package com.microsoft.mmx.agents.ypp.authclient.crypto;

import androidx.annotation.NonNull;
import androidx.annotation.WorkerThread;
import com.microsoft.mmx.agents.logging.ILogger;
import com.microsoft.mmx.agents.logging.TraceContext;
import com.microsoft.mmx.agents.remoteconfiguration.ExpManager;
import com.microsoft.mmx.agents.ypp.authclient.auth.IAuthStorage;
import com.microsoft.mmx.agents.ypp.authclient.crypto.CryptoManager;
import com.microsoft.mmx.agents.ypp.authclient.crypto.KeyManager;
import com.microsoft.mmx.agents.ypp.configuration.PlatformConfiguration;
import com.microsoft.mmx.remoteconfiguration.RemoteConfigurationRing;
import io.reactivex.Completable;
import io.reactivex.Scheduler;
import io.reactivex.Single;
import io.reactivex.functions.Action;
import io.reactivex.functions.BiFunction;
import io.reactivex.functions.Function;
import io.reactivex.schedulers.Schedulers;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.concurrent.Callable;
import javax.inject.Inject;
import org.joda.time.DateTime;

/* loaded from: classes2.dex */
public class CryptoManager {
    public final IAuthStorage authStorage;
    public final Scheduler cryptoScheduler = Schedulers.newThread();
    public final JwtHelper jwtHelper;
    public final KeyManager keyManager;
    public final Log logger;
    public final PlatformConfiguration platformConfiguration;

    /* loaded from: classes2.dex */
    public static final class Log {
        public static final String TAG = CryptoManager.class.getSimpleName();
        public final ILogger logger;

        public Log(ILogger iLogger) {
            this.logger = iLogger;
        }

        public void a(String str, String str2) {
            this.logger.logDebug(TAG, "Creating NonceJwt for deviceId: %s and nonce: %s", str, str2);
        }
    }

    @Inject
    public CryptoManager(@NonNull KeyManager keyManager, @NonNull ILogger iLogger, @NonNull JwtHelper jwtHelper, @NonNull IAuthStorage iAuthStorage, @NonNull PlatformConfiguration platformConfiguration) {
        this.keyManager = keyManager;
        this.logger = new Log(iLogger);
        this.jwtHelper = jwtHelper;
        this.authStorage = iAuthStorage;
        this.platformConfiguration = platformConfiguration;
    }

    public static /* synthetic */ KeyRotationRequestData e(String str, String str2, String str3, String str4, String str5) throws Exception {
        return new KeyRotationRequestData(str, str2, str3, str5, str4);
    }

    private String lambda$getBase64Asn1EncodedCertificate$0(String str, KeyStore.PrivateKeyEntry privateKeyEntry) throws Exception {
        this.logger.logger.logDebug(Log.TAG, "Encoding certificate for deviceId %s", str);
        return CertificateUtils.a(privateKeyEntry);
    }

    public Completable a(@NonNull KeyRotationRequestData keyRotationRequestData, @NonNull TraceContext traceContext) {
        return this.keyManager.g(keyRotationRequestData.getNewKeyAlias(), traceContext).doOnComplete(new Action() { // from class: d.b.c.a.z2.a.b.a
            @Override // io.reactivex.functions.Action
            public final void run() {
                CryptoManager.this.c();
            }
        }).subscribeOn(this.cryptoScheduler);
    }

    public Single<KeyRotationRequestData> b(@NonNull final String str, @NonNull final String str2, @NonNull final TraceContext traceContext) {
        final String a = KeyManager.a();
        Single<String> nonceJwtForDeviceId = getNonceJwtForDeviceId(str, str2, traceContext);
        final KeyManager keyManager = this.keyManager;
        if (keyManager != null) {
            return Single.zip(nonceJwtForDeviceId, Single.fromCallable(new Callable() { // from class: d.b.c.a.z2.a.b.f
                @Override // java.util.concurrent.Callable
                public final Object call() {
                    return KeyManager.this.c(a, str, traceContext);
                }
            }).map(new Function() { // from class: d.b.c.a.z2.a.b.d
                @Override // io.reactivex.functions.Function
                public final Object apply(Object obj) {
                    return CryptoManager.this.d(str2, traceContext, (KeyStore.PrivateKeyEntry) obj);
                }
            }), new BiFunction() { // from class: d.b.c.a.z2.a.b.c
                @Override // io.reactivex.functions.BiFunction
                public final Object apply(Object obj, Object obj2) {
                    return CryptoManager.e(str, str2, a, (String) obj, (String) obj2);
                }
            });
        }
        throw null;
    }

