package k2;

import j2.i;
import j2.m;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.util.Base64;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import org.apache.http.HttpHeaders;
import org.apache.http.HttpHost;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.ContentType;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.util.EntityUtils;

/* loaded from: classes2.dex */
public class c {

    /* renamed from: g, reason: collision with root package name */
    public static final int f16649g = 1440;

    /* renamed from: h, reason: collision with root package name */
    public static final String f16650h = "https://api.mch.weixin.qq.com/v3/certificates";

    /* renamed from: i, reason: collision with root package name */
    public static final String f16651i = "scheduled_update_cert_thread";

    /* renamed from: b, reason: collision with root package name */
    public HttpHost f16654b;

    /* renamed from: e, reason: collision with root package name */
    public ScheduledExecutorService f16657e;

    /* renamed from: f, reason: collision with root package name */
    public static final v5.a f16648f = v5.b.i(c.class);

    /* renamed from: j, reason: collision with root package name */
    public static volatile c f16652j = null;

    /* renamed from: a, reason: collision with root package name */
    public ConcurrentHashMap<String, byte[]> f16653a = new ConcurrentHashMap<>();

    /* renamed from: c, reason: collision with root package name */
    public ConcurrentHashMap<String, ConcurrentHashMap<BigInteger, X509Certificate>> f16655c = new ConcurrentHashMap<>();

    /* renamed from: d, reason: collision with root package name */
    public ConcurrentHashMap<String, i2.a> f16656d = new ConcurrentHashMap<>();

    /* loaded from: classes2.dex */
    public class b implements i {

        /* renamed from: a, reason: collision with root package name */
        public String f16658a;

        public b(String str) {
            this.f16658a = str;
        }

        @Override // j2.i
        public boolean a(String str, byte[] bArr, String str2) {
            Base64.Decoder decoder;
            byte[] decode;
            if (str.isEmpty() || bArr.length == 0 || str2.isEmpty()) {
                throw new IllegalArgumentException("serialNumber或message或signature为空");
            }
            X509Certificate x509Certificate = (X509Certificate) ((ConcurrentHashMap) c.this.f16655c.get(this.f16658a)).get(new BigInteger(str, 16));
            if (x509Certificate == null) {
                c.f16648f.E("商户证书为空，serialNumber:{}", str);
                return false;
            }
            try {
                Signature signature = Signature.getInstance("SHA256withRSA");
                signature.initVerify(x509Certificate);
                signature.update(bArr);
                decoder = Base64.getDecoder();
                decode = decoder.decode(str2);
                return signature.verify(decode);
            } catch (InvalidKeyException e6) {
                throw new RuntimeException("无效的证书", e6);
            } catch (NoSuchAlgorithmException e7) {
                throw new RuntimeException("当前Java环境不支持SHA256withRSA", e7);
            } catch (SignatureException e8) {
                throw new RuntimeException("签名验证过程发生了错误", e8);
            }
        }

        @Override // j2.i
        public X509Certificate b() {
            try {
                return c.this.i(this.f16658a);
            } catch (m2.b unused) {
                throw new NoSuchElementException("没有有效的微信支付平台证书");
            }
        }
    }

    public static c h() {
        if (f16652j == null) {
            synchronized (c.class) {
                try {
                    if (f16652j == null) {
                        f16652j = new c();
                    }
                } finally {
                }
            }
        }
        return f16652j;
    }

    public static /* synthetic */ boolean m(CloseableHttpResponse closeableHttpResponse) throws IOException {
        return true;
    }

    public final void f() {
        this.f16657e = new d();
        this.f16657e.scheduleAtFixedRate(new Runnable() { // from class: k2.a
            @Override // java.lang.Runnable
            public final void run() {
                c.this.l();
            }
        }, 0L, 1440L, TimeUnit.MINUTES);
    }

    public final synchronized void g(String str, i iVar, i2.a aVar, byte[] bArr) throws m2.a, IOException, GeneralSecurityException {
        try {
            CloseableHttpClient build = i2.d.a().b(aVar).e(iVar == null ? new i2.c() { // from class: k2.b
                @Override // i2.c
                public final boolean a(CloseableHttpResponse closeableHttpResponse) {
                    boolean m6;
                    m6 = c.m(closeableHttpResponse);
                    return m6;
                }
            } : new m(iVar)).d(this.f16654b).build();
            try {
                HttpGet httpGet = new HttpGet("https://api.mch.weixin.qq.com/v3/certificates");
                httpGet.addHeader(HttpHeaders.ACCEPT, ContentType.APPLICATION_JSON.toString());
                CloseableHttpResponse execute = build.execute((HttpUriRequest) httpGet);
                try {
                    int statusCode = execute.getStatusLine().getStatusCode();
                    String entityUtils = EntityUtils.toString(execute.getEntity());
                    if (statusCode != 200) {
                        f16648f.t("Auto update cert failed, statusCode = {}, body = {}", Integer.valueOf(statusCode), entityUtils);
                        throw new m2.a("下载平台证书返回状态码异常，状态码为:" + statusCode);
                    }
                    Map<BigInteger, X509Certificate> a7 = o2.b.a(bArr, entityUtils);
                    if (a7.isEmpty()) {
                        f16648f.Q("Cert list is empty");
                        execute.close();
                        build.close();
                    } else {
                        ConcurrentHashMap<BigInteger, X509Certificate> concurrentHashMap = this.f16655c.get(str);
                        concurrentHashMap.clear();
                        concurrentHashMap.putAll(a7);
                        execute.close();
                        build.close();
                    }
                } catch (Throwable th) {
                    try {
                        throw th;
                    } finally {
                    }
                }
            } catch (Throwable th2) {
                try {
                    throw th2;
                } finally {
                }
            }
        } catch (Throwable th3) {
            throw th3;
        }
    }

