package com.degoo.backend.security;

import com.degoo.backend.httpclient.CertAuthClient;
import com.degoo.backend.httpclient.NoAuthClient;
import com.degoo.http.u;
import com.degoo.protocol.CommonProtos;
import com.degoo.protocol.ServerAndClientProtos;
import com.degoo.protocol.helpers.NodeIDHelper;
import com.degoo.protocol.helpers.UserIDHelper;
import com.degoo.schedulers.OneTimeThreadPoolExecutor;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;

/* compiled from: S */
@Singleton
/* loaded from: classes2.dex */
public class CertificateManager {

    /* renamed from: e, reason: collision with root package name */
    private static final Object f9877e = new Object();

    /* renamed from: a, reason: collision with root package name */
    public final ServerAndClientProtos.ClientExecutionEnvironment f9878a;

    /* renamed from: b, reason: collision with root package name */
    private final Provider<CertAuthClient> f9879b;

    /* renamed from: c, reason: collision with root package name */
    private final Provider<NoAuthClient> f9880c;

    /* renamed from: d, reason: collision with root package name */
    private final String f9881d;
    private volatile boolean f = false;
    private KeyStore g;

    @Inject
    public CertificateManager(Provider<CertAuthClient> provider, ServerAndClientProtos.ClientExecutionEnvironment clientExecutionEnvironment, Provider<NoAuthClient> provider2) {
        this.f9879b = provider;
        this.f9878a = clientExecutionEnvironment;
        this.f9880c = provider2;
        com.degoo.platform.e.ae();
        this.f9881d = com.degoo.platform.e.g(clientExecutionEnvironment.toString() + "/TrustStores/WebServerTrustStore.p12");
    }

    public static CommonProtos.UserID a(X509Certificate x509Certificate) throws IOException {
        return UserIDHelper.fromIdentityString(x509Certificate.getSubjectDN().getName());
    }

    public static X509Certificate a(KeyStore keyStore) throws KeyStoreException {
        return (X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement());
    }

    public static CommonProtos.NodeID b(X509Certificate x509Certificate) throws IOException {
        return NodeIDHelper.fromIdentityString(x509Certificate.getSubjectDN().getName());
    }

    public static X509Certificate b() throws Exception {
        return a(com.degoo.util.l.c());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void b(boolean z) throws Exception {
        byte[] e2;
        synchronized (f9877e) {
            boolean z2 = false;
            try {
                if (z) {
                    e2 = this.f9879b.get().a("/RenewCert/");
                    z2 = true;
                } else {
                    if (com.degoo.util.l.e()) {
                        com.degoo.g.g.d("Cert just created by other thread. Skipping second call.");
                        return;
                    }
                    e2 = this.f9880c.get().d().getCertificate().e();
                }
                com.degoo.util.l.a(e2, z2);
            } catch (Throwable th) {
                throw th;
            }
        }
    }

    public final com.degoo.http.conn.ssl.f a(com.degoo.http.ssl.c cVar) throws Exception {
        a();
        synchronized (f9877e) {
            if (this.f9878a == ServerAndClientProtos.ClientExecutionEnvironment.Development) {
                return u.a(cVar, c(), com.degoo.util.l.c());
            }
            return u.b(cVar, c(), com.degoo.util.l.c());
        }
    }

    public final X509Certificate a(boolean z) throws Exception {
        final X509Certificate a2;
        if (!com.degoo.util.l.e()) {
            if (!z) {
                return null;
            }
            b(false);
        }
        synchronized (f9877e) {
            try {
                try {
                    a2 = a(com.degoo.util.l.c());
                    com.degoo.a.f.c(String.valueOf(a(a2).getId()));
                    if (!this.f) {
                        this.f = true;
                        OneTimeThreadPoolExecutor.a().a(new Runnable() { // from class: com.degoo.backend.security.CertificateManager.1
                            @Override // java.lang.Runnable
                            public final void run() {
                                synchronized (CertificateManager.f9877e) {
                                    try {
                                        try {
                                            Date date = new Date();
                                            Calendar calendar = Calendar.getInstance();
                                            calendar.setTime(date);
                                            calendar.add(5, 120);
                                            a2.checkValidity(calendar.getTime());
                                        } catch (Exception e2) {
                                            throw new RuntimeException(e2);
                                        }
                                    } catch (CertificateException unused) {
                                        CertificateManager.this.b(true);
                                    } catch (Throwable th) {
                                        com.degoo.g.g.d("Error while checking certificate validity", CommonProtos.LogType.Certificate, th);
                                    }
                                }
                            }
                        });
                    }
                } catch (KeyStoreException | CertificateException e2) {
                    throw new RuntimeException("Cert was invalid after initializing the cert-store!", e2);
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return a2;
    }

    public final void a() throws Exception {
        if (this.f) {
            return;
        }
        synchronized (f9877e) {
            if (this.f) {
                return;
            }
            a(true);
        }
    }

    public final KeyStore c() throws IOException, KeyStoreException, CertificateException {
        if (this.g == null) {
            com.degoo.g.g.a("getWebServerTrustStore getWebServerTrustStore:" + this.f9881d, CommonProtos.LogType.Certificate, CommonProtos.LogSubType.Load, this.f9881d);
            InputStream resourceAsStream = CertificateManager.class.getResourceAsStream(this.f9881d);
            if (resourceAsStream == null) {
                com.degoo.g.g.d("Unable to load the trust-stores", CommonProtos.LogType.Certificate, CommonProtos.LogSubType.Load, CommonProtos.Severity.Severity6, com.degoo.g.f.b(this.f9881d));
            }
            this.g = com.degoo.e.a.a(resourceAsStream, "U4M3JlPpKQt4Uik250a557CgL8WxBfWM");
        }
        return this.g;
    }
}
