package com.pravala.mas.sdk.internal;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import com.pravala.mas.sdk.config.MasConfig;
import com.pravala.mas.sdk.internal.analytics.AnalyticsUploader;
import com.pravala.ncp.types.SchemaViolationException;
import com.pravala.service.NetworkManager;
import com.pravala.service.types.InterfaceType;
import com.pravala.socket.factory.BoundSocketFactory;
import com.pravala.socket.factory.PlainSocketFactory;
import com.pravala.utilities.ExponentialBackoff;
import com.pravala.utilities.PravalaSharedPreferences;
import com.pravala.utilities.ServiceWorker;
import com.pravala.utilities.UrlParser;
import com.pravala.utilities.logger.Logger;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.UUID;
import javax.net.SocketFactory;
import org.json.JSONException;

/* loaded from: classes.dex */
public abstract class CertManager {
    private static final String CA_FILE = "ca.crt";
    private static final String CERTMANAGER_UUID_KEY = "CertManagerUUID";
    private static final String CERT_FILE = "device.crt";
    private static final String CERT_URL_FILE = "cert_url";
    private static final String KEY_FILE = "device.key";
    private static final int MAX_SECONDS_CERT_IN_FUTURE = 10;
    private static final String TAG = "com.pravala.mas.sdk.internal.CertManager";
    private final CertificateFactory certFactory;
    private final String certUrlHostname;
    private final String certificateUrl;
    private final String dataDir;
    private final FetchCert fetchCert;
    private final SocketFactory mobileSocketFactory;
    private final NetworkManager networkManager;
    private final SocketFactory plainSocketFactory;
    private final ExponentialBackoff retryThread;
    private int numAttempts = 0;
    private String caData = null;
    private String caSubjectName = null;
    private String certData = null;
    private String keyData = null;
    private boolean hasValidData = false;
    private boolean started = false;

    public CertManager(Context context, final ServiceWorker serviceWorker, NetworkManager networkManager, MasConfig masConfig, String str, int i, double d, int i2) throws IllegalArgumentException, CertificateException {
        String str2;
        String str3 = null;
        masConfig.validate();
        this.networkManager = networkManager;
        this.plainSocketFactory = PlainSocketFactory.INSTANCE != null ? PlainSocketFactory.INSTANCE : SocketFactory.getDefault();
        if (Build.VERSION.SDK_INT >= 21) {
            this.mobileSocketFactory = new BoundSocketFactory(networkManager, InterfaceType.Mobile);
        } else {
            this.mobileSocketFactory = null;
        }
        this.certFactory = CertificateFactory.getInstance("X.509");
        this.certificateUrl = masConfig.certificateUrl;
        this.certUrlHostname = new UrlParser(this.certificateUrl).getHost();
        this.dataDir = str;
        try {
            str3 = readFromFile(CERT_URL_FILE);
        } catch (Exception unused) {
        }
        if (this.certificateUrl.equals(str3)) {
            readFromFile();
        } else {
            Logger.d(TAG, "Certificate URL has changed: '" + str3 + "' -> '" + this.certificateUrl + "'; Clearing data", new String[0]);
            clear(context);
        }
        SharedPreferences sharedPreferences = context.getSharedPreferences(PravalaSharedPreferences.INSTALL_DATA, 0);
        String string = sharedPreferences.getString(CERTMANAGER_UUID_KEY, "");
        if (string.isEmpty()) {
            String uuid = UUID.randomUUID().toString();
            sharedPreferences.edit().putString(CERTMANAGER_UUID_KEY, uuid).apply();
            Logger.d(TAG, "Generated new UUID: ".concat(String.valueOf(uuid)), new String[0]);
            str2 = uuid;
        } else {
            Logger.d(TAG, "Using saved UUID: ".concat(String.valueOf(string)), new String[0]);
            str2 = string;
        }
        this.fetchCert = new FetchCert(serviceWorker, this.certificateUrl, str2) { // from class: com.pravala.mas.sdk.internal.CertManager.1
            @Override // com.pravala.mas.sdk.internal.FetchCert
            public void fetchCertFailed(int i3) {
                CertManager.this.changeNetworkRoute();
            }

            @Override // com.pravala.mas.sdk.internal.FetchCert
            public void fetchCertFailed(Exception exc) {
                CertManager.this.changeNetworkRoute();
            }

