package com.rytong.emp.net;

import android.app.Activity;
import android.content.Context;
import com.alipay.mobile.antui.screenadpt.AUScreenAdaptTool;
import com.alipay.mobile.common.transport.http.selfencrypt.ClientRpcPack;
import com.alipay.mobile.quinox.perfhelper.hw.LogPowerProxy;
import com.rytong.emp.data.AndroidPreferenceDB;
import com.rytong.emp.data.AndroidResources;
import com.rytong.emp.data.FileManager;
import com.rytong.emp.data.offstore.OffStoreUtils;
import com.rytong.emp.render.EMPThreadPool;
import com.rytong.emp.security.AESCipher;
import com.rytong.emp.security.AppVerify;
import com.rytong.emp.security.Base64;
import com.rytong.emp.security.Constant;
import com.rytong.emp.security.HMac;
import com.rytong.emp.security.PRFCipher;
import com.rytong.emp.security.RSACipher;
import com.rytong.emp.security.adapter.AESAdapter;
import com.rytong.emp.security.adapter.HMacAdapter;
import com.rytong.emp.security.adapter.RSAAdapter;
import com.rytong.emp.test.OfflinePerfTestManager;
import com.rytong.emp.tool.EMPConfig;
import com.rytong.emp.tool.Utils;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Random;
import javax.crypto.Cipher;

/* loaded from: classes.dex */
public class ClientHello {
    public static final String CER_FILENAME = "cer_file";
    public static final String CLIENT_APPVERIFY = "/user/appverify?";
    static final String CLIENT_FACILITY_HELLO = "/user/handshake?";
    static final String CLIENT_HELLO = "/user/hello?";
    static final String CLIENT_KEY_EXCHANGE = "/user/exchange?";
    private static final String MAKE_CERT = "/user/make_cert?";
    public static final String RNS2_FILENAME = "rns2_file";
    static byte[] mClientHmacKey;
    private static Context mCurContext;
    public static byte[] mPMS;
    public static byte[] mPMS2;
    public static byte[] mRNS;
    static byte[] mServerHmacKey;
    private static String mText;
    public static float mTlsVersion;
    private final String SERVER_TWOWAY_SIGN;
    private byte[] mClientHelloBody;
    private byte[] mClientKeyExchangeBody;
    private boolean mClientTwowaySign;
    CryptoHttpManager mHttpManager;
    private boolean mIsOfflineUpdate;
    private byte[] mMS;
    private byte[] mMS2;
    private byte[] mRNC;
    private byte[] mRNS2;
    private byte[] mServerHelloBody;
    private byte[] mServerKeyExchangeBody;
    private Object mServerPubKey;
    private boolean mServerTowwaySign;
    public static String CERTIFICATE_PATH = "rootCA/xx_ca.png";
    private static String CERTIFICATE_FILENAME = "cert.dat";
    public static int mConnectTimes = 0;
    public static float TLS_VERSION_1_0 = 1.0f;
    public static float TLS_VERSION_1_1 = 1.1f;
    public static float TLS_VERSION_1_2 = 1.2f;
    public static float TLS_VERSION_1_3 = 1.3f;
    public static float TLS_VERSION_1_4 = 1.4f;

    public ClientHello() throws Exception {
        this(mCurContext, "", false);
    }

    public ClientHello(Context context, String str, boolean z) throws Exception {
        this.SERVER_TWOWAY_SIGN = "serverTowwaySign";
        this.mIsOfflineUpdate = false;
        this.mIsOfflineUpdate = z;
        OfflinePerfTestManager.printStart(OfflinePerfTestManager.CLIENTHEOOL);
        initTlsData(context);
        readClientTwoWaySign();
        mCurContext = context;
        String serverUri = EMPConfig.newInstance().getServerUri();
        String versionName = Utils.getVersionName(context);
        byte[] readServerRandom2 = readServerRandom2(context);
        byte[] readServerCertificate = readServerCertificate(context);
        if (readServerRandom2 == null || readServerRandom2.length <= 0 || readServerCertificate == null || readServerCertificate.length <= 0) {
            fullClientHello(context, serverUri, versionName, str);
        } else {
            this.mServerPubKey = RSAAdapter.getPublicKey(RSAAdapter.getCertificate(readServerCertificate));
            mRNS = readServerRandom2;
            this.mRNS2 = readServerRandom2;
            facilityClientHello(context, serverUri, versionName, str);
        }
        OfflinePerfTestManager.printDuration(OfflinePerfTestManager.CLIENTHEOOL);
    }

    private final byte[] createFacilityClientHelloBody(Context context, String str) throws Exception {
        byte[] createFullClientHelloBody = createFullClientHelloBody();
        byte[] clientKeyExchangeBody = getClientKeyExchangeBody();
        byte[] bArr = null;
        try {
            bArr = getClientCertificateBody(context, str);
        } catch (Exception e) {
            Utils.printException(e);
        }
        byte[] bArr2 = null;
        try {
            bArr2 = getCertificateVerifyBody(context, createFullClientHelloBody, clientKeyExchangeBody, bArr);
        } catch (Exception e2) {
            Utils.printException(e2);
        }
        byte[] joinBytes = Utils.joinBytes(createFullClientHelloBody, clientKeyExchangeBody, bArr, bArr2, getChangeCipherSpecBody());
        Utils.printLog("createFacilityClientHelloBody() handshakeMsg ---->", "");
        byte[] finishBody = getFinishBody(joinBytes);
        byte[] offlineBody = this.mIsOfflineUpdate ? getOfflineBody() : null;
        byte[] joinBytes2 = Utils.joinBytes(joinBytes, finishBody, offlineBody);
        int length = offlineBody == null ? joinBytes2.length : joinBytes2.length - offlineBody.length;
        this.mClientHelloBody = new byte[length];
        System.arraycopy(joinBytes2, 0, this.mClientHelloBody, 0, length);
        return joinBytes2;
    }

