alibaba.wireless.security.open.initialize.IInitializeComponent;
import com.alibaba.wireless.security.open.initialize.StubInitializeComponent;
import com.alibaba.wireless.security.open.opensdk.IOpenSDKComponent;
import com.alibaba.wireless.security.open.opensdk.StubOpenSDKComponent;
import com.alibaba.wireless.security.open.pkgvaliditycheck.IPkgValidityCheckComponent;
import com.alibaba.wireless.security.open.pkgvaliditycheck.StubPKgValidityCheckComponent;
import com.alibaba.wireless.security.open.securesignature.ISecureSignatureComponent;
import com.alibaba.wireless.security.open.staticdataencrypt.IStaticDataEncryptComponent;
import com.alibaba.wireless.security.open.staticdataencrypt.StubStaticDataEncryptComponent;
import com.alibaba.wireless.security.open.staticdatastore.IStaticDataStoreComponent;
import com.alibaba.wireless.security.open.statickeyencrypt.IStaticKeyEncryptComponent;
import com.alibaba.wireless.security.open.umid.IUMIDComponent;
import com.taobao.android.dexposed.ClassUtils;
import com.taobao.tae.sdk.log.SdkCoreLog;
import java.io.UnsupportedEncodingException;
import java.lang.ref.WeakReference;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.json.JSONArray;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class SecurityGuardManager implements SecurityInitHandler.OnStaticDataChangedListener {
    private static volatile SecurityGuardManager INSTANCE = null;
    private static final String KEY_CERT_PUBLIC_KEY = "cert.public_key";
    private static final String KEY_STATIC_DATA = "secure_static";
    private static final String KEY_TEMPORAY_SECRET = "temporay_secret";
    private static final String TAG = "SecurityGuardManager";
    public static String appKey;
    private static IInitializeComponent initializeComponent = new StubInitializeComponent();
    private WeakReference<Context> context;
    private IDynamicDataStoreComponent dynamicDataStore;
    private IDynamicDataEncryptComponent dynamicEncrypt;
    private final SecurityInitHandler handler;
    private final String packagePublicKeySHA1;
    private final Datastore rawDatastore;
    private SecretHolder secretHolder;
    private ISecureSignatureComponent secureSignatureComponent;
    private IStaticDataStoreComponent staticDataStoreComponent;
    private IStaticKeyEncryptComponent staticKeyEncryptComponent;
    private IUMIDComponent umid;
    private final IPkgValidityCheckComponent pkgValidityCheck = new StubPKgValidityCheckComponent();
    private final IOpenSDKComponent openSDKComponent = new StubOpenSDKComponent();
    private final IStaticDataEncryptComponent staticDataEncryptComponent = new StubStaticDataEncryptComponent();

    private SecurityGuardManager(Context context) {
        appKey = CommonUtils.getAndroidManifestMetadata(context, SdkConstants.APP_KEY);
        if (appKey == null) {
            throw new RuntimeException("appKey is not set.");
        }
        this.packagePublicKeySHA1 = MessageDigestUtils.sha1Digest(PackageSignatureUtil.getSignaturePublicKey(context));
        this.rawDatastore = new SharedPreferenceDatastore(context);
        this.context = new WeakReference<>(context);
        this.handler = new SecurityInitHandler(this, this.packagePublicKeySHA1);
        initComponents();
    }

    private synchronized void buildGuardComponents(DynamicDataComponent dynamicDataComponent) {
        Context context = this.context.get();
        if (context != null) {
            this.dynamicDataStore = dynamicDataComponent;
            this.dynamicEncrypt = dynamicDataComponent;
            this.umid = new UMIDComponent(context);
            StaticDataComponent staticDataComponent = new StaticDataComponent(dynamicDataComponent.getSecretHolder(), dynamicDataComponent);
            this.staticKeyEncryptComponent = staticDataComponent;
            this.staticDataStoreComponent = staticDataComponent;
            this.secureSignatureComponent = new SecureSignatureComponent(dynamicDataComponent.getSecretHolder(), dynamicDataComponent);
        }
    }