            @Override // com.pravala.mas.sdk.internal.FetchCert
            public void fetchCertSucceeded(String str4, String str5, String str6) {
                synchronized (CertManager.this) {
                    if (CertManager.this.started && !CertManager.this.hasValidData) {
                        long certValidTimeDiff = CertManager.this.getCertValidTimeDiff(str4);
                        long certValidTimeDiff2 = CertManager.this.getCertValidTimeDiff(str5);
                        if (certValidTimeDiff >= 0 && certValidTimeDiff <= 10000) {
                            if (certValidTimeDiff2 >= 0 && certValidTimeDiff2 <= 10000) {
                                Logger.d(CertManager.TAG, "FetchCert succeeded", new String[0]);
                                CertManager.this.stop();
                                CertManager.this.caSubjectName = null;
                                CertManager.this.caData = str4;
                                CertManager.this.certData = str5;
                                CertManager.this.keyData = str6;
                                CertManager.this.hasValidData = true;
                                CertManager.this.writeToFile();
                                CertManager.this.writeFetchCertEvent();
                                if (certValidTimeDiff == 0 && certValidTimeDiff2 == 0) {
                                    CertManager.this.certFetchSucceeded();
                                    return;
                                }
                                long max = Math.max(certValidTimeDiff, certValidTimeDiff2) + 100;
                                Logger.w(CertManager.TAG, "Delaying certs by " + max + " milliseconds; CA cert " + certValidTimeDiff + " milliseconds in the future; device cert " + certValidTimeDiff2 + " milliseconds in the future; Device time possibly behind", new String[0]);
                                serviceWorker.schedule(new Runnable() { // from class: com.pravala.mas.sdk.internal.CertManager.1.1
                                    @Override // java.lang.Runnable
                                    public void run() {
                                        CertManager.this.certFetchSucceeded();
                                    }
                                }, max, true);
                                return;
                            }
                            Logger.e(CertManager.TAG, "Received invalid device cert data; cert is expired or too far in the future (valid in " + certValidTimeDiff2 + " milliseconds)", new String[0]);
                            return;
                        }
                        Logger.e(CertManager.TAG, "Received invalid CA data; cert is expired or too far in the future (valid in " + certValidTimeDiff + " milliseconds)", new String[0]);
                    }
                }
            }
        };
        this.retryThread = new ExponentialBackoff(serviceWorker, i, d, i2) { // from class: com.pravala.mas.sdk.internal.CertManager.2
            @Override // com.pravala.utilities.ExponentialBackoff
            public void exponentialCallback(ExponentialBackoff exponentialBackoff) {
                synchronized (CertManager.this) {
                    if (CertManager.this.started && !CertManager.this.hasValidData) {
                        CertManager.this.writeFetchCertEvent();
                        Logger.d(CertManager.TAG, "Starting FetchCert; next attempt in " + CertManager.this.retryThread.getCurrentInterval() + " ms", new String[0]);
                        CertManager.access$1204(CertManager.this);
                        CertManager.this.fetchCert.schedule(0L, true);
                    }
                }
            }
        };
        this.fetchCert.setSocketFactory(this.plainSocketFactory);
        writeFetchCertEvent();
    }

    static /* synthetic */ int access$1204(CertManager certManager) {
        int i = certManager.numAttempts + 1;
        certManager.numAttempts = i;
        return i;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void changeNetworkRoute() {
        if (Build.VERSION.SDK_INT < 21) {
            Logger.d(TAG, "Routing FetchCert over mobile", new String[0]);
            try {
                this.networkManager.setRouteToHostButTryHarder(InetAddress.getByName(this.certUrlHostname), InterfaceType.Mobile);
                return;
            } catch (Exception unused) {
                return;
            }
        }
        if (this.fetchCert.getSocketFactory() == this.plainSocketFactory) {
            Logger.d(TAG, "Using mobile socket factory for FetchCert", new String[0]);
            this.fetchCert.setSocketFactory(this.mobileSocketFactory);
        } else {
            Logger.d(TAG, "Using plain socket factory for FetchCert", new String[0]);
            this.fetchCert.setSocketFactory(this.plainSocketFactory);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public long getCertValidTimeDiff(String str) {
        int indexOf = str.indexOf("-----BEGIN CERTIFICATE-----");
        if (indexOf < 0) {
            Logger.e(TAG, "Invalid cert data; couldn't find '-----BEGIN CERTIFICATE-----'", new String[0]);
            return Long.MIN_VALUE;
        }
        String substring = str.substring(indexOf);
        Date date = new Date();
        try {
            X509Certificate x509Certificate = (X509Certificate) this.certFactory.generateCertificate(new ByteArrayInputStream(substring.getBytes()));
            if (x509Certificate == null) {
                return Long.MIN_VALUE;
            }
            if (date.after(x509Certificate.getNotAfter())) {
                return x509Certificate.getNotAfter().getTime() - date.getTime();
            }
            if (date.before(x509Certificate.getNotBefore())) {
                return x509Certificate.getNotBefore().getTime() - date.getTime();
            }
            return 0L;
        } catch (CertificateException unused) {
            return Long.MIN_VALUE;
        }
    }

    private String readFromFile(String str) throws IOException {
        int read;
        FileInputStream fileInputStream = new FileInputStream(this.dataDir + "/" + str);
        StringBuilder sb = new StringBuilder();
        byte[] bArr = new byte[1048576];
        do {
            read = fileInputStream.read(bArr);
            if (read > 0) {
                sb.append(new String(bArr, 0, read));
            }
        } while (read >= 0);
        fileInputStream.close();
        return sb.toString();
    }