    private final byte[] createFullClientHelloBody() throws Exception {
        byte[] clientProtocolVersion = getClientProtocolVersion();
        this.mRNC = Utils.joinBytes(Utils.getClientGMTUnixTime(), getClientRandom(28));
        byte[] joinBytes = Utils.joinBytes(clientProtocolVersion, this.mRNC, getGroupInfor(), getCipherSuiteInfor(), getCertSerialNumberInfor());
        return Utils.joinBytes(new byte[]{Constant.HandshakeType[Constant.htIndex.client_hello.ordinal()]}, Utils.intToByteArrayInNBO(joinBytes.length), joinBytes);
    }

    private final byte[] createMS2(byte[] bArr, byte[] bArr2) throws Exception {
        return createMasterSecret(bArr, HMac.TLS_MD_MASTER_SECRET2_CONST(), bArr2, 48);
    }

    private final byte[] createMasterSecret(byte[] bArr, byte[] bArr2, byte[] bArr3, int i) throws Exception {
        return PRFCipher.PRF(bArr, bArr2, bArr3, i);
    }

    protected static final byte[] decrypt(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        if (AESCipher.customerKey_ != null && AESCipher.customerIv_ != null) {
            try {
                return AESAdapter.decrypt(bArr, AESCipher.customerKey_, AESCipher.customerIv_);
            } catch (Exception e) {
                Utils.printException(e);
            }
        }
        return bArr;
    }

    protected static final byte[] encrypt(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        if (AESCipher.customerKey_ != null && AESCipher.customerIv_ != null) {
            try {
                return AESAdapter.encrypt(bArr, AESCipher.customerKey_, AESCipher.customerIv_);
            } catch (Exception e) {
                Utils.printException(e);
            }
        }
        return bArr;
    }

    public static byte[] getAESIv(byte[] bArr) throws Exception {
        byte[] bArr2 = new byte[16];
        System.arraycopy(bArr, 32, bArr2, 0, 16);
        return bArr2;
    }

    public static byte[] getAESKey(byte[] bArr) throws Exception {
        byte[] bArr2 = new byte[32];
        System.arraycopy(bArr, 0, bArr2, 0, 32);
        return bArr2;
    }

    private static final byte[] getCertSerialNumberInfor() {
        return new byte[]{0};
    }

    private final byte[] getCertificateVerifyBody(Context context, byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        if (bArr == null || bArr2 == null || bArr3 == null || "".equals(bArr) || "".equals(bArr2) || "".equals(bArr3) || bArr2.length == 0 || bArr.length == 0 || bArr3.length == 0) {
            return null;
        }
        if ((!this.mClientTwowaySign && !this.mServerTowwaySign) || mTlsVersion < TLS_VERSION_1_2) {
            return null;
        }
        byte[] joinBytes = Utils.joinBytes(bArr, bArr2, bArr3);
        byte[] md5Hash = getMd5Hash(joinBytes);
        byte[] shaHash = getShaHash(joinBytes);
        byte[] bArr4 = {Constant.HandshakeType[Constant.htIndex.certificate_verify.ordinal()]};
        byte[] joinBytes2 = Utils.joinBytes(md5Hash, shaHash);
        int length = joinBytes2.length;
        byte[] bArr5 = new byte[128];
        int i = 128 - length;
        for (int i2 = 0; i2 < length; i2++) {
            bArr5[i + i2] = joinBytes2[i2];
        }
        String[] split = ((String) FileManager.readFileByAD(context, "sk.dat")).split(AUScreenAdaptTool.PREFIX_ID);
        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) RSACipher.getPrivateKey(split[0], split[1]);
        Cipher cipher = Cipher.getInstance("RSA/ECB/NoPadding");
        cipher.init(1, rSAPrivateKey);
        byte[] doFinal = cipher.doFinal(bArr5);
        return Utils.joinBytes(bArr4, Utils.intToByteArrayInNBO(doFinal.length), doFinal);
    }

    private final byte[] getChangeCipherSpecBody() throws Exception {
        return Utils.joinBytes(new byte[]{Constant.HandshakeType[Constant.htIndex.ChangeCipherSpec.ordinal()]}, Utils.intToByteArrayInNBO(1), new byte[]{0});
    }

    private static final byte[] getCipherSuiteInfor() throws Exception {
        byte[] bArr = Constant.TLS_RSA_WITH_AES_256_CBC_SHA;
        byte[] bArr2 = Constant.TLS_RSA_WITH_AES_256_CBC_MD5;
        byte[] bArr3 = Constant.TLS_SM2_WITH_SM4_128_CBC_SM2;
        byte[] bArr4 = new byte[2];
        if (EMPConfig.newInstance().isUseSM()) {
            bArr4[1] = 2;
            return Utils.joinBytes(bArr4, bArr3);
        }
        bArr4[1] = 4;
        return Utils.joinBytes(bArr4, bArr, bArr2);
    }

