package com.huawei.wisesecurity.ucs_credential;

import android.content.Context;
import android.text.TextUtils;
import com.huawei.hms.support.hwid.common.constants.CommonConstant;
import com.huawei.wisesecurity.ucs.credential.Credential;
import com.huawei.wisesecurity.ucs.credential.CredentialClient;
import com.huawei.wisesecurity.ucs.credential.entity.ErrorBody;
import com.huawei.wisesecurity.ucs.credential.entity.UcsKeyStoreProvider;
import com.huawei.wisesecurity.ucs.credential.nativelib.UcsLib;
import com.huawei.wisesecurity.ucs.credential.outer.NetworkCapability;
import com.huawei.wisesecurity.ucs.credential.outer.NetworkResponse;
import defpackage.eyd;
import defpackage.eye;
import defpackage.eyi;
import defpackage.eyn;
import defpackage.eyo;
import java.nio.charset.StandardCharsets;
import java.security.cert.Certificate;
import java.util.List;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes14.dex */
public class ao extends e {
    public ao(CredentialClient credentialClient, Context context, NetworkCapability networkCapability) throws eye {
        super(credentialClient, context, networkCapability);
    }

    @Override // com.huawei.wisesecurity.ucs_credential.e
    public Credential a(String str) throws eye {
        try {
            if (Integer.parseInt(new JSONObject(str).getString("expire")) == 0) {
                return this.g.genCredentialFromString(str);
            }
            throw new eye(1017L, "unenable expire.");
        } catch (NumberFormatException e) {
            throw new eye(2001L, a.a("parse TSMS resp expire error : ").append(e.getMessage()).toString());
        } catch (JSONException e2) {
            throw new eye(eyd.c, a.a("parse TSMS resp get json error : ").append(e2.getMessage()).toString());
        }
    }

    @Override // com.huawei.wisesecurity.ucs_credential.e
    public Credential a(String str, String str2, String str3, String str4, i iVar) throws eye {
        try {
            eyi.i("KeyStoreHandler", "applyCredential use KeyStoreHandler.", new Object[0]);
            return a(str, str2, str3, str4);
        } catch (Throwable th) {
            eyi.e("KeyStoreHandler", a.a("applyCredential use KeyStoreHandler get exception: ").append(th.getMessage()).toString(), new Object[0]);
            return iVar.a(0, str, str2, str3, str4, iVar);
        }
    }

    @Override // com.huawei.wisesecurity.ucs_credential.e
    public String a(NetworkResponse networkResponse) throws eye {
        boolean isSuccessful = networkResponse.isSuccessful();
        String body = networkResponse.getBody();
        if (isSuccessful) {
            return body;
        }
        ErrorBody fromString = ErrorBody.fromString(body);
        String sb = a.a("tsms service error, ").append(fromString.getErrorMessage()).toString();
        eyi.e("KeyStoreHandler", sb, new Object[0]);
        if (e.b(fromString.getErrorCode())) {
            f.b(this.b);
            eyi.i("KeyStoreHandler", "turn off android keystore CertificateChain", new Object[0]);
        }
        throw new eye(1024L, sb);
    }

    @Override // com.huawei.wisesecurity.ucs_credential.e
    public void a() throws eye {
        if (!(f.a() && eyn.getInt("ucs_keystore_sp_key_t", -1, this.b) != 0)) {
            throw m.a("KeyStoreHandler", "keyStoreCertificateChain is off. not support keyStore RSA.", new Object[0], 1022L, "keyStoreCertificateChain is off. not support keyStore RSA.");
        }
    }

    @Override // com.huawei.wisesecurity.ucs_credential.e
    public String b() throws eye {
        String str;
        if (ac.a == null) {
            ac.b.a((UcsKeyStoreProvider) null);
        }
        ac acVar = ac.b;
        acVar.a("ucs_alias_rootKey");
        Certificate[] b = acVar.b("ucs_alias_rootKey");
        if (d.a(b)) {
            f.b(this.b);
            throw new eye(2001L, "android keystore RSA no support software attestation root.");
        }
        String qVar = new q(CommonConstant.IdTokenSupportAlg.PS_256, b, "AndroidKS").toString();
        List<String> pkgNameCertFP = UcsLib.getPkgNameCertFP(this.b);
        String str2 = this.e;
        String str3 = this.d;
        String str4 = pkgNameCertFP.get(0);
        String str5 = pkgNameCertFP.get(1);
        try {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("alg", 2);
            jSONObject.put("kekAlg", 1);
            jSONObject.put("packageName", str2);
            jSONObject.put("appId", str3);
            jSONObject.put("akskVersion", 1);
            jSONObject.put("appPkgName", str4);
            jSONObject.put("appCertFP", str5);
            str = eyo.base64EncodeToString(jSONObject.toString().getBytes(StandardCharsets.UTF_8), 10);
        } catch (eye | JSONException e) {
            eyi.e("CredentialJws", "generate payload exception: {0}", e.getMessage());
            str = "";
        }
        if (TextUtils.isEmpty(qVar) || TextUtils.isEmpty(str)) {
            throw new eye(1006L, "Get signStr error");
        }
        String base64EncodeToString = eyo.base64EncodeToString(acVar.a("ucs_alias_rootKey", qVar + "." + str), 10);
        if (TextUtils.isEmpty(qVar) || TextUtils.isEmpty(str) || TextUtils.isEmpty(base64EncodeToString)) {
            throw new eye(1006L, "get credential JWS is empty...");
        }
        StringBuilder sb = new StringBuilder();
        if (TextUtils.isEmpty(qVar) || TextUtils.isEmpty(str)) {
            throw new eye(1006L, "Get signStr error");
        }
        return sb.append(qVar + "." + str).append(".").append(base64EncodeToString).toString();
    }
}