    private SecretHolder decryptStaticData(String str) {
        if (str == null) {
            return null;
        }
        try {
            return parseResponse(new JSONObject(new String(EncryptUtil.createAESCipher(EncryptUtil.convertSecret(appKey), 2).doFinal(Base64.decode(str.getBytes("UTF-8"), 11)))));
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static IInitializeComponent getInitializer() {
        return initializeComponent;
    }

    public static SecurityGuardManager getInstance(Context context) throws SecException {
        if (INSTANCE == null) {
            INSTANCE = new SecurityGuardManager(context);
        }
        return INSTANCE;
    }

    private SecretHolder getSecretHolderFromDatastore() {
        String string = this.rawDatastore.getString(KEY_STATIC_DATA);
        if (string == null) {
            return null;
        }
        return decryptStaticData(string);
    }

    private SecretHolder getTemporarySecretHolder() {
        String string = this.rawDatastore.getString(KEY_TEMPORAY_SECRET);
        if (string == null) {
            SecureRandom secureRandom = new SecureRandom();
            try {
                string = new String(secureRandom.generateSeed(16), "UTF-8");
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
                string = new String(secureRandom.generateSeed(16));
            }
            this.rawDatastore.putString(KEY_TEMPORAY_SECRET, string);
        }
        AliSDKLogger.d("security", "secret key:" + string);
        return new DefaultSecretHolder(string, ClassUtils.STRING_EMPTY, this.packagePublicKeySHA1, this.packagePublicKeySHA1, string, new String[0], new HashMap(), SecretHolder.PREFIX_TEMPORAY, null);
    }

    private boolean initComponents() {
        DynamicDataComponent dynamicDataComponent;
        this.secretHolder = getSecretHolderFromDatastore();
        boolean z = this.secretHolder != null;
        if (z) {
            dynamicDataComponent = new DynamicDataComponent(this.rawDatastore, this.secretHolder);
        } else {
            SecretHolder temporarySecretHolder = getTemporarySecretHolder();
            dynamicDataComponent = transform(temporarySecretHolder);
            this.secretHolder = temporarySecretHolder;
        }
        buildGuardComponents(dynamicDataComponent);
        return z;
    }

    private SecretHolder parseResponse(JSONObject jSONObject) {
        if (jSONObject == null) {
            return null;
        }
        JSONArray optJSONArray = jSONObject.optJSONArray("appKeys");
        String[] strArr = new String[0];
        if (optJSONArray != null) {
            strArr = new String[optJSONArray.length()];
            for (int length = optJSONArray.length() - 1; length > 0; length--) {
                strArr[length] = optJSONArray.optString(length);
            }
        }
        String optString = jSONObject.optString("signSecret");
        String optString2 = jSONObject.optString("dymicStoreSecret");
        String optString3 = jSONObject.optString("encryptSecret");
        JSONObject optJSONObject = jSONObject.optJSONObject("extAttr");
        HashMap hashMap = null;
        if (optJSONObject != null) {
            hashMap = new HashMap();
            Iterator<String> keys = optJSONObject.keys();
            while (keys.hasNext()) {
                String next = keys.next();
                hashMap.put(next, optJSONObject.optString(next));
            }
        }
        JSONObject optJSONObject2 = jSONObject.optJSONObject("verify");
        String str = null;
        String str2 = null;
        if (optJSONObject2 != null) {
            str = optJSONObject2.optString("packageName");
            str2 = optJSONObject2.optString("packagePublicKeySHA1");
        }
        if (!StringUtils.isNullOrEmpty(optString, optString2, optString3, str, str2)) {
            return new DefaultSecretHolder(optString2, optString, this.packagePublicKeySHA1, this.packagePublicKeySHA1, optString3, strArr, hashMap, SecretHolder.PREFIX_STATIC, str);
        }
        AliSDKLogger.e(TAG, "static data from reponse is invaild");
        return null;
    }

