package com.google.android.libraries.nest.weavekit;

import android.content.Context;
import android.util.AtomicFile;
import android.util.Base64;
import android.util.Log;
import com.google.android.libraries.nest.weavekit.NestKeyStore;
import com.google.android.libraries.nest.weavekit.NestKeyStoreDB;
import com.nestlabs.weave.security.WeaveKeyExportClient;
import defpackage.qta;
import defpackage.qtb;
import defpackage.qtc;
import defpackage.qtd;
import defpackage.qte;
import defpackage.qtf;
import defpackage.qtj;
import defpackage.qtk;
import defpackage.qtl;
import defpackage.qtm;
import defpackage.qtn;
import defpackage.qto;
import defpackage.qtp;
import defpackage.qtq;
import defpackage.qtr;
import defpackage.qtw;
import defpackage.uzf;
import defpackage.vas;
import defpackage.vbm;
import defpackage.vjn;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.crypto.SecretKey;

/* compiled from: PG */
/* loaded from: classes.dex */
public class NestAppKeyStore implements NestKeyStore {
    public static final byte[] a = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31};
    public static final Object b = new Object();
    private static NestAppKeyStore e;
    public boolean c;
    public boolean d;
    private File g;
    private File h;
    private DataEncrypter k;
    private Context n;
    private boolean o;
    private boolean p;
    private boolean r;
    private List<NestKeyStoreDB.KeyTableEntry> i = new ArrayList();
    private List<NestKeyStoreDB.StructureTableEntry> j = new ArrayList();
    private SecureRandom m = new SecureRandom();
    private AndroidSecretKeyWrapper l = new AndroidSecretKeyWrapper("com.nestlabs.nks.mwk");
    private final Map<String, WeaveKeyExportClient> f = new HashMap();
    private boolean q = false;

    private NestAppKeyStore(File file, Context context) throws Exception {
        SecretKey secretKey;
        byte[] bArr;
        this.g = new File(file, "nks.dat");
        this.h = new File(file, "nksmk.dat");
        this.p = false;
        this.n = context.getApplicationContext();
        if (this.g.exists()) {
            NestKeyStoreDB.KeyStoreData keyStoreData = null;
            try {
                if (this.l.wrappingKeyExists() && this.h.exists()) {
                    secretKey = this.l.unwrap(a(this.h), "AES");
                } else {
                    secretKey = null;
                }
            } catch (Exception e2) {
                try {
                    if (!this.h.delete()) {
                        Log.e("NestKeyStoreImpl", "readMasterKey: failed to delete master key.");
                    }
                } catch (Exception e3) {
                    Log.e("NestKeyStoreImpl", "readMasterKey: failed to delete master key.", e3);
                }
                try {
                    this.l.destroyWrappingKey();
                    secretKey = null;
                } catch (Exception e4) {
                    Log.e("NestKeyStoreImpl", "readMasterKey: failed to destroy wrapping key.", e4);
                    secretKey = null;
                }
            }
            if (secretKey != null) {
                this.k = new SymmetricDataEncrypter(secretKey, this.m);
                this.i.clear();
                this.j.clear();
                if (this.g.exists()) {
                    try {
                        bArr = this.k.decrypt(a(this.g));
                    } catch (Exception e5) {
                        bArr = null;
                    }
                    if (bArr != null) {
                        try {
                            keyStoreData = NestKeyStoreDB.KeyStoreData.parseFrom(bArr);
                        } catch (vbm e6) {
                        }
                        if (keyStoreData != null && keyStoreData.getSchemaVersion() == NestKeyStoreDB.SchemaVersion.SchemaVersion_V1) {
                            this.i.addAll(keyStoreData.getKeyTableList());
                            this.j.addAll(keyStoreData.getStructureTableList());
                            this.p = b(new qtf());
                            this.o = true;
                        }
                    }
                }
            }
        }
        wipe();
        this.o = true;
    }

    private final void a() {
        if (!this.o) {
            throw new IllegalStateException("Nest Key Store not initialized");
        }
    }

    private static void a(File file, byte[] bArr) throws IOException {
        AtomicFile atomicFile = new AtomicFile(file);
        FileOutputStream startWrite = atomicFile.startWrite();
        try {
            startWrite.write(bArr);
            atomicFile.finishWrite(startWrite);
        } catch (Throwable th) {
            atomicFile.failWrite(startWrite);
            throw th;
        }
    }