    public final X509Certificate i(String str) throws m2.b {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("merchantId为空");
        }
        ConcurrentHashMap<BigInteger, X509Certificate> concurrentHashMap = this.f16655c.get(str);
        if (concurrentHashMap == null || concurrentHashMap.isEmpty()) {
            throw new m2.b("没有最新的平台证书，merchantId:" + str);
        }
        X509Certificate x509Certificate = null;
        for (X509Certificate x509Certificate2 : concurrentHashMap.values()) {
            if (x509Certificate == null || x509Certificate2.getNotBefore().after(x509Certificate.getNotBefore())) {
                x509Certificate = x509Certificate2;
            }
        }
        try {
            x509Certificate.checkValidity();
            return x509Certificate;
        } catch (CertificateExpiredException | CertificateNotYetValidException unused) {
            f16648f.E("平台证书未生效或已过期，merchantId:{}", str);
            throw new m2.b("没有最新的平台证书，merchantId:" + str);
        }
    }

    public i j(String str) throws m2.b {
        ConcurrentHashMap<BigInteger, X509Certificate> concurrentHashMap = this.f16655c.get(str);
        byte[] bArr = this.f16653a.get(str);
        i2.a aVar = this.f16656d.get(str);
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("merchantId为空");
        }
        if (concurrentHashMap == null || concurrentHashMap.size() == 0) {
            throw new m2.b("平台证书为空，merchantId:" + str);
        }
        if (bArr.length == 0) {
            throw new m2.b("apiV3Key为空，merchantId:" + str);
        }
        if (aVar != null) {
            return new b(str);
        }
        throw new m2.b("credentials为空，merchantId:" + str);
    }

    public final void k(String str, i2.a aVar, byte[] bArr) throws m2.a, IOException, GeneralSecurityException {
        g(str, null, aVar, bArr);
    }

    public final /* synthetic */ void l() {
        Instant now;
        Instant now2;
        try {
            Thread.currentThread().setName(f16651i);
            v5.a aVar = f16648f;
            now = Instant.now();
            aVar.b("Begin update Certificates.Date:{}", now);
            q();
            now2 = Instant.now();
            aVar.b("Finish update Certificates.Date:{}", now2);
        } catch (Throwable th) {
            f16648f.h("Update Certificates failed", th);
        }
    }

    public synchronized void n(String str, i2.a aVar, byte[] bArr) throws IOException, GeneralSecurityException, m2.a {
        if (str != null) {
            try {
                if (!str.isEmpty()) {
                    if (aVar == null) {
                        throw new IllegalArgumentException("credentials为空");
                    }
                    if (bArr.length == 0) {
                        throw new IllegalArgumentException("apiV3Key为空");
                    }
                    if (this.f16655c.get(str) == null) {
                        this.f16655c.put(str, new ConcurrentHashMap<>());
                    }
                    k(str, aVar, bArr);
                    this.f16656d.put(str, aVar);
                    this.f16653a.put(str, bArr);
                    if (this.f16657e == null) {
                        f();
                    }
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        throw new IllegalArgumentException("merchantId为空");
    }

    public synchronized void o(HttpHost httpHost) {
        this.f16654b = httpHost;
    }

    public void p() {
        ScheduledExecutorService scheduledExecutorService = this.f16657e;
        if (scheduledExecutorService != null) {
            try {
                scheduledExecutorService.shutdownNow();
            } catch (Exception e6) {
                f16648f.h("Executor shutdown now failed", e6);
            }
        }
    }

    public final void q() {
        for (Map.Entry<String, i2.a> entry : this.f16656d.entrySet()) {
            String key = entry.getKey();
            try {
                g(key, new b(key), entry.getValue(), this.f16653a.get(key));
            } catch (Exception e6) {
                f16648f.t("downloadAndUpdateCert Failed.merchantId:{}, e:{}", key, e6);
            }
        }
    }
}