    private final byte[] getClientCertificateBody(Context context, String str) throws Exception {
        String str2 = AndroidPreferenceDB.ANDROIDDB.get("serverTowwaySign");
        if (str2 != null && str2.toString().equalsIgnoreCase("true")) {
            this.mServerTowwaySign = true;
        }
        if ((!this.mClientTwowaySign && !this.mServerTowwaySign) || mTlsVersion < TLS_VERSION_1_2) {
            return null;
        }
        byte[] bArr = (byte[]) FileManager.readFileByAD(context, CERTIFICATE_FILENAME);
        return Utils.joinBytes(new byte[]{Constant.HandshakeType[Constant.htIndex.certificate.ordinal()]}, Utils.intToByteArrayInNBO(bArr.length), bArr);
    }

    public static byte[] getClientHmacKey() {
        return mClientHmacKey;
    }

    private final byte[] getClientKeyExchangeBody() throws Exception {
        byte[] preMasterSecret = getPreMasterSecret();
        mPMS = preMasterSecret;
        Utils.printLog("PreMasterSecret ---->", "");
        byte[] doPublicEncrypt = RSAAdapter.doPublicEncrypt(Utils.joinBytes(preMasterSecret, mRNS, new byte[]{0}, null), this.mServerPubKey, RSACipher.TRANSFORMATION_RSA_ECB_PKCS1);
        return Utils.joinBytes(new byte[]{Constant.HandshakeType[Constant.htIndex.client_key_exchange.ordinal()]}, Utils.intToByteArrayInNBO(doPublicEncrypt.length), doPublicEncrypt);
    }

    private byte[] getClientProtocolVersion() {
        mTlsVersion = EMPConfig.newInstance().getTlsVersion();
        Utils.printLog("Client Protocol Version", Float.valueOf(mTlsVersion));
        byte[] bArr = new byte[2];
        bArr[0] = 1;
        if (mTlsVersion == TLS_VERSION_1_0) {
            bArr[1] = 0;
        } else if (mTlsVersion == TLS_VERSION_1_1) {
            bArr[1] = 1;
        } else if (mTlsVersion == TLS_VERSION_1_2) {
            bArr[1] = 2;
        } else if (mTlsVersion == TLS_VERSION_1_3) {
            bArr[1] = 3;
        } else if (mTlsVersion == TLS_VERSION_1_4) {
            bArr[1] = 4;
        } else {
            bArr[1] = 4;
        }
        return bArr;
    }

    public static byte[] getClientRandom(int i) throws Exception {
        byte[] bArr = new byte[i];
        for (int i2 = 0; i2 < i; i2++) {
            bArr[i2] = (byte) ((new Random().nextInt() + System.currentTimeMillis()) % 256);
        }
        return bArr;
    }

    private final void getFinalKey(byte[] bArr, byte[] bArr2) throws Exception {
        byte[] PRF = PRFCipher.PRF(bArr, HMac.TLS_MD_CLIENT_SERVER_KEYIVMAC_CONST(), bArr2, LogPowerProxy.VIDEO_START);
        byte[] bArr3 = new byte[68];
        System.arraycopy(PRF, 0, bArr3, 0, 68);
        Utils.printLog("getFinalKey() sessionKey_ ---->", "");
        Utils.printLog("getFinalKey() sessionKey_ key ---->", "");
        Utils.printLog("getFinalKey() sessionKey_ iv ---->", "");
        Utils.printLog("getFinalKey() sessionKey_ hmac ---->", "");
        byte[] bArr4 = new byte[68];
        System.arraycopy(PRF, 68, bArr4, 0, 68);
        Utils.printLog("getFinalKey() serverKey ---->", "");
        Utils.printLog("getFinalKey() serverKey key ---->", "");
        Utils.printLog("getFinalKey() serverKey iv ---->", "");
        Utils.printLog("getFinalKey() serverKey hmac ---->", "");
        AESCipher.clientKey_ = getAESKey(bArr3);
        AESCipher.clientIv_ = getAESIv(bArr3);
        AESCipher.serverKey_ = getAESKey(bArr4);
        AESCipher.serverIv_ = getAESIv(bArr4);
        mClientHmacKey = getHMacKey(bArr3);
        mServerHmacKey = getHMacKey(bArr4);
    }

    private final byte[] getFinishBody(byte[] bArr) throws Exception {
        byte[] verifyData = getVerifyData(bArr);
        return Utils.joinBytes(new byte[]{Constant.HandshakeType[Constant.htIndex.finished.ordinal()]}, Utils.intToByteArrayInNBO(verifyData.length), verifyData);
    }

    private static final byte[] getGroupInfor() {
        return mTlsVersion >= TLS_VERSION_1_4 ? new byte[]{10} : new byte[]{0};
    }

    private byte[] getHMacKey(byte[] bArr) throws Exception {
        byte[] bArr2 = new byte[20];
        System.arraycopy(bArr, 48, bArr2, 0, 20);
        return bArr2;
    }

    private static final byte[] getHandshakeMessage(byte[]... bArr) throws Exception {
        return Utils.joinBytes(bArr);
    }

    private final byte[] getHandshakeMessage2() throws Exception {
        return Utils.joinBytes(this.mClientHelloBody, this.mServerHelloBody, this.mClientKeyExchangeBody, this.mServerKeyExchangeBody);
    }