    private final void a(SecretKey secretKey) throws Exception {
        this.l.createWrappingKey(2048, this.m, this.n);
        a(this.h, this.l.wrap(secretKey));
    }

    private static byte[] a(File file) throws IOException {
        FileInputStream openRead = new AtomicFile(file).openRead();
        try {
            byte[] bArr = new byte[(int) file.length()];
            openRead.read(bArr);
            return bArr;
        } finally {
            openRead.close();
        }
    }

    private final void b() throws Exception {
        NestKeyStoreDB.KeyStoreData.Builder newBuilder = NestKeyStoreDB.KeyStoreData.newBuilder();
        newBuilder.setSchemaVersion(NestKeyStoreDB.SchemaVersion.SchemaVersion_V1);
        newBuilder.addAllKeyTable(this.i);
        newBuilder.addAllStructureTable(this.j);
        a(this.g, this.k.encrypt(((NestKeyStoreDB.KeyStoreData) ((vas) newBuilder.build())).toByteArray()));
    }

    private final boolean b(qtr qtrVar) {
        for (int i = 0; i < this.i.size(); i++) {
            if (qtrVar.a(this.i.get(i))) {
                return true;
            }
        }
        return false;
    }

    private final SecretKey c() throws Exception {
        return SymmetricDataEncrypter.generateMasterKey(this.m);
    }

    private final void c(qtr qtrVar) {
        int i = 0;
        while (i < this.i.size()) {
            if (qtrVar.a(this.i.get(i))) {
                this.i.remove(i);
            } else {
                i++;
            }
        }
    }

    public static NestKeyStore getKeyStore() {
        NestAppKeyStore nestAppKeyStore;
        synchronized (b) {
            if (e == null) {
                throw new IllegalStateException("Nest Key Store not initialized");
            }
            nestAppKeyStore = e;
        }
        return nestAppKeyStore;
    }

    public static NestKeyStore initKeyStore(File file, Context context) throws Exception {
        NestAppKeyStore nestAppKeyStore;
        synchronized (b) {
            if (e != null) {
                throw new IllegalStateException("Nest Key Store already initialized");
            }
            nestAppKeyStore = new NestAppKeyStore(file, context);
            e = nestAppKeyStore;
        }
        return nestAppKeyStore;
    }

    public final NestKeyStoreDB.KeyTableEntry a(qtr qtrVar) {
        for (int i = 0; i < this.i.size(); i++) {
            NestKeyStoreDB.KeyTableEntry keyTableEntry = this.i.get(i);
            if (qtrVar.a(keyTableEntry)) {
                return keyTableEntry;
            }
        }
        return null;
    }

    public final NestKeyStoreDB.StructureTableEntry a(String str) {
        for (NestKeyStoreDB.StructureTableEntry structureTableEntry : this.j) {
            if (structureTableEntry.getStructureId().equals(str)) {
                return structureTableEntry;
            }
        }
        return null;
    }

    public void addDummyCRK(String str) {
        synchronized (b) {
            try {
                List<NestKeyStoreDB.KeyTableEntry> list = this.i;
                NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
                newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ClientRootKey);
                newBuilder.setWeaveKeyId(66560);
                newBuilder.setStructureId(str);
                newBuilder.setKeyData(uzf.a(new byte[]{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31}));
                list.add((NestKeyStoreDB.KeyTableEntry) ((vas) newBuilder.build()));
            } catch (Exception e2) {
                Log.e("NestKeyStoreImpl", "Failed to add dummy CRK.", e2);
            }
        }
    }

