package com.microsoft.mmx.agents.ypp.authclient.crypto;

import com.microsoft.mmx.agents.logging.ILogger;
import com.microsoft.mmx.agents.logging.TraceContext;
import com.microsoft.mmx.agents.ypp.authclient.auth.IAuthStorage;
import com.microsoft.mmx.agents.ypp.authclient.crypto.CryptoManager;
import com.microsoft.mmx.agents.ypp.configuration.PlatformConfiguration;
import io.reactivex.Completable;
import io.reactivex.Scheduler;
import io.reactivex.Single;
import io.reactivex.functions.Function;
import io.reactivex.schedulers.Schedulers;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import javax.inject.Inject;
import org.joda.time.DateTime;

/* loaded from: classes2.dex */
public class CryptoManager {
    public final IAuthStorage authStorage;
    public final Scheduler cryptoScheduler = Schedulers.newThread();
    public final JwtHelper jwtHelper;
    public final KeyManager keyManager;
    public final Log logger;
    public final PlatformConfiguration platformConfiguration;

    /* loaded from: classes2.dex */
    public static final class Log {
        public static final String TAG = CryptoManager.class.getSimpleName();
        public final ILogger logger;

        public Log(ILogger iLogger) {
            this.logger = iLogger;
        }
    }

    @Inject
    public CryptoManager(KeyManager keyManager, ILogger iLogger, JwtHelper jwtHelper, IAuthStorage iAuthStorage, PlatformConfiguration platformConfiguration) {
        this.keyManager = keyManager;
        this.logger = new Log(iLogger);
        this.jwtHelper = jwtHelper;
        this.authStorage = iAuthStorage;
        this.platformConfiguration = platformConfiguration;
    }

    public static /* synthetic */ KeyRotationRequestData a(String str, String str2, String str3, String str4, String str5) throws Exception {
        return new KeyRotationRequestData(str, str2, str3, str5, str4);
    }

    private /* synthetic */ String lambda$getBase64Asn1EncodedCertificate$0(String str, KeyStore.PrivateKeyEntry privateKeyEntry) throws Exception {
        this.logger.logger.logDebug(Log.TAG, "Encoding certificate for deviceId %s", str);
        return CertificateUtils.a(privateKeyEntry);
    }

    public /* synthetic */ String a(String str, TraceContext traceContext, KeyStore.PrivateKeyEntry privateKeyEntry) throws Exception {
        return this.jwtHelper.a(privateKeyEntry, str, traceContext);
    }

    public /* synthetic */ String a(String str, String str2, TraceContext traceContext, KeyStore.PrivateKeyEntry privateKeyEntry) throws Exception {
        this.logger.logger.logDebug(Log.TAG, "Creating NonceJwt for deviceId: %s and nonce: %s", str, str2);
        return this.jwtHelper.a(privateKeyEntry, str2, traceContext);
    }

    public /* synthetic */ void a() throws Exception {
        this.authStorage.updateKeyRotationTargetValidationTime(DateTime.now().plus(this.platformConfiguration.getKeyRotationRetryTimeFail()));
    }

    public /* synthetic */ void b() throws Exception {
        this.authStorage.updateKeyRotationTargetValidationTime(DateTime.now().plus(this.platformConfiguration.getKeyRotationAgeThreshold()));
    }

    public Single<String> getNonceJwtForDeviceId(final String str, final String str2, final TraceContext traceContext) {
        return this.keyManager.getKeyPairEntry(str, traceContext).subscribeOn(this.cryptoScheduler).map(new Function() { // from class: d.b.c.a.s2.a.b.b
            @Override // io.reactivex.functions.Function
            public final Object apply(Object obj) {
                return CryptoManager.this.a(str, str2, traceContext, (KeyStore.PrivateKeyEntry) obj);
            }
        }).observeOn(Schedulers.io());
    }

    public boolean isKeyRotationNecessary(String str, TraceContext traceContext) {
        if (this.authStorage.getAuthState() != null && this.authStorage.getKeyRotationTargetValidationTime() != null && this.authStorage.getKeyRotationTargetValidationTime().isBeforeNow()) {
            try {
                return DateTime.now().plus(this.platformConfiguration.getKeyRotationAgeThreshold()).isAfter(DateTime.now().withMillis(((X509Certificate) this.keyManager.getKeyPairEntry(str, traceContext).blockingGet().getCertificate()).getNotAfter().getTime()).toInstant());
            } catch (CryptoException unused) {
            }
        }
        return false;
    }

    public Completable removeKeyPair(String str, TraceContext traceContext) {
        return this.keyManager.c(str, traceContext).subscribeOn(this.cryptoScheduler);
    }
}