    public static void saveCertPublicKey(byte[] bArr) {
        if (INSTANCE != null) {
            INSTANCE.rawDatastore.putString(KEY_CERT_PUBLIC_KEY, Base64.encodeToString(bArr, 11));
        }
    }

    private synchronized DynamicDataComponent transform(SecretHolder secretHolder) {
        DynamicDataComponent dynamicDataComponent;
        SdkCoreLog.startTimeRecord("SecurityGuardDataTransform");
        try {
            dynamicDataComponent = new DynamicDataComponent(this.rawDatastore, secretHolder);
            SecretHolder secretHolder2 = this.secretHolder;
            IDynamicDataStoreComponent iDynamicDataStoreComponent = this.dynamicDataStore;
            if (iDynamicDataStoreComponent != null && secretHolder2 != null) {
                final String dynamicKeyPrefix = secretHolder2.getDynamicKeyPrefix();
                String dynamicKeyPrefix2 = secretHolder.getDynamicKeyPrefix();
                Iterator<Map.Entry<String, String>> it = this.rawDatastore.fliter(new Predicate<Map.Entry<String, String>>() { // from class: com.alibaba.wireless.security.open.SecurityGuardManager.1
                    @Override // com.alibaba.sdk.android.plugin.weaksecurity.impl.util.Predicate
                    public boolean apply(Map.Entry<String, String> entry) {
                        return entry.getKey().startsWith(dynamicKeyPrefix);
                    }
                }).iterator();
                while (it.hasNext()) {
                    String substring = it.next().getKey().substring(dynamicKeyPrefix.length());
                    dynamicDataComponent.putByteArray(substring, iDynamicDataStoreComponent.getByteArray(substring));
                    if (!dynamicKeyPrefix.equals(dynamicKeyPrefix2)) {
                        iDynamicDataStoreComponent.removeByteArray(substring);
                    }
                }
            }
            SdkCoreLog.d("SecurityGuardDataTransform", SdkCoreLog.SUCCESS);
        } catch (SecException e) {
            e.printStackTrace();
            SdkCoreLog.d("SecurityGuardDataTransform", SdkCoreLog.FAILURE);
            throw new RuntimeException(e);
        }
        return dynamicDataComponent;
    }

    public IDynamicDataEncryptComponent getDynamicDataEncryptComp() {
        return this.dynamicEncrypt;
    }

    public IDynamicDataStoreComponent getDynamicDataStoreComp() {
        return this.dynamicDataStore;
    }

    public IOpenSDKComponent getOpenSDKComp() {
        return this.openSDKComponent;
    }

    public IPkgValidityCheckComponent getPackageValidityCheckComp() {
        return this.pkgValidityCheck;
    }

    public String getSDKVerison() {
        return "1.2.36weak";
    }

    public ISecureSignatureComponent getSecureSignatureComp() {
        return this.secureSignatureComponent;
    }

    public IStaticDataEncryptComponent getStaticDataEncryptComp() {
        return this.staticDataEncryptComponent;
    }

    public IStaticDataStoreComponent getStaticDataStoreComp() {
        return this.staticDataStoreComponent;
    }

    public IStaticKeyEncryptComponent getStaticKeyEncryptComp() {
        return this.staticKeyEncryptComponent;
    }

    public IUMIDComponent getUMIDComp() {
        return this.umid;
    }

    public InitializationHandler getWeakSecurityInitHandler() {
        return this.handler;
    }

    public boolean isTemporay() {
        return this.secretHolder.isTemporay();
    }

    @Override // com.alibaba.sdk.android.plugin.weaksecurity.impl.SecurityInitHandler.OnStaticDataChangedListener
    public synchronized void onStaticDataChanged(String str) {
        SecretHolder decryptStaticData = decryptStaticData(str);
        if (decryptStaticData == null) {
            AliSDKLogger.e(TAG, "new SecretHolder is null.");
        } else {
            DynamicDataComponent transform = transform(decryptStaticData);
            this.secretHolder = decryptStaticData;
            buildGuardComponents(transform);
            this.rawDatastore.putString(KEY_STATIC_DATA, str);
        }
    }
}