    public boolean allowNestDevelopmentDevices() {
        return this.q;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void close() {
        synchronized (b) {
            this.o = false;
            this.p = false;
            this.g = null;
            this.h = null;
            this.i = null;
            this.j = null;
            this.n = null;
            this.k = null;
            this.l = null;
            this.m = null;
            Iterator<WeaveKeyExportClient> it = this.f.values().iterator();
            while (it.hasNext()) {
                it.next().a();
            }
            this.f.clear();
            e = null;
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public byte[] generateCRKExportRequest(String str) throws Exception {
        byte[] generateKeyExportRequest;
        synchronized (b) {
            verifyLoggedIn();
            String structureAccessToken = getStructureAccessToken(str);
            if (structureAccessToken == null) {
                throw new KeyNotFoundException(String.format("Access token for structure %s not found in key store", str));
            }
            byte[] decode = Base64.decode(structureAccessToken, 0);
            if (this.f.containsKey(str)) {
                this.f.get(str).a();
                this.f.remove(str);
            }
            WeaveKeyExportClient weaveKeyExportClient = new WeaveKeyExportClient();
            WeaveKeyExportClient.setAllowNestDevelopmentDevices(weaveKeyExportClient.b(), this.q);
            WeaveKeyExportClient.setAllowSHA1DeviceCertificates(weaveKeyExportClient.b(), this.q);
            generateKeyExportRequest = WeaveKeyExportClient.generateKeyExportRequest(weaveKeyExportClient.b(), 66560, 0L, decode);
            this.f.put(str, weaveKeyExportClient);
        }
        return generateKeyExportRequest;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public PasscodeEncrypter getPasscodeEncrypter() {
        qtw qtwVar;
        synchronized (b) {
            a();
            qtwVar = new qtw(this, this.m);
        }
        return qtwVar;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public WDMRequestSigner getRequestSigner() {
        qta qtaVar;
        synchronized (b) {
            a();
            qtaVar = new qta(this);
        }
        return qtaVar;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public String getServiceAuthToken() {
        String d;
        synchronized (b) {
            a();
            NestKeyStoreDB.KeyTableEntry a2 = a(new qtj());
            d = a2 != null ? a2.getKeyData().d() : null;
        }
        return d;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public String getStructureAccessToken(String str) throws Exception {
        String d;
        synchronized (b) {
            verifyLoggedIn();
            NestKeyStoreDB.KeyTableEntry a2 = a(new qtb(str));
            d = a2 != null ? a2.getKeyData().d() : null;
        }
        return d;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public boolean hasCRK(String str) {
        boolean b2;
        synchronized (b) {
            verifyLoggedIn();
            b2 = b(new qtd(str));
        }
        return b2;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public boolean isLoggedIn() {
        boolean z;
        synchronized (b) {
            a();
            z = this.p;
        }
        return z;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void processCRKExportResponse(String str, byte[] bArr) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            WeaveKeyExportClient weaveKeyExportClient = this.f.get(str);
            if (weaveKeyExportClient == null) {
                String valueOf = String.valueOf(str);
                throw new IllegalStateException(valueOf.length() != 0 ? "No CRK export in progress for structure ".concat(valueOf) : new String("No CRK export in progress for structure "));
            }
            byte[] processKeyExportResponse = WeaveKeyExportClient.processKeyExportResponse(weaveKeyExportClient.b(), 0L, bArr);
            weaveKeyExportClient.a();
            this.f.remove(str);
            c(new qte(str));
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ClientRootKey);
            newBuilder.setWeaveKeyId(66560);
            newBuilder.setStructureId(str);
            newBuilder.setKeyData(uzf.a(processKeyExportResponse));
            list.add((NestKeyStoreDB.KeyTableEntry) ((vas) newBuilder.build()));
            b();
        }
    }

    public void setAllowNestDevelopmentDevices(boolean z) {
        this.q = z;
    }