    private synchronized void readFromFile() {
        this.caSubjectName = null;
        try {
            this.caData = readFromFile(CA_FILE);
            this.certData = readFromFile(CERT_FILE);
            this.keyData = readFromFile(KEY_FILE);
            if (getCertValidTimeDiff(this.caData) != 0) {
                this.hasValidData = false;
                Logger.e(TAG, "Read invalid CA data; cert is expired or not yet valid", new String[0]);
            } else if (getCertValidTimeDiff(this.certData) != 0) {
                this.hasValidData = false;
                Logger.e(TAG, "Read invalid cert data; cert is expired or not yet valid", new String[0]);
            } else {
                this.hasValidData = true;
                Logger.d(TAG, "Successfully read certs from file", new String[0]);
            }
        } catch (Exception e) {
            this.hasValidData = false;
            Logger.e(TAG, "Failed to read certs from file: " + e.getMessage(), new String[0]);
        }
        if (!this.hasValidData) {
            this.caData = null;
            this.certData = null;
            this.keyData = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void writeFetchCertEvent() {
        com.pravala.ncp.web.client.auto.events.la.connectivity.FetchCert fetchCert = new com.pravala.ncp.web.client.auto.events.la.connectivity.FetchCert();
        fetchCert.hasValidCerts = Boolean.valueOf(hasValidData());
        fetchCert.caCertName = getCaSubjectName();
        fetchCert.fetchAttempts = Integer.valueOf(getNumAttempts());
        try {
            AnalyticsUploader.analyticsWriteEvent(fetchCert);
        } catch (SchemaViolationException | JSONException e) {
            e.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void writeToFile() {
        try {
            writeToFile(this.certificateUrl, CERT_URL_FILE);
            writeToFile(this.caData, CA_FILE);
            writeToFile(this.certData, CERT_FILE);
            writeToFile(this.keyData, KEY_FILE);
            Logger.d(TAG, "Successfully wrote certs to file", new String[0]);
        } catch (Exception e) {
            Logger.e(TAG, "Failed to write certs to file: " + e.getMessage(), new String[0]);
            new File(this.dataDir + "/cert_url").delete();
            new File(this.dataDir + "/ca.crt").delete();
            new File(this.dataDir + "/device.crt").delete();
            new File(this.dataDir + "/device.key").delete();
        }
    }

    private void writeToFile(String str, String str2) throws IOException {
        if (str == null) {
            return;
        }
        FileOutputStream fileOutputStream = new FileOutputStream(this.dataDir + "/" + str2);
        fileOutputStream.write(str.getBytes());
        fileOutputStream.close();
    }

    protected abstract void certFetchSucceeded();

    public synchronized void clear(Context context) {
        Logger.d(TAG, "Clearing saved data", new String[0]);
        this.caData = null;
        this.caSubjectName = null;
        this.certData = null;
        this.keyData = null;
        this.hasValidData = false;
        new File(this.dataDir + "/cert_url").delete();
        new File(this.dataDir + "/ca.crt").delete();
        new File(this.dataDir + "/device.crt").delete();
        new File(this.dataDir + "/device.key").delete();
        context.getSharedPreferences(PravalaSharedPreferences.INSTALL_DATA, 0).edit().remove(CERTMANAGER_UUID_KEY).apply();
    }

    public synchronized String getCaData() {
        return this.caData;
    }

    public synchronized String getCaSubjectName() {
        if (this.caSubjectName == null) {
            if (this.caData == null) {
                return null;
            }
            try {
                X509Certificate x509Certificate = (X509Certificate) this.certFactory.generateCertificate(new ByteArrayInputStream(this.caData.getBytes()));
                if (x509Certificate != null) {
                    this.caSubjectName = x509Certificate.getSubjectX500Principal().getName("CANONICAL");
                }
            } catch (CertificateException unused) {
                return null;
            }
        }
        return this.caSubjectName;
    }

    public synchronized String getCertData() {
        return this.certData;
    }

    public synchronized String getKeyData() {
        return this.keyData;
    }

    public synchronized int getNextAttemptDelay() {
        return this.retryThread.getCurrentInterval();
    }

    public synchronized int getNumAttempts() {
        return this.numAttempts;
    }

    public synchronized boolean hasValidData() {
        return this.hasValidData;
    }

    public synchronized void start() {
        if (!this.started && !this.hasValidData) {
            Logger.d(TAG, "Started", new String[0]);
            this.started = true;
            Logger.d(TAG, "Starting FetchCert; next attempt in " + this.retryThread.getCurrentInterval() + " ms", new String[0]);
            this.numAttempts = this.numAttempts + 1;
            this.fetchCert.schedule(0L, true);
            this.retryThread.start();
        }
    }

    public synchronized void stop() {
        if (this.started) {
            Logger.d(TAG, "Stopped", new String[0]);
            this.started = false;
            this.retryThread.stop();
            this.fetchCert.cancel();
        }
    }
}