    private final byte[] getMd5Hash(byte[] bArr) {
        try {
            return HMacAdapter.MD5(bArr);
        } catch (Exception e) {
            Utils.printException(e);
            return null;
        }
    }

    private byte[] getMessageLength(byte[] bArr, int i) {
        byte[] bArr2 = new byte[4];
        System.arraycopy(bArr, i, bArr2, 0, 4);
        return bArr2;
    }

    private byte[] getOfflineBody() throws Exception {
        String s = OffStoreUtils.getS(false);
        String s2 = OffStoreUtils.getS(true);
        Utils.printLog("getOfflineBody --->", "clientS:" + s + "..optionS:" + s2);
        int length = s.getBytes().length;
        byte[] bArr = new byte[length + 5];
        bArr[0] = ClientRpcPack.SYMMETRIC_ENCRYPT_3DES;
        byte[] intToByteArrayInNBO = Utils.intToByteArrayInNBO(length);
        System.arraycopy(intToByteArrayInNBO, 0, bArr, 1, intToByteArrayInNBO.length);
        System.arraycopy(s.getBytes(), 0, bArr, 5, length);
        int length2 = s2.getBytes().length;
        byte[] bArr2 = new byte[length2 + 5];
        bArr2[0] = 13;
        byte[] intToByteArrayInNBO2 = Utils.intToByteArrayInNBO(length2);
        System.arraycopy(intToByteArrayInNBO2, 0, bArr2, 1, intToByteArrayInNBO2.length);
        System.arraycopy(s2.getBytes(), 0, bArr2, 5, length2);
        return Utils.joinBytes(bArr, bArr2);
    }

    private final byte[] getPreMasterSecret() throws Exception {
        return Utils.joinBytes(getClientProtocolVersion(), getClientRandom(46));
    }

    public static byte[] getServerHmacKey() {
        return mServerHmacKey;
    }

    private final byte[] getShaHash(byte[] bArr) {
        try {
            return HMacAdapter.SHA1(bArr);
        } catch (Exception e) {
            Utils.printException(e);
            return null;
        }
    }

    public static String getText() {
        return mText;
    }

    private final byte[] getVerifyData(byte[] bArr) throws Exception {
        byte[] TLS_MD_CLIENT_FINISH_CONST = HMac.TLS_MD_CLIENT_FINISH_CONST();
        Utils.printLog("getVerifyData() label ---->", "");
        byte[] MD5 = HMacAdapter.MD5(bArr);
        Utils.printLog("getVerifyData() encryptedMd5 ---->", "");
        byte[] SHA1 = HMacAdapter.SHA1(bArr);
        Utils.printLog("getVerifyData() encryptedSha1 ---->", "");
        byte[] joinBytes = Utils.joinBytes(MD5, SHA1);
        Utils.printLog("getVerifyData() seed ---->", "");
        byte[] createMasterSecret = createMasterSecret(mPMS, HMac.TLS_MD_MASTER_SECRET_CONST(), Utils.joinBytes(this.mRNC, mRNS), 68);
        this.mMS = createMasterSecret;
        return PRFCipher.PRF(createMasterSecret, TLS_MD_CLIENT_FINISH_CONST, joinBytes, 12);
    }

    private int handleChangeCipherSpec(byte[] bArr, int i) throws Exception {
        byte b = bArr[i];
        int i2 = i + 1;
        byte[] messageLength = getMessageLength(bArr, i2);
        int i3 = i2 + 4;
        int byteArrayToIntInNBO = Utils.byteArrayToIntInNBO(messageLength, 0);
        if (b != Constant.HandshakeType[Constant.htIndex.ChangeCipherSpec.ordinal()]) {
            return i3;
        }
        byte b2 = bArr[i3];
        int i4 = i3 + byteArrayToIntInNBO;
        Utils.printLog("handleChangeCipherSpec() cipherSpec ---->", "");
        return i4;
    }

    private String handleFacilityServerHelloResponse(byte[] bArr, Context context) throws Exception {
        Utils.printLog("ServerHelloResponse ---->", "");
        int handleChangeCipherSpec = handleChangeCipherSpec(bArr, handlerServerKeyExchange(bArr, handleServerCertificate(bArr, handleServerHello(bArr, 0), context)));
        this.mServerKeyExchangeBody = new byte[handleChangeCipherSpec];
        System.arraycopy(bArr, 0, this.mServerKeyExchangeBody, 0, handleChangeCipherSpec);
        String handleInitContent = handleInitContent(bArr, handleFinish(bArr, handleChangeCipherSpec));
        restoreServerRandom2(this.mRNS2, context);
        return handleInitContent;
    }

    private int handleFinish(byte[] bArr, int i) throws Exception {
        byte b = bArr[i];
        int i2 = i + 1;
        byte[] messageLength = getMessageLength(bArr, i2);
        int i3 = i2 + 4;
        int byteArrayToIntInNBO = Utils.byteArrayToIntInNBO(messageLength, 0);
        byte[] bArr2 = null;
        if (b == Constant.HandshakeType[Constant.htIndex.finished.ordinal()]) {
            bArr2 = new byte[byteArrayToIntInNBO];
            System.arraycopy(bArr, i3, bArr2, 0, byteArrayToIntInNBO);
            i3 += byteArrayToIntInNBO;
            Utils.printLog("handleFinish() verifyData ---->", "");
        }
        verifyFinishData(bArr2);
        return i3;
    }

