package ai.vital.licenseserver.client;

import ai.vital.licenseserver.client.ssl.EasySslProtocolSocketFactory;
import ai.vital.licenseserver.common.VitalLicenseContent;
import ai.vital.licenseserver.common.VitalPublicKey;
import ai.vital.licenseserver.model.HashUtils;
import ai.vital.licenseserver.model.ValidateRequest;
import ai.vital.licenseserver.model.ValidateResponse;
import com.amazonaws.services.s3.internal.crypto.JceEncryptionConstants;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.methods.StringRequestEntity;
import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.hadoop.log.Log4Json;
import org.codehaus.jackson.map.ObjectMapper;
import org.shaded.apache.xerces.impl.Constants;

/* loaded from: input_file:ai/vital/licenseserver/client/VitalLicenseServerClient.class */
public class VitalLicenseServerClient {
    private String a;
    private HttpClient b;
    private ObjectMapper c;
    private boolean d;
    private Cipher e;
    private Cipher f;

    /* loaded from: input_file:ai/vital/licenseserver/client/VitalLicenseServerClient$a.class */
    class a implements Callable<ValidateResponse> {
        VitalLicenseContent licenseContent;
        byte[] licenseBytes;
        PostMethod post = null;

        public a(VitalLicenseContent vitalLicenseContent, byte[] bArr) {
            this.licenseContent = vitalLicenseContent;
            this.licenseBytes = bArr;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v167, types: [java.util.Map, java.util.HashMap] */
        @Override // java.util.concurrent.Callable
        public ValidateResponse call() throws Exception {
            ValidateRequest validateRequest;
            ValidateResponse fromMap;
            ValidateRequest validateRequest2 = new ValidateRequest();
            validateRequest2.setCurrentTimestamp(Long.valueOf(System.currentTimeMillis()));
            validateRequest2.setOrganizationID(this.licenseContent.getOrganizationID());
            validateRequest2.setCustomerName(this.licenseContent.getHolder().toString());
            validateRequest2.setLicenseHash(HashUtils.hashHexLicense(this.licenseBytes));
            validateRequest2.setRandomString(RandomStringUtils.randomAlphanumeric(32));
            validateRequest2.setProductID(this.licenseContent.getProductID());
            PrivateKey privateKey = null;
            if (!VitalLicenseServerClient.this.d || this.licenseContent.getPublicKey() == null || this.licenseContent.getPrivateKey() == null) {
                validateRequest = validateRequest2;
            } else {
                byte[] writeValueAsBytes = VitalLicenseServerClient.this.c.writeValueAsBytes(validateRequest2);
                KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
                keyGenerator.init(128);
                byte[] encoded = keyGenerator.generateKey().getEncoded();
                Cipher cipher = Cipher.getInstance("RSA");
                privateKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(this.licenseContent.getPrivateKey()));
                cipher.init(1, privateKey);
                byte[] doFinal = cipher.doFinal(encoded);
                if (doFinal.length % 128 != 0) {
                    throw new Exception("Encoded symmetric key length must be a multiple of 128");
                }
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                int i = 0;
                while (true) {
                    int i2 = i;
                    if (i2 >= doFinal.length) {
                        break;
                    }
                    byteArrayOutputStream.write(VitalLicenseServerClient.this.e.doFinal(doFinal, i2, 128));
                    i = i2 + 128;
                }
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                SecretKeySpec secretKeySpec = new SecretKeySpec(encoded, JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                Cipher cipher2 = Cipher.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
                cipher2.init(1, secretKeySpec);
                CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream2, cipher2);
                cipherOutputStream.write(writeValueAsBytes);
                cipherOutputStream.close();
                byte[] byteArray2 = byteArrayOutputStream2.toByteArray();
                ?? hashMap = new HashMap();
                hashMap.put("organizationID", this.licenseContent.getOrganizationID());
                hashMap.put("encryptedKeyBase64", Base64.encodeBase64String(byteArray));
                hashMap.put("encryptedContentBase64", Base64.encodeBase64String(byteArray2));
                validateRequest = hashMap;
            }
            this.post = new PostMethod(VitalLicenseServerClient.this.a + Constants.DOM_VALIDATE);
            this.post.setRequestEntity(new StringRequestEntity(VitalLicenseServerClient.this.c.writeValueAsString(validateRequest), Log4Json.JSON_TYPE, "UTF-8"));
            try {
                int executeMethod = VitalLicenseServerClient.this.b.executeMethod(this.post);
                if (executeMethod < 200 || executeMethod > 299) {
                    ValidateResponse validateResponse = new ValidateResponse();
                    String str = null;
                    try {
                        str = this.post.getResponseBodyAsString();
                    } catch (Exception e) {
                    }
                    validateResponse.setReason("HTTP error: " + executeMethod + " - " + str);
                    validateResponse.setValid(false);
                    IOUtils.closeQuietly((InputStream) null);
                    try {
                        this.post.releaseConnection();
                    } catch (Exception e2) {
                    }
                    this.post = null;
                    return validateResponse;
                }
                this.post.getResponseBodyAsString();
                InputStream responseBodyAsStream = this.post.getResponseBodyAsStream();
                Map map = (Map) VitalLicenseServerClient.this.c.readValue(responseBodyAsStream, LinkedHashMap.class);
                String str2 = (String) map.get("encryptedKeyBase64");
                String str3 = (String) map.get("encryptedContentBase64");
                if (str3 == null || str2 == null) {
                    fromMap = ValidateResponse.fromMap(map);
                } else {
                    byte[] decodeBase64 = Base64.decodeBase64(str2);
                    byte[] decodeBase642 = Base64.decodeBase64(str3);
                    ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
                    if (decodeBase64.length % 256 != 0) {
                        throw new Exception("Encrypted key length must be a multiple of 256");
                    }
                    for (int i3 = 0; i3 < decodeBase64.length; i3 += 256) {
                        byteArrayOutputStream3.write(VitalLicenseServerClient.this.f.doFinal(decodeBase64, i3, 256));
                    }
                    byte[] byteArray3 = byteArrayOutputStream3.toByteArray();
                    Cipher cipher3 = Cipher.getInstance("RSA");
                    cipher3.init(2, privateKey);
                    SecretKeySpec secretKeySpec2 = new SecretKeySpec(cipher3.doFinal(byteArray3), JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
                    Cipher cipher4 = Cipher.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
                    cipher4.init(2, secretKeySpec2);
                    CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(decodeBase642), cipher4);
                    Map map2 = (Map) VitalLicenseServerClient.this.c.readValue(cipherInputStream, LinkedHashMap.class);
                    IOUtils.closeQuietly((InputStream) cipherInputStream);
                    fromMap = ValidateResponse.fromMap(map2);
                }
                if (fromMap.getRandomString().equals(validateRequest2.getRandomString())) {
                    ValidateResponse validateResponse2 = fromMap;
                    IOUtils.closeQuietly(responseBodyAsStream);
                    try {
                        this.post.releaseConnection();
                    } catch (Exception e3) {
                    }
                    this.post = null;
                    return validateResponse2;
                }
                ValidateResponse validateResponse3 = new ValidateResponse();
                validateResponse3.setValid(false);
                validateResponse3.setReason("The random string values are not equal - probable security issue");
                IOUtils.closeQuietly(responseBodyAsStream);
                try {
                    this.post.releaseConnection();
                } catch (Exception e4) {
                }
                this.post = null;
                return validateResponse3;
            } catch (Throwable th) {
                IOUtils.closeQuietly((InputStream) null);
                try {
                    this.post.releaseConnection();
                } catch (Exception e5) {
                }
                this.post = null;
                throw th;
            }
        }