    public void setUseDummyPasscodeEncryption(boolean z) {
        this.r = z;
    }

    public void setUseTestAMKs(boolean z) {
        this.d = z;
    }

    public void setUseTestCRKs(boolean z) {
        this.c = z;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void setUserStructures(Collection<NestKeyStore.StructureInfo> collection) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            for (NestKeyStore.StructureInfo structureInfo : collection) {
                String structureId = structureInfo.getStructureId();
                NestKeyStoreDB.StructureTableEntry a2 = a(structureId);
                if (a2 != null && structureInfo.getFabricId() != a2.getFabricId()) {
                    c(new qtl(structureId));
                }
            }
            this.j.clear();
            for (NestKeyStore.StructureInfo structureInfo2 : collection) {
                List<NestKeyStoreDB.StructureTableEntry> list = this.j;
                NestKeyStoreDB.StructureTableEntry.Builder newBuilder = NestKeyStoreDB.StructureTableEntry.newBuilder();
                newBuilder.setStructureId(structureInfo2.getStructureId());
                newBuilder.setFabricId(structureInfo2.getFabricId());
                list.add((NestKeyStoreDB.StructureTableEntry) ((vas) newBuilder.build()));
            }
            c(new qto(this));
            b();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void storeApplicationGroupMasterKeys(String str, Collection<NestKeyStore.ApplicationGroupMasterKeyInfo> collection) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            c(new qtn(str));
            for (NestKeyStore.ApplicationGroupMasterKeyInfo applicationGroupMasterKeyInfo : collection) {
                List<NestKeyStoreDB.KeyTableEntry> list = this.i;
                NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
                newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_AppGroupMasterKey);
                newBuilder.setWeaveKeyId(vjn.h(applicationGroupMasterKeyInfo.getGroupLocalId()));
                newBuilder.setStructureId(str);
                newBuilder.setAppGroupGlobalId(applicationGroupMasterKeyInfo.getGroupGlobalId());
                newBuilder.setKeyData(uzf.a(applicationGroupMasterKeyInfo.getKeyData()));
                list.add((NestKeyStoreDB.KeyTableEntry) ((vas) newBuilder.build()));
            }
            b();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void storeEpochKeys(String str, Collection<NestKeyStore.EpochKeyInfo> collection) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            c(new qtq(str));
            for (NestKeyStore.EpochKeyInfo epochKeyInfo : collection) {
                List<NestKeyStoreDB.KeyTableEntry> list = this.i;
                NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
                newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_EpochKey);
                int keyId = epochKeyInfo.getKeyId();
                if (keyId < 0 || keyId > 7) {
                    throw new IllegalArgumentException("Invalid argument: epochKeyNumber");
                }
                newBuilder.setWeaveKeyId((keyId << 7) | 135168);
                newBuilder.setStructureId(str);
                newBuilder.setEpochStartTime(epochKeyInfo.getStartTime());
                newBuilder.setKeyData(uzf.a(epochKeyInfo.getKeyData()));
                list.add((NestKeyStoreDB.KeyTableEntry) ((vas) newBuilder.build()));
            }
            b();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void storeServiceAuthToken(String str) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            c(new qtm());
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ServiceAuthToken);
            newBuilder.setKeyData(uzf.a(str));
            list.add((NestKeyStoreDB.KeyTableEntry) ((vas) newBuilder.build()));
            b();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void storeStructureAccessToken(String str, String str2) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            Base64.decode(str2, 0);
            c(new qtp(str));
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_StructureAccessToken);
            newBuilder.setStructureId(str);
            newBuilder.setKeyData(uzf.a(str2));
            list.add((NestKeyStoreDB.KeyTableEntry) ((vas) newBuilder.build()));
            b();
        }
    }

    public boolean useDummyPasscodeEncryption() {
        return this.r;
    }

    public boolean useTestAMKs() {
        return this.d;
    }

    public boolean useTestCRKs() {
        return this.c;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void userLogin(String str) throws Exception {
        synchronized (b) {
            a();
            if (this.p) {
                throw new IllegalStateException("Nest Key Store already in logged-in state");
            }
            c(new qtc());
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ServiceAuthToken);
            newBuilder.setKeyData(uzf.a(str));
            list.add((NestKeyStoreDB.KeyTableEntry) ((vas) newBuilder.build()));
            SecretKey c = c();
            this.k = new SymmetricDataEncrypter(c, this.m);
            b();
            a(c);
            this.p = true;
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void userLogout() throws Exception {
        synchronized (b) {
            a();
            wipe();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void userPasswordChange(String str) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            c(new qtk());
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ServiceAuthToken);
            newBuilder.setKeyData(uzf.a(str));
            list.add((NestKeyStoreDB.KeyTableEntry) ((vas) newBuilder.build()));
            SecretKey c = c();
            this.k = new SymmetricDataEncrypter(c, this.m);
            b();
            a(c);
        }
    }

    public void verifyLoggedIn() {
        synchronized (b) {
            if (!isLoggedIn()) {
                throw new IllegalStateException("Nest Key Store not in logged-in state");
            }
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void wipe() {
        synchronized (b) {
            this.i.clear();
            this.j.clear();
            this.k = null;
            if (this.g.exists()) {
                try {
                    if (!this.g.delete()) {
                        Log.e("NestKeyStoreImpl", "wipe: failed to delete keystore file.");
                    }
                } catch (Exception e2) {
                    Log.e("NestKeyStoreImpl", "wipe: failed to delete keystore file.", e2);
                }
            }
            if (this.h.exists()) {
                try {
                    if (!this.h.delete()) {
                        Log.e("NestKeyStoreImpl", "wipe: failed to delete master key file.");
                    }
                } catch (Exception e3) {
                    Log.e("NestKeyStoreImpl", "wipe: failed to delete master key file.", e3);
                }
            }
            try {
                this.l.destroyWrappingKey();
            } catch (Exception e4) {
                Log.e("NestKeyStoreImpl", "wipe: failed to destroy wrapping key.", e4);
            }
            this.p = false;
        }
    }
}
