package com.degoo.backend.security;

import com.degoo.analytics.SplitTestUtil;
import com.degoo.backend.httpclient.CertAuthClient;
import com.degoo.backend.httpclient.NoAuthClient;
import com.degoo.http.u;
import com.degoo.java.core.schedulers.OneTimeThreadPoolExecutor;
import com.degoo.protocol.CommonProtos;
import com.degoo.protocol.ServerAndClientProtos;
import com.degoo.protocol.helpers.NodeIDHelper;
import com.degoo.protocol.helpers.UserIDHelper;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import javax.inject.Inject;
import javax.inject.Provider;
import javax.inject.Singleton;

/* compiled from: S */
@Singleton
/* loaded from: classes.dex */
public class CertificateManager {
    private static final Object e = new Object();
    private static CommonProtos.NodeID g = null;

    /* renamed from: a, reason: collision with root package name */
    private final Provider<CertAuthClient> f8859a;

    /* renamed from: b, reason: collision with root package name */
    private final ServerAndClientProtos.ClientExecutionEnvironment f8860b;

    /* renamed from: c, reason: collision with root package name */
    private final Provider<NoAuthClient> f8861c;

    /* renamed from: d, reason: collision with root package name */
    private final String f8862d;
    private final SplitTestUtil f;
    private volatile boolean h = false;
    private volatile KeyStore i;

    @Inject
    public CertificateManager(Provider<CertAuthClient> provider, ServerAndClientProtos.ClientExecutionEnvironment clientExecutionEnvironment, Provider<NoAuthClient> provider2, SplitTestUtil splitTestUtil) {
        this.f8859a = provider;
        this.f8860b = clientExecutionEnvironment;
        this.f8861c = provider2;
        this.f8862d = com.degoo.platform.e.ag().k(clientExecutionEnvironment.toString() + "/TrustStores/WebServerTrustStore.p12");
        this.f = splitTestUtil;
    }

    public static CommonProtos.UserID a() throws Exception {
        return a(i());
    }

    public static CommonProtos.UserID a(X509Certificate x509Certificate) throws IOException {
        return UserIDHelper.fromIdentityString(x509Certificate.getSubjectDN().getName());
    }

    public static X509Certificate a(KeyStore keyStore) throws KeyStoreException {
        return (X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement());
    }

    private X509Certificate a(boolean z) throws Exception {
        X509Certificate i;
        if (!com.degoo.m.i.e()) {
            if (!z) {
                return null;
            }
            b(false);
        }
        synchronized (e) {
            try {
                try {
                    i = i();
                    CommonProtos.UserID a2 = a(i);
                    this.f.d(String.valueOf(a2.getId()), com.degoo.platform.e.ag().ak());
                    if (!this.h) {
                        this.h = true;
                        b(i);
                    }
                } finally {
                }
            } catch (KeyStoreException e2) {
                e = e2;
                throw new RuntimeException("Cert was invalid after initializing the cert-store!", e);
            } catch (CertificateException e3) {
                e = e3;
                throw new RuntimeException("Cert was invalid after initializing the cert-store!", e);
            }
        }
        return i;
    }

    public static CommonProtos.NodeID b() throws Exception {
        if (g == null) {
            g = c(i());
        }
        return g;
    }

    private void b(final X509Certificate x509Certificate) {
        OneTimeThreadPoolExecutor.a().a(new Runnable() { // from class: com.degoo.backend.security.CertificateManager.1
            @Override // java.lang.Runnable
            public void run() {
                synchronized (CertificateManager.e) {
                    try {
                        try {
                            Date date = new Date();
                            Calendar calendar = Calendar.getInstance();
                            calendar.setTime(date);
                            calendar.add(5, 120);
                            x509Certificate.checkValidity(calendar.getTime());
                        } catch (Exception e2) {
                            throw new RuntimeException(e2);
                        }
                    } catch (CertificateException unused) {
                        CertificateManager.this.b(true);
                    } catch (Throwable th) {
                        com.degoo.java.core.e.g.d("Error while checking certificate validity", CommonProtos.LogType.Certificate, th);
                    }
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void b(boolean z) throws Exception {
        byte[] e2;
        synchronized (e) {
            boolean z2 = false;
            if (z) {
                e2 = this.f8859a.get().g();
                z2 = true;
            } else {
                if (com.degoo.m.i.e()) {
                    com.degoo.java.core.e.g.c("Cert just created by other thread. Skipping second call.");
                    return;
                }
                e2 = this.f8861c.get().e().getCertificate().e();
            }
            com.degoo.m.i.a(e2, z2);
        }
    }

    private static CommonProtos.NodeID c(X509Certificate x509Certificate) throws IOException {
        return NodeIDHelper.fromIdentityString(x509Certificate.getSubjectDN().getName());
    }

    private X509Certificate h() throws Exception {
        return a(true);
    }

    private static X509Certificate i() throws Exception {
        return a(com.degoo.m.i.c());
    }

    private KeyStore j() throws IOException, KeyStoreException, CertificateException {
        if (this.i == null) {
            com.degoo.java.core.e.g.a("getWebServerTrustStore getWebServerTrustStore:" + this.f8862d, CommonProtos.LogType.Certificate, CommonProtos.LogSubType.Load, this.f8862d);
            InputStream resourceAsStream = CertificateManager.class.getResourceAsStream(this.f8862d);
            if (resourceAsStream == null) {
                com.degoo.java.core.e.g.d("Unable to load the trust-stores", CommonProtos.LogType.Certificate, CommonProtos.LogSubType.Load, CommonProtos.Severity.Severity6, com.degoo.f.b.b(this.f8862d));
            }
            this.i = com.degoo.c.a.a(resourceAsStream, "U4M3JlPpKQt4Uik250a557CgL8WxBfWM");
        }
        return this.i;
    }

    public com.degoo.http.conn.ssl.f a(com.degoo.http.ssl.e eVar) throws GeneralSecurityException, IOException {
        return this.f8860b == ServerAndClientProtos.ClientExecutionEnvironment.Development ? u.a(eVar, j(), null) : u.b(eVar, j(), null);
    }

    public com.degoo.http.conn.ssl.f b(com.degoo.http.ssl.e eVar) throws Exception {
        c();
        synchronized (e) {
            if (this.f8860b == ServerAndClientProtos.ClientExecutionEnvironment.Development) {
                return u.a(eVar, j(), com.degoo.m.i.c());
            }
            return u.b(eVar, j(), com.degoo.m.i.c());
        }
    }

    public void c() throws Exception {
        if (this.h) {
            return;
        }
        synchronized (e) {
            if (this.h) {
                return;
            }
            h();
        }
    }

    public CommonProtos.NodeID d() throws Exception {
        return c(h());
    }

    public CommonProtos.UserID e() throws Exception {
        X509Certificate a2 = a(false);
        if (a2 == null) {
            return null;
        }
        return a(a2);
    }

    public CommonProtos.UserID f() throws Exception {
        return a(h());
    }
}
