package com.airwatch.mutualtls;

import android.database.Cursor;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.RestrictTo;
import androidx.annotation.VisibleForTesting;
import com.airwatch.mutualtls.a;
import com.airwatch.sdk.context.SDKContext;
import com.airwatch.util.ae;
import com.airwatch.util.q;
import com.airwatch.util.x;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;

@RestrictTo({RestrictTo.Scope.LIBRARY})
/* loaded from: classes.dex */
class b {

    /* renamed from: a, reason: collision with root package name */
    private static final String f1793a = "b";

    /* renamed from: b, reason: collision with root package name */
    private static volatile b f1794b;
    private static final Object c = new Object();
    private g d = null;
    private long e = Long.MAX_VALUE;
    private final List<String> f = new LinkedList();
    private final SDKContext g;

    private b(@NonNull SDKContext sDKContext) {
        this.g = sDKContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static b a(@NonNull SDKContext sDKContext) {
        if (f1794b == null) {
            synchronized (c) {
                if (f1794b == null) {
                    f1794b = new b(sDKContext);
                }
            }
        }
        return f1794b;
    }

    private void a(long j) {
        long j2 = this.e;
        if (j2 < j) {
            j = j2;
        }
        this.e = j;
    }

    private void a(@NonNull String str, int i, long j) {
        if (!(this.g.m() instanceof e)) {
            x.b(f1793a, "Unable to notify the caller, as application class is not implementing ClientTLSCertificateRotationListener");
        } else {
            if (this.f.contains(str)) {
                return;
            }
            ((e) this.g.m()).a(str, i, j);
            x.b(f1793a, "Notified caller about the cert expiry");
            this.f.add(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public g a() {
        if (b()) {
            return this.d;
        }
        c();
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public g a(@NonNull Cursor cursor, @NonNull KeyStore keyStore) throws ClientTLSCertificateStorageException, UnrecoverableEntryException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        try {
            if (cursor != null) {
                try {
                    if (cursor.moveToFirst()) {
                        KeyStore keyStore2 = KeyStore.getInstance("PKCS12");
                        char[] a2 = com.airwatch.crypto.a.b.a(q.a(ae.a(this.g.m(), com.google.common.base.c.r)), (Integer) 100);
                        keyStore2.load(null, a2);
                        this.d = new g(keyStore2, a2);
                        do {
                            String string = cursor.getString(cursor.getColumnIndex(d.c));
                            a.C0070a c0070a = new a.C0070a();
                            c0070a.a(cursor.getLong(cursor.getColumnIndex(d.d)));
                            c0070a.b(cursor.getLong(cursor.getColumnIndex(d.e)));
                            c0070a.a(cursor.getInt(cursor.getColumnIndex(d.f)));
                            a a3 = c0070a.a();
                            if (keyStore.entryInstanceOf(string, KeyStore.PrivateKeyEntry.class) && (privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(string, null)) != null && privateKeyEntry.getPrivateKey() != null && privateKeyEntry.getCertificateChain() != null) {
                                a(string, privateKeyEntry.getCertificateChain(), a3);
                                keyStore2.setKeyEntry(string, privateKeyEntry.getPrivateKey(), a2, privateKeyEntry.getCertificateChain());
                            }
                        } while (cursor.moveToNext());
                    }
                } catch (IOException e) {
                    e = e;
                    x.d(f1793a, "Unable to retrieve key-entry", e);
                    throw e;
                } catch (KeyStoreException e2) {
                    x.d(f1793a, "Unable to retrieve key-entry", (Throwable) e2);
                    throw new ClientTLSCertificateStorageException("Unable to retrieve key-entries", e2);
                } catch (NoSuchAlgorithmException e3) {
                    e = e3;
                    x.d(f1793a, "Unable to retrieve key-entry", e);
                    throw e;
                } catch (UnrecoverableEntryException e4) {
                    e = e4;
                    x.d(f1793a, "Unable to retrieve key-entry", e);
                    throw e;
                } catch (CertificateException e5) {
                    e = e5;
                    x.d(f1793a, "Unable to retrieve key-entry", e);
                    throw e;
                }
            }
            return this.d;
        } finally {
            if (cursor != null) {
                cursor.close();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(@NonNull String str) {
        if (b()) {
            try {
                this.d.a().deleteEntry(str);
            } catch (KeyStoreException e) {
                x.d(f1793a, "Unable to delete key-entry from keystore cache", (Throwable) e);
                c();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(@NonNull String str, @NonNull PrivateKey privateKey, @NonNull Certificate[] certificateArr, @NonNull a aVar) {
        if (b()) {
            try {
                this.d.a().setKeyEntry(str, privateKey, null, certificateArr);
                a(str, certificateArr, aVar);
            } catch (KeyStoreException e) {
                x.d(f1793a, "Unable to add key-entry to keystore cache", (Throwable) e);
                c();
            }
        }
    }

    @VisibleForTesting(otherwise = 2)
    void a(String str, Certificate[] certificateArr, a aVar) {
        X509Certificate x509Certificate = (X509Certificate) certificateArr[0];
        try {
            x509Certificate.checkValidity();
        } catch (CertificateExpiredException unused) {
            a(str, 0, x509Certificate.getNotAfter().getTime());
            return;
        } catch (CertificateNotYetValidException e) {
            x.d(f1793a, "Certificate not yet valid " + e.getMessage());
        }
        if (a(certificateArr, aVar)) {
            a(str, 1, x509Certificate.getNotAfter().getTime());
        }
    }

    @VisibleForTesting(otherwise = 2)
    boolean a(@NonNull Certificate[] certificateArr, @NonNull a aVar) {
        X509Certificate x509Certificate = (X509Certificate) certificateArr[0];
        Date notBefore = x509Certificate.getNotBefore();
        Date notAfter = x509Certificate.getNotAfter();
        long time = notAfter.getTime() - notBefore.getTime();
        long currentTimeMillis = System.currentTimeMillis();
        if (time > aVar.c()) {
            a(notAfter.getTime() - aVar.b());
            if (notAfter.getTime() - currentTimeMillis < aVar.b()) {
                return true;
            }
        } else {
            long time2 = currentTimeMillis - notBefore.getTime();
            float f = (float) time;
            a(notBefore.getTime() + ((aVar.a() / 100.0f) * f));
            if (f * aVar.a() < ((float) (time2 * 100))) {
                return true;
            }
        }
        return false;
    }

    boolean b() {
        g gVar = this.d;
        return (gVar == null || gVar.a() == null || this.d.b() == null || this.e - System.currentTimeMillis() < 0) ? false : true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void c() {
        g gVar = this.d;
        if (gVar != null) {
            gVar.a((KeyStore) null);
            this.d.a((char[]) null);
            this.d = null;
        }
        this.e = Long.MAX_VALUE;
    }
}