        public void cancel() {
            if (this.post != null) {
                try {
                    this.post.abort();
                } catch (Exception e) {
                }
                try {
                    this.post.releaseConnection();
                } catch (Exception e2) {
                }
            }
        }
    }

    public VitalLicenseServerClient(String str, boolean z, boolean z2) throws Exception {
        this.c = new ObjectMapper();
        this.d = true;
        this.e = null;
        this.f = null;
        this.d = z2;
        this.a = str;
        if (!this.a.endsWith("/")) {
            this.a += "/";
        }
        this.b = new HttpClient();
        URL url = new URL(str);
        if (z || !str.startsWith("https://")) {
            this.b.getHostConfiguration().setHost(url.getHost(), url.getPort());
        } else {
            this.b.getHostConfiguration().setHost(url.getHost(), url.getPort(), new Protocol("https", (SecureProtocolSocketFactory) new EasySslProtocolSocketFactory(), 443));
        }
        if (z2) {
            this.e = Cipher.getInstance("RSA");
            this.e.init(1, VitalPublicKey.getPublicKey());
            this.f = Cipher.getInstance("RSA");
            this.f.init(2, VitalPublicKey.getPublicKey());
        }
    }

    public VitalLicenseServerClient(String str) throws Exception {
        this(str, true, true);
    }

    public ValidateResponse validate(VitalLicenseContent vitalLicenseContent, byte[] bArr) throws Exception {
        ExecutorService newSingleThreadExecutor = Executors.newSingleThreadExecutor();
        Future future = null;
        ValidateResponse validateResponse = null;
        a aVar = new a(vitalLicenseContent, bArr);
        try {
            try {
                future = newSingleThreadExecutor.submit(aVar);
                validateResponse = (ValidateResponse) future.get(15L, TimeUnit.SECONDS);
                newSingleThreadExecutor.shutdownNow();
            } catch (Exception e) {
                if (!(e instanceof TimeoutException)) {
                    validateResponse = new ValidateResponse();
                    validateResponse.setRandomString(null);
                    validateResponse.setValid(false);
                    validateResponse.setReason("Exception: " + e.getLocalizedMessage());
                }
                if (future != null) {
                    try {
                        future.cancel(true);
                    } catch (Exception e2) {
                    }
                }
                aVar.cancel();
                newSingleThreadExecutor.shutdownNow();
            }
            if (validateResponse == null) {
                validateResponse = new ValidateResponse();
                validateResponse.setRandomString(null);
                validateResponse.setValid(false);
                validateResponse.setReason("Validation request timed out");
            }
            return validateResponse;
        } catch (Throwable th) {
            newSingleThreadExecutor.shutdownNow();
            throw th;
        }
    }
}