    private final void handleFullServerHelloResponse(byte[] bArr, Context context) throws Exception {
        this.mServerHelloBody = bArr;
        Utils.printLog("ServerHelloResponse ---->", "");
        handleServerCertificateRequest(context, bArr, handleServerCertificate(bArr, handleServerHello(bArr, 0), context));
    }

    private final String handleFullServerKeyExchangeResponse(byte[] bArr, Context context) throws Exception {
        Utils.printLog("ServerKeyExchangeResponse.length ---->", Integer.valueOf(bArr.length));
        Utils.printLog("ServerKeyExchangeResponse ---->", Byte.valueOf(bArr[0]));
        int handleChangeCipherSpec = handleChangeCipherSpec(bArr, handlerServerKeyExchange(bArr, 0));
        this.mServerKeyExchangeBody = new byte[handleChangeCipherSpec];
        System.arraycopy(bArr, 0, this.mServerKeyExchangeBody, 0, handleChangeCipherSpec);
        Utils.printLog("handleChangeCipherSpec() mServerKeyExchangeBody ---->", "");
        String handleInitContent = handleInitContent(bArr, handleFinish(bArr, handleChangeCipherSpec));
        restoreServerRandom2(this.mRNS2, context);
        return handleInitContent;
    }

    private String handleInitContent(byte[] bArr, int i) {
        String str = "";
        try {
            byte b = bArr[i];
            int i2 = i + 1;
            byte[] messageLength = getMessageLength(bArr, i2);
            int i3 = i2 + 4;
            int byteArrayToIntInNBO = Utils.byteArrayToIntInNBO(messageLength, 0);
            if (b == Constant.HandshakeType[Constant.htIndex.InitContent.ordinal()]) {
                byte[] bArr2 = new byte[byteArrayToIntInNBO];
                System.arraycopy(bArr, i3, bArr2, 0, byteArrayToIntInNBO);
                i3 += byteArrayToIntInNBO;
                String str2 = new String(AESAdapter.decrypt(bArr2, AESCipher.serverKey_, AESCipher.serverIv_));
                try {
                    Utils.printLog("init content data init--->", str2);
                    str = str2;
                } catch (Exception e) {
                    e = e;
                    str = str2;
                    Utils.printException(e);
                    return str;
                }
            }
            if (this.mIsOfflineUpdate) {
                handleOffline(bArr, i3);
            }
        } catch (Exception e2) {
            e = e2;
        }
        return str;
    }

    private void handleOffline(byte[] bArr, int i) {
        String str = "";
        try {
            byte b = bArr[i];
            int i2 = i + 1;
            int byteArrayToIntInNBO = Utils.byteArrayToIntInNBO(getMessageLength(bArr, i2), 0);
            int i3 = i2 + 4;
            if (b == 14) {
                byte[] bArr2 = new byte[byteArrayToIntInNBO];
                System.arraycopy(bArr, i3, bArr2, 0, byteArrayToIntInNBO);
                int i4 = i3 + byteArrayToIntInNBO;
                String str2 = new String(AESAdapter.decrypt(bArr2, AESCipher.serverKey_, AESCipher.serverIv_));
                try {
                    Utils.printLog("handleOffline result--->", str2);
                    str = str2;
                } catch (Exception e) {
                    e = e;
                    str = str2;
                    Utils.printException(e);
                    AndroidResources.OFFSTORED.setHashRes(str);
                }
            }
        } catch (Exception e2) {
            e = e2;
        }
        AndroidResources.OFFSTORED.setHashRes(str);
    }

    private final int handleServerCertificate(byte[] bArr, int i, Context context) throws Exception {
        if (i > bArr.length - 2) {
            return i;
        }
        byte b = bArr[i];
        int i2 = i + 1;
        byte[] messageLength = getMessageLength(bArr, i2);
        int i3 = i2 + 4;
        int byteArrayToIntInNBO = Utils.byteArrayToIntInNBO(messageLength, 0);
        if (b != Constant.HandshakeType[Constant.htIndex.certificate.ordinal()]) {
            return i3;
        }
        byte[] bArr2 = new byte[byteArrayToIntInNBO];
        System.arraycopy(bArr, i3, bArr2, 0, byteArrayToIntInNBO);
        int i4 = i3 + byteArrayToIntInNBO;
        verifyServerCertificate(bArr2, context);
        return i4;
    }

    private final int handleServerCertificateRequest(Context context, byte[] bArr, int i) throws Exception {
        if (i > bArr.length - 2) {
            this.mServerTowwaySign = false;
            return i;
        }
        byte b = bArr[i];
        int i2 = i + 1;
        byte[] messageLength = getMessageLength(bArr, i2);
        int i3 = i2 + 4;
        Utils.byteArrayToIntInNBO(messageLength, 0);
        if (b != Constant.HandshakeType[Constant.htIndex.certificate_request.ordinal()]) {
            return i3;
        }
        byte b2 = bArr[i3];
        int i4 = i3 + 1;
        this.mServerTowwaySign = true;
        AndroidPreferenceDB.ANDROIDDB.save("serverTowwaySign", String.valueOf(this.mServerTowwaySign));
        return i4;
    }

