package com.degoo.backend.security;

import com.degoo.backend.httpclient.CertAuthClient;
import com.degoo.backend.httpclient.NoAuthClient;
import com.degoo.http.u;
import com.degoo.protocol.CommonProtos;
import com.degoo.protocol.ServerAndClientProtos;
import com.degoo.protocol.helpers.NodeIDHelper;
import com.degoo.protocol.helpers.UserIDHelper;
import com.degoo.schedulers.OneTimeThreadPoolExecutor;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import javax.inject.Inject;
import javax.inject.Provider;
import javax.inject.Singleton;

/* compiled from: S */
@Singleton
/* loaded from: classes.dex */
public class CertificateManager {
    private static final Object e = new Object();
    private static CommonProtos.NodeID f = null;

    /* renamed from: a, reason: collision with root package name */
    private final Provider<CertAuthClient> f8461a;

    /* renamed from: b, reason: collision with root package name */
    private final ServerAndClientProtos.ClientExecutionEnvironment f8462b;

    /* renamed from: c, reason: collision with root package name */
    private final Provider<NoAuthClient> f8463c;

    /* renamed from: d, reason: collision with root package name */
    private final String f8464d;
    private volatile boolean g = false;
    private volatile KeyStore h;

    @Inject
    public CertificateManager(Provider<CertAuthClient> provider, ServerAndClientProtos.ClientExecutionEnvironment clientExecutionEnvironment, Provider<NoAuthClient> provider2) {
        this.f8461a = provider;
        this.f8462b = clientExecutionEnvironment;
        this.f8463c = provider2;
        com.degoo.platform.e.ac();
        this.f8464d = com.degoo.platform.e.j(clientExecutionEnvironment.toString() + "/TrustStores/WebServerTrustStore.p12");
    }

    public static CommonProtos.UserID a() throws Exception {
        return a(a(com.degoo.util.n.c()));
    }

    public static CommonProtos.UserID a(X509Certificate x509Certificate) throws IOException {
        return UserIDHelper.fromIdentityString(x509Certificate.getSubjectDN().getName());
    }

    public static X509Certificate a(KeyStore keyStore) throws KeyStoreException {
        return (X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement());
    }

    public static CommonProtos.NodeID b() throws Exception {
        if (f == null) {
            f = b(a(com.degoo.util.n.c()));
        }
        return f;
    }

    public static CommonProtos.NodeID b(X509Certificate x509Certificate) throws IOException {
        return NodeIDHelper.fromIdentityString(x509Certificate.getSubjectDN().getName());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void b(boolean z) throws Exception {
        byte[] e2;
        synchronized (e) {
            boolean z2 = false;
            if (z) {
                e2 = this.f8461a.get().a("/RenewCert/");
                z2 = true;
            } else {
                if (com.degoo.util.n.e()) {
                    com.degoo.g.g.c("Cert just created by other thread. Skipping second call.");
                    return;
                }
                e2 = this.f8463c.get().d().getCertificate().e();
            }
            com.degoo.util.n.a(e2, z2);
        }
    }

    private KeyStore e() throws IOException, KeyStoreException, CertificateException {
        if (this.h == null) {
            com.degoo.g.g.a("getWebServerTrustStore getWebServerTrustStore:" + this.f8464d, CommonProtos.LogType.Certificate, CommonProtos.LogSubType.Load, this.f8464d);
            InputStream resourceAsStream = CertificateManager.class.getResourceAsStream(this.f8464d);
            if (resourceAsStream == null) {
                com.degoo.g.g.d("Unable to load the trust-stores", CommonProtos.LogType.Certificate, CommonProtos.LogSubType.Load, CommonProtos.Severity.Severity6, com.degoo.g.f.b(this.f8464d));
            }
            this.h = com.degoo.e.a.a(resourceAsStream, "U4M3JlPpKQt4Uik250a557CgL8WxBfWM");
        }
        return this.h;
    }

    public final com.degoo.http.conn.ssl.f a(com.degoo.http.ssl.c cVar) throws GeneralSecurityException, IOException {
        return this.f8462b == ServerAndClientProtos.ClientExecutionEnvironment.Development ? u.a(cVar, e(), null) : u.b(cVar, e(), null);
    }

    public final X509Certificate a(boolean z) throws Exception {
        final X509Certificate a2;
        if (!com.degoo.util.n.e()) {
            if (!z) {
                return null;
            }
            b(false);
        }
        synchronized (e) {
            try {
                try {
                    a2 = a(com.degoo.util.n.c());
                    com.degoo.a.h.a(a(a2));
                    if (!this.g) {
                        this.g = true;
                        OneTimeThreadPoolExecutor.a().b(new Runnable() { // from class: com.degoo.backend.security.CertificateManager.1
                            @Override // java.lang.Runnable
                            public final void run() {
                                synchronized (CertificateManager.e) {
                                    try {
                                        try {
                                            Date date = new Date();
                                            Calendar calendar = Calendar.getInstance();
                                            calendar.setTime(date);
                                            calendar.add(5, 120);
                                            a2.checkValidity(calendar.getTime());
                                        } catch (Exception e2) {
                                            throw new RuntimeException(e2);
                                        }
                                    } catch (CertificateException unused) {
                                        CertificateManager.this.b(true);
                                    } catch (Throwable th) {
                                        com.degoo.g.g.d("Error while checking certificate validity", CommonProtos.LogType.Certificate, th);
                                    }
                                }
                            }
                        });
                    }
                } finally {
                }
            } catch (KeyStoreException e2) {
                e = e2;
                throw new RuntimeException("Cert was invalid after initializing the cert-store!", e);
            } catch (CertificateException e3) {
                e = e3;
                throw new RuntimeException("Cert was invalid after initializing the cert-store!", e);
            }
        }
        return a2;
    }

    public final com.degoo.http.conn.ssl.f b(com.degoo.http.ssl.c cVar) throws Exception {
        c();
        synchronized (e) {
            if (this.f8462b == ServerAndClientProtos.ClientExecutionEnvironment.Development) {
                return u.a(cVar, e(), com.degoo.util.n.c());
            }
            return u.b(cVar, e(), com.degoo.util.n.c());
        }
    }

    public final void c() throws Exception {
        if (this.g) {
            return;
        }
        synchronized (e) {
            if (this.g) {
                return;
            }
            a(true);
        }
    }
}
