package com.fasoo.m.bootstrap;

import com.fasoo.m.authenticate.AuthenticatedToken;
import com.fasoo.m.authenticate.PasswordEncryptFailException;
import com.fasoo.m.crypto.certificate.CertificateDecodeException;
import com.fasoo.m.crypto.certificate.CertificateNotYetValidException;
import com.fasoo.m.crypto.certificate.CertificateSignatureException;
import com.fasoo.m.crypto.certificate.X509Certificate;
import com.fasoo.m.device.Device;
import com.fasoo.m.http.HttpData;
import com.fasoo.m.http.HttpRequestFailException;
import com.fasoo.m.http.HttpResponseFailException;
import com.fasoo.m.http.NullQueryValueException;
import com.fasoo.m.keystore.KeyStoreManager;
import com.fasoo.m.properties.PropertyManager;
import com.fasoo.m.util.DataConvert;
import com.fasoo.m.util.FmgLog;
import java.io.IOException;
import java.net.MalformedURLException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;

/* loaded from: classes.dex */
public class BootstrapManager {
    private AuthenticatedToken mAuthToken;
    private BootstrapHttp mBootHttp;
    private Device mDeviceInfo;
    private String mPassword = null;
    private PropertyManager mProp;
    private String mUrl;

    public BootstrapManager(PropertyManager propertyManager, AuthenticatedToken authenticatedToken, Device device) throws MalformedURLException, NoSuchAlgorithmException {
        this.mBootHttp = null;
        this.mProp = null;
        this.mAuthToken = null;
        this.mDeviceInfo = null;
        this.mUrl = null;
        this.mProp = propertyManager;
        this.mAuthToken = authenticatedToken;
        this.mDeviceInfo = device;
        this.mUrl = this.mProp.getBootstrapUrl(null);
        this.mBootHttp = new BootstrapHttp(this.mUrl);
    }

    public static void deleteAllCertificates(PropertyManager propertyManager) {
        new KeyStoreManager(propertyManager).removeAllCertificates();
    }

    public static int getCertificatesCount(PropertyManager propertyManager) {
        return new KeyStoreManager(propertyManager).getCountCerts();
    }

    public boolean checkKeyStore() throws CertificateDecodeException, CertificateNotYetValidException {
        return !new KeyStoreManager(this.mProp).checkUpdate(this.mDeviceInfo.getDeviceSecret());
    }

    public void doProcess() throws MalformedURLException, HttpRequestFailException, HttpResponseFailException, IOException, NoSuchAlgorithmException, PasswordEncryptFailException, NullQueryValueException, CertificateNotYetValidException, CertificateDecodeException, CertificateSignatureException {
        if (hasKeyStore()) {
            try {
                if (checkKeyStore()) {
                    FmgLog.d("FMDRM::" + toString(), "Key Store is available.");
                    return;
                }
            } catch (CertificateDecodeException e) {
                FmgLog.d("FMDRM::" + toString(), "Certificate is damaged. Request new one.");
            }
            FmgLog.d("FMDRM::" + toString(), "Key Store is not available.");
        } else {
            FmgLog.d("FMDRM::" + toString(), "Key Store does not exit.");
        }
        String bootstrapUrl = this.mProp.getBootstrapUrl(null);
        BootstrapHttp bootstrapHttp = new BootstrapHttp(bootstrapUrl);
        FmgLog.d("FMDRM::" + toString(), "Init Bootstrap with URL, " + bootstrapUrl);
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        this.mPassword = DataConvert.byteToHexString(bArr);
        FmgLog.d("FMDRM::" + toString(), "Generated password to encrypt private key, " + this.mPassword);
        setHttpKeyResponse(bootstrapHttp.request(this.mAuthToken, this.mDeviceInfo.getDeviceId(), this.mPassword));
    }

    public HttpData getHttpInitQuery() {
        return new HttpData(this.mUrl, this.mBootHttp.getInitRequestQuery());
    }

    public HttpData getHttpKeyRequestQuery(String str) throws NoSuchAlgorithmException, HttpResponseFailException, PasswordEncryptFailException, IOException, NullQueryValueException {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        this.mPassword = DataConvert.byteToHexString(bArr);
        return new HttpData(this.mUrl, this.mBootHttp.getKeyRequestQuery(this.mAuthToken, this.mDeviceInfo.getDeviceId(), this.mPassword, str));
    }

    public boolean hasKeyStore() {
        return new KeyStoreManager(this.mProp).exist();
    }

    public void setHttpKeyResponse(String str) throws IOException, HttpResponseFailException, NoSuchAlgorithmException, CertificateDecodeException, CertificateSignatureException {
        ArrayList convertKeyResponse = this.mBootHttp.convertKeyResponse(str);
        X509Certificate x509Certificate = new X509Certificate((byte[]) convertKeyResponse.get(1));
        X509Certificate x509Certificate2 = new X509Certificate((byte[]) convertKeyResponse.get(2));
        X509Certificate x509Certificate3 = new X509Certificate((byte[]) convertKeyResponse.get(3));
        try {
            x509Certificate3.verify(x509Certificate2);
            x509Certificate.verify(x509Certificate2);
            try {
                KeyStoreManager keyStoreManager = new KeyStoreManager(this.mProp);
                byte[] digest = x509Certificate.getDigest();
                if (!keyStoreManager.existRecentPrivateKey(digest)) {
                    keyStoreManager.changeRecentPrivateKeyToOld();
                }
                keyStoreManager.addPrivateKey((byte[]) convertKeyResponse.get(0), this.mPassword, digest, this.mDeviceInfo.getDeviceSecret().getBytes());
                if (!keyStoreManager.existRecentMyCertificate(digest)) {
                    keyStoreManager.changeRecentMyCertificateToOld();
                }
                keyStoreManager.addMyCertificate((byte[]) convertKeyResponse.get(1), digest, this.mDeviceInfo.getDeviceSecret().getBytes());
                byte[] digest2 = x509Certificate3.getDigest();
                if (!keyStoreManager.existRecentLicenseCertificate(digest2)) {
                    keyStoreManager.changeRecentLicenseCertificateToOld();
                }
                keyStoreManager.addLicenseCertificate((byte[]) convertKeyResponse.get(3), digest2, this.mDeviceInfo.getDeviceSecret().getBytes());
                byte[] digest3 = x509Certificate2.getDigest();
                if (!keyStoreManager.existRecentCACertificate(digest3)) {
                    keyStoreManager.changeRecentCACertificateToOld();
                }
                keyStoreManager.addCACertificate((byte[]) convertKeyResponse.get(2), digest3, this.mDeviceInfo.getDeviceSecret().getBytes());
                this.mProp.setChecktime();
            } catch (IOException e) {
                x509Certificate.release();
                x509Certificate2.release();
                x509Certificate3.release();
                throw e;
            }
        } catch (CertificateSignatureException e2) {
            x509Certificate.release();
            x509Certificate2.release();
            x509Certificate3.release();
            throw e2;
        }
    }
}