    private final int handleServerHello(byte[] bArr, int i) throws Exception {
        byte b = bArr[i];
        int i2 = i + 1;
        byte[] messageLength = getMessageLength(bArr, i2);
        int i3 = i2 + 4;
        Utils.byteArrayToIntInNBO(messageLength, 0);
        if (b != Constant.HandshakeType[Constant.htIndex.server_hello.ordinal()]) {
            return i3;
        }
        System.arraycopy(bArr, i3, new byte[2], 0, 2);
        int i4 = i3 + 2;
        byte[] bArr2 = new byte[4];
        System.arraycopy(bArr, i4, bArr2, 0, 4);
        int i5 = i4 + 4;
        byte[] bArr3 = new byte[28];
        System.arraycopy(bArr, i5, bArr3, 0, 28);
        int i6 = i5 + 28;
        mRNS = Utils.joinBytes(bArr2, bArr3);
        int i7 = bArr[i6];
        int i8 = i6 + 1;
        System.arraycopy(bArr, i8, new byte[i7], 0, i7);
        int i9 = i8 + i7;
        Utils.printLog("session id ----> ", "");
        Utils.printLog("session id ----> ", "");
        byte[] bArr4 = {bArr[i9], bArr[i9 + 1]};
        return i9 + 2;
    }

    private final void handleServerKeyExchange(byte[] bArr) throws Exception {
        byte[] bArr2;
        byte[] bArr3 = this.mMS;
        byte[] decrypt = AESAdapter.decrypt(bArr, getAESKey(bArr3), getAESIv(bArr3));
        Utils.printLog("handleServerKeyExchange() decryptedSKE ---->", "");
        byte[] bArr4 = new byte[4];
        System.arraycopy(decrypt, 0, bArr4, 0, 4);
        int i = 0 + 4;
        Utils.printLog("handleServerKeyExchange() gmtUnixTimeByts ---->", "");
        byte[] bArr5 = new byte[28];
        System.arraycopy(decrypt, i, bArr5, 0, 28);
        int i2 = i + 28;
        Utils.printLog("handleServerKeyExchange() serverRandom2_ ---->", "");
        this.mRNS2 = Utils.joinBytes(bArr4, bArr5);
        byte[] bArr6 = new byte[2];
        System.arraycopy(decrypt, i2, bArr6, 0, 2);
        int i3 = i2 + 2;
        byte[] bArr7 = new byte[46];
        System.arraycopy(decrypt, i3, bArr7, 0, 46);
        int i4 = i3 + 46;
        if (EMPConfig.newInstance().isUseSM()) {
            bArr2 = new byte[32];
            System.arraycopy(decrypt, i4, bArr2, 0, 32);
        } else {
            bArr2 = new byte[20];
            System.arraycopy(decrypt, i4, bArr2, 0, 20);
        }
        verifyHMacSha1(bArr3, Utils.joinBytes(this.mRNS2, bArr6, bArr7), bArr2);
        mPMS2 = Utils.joinBytes(bArr6, bArr7);
        byte[] joinBytes = Utils.joinBytes(this.mRNC, mRNS);
        this.mMS2 = createMS2(mPMS2, joinBytes);
        getFinalKey(this.mMS2, joinBytes);
    }

    private int handlerServerKeyExchange(byte[] bArr, int i) throws Exception {
        byte b = bArr[i];
        int i2 = i + 1;
        byte[] messageLength = getMessageLength(bArr, i2);
        int i3 = i2 + 4;
        int byteArrayToIntInNBO = Utils.byteArrayToIntInNBO(messageLength, 0);
        if (b != Constant.HandshakeType[Constant.htIndex.server_key_exchange.ordinal()]) {
            return i3;
        }
        byte[] bArr2 = new byte[byteArrayToIntInNBO];
        System.arraycopy(bArr, i3, bArr2, 0, byteArrayToIntInNBO);
        Utils.printLog("handlerServerKeyExchange() encryptedServerKeyExchange ---->", "");
        handleServerKeyExchange(bArr2);
        return i3 + byteArrayToIntInNBO;
    }

    private void initTlsData(Context context) {
        this.mHttpManager = new CryptoHttpManager(context);
        this.mClientHelloBody = null;
        this.mServerHelloBody = null;
        this.mClientKeyExchangeBody = null;
        this.mServerKeyExchangeBody = null;
        mClientHmacKey = null;
        mServerHmacKey = null;
    }

    private String readBankUserCode() {
        try {
            return AndroidPreferenceDB.ANDROIDDB.get(AndroidPreferenceDB.BANKUSERCODE_DB);
        } catch (Exception e) {
            Utils.printException(e);
            return "";
        }
    }

    private void readClientTwoWaySign() {
        if (EMPConfig.newInstance().isTwowayAuthentication()) {
            this.mClientTwowaySign = true;
        } else {
            this.mClientTwowaySign = false;
        }
    }

    private static final byte[] readFile(Context context, String str) {
        byte[] bArr = null;
        try {
            FileInputStream openFileInput = context.openFileInput(str);
            bArr = new byte[openFileInput.available()];
            openFileInput.read(bArr);
            openFileInput.close();
            return bArr;
        } catch (Exception e) {
            Utils.printException(e);
            return bArr;
        }
    }

    private static final byte[] readServerCertificate(Context context) {
        byte[] bArr = null;
        try {
        } catch (Exception e) {
            Utils.printException(e);
        }
        if (!new File(FileManager.FILEROOT.concat(CER_FILENAME)).exists()) {
            return null;
        }
        bArr = decrypt(readFile(context, CER_FILENAME));
        return bArr;
    }