    public /* synthetic */ void c() throws Exception {
        this.authStorage.updateKeyRotationTargetValidationTime(DateTime.now().plus(this.platformConfiguration.getKeyRotationRetryTimeFail()));
    }

    public /* synthetic */ String d(String str, TraceContext traceContext, KeyStore.PrivateKeyEntry privateKeyEntry) throws Exception {
        return this.jwtHelper.a(privateKeyEntry, str, traceContext);
    }

    public /* synthetic */ String f(String str, String str2, TraceContext traceContext, KeyStore.PrivateKeyEntry privateKeyEntry) throws Exception {
        this.logger.a(str, str2);
        return this.jwtHelper.a(privateKeyEntry, str2, traceContext);
    }

    public /* synthetic */ void g() throws Exception {
        this.authStorage.updateKeyRotationTargetValidationTime(DateTime.now().plus(this.platformConfiguration.getKeyRotationAgeThreshold()));
    }

    public Single<String> getNonceJwtForDeviceId(@NonNull final String str, @NonNull final String str2, @NonNull final TraceContext traceContext) {
        return this.keyManager.getKeyPairEntry(str, traceContext).subscribeOn(this.cryptoScheduler).map(new Function() { // from class: d.b.c.a.z2.a.b.b
            @Override // io.reactivex.functions.Function
            public final Object apply(Object obj) {
                return CryptoManager.this.f(str, str2, traceContext, (KeyStore.PrivateKeyEntry) obj);
            }
        }).observeOn(Schedulers.io());
    }

    public Completable h(KeyRotationRequestData keyRotationRequestData) {
        final KeyManager keyManager = this.keyManager;
        final String deviceId = keyRotationRequestData.getDeviceId();
        final String newKeyAlias = keyRotationRequestData.getNewKeyAlias();
        if (keyManager != null) {
            return Completable.fromAction(new Action() { // from class: d.b.c.a.z2.a.b.g
                @Override // io.reactivex.functions.Action
                public final void run() {
                    KeyManager.this.e(deviceId, newKeyAlias);
                }
            }).doOnComplete(new Action() { // from class: d.b.c.a.z2.a.b.e
                @Override // io.reactivex.functions.Action
                public final void run() {
                    CryptoManager.this.g();
                }
            }).subscribeOn(this.cryptoScheduler);
        }
        throw null;
    }

    @WorkerThread
    public boolean isKeyRotationNecessary(String str, @NonNull TraceContext traceContext) {
        if (this.authStorage.getAuthState() != null && this.authStorage.getKeyRotationTargetValidationTime() != null && this.authStorage.getKeyRotationTargetValidationTime().isBeforeNow()) {
            if (ExpManager.isRemoteConfigurationManagerInitialized() && ExpManager.getRing() == RemoteConfigurationRing.TEAM) {
                return true;
            }
            try {
                return DateTime.now().plus(this.platformConfiguration.getKeyRotationAgeThreshold()).isAfter(DateTime.now().withMillis(((X509Certificate) this.keyManager.getKeyPairEntry(str, traceContext).blockingGet().getCertificate()).getNotAfter().getTime()).toInstant());
            } catch (CryptoException unused) {
            }
        }
        return false;
    }

    public Completable removeKeyPair(@NonNull String str, @NonNull TraceContext traceContext) {
        return this.keyManager.f(str, traceContext).subscribeOn(this.cryptoScheduler);
    }
}