    private static final byte[] readServerRandom2(Context context) {
        byte[] bArr = null;
        try {
        } catch (Exception e) {
            Utils.printException(e);
        }
        if (!new File(FileManager.FILEROOT.concat(RNS2_FILENAME)).exists()) {
            return null;
        }
        bArr = decrypt(readFile(context, RNS2_FILENAME));
        return bArr;
    }

    private String readTmsUserCode() {
        try {
            return AndroidPreferenceDB.ANDROIDDB.get(AndroidPreferenceDB.TMSUSERCODE_DB);
        } catch (Exception e) {
            Utils.printException(e);
            return "";
        }
    }

    private static final void restoreServerCertificate(byte[] bArr, Context context) {
        try {
            updateFile(context, CER_FILENAME, encrypt(bArr));
        } catch (Exception e) {
            Utils.printException(e);
        }
    }

    private static final void restoreServerRandom2(byte[] bArr, Context context) {
        try {
            updateFile(context, RNS2_FILENAME, encrypt(bArr));
        } catch (Exception e) {
            Utils.printException(e);
        }
    }

    private final byte[] sendClientKeyExchange(Context context, String str, String str2, byte[] bArr, byte[] bArr2, EMPThreadPool.Task task, String str3) throws Exception {
        sendRSAPublicKey(context, str, MAKE_CERT);
        byte[] clientKeyExchangeBody = getClientKeyExchangeBody();
        byte[] bArr3 = null;
        try {
            bArr3 = getClientCertificateBody(context, str);
        } catch (Exception e) {
            Utils.printException(e);
        }
        byte[] bArr4 = null;
        try {
            bArr4 = getCertificateVerifyBody(context, bArr, bArr2, Utils.joinBytes(clientKeyExchangeBody, bArr3));
        } catch (Exception e2) {
            Utils.printException(e2);
        }
        byte[] changeCipherSpecBody = getChangeCipherSpecBody();
        byte[] finishBody = getFinishBody(getHandshakeMessage(this.mClientHelloBody, this.mServerHelloBody, Utils.joinBytes(clientKeyExchangeBody, bArr3, bArr4, changeCipherSpecBody)));
        byte[] offlineBody = this.mIsOfflineUpdate ? getOfflineBody() : null;
        byte[] joinBytes = Utils.joinBytes(clientKeyExchangeBody, bArr3, bArr4, changeCipherSpecBody, finishBody, offlineBody);
        int length = offlineBody == null ? joinBytes.length : joinBytes.length - offlineBody.length;
        this.mClientKeyExchangeBody = new byte[length];
        System.arraycopy(joinBytes, 0, this.mClientKeyExchangeBody, 0, length);
        String concat = str.concat(CLIENT_KEY_EXCHANGE).concat("ota_version=").concat(EMPConfig.newInstance().getClientType()).concat("-UMP-").concat(str2).concat("-080901").concat(str3);
        if (mTlsVersion >= TLS_VERSION_1_3) {
            String verifyHash = AppVerify.verifyHash(mPMS, context);
            if (verifyHash == null || verifyHash.equals("")) {
                verifyHash = "0";
            }
            concat = concat.concat("&sign=").concat(Utils.escapeURIComponent(verifyHash));
        }
        if (this.mIsOfflineUpdate) {
            concat = concat.concat("&platform=").concat(Utils.getPlatform().toLowerCase()).concat("&resolution=").concat(Utils.getScreenResolution((Activity) context));
        }
        return (byte[]) this.mHttpManager.sendPostRequest(concat, Base64.encode(joinBytes), false, null, "application/octet-stream", task);
    }

    private void sendRSAPublicKey(Context context, String str, String str2) {
        try {
            if (this.mClientTwowaySign || this.mServerTowwaySign) {
                if (!new File(FileManager.FILEROOT.concat(CERTIFICATE_FILENAME)).exists() || FileManager.readFileByAD(context, CERTIFICATE_FILENAME) == null) {
                    RSACipher.genKeys(context, "RYTEMP" + System.currentTimeMillis());
                    String[] split = ((String) FileManager.readFileByAD(context, "pk.dat")).split(AUScreenAdaptTool.PREFIX_ID);
                    RSAPublicKey rSAPublicKey = (RSAPublicKey) RSACipher.getPublicKey(split[0], split[1]);
                    FileManager.saveFileByAD(context, (byte[]) this.mHttpManager.sendPostRequest(str.concat(str2).concat("n=").concat(Utils.escapeURIComponent(Base64.encode(rSAPublicKey.getModulus().toByteArray()))).concat("&e=").concat(Utils.escapeURIComponent(Base64.encode(rSAPublicKey.getPublicExponent().toByteArray()))).concat("&id=").concat(Utils.escapeURIComponent(Utils.getUUID(context))), "", false, null, null, null), CERTIFICATE_FILENAME);
                }
            }
        } catch (Exception e) {
            Utils.printException(e);
        }
    }

    private void setCookie(String str) {
        HttpManager.COOKIE = str;
    }

    private static final void updateFile(Context context, String str, byte[] bArr) {
        try {
            FileOutputStream openFileOutput = context.openFileOutput(str, 0);
            openFileOutput.write(new byte[0]);
            openFileOutput.write(bArr);
            openFileOutput.flush();
            openFileOutput.close();
        } catch (Exception e) {
            Utils.printException(e);
        }
    }

    private final void verifyFinishData(byte[] bArr) throws Exception {
        byte[] TLS_MD_SERVER_FINISH_CONST = HMac.TLS_MD_SERVER_FINISH_CONST();
        byte[] handshakeMessage2 = getHandshakeMessage2();
        byte[] PRF = PRFCipher.PRF(this.mMS2, TLS_MD_SERVER_FINISH_CONST, Utils.joinBytes(HMacAdapter.MD5(handshakeMessage2), HMacAdapter.SHA1(handshakeMessage2)), 12);
        if (PRF == null) {
            throw new Exception("HMac verify finish failed!");
        }
        for (int i = 0; i < PRF.length; i++) {
            if (PRF[i] != bArr[i]) {
                throw new Exception("HMac verify finish failed!");
            }
        }
        Utils.printLog("verifyFinishData() verify passed! ---->", "");
    }

    private final void verifyHMacSha1(byte[] bArr, byte[] bArr2, byte[] bArr3) throws Exception {
        byte[] encryptHMAC = HMacAdapter.encryptHMAC(bArr2, getHMacKey(bArr), HMac.KEY_MAC_SHA1);
        if (encryptHMAC == null) {
            throw new Exception("HMac verify failed!");
        }
        for (int i = 0; i < encryptHMAC.length; i++) {
            if (encryptHMAC[i] != bArr3[i]) {
                throw new Exception("HMac verify failed!");
            }
        }
        Utils.printLog("verifyHMacSha1() verify passed! ---->", "");
    }

    private final void verifyServerCertificate(byte[] bArr, Context context) throws IOException, CertificateException, Exception {
        if (!RSAAdapter.verifyCertificate(bArr, CERTIFICATE_PATH, context)) {
            throw new Exception("证书较验出错，不可信任。");
        }
        this.mServerPubKey = RSAAdapter.getPublicKey(RSAAdapter.getCertificate(bArr));
        restoreServerCertificate(bArr, context);
    }

    final void facilityClientHello(Context context, String str, String str2, String str3) throws Exception {
        byte[] createFacilityClientHelloBody = createFacilityClientHelloBody(context, str);
        boolean z = false;
        String readBankUserCode = readBankUserCode();
        String readTmsUserCode = readTmsUserCode();
        String str4 = AndroidPreferenceDB.ANDROIDDB.get(AndroidPreferenceDB.ISFIRST_DB);
        if (str4 == null || str4.equals("")) {
            str4 = "0";
        }
        String concat = str.concat(CLIENT_FACILITY_HELLO).concat("bankUserCode=").concat(readBankUserCode).concat("&tmsUserCode=").concat(readTmsUserCode).concat("&ota_version=").concat("AD-UMP-").concat(str2).concat("-080901").concat("&clientinfo=").concat("android-").concat(Utils.getPhoneTarget()).concat("-").concat(str2).concat("-").concat(Utils.getClientID()).concat("&is_first=").concat(str4).concat(str3);
        if (mTlsVersion >= TLS_VERSION_1_3) {
            String verifyHash = AppVerify.verifyHash(mPMS, context);
            if (verifyHash == null || verifyHash.equals("")) {
                verifyHash = "0";
            }
            concat = concat.concat("&sign=").concat(Utils.escapeURIComponent(verifyHash));
        }
        if (this.mIsOfflineUpdate) {
            concat = concat.concat("&platform=").concat(Utils.getPlatform().toLowerCase()).concat("&resolution=").concat(Utils.getScreenResolution((Activity) context));
        }
        try {
            byte[] bArr = (byte[]) this.mHttpManager.sendPostRequest(concat, Base64.encode(createFacilityClientHelloBody), false, null, null, null);
            if (HttpManager.mIsAppUpgrading) {
                return;
            }
            if (bArr == null || bArr.length != 1) {
                Utils.printLog("facilityClientHello", "");
                setText(handleFacilityServerHelloResponse(bArr, context));
                mConnectTimes++;
            } else {
                z = true;
            }
            if (z) {
                try {
                    fullClientHello(context, str, str2, str3);
                } catch (Exception e) {
                    Utils.printException(e);
                }
            }
        } catch (Exception e2) {
            throw e2;
        }
    }

    final void fullClientHello(Context context, String str, String str2, String str3) throws Exception {
        byte[] createFullClientHelloBody = createFullClientHelloBody();
        String str4 = AndroidPreferenceDB.ANDROIDDB.get(AndroidPreferenceDB.ISFIRST_DB);
        if (str4 == null || str4.equals("")) {
            str4 = "0";
        }
        String concat = str.concat(CLIENT_HELLO).concat("clientinfo=").concat("android-").concat(Utils.getPhoneTarget()).concat("-").concat(str2).concat("-").concat(Utils.getClientID()).concat("&is_first=").concat(str4).concat(str3);
        this.mClientHelloBody = createFullClientHelloBody;
        try {
            byte[] bArr = (byte[]) this.mHttpManager.sendPostRequest(concat, Base64.encode(createFullClientHelloBody), false, null, null, null);
            handleFullServerHelloResponse(bArr, context);
            byte[] sendClientKeyExchange = sendClientKeyExchange(context, str, str2, createFullClientHelloBody, bArr, null, str3);
            Utils.printLog("fullClientHello", "");
            setText(handleFullServerKeyExchangeResponse(sendClientKeyExchange, context));
            mConnectTimes++;
        } catch (Exception e) {
            throw e;
        }
    }

    public final void setText(String str) {
        mText = str;
    }
}
