package com.google.android.libraries.nest.weavekit;

import android.content.Context;
import android.util.AtomicFile;
import android.util.Base64;
import android.util.Log;
import com.google.android.libraries.nest.weavekit.NestKeyStore;
import com.google.android.libraries.nest.weavekit.NestKeyStoreDB;
import com.nestlabs.weave.security.WeaveKeyExportClient;
import defpackage.abvx;
import defpackage.abvy;
import defpackage.abvz;
import defpackage.abwa;
import defpackage.abwc;
import defpackage.abwf;
import defpackage.abwg;
import defpackage.abwh;
import defpackage.abwi;
import defpackage.abwj;
import defpackage.abwk;
import defpackage.abwl;
import defpackage.abwm;
import defpackage.abwn;
import defpackage.abwo;
import defpackage.abwu;
import defpackage.aiqo;
import defpackage.aiso;
import defpackage.ajll;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.crypto.SecretKey;

/* compiled from: PG */
/* loaded from: classes2.dex */
public class NestAppKeyStore implements NestKeyStore {
    public static final byte[] a = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31};
    public static final Object b = new Object();
    private static NestAppKeyStore e;
    public boolean c;
    public boolean d;
    private File g;
    private File h;
    private DataEncrypter k;
    private AndroidSecretKeyWrapper l;
    private Context n;
    private boolean o;
    private boolean p;
    private boolean r;
    private List<NestKeyStoreDB.KeyTableEntry> i = new ArrayList();
    private List<NestKeyStoreDB.StructureTableEntry> j = new ArrayList();
    private SecureRandom m = new SecureRandom();
    private final Map<String, WeaveKeyExportClient> f = new HashMap();
    private boolean q = false;

    public NestAppKeyStore(File file, String str, Context context) throws Exception {
        SecretKey secretKey;
        byte[] bArr;
        this.g = new File(file, "nks.dat");
        this.h = new File(file, "nksmk.dat");
        this.p = false;
        this.n = context.getApplicationContext();
        this.l = new AndroidSecretKeyWrapper(str);
        if (this.g.exists()) {
            AndroidSecretKeyWrapper androidSecretKeyWrapper = this.l;
            File file2 = this.h;
            NestKeyStoreDB.KeyStoreData keyStoreData = null;
            try {
                secretKey = (androidSecretKeyWrapper.wrappingKeyExists() && file2.exists()) ? androidSecretKeyWrapper.unwrap(i(file2), "AES") : null;
            } catch (Exception e2) {
                try {
                    if (!file2.delete()) {
                        Log.e("NestKeyStoreImpl", "readMasterKey: failed to delete master key.");
                    }
                } catch (Exception e3) {
                    Log.e("NestKeyStoreImpl", "readMasterKey: failed to delete master key.", e3);
                }
                try {
                    androidSecretKeyWrapper.destroyWrappingKey();
                    secretKey = null;
                } catch (Exception e4) {
                    Log.e("NestKeyStoreImpl", "readMasterKey: failed to destroy wrapping key.", e4);
                    secretKey = null;
                }
            }
            if (secretKey != null) {
                this.k = new SymmetricDataEncrypter(secretKey, this.m);
                this.i.clear();
                this.j.clear();
                File file3 = this.g;
                if (file3.exists()) {
                    try {
                        bArr = this.k.decrypt(i(file3));
                    } catch (Exception e5) {
                        bArr = null;
                    }
                    if (bArr != null) {
                        try {
                            keyStoreData = NestKeyStoreDB.KeyStoreData.parseFrom(bArr);
                        } catch (aiso e6) {
                        }
                        if (keyStoreData != null && keyStoreData.getSchemaVersion() == NestKeyStoreDB.SchemaVersion.SchemaVersion_V1) {
                            this.i.addAll(keyStoreData.getKeyTableList());
                            this.j.addAll(keyStoreData.getStructureTableList());
                            this.p = g(new abwc());
                            this.o = true;
                        }
                    }
                }
            }
        }
        wipe();
        this.o = true;
    }

    private final void c() {
        if (!this.o) {
            throw new IllegalStateException("Nest Key Store not initialized");
        }
    }

    private final void d() throws Exception {
        NestKeyStoreDB.KeyStoreData.Builder newBuilder = NestKeyStoreDB.KeyStoreData.newBuilder();
        newBuilder.setSchemaVersion(NestKeyStoreDB.SchemaVersion.SchemaVersion_V1);
        newBuilder.addAllKeyTable(this.i);
        newBuilder.addAllStructureTable(this.j);
        j(this.g, this.k.encrypt(newBuilder.build().toByteArray()));
    }

    private final SecretKey e() throws Exception {
        return SymmetricDataEncrypter.generateMasterKey(this.m);
    }

    private final void f(SecretKey secretKey) throws Exception {
        AndroidSecretKeyWrapper androidSecretKeyWrapper = this.l;
        androidSecretKeyWrapper.createWrappingKey(2048, this.m, this.n);
        j(this.h, androidSecretKeyWrapper.wrap(secretKey));
    }

    private final boolean g(abwo abwoVar) {
        for (int i = 0; i < this.i.size(); i++) {
            if (abwoVar.a(this.i.get(i))) {
                return true;
            }
        }
        return false;
    }

    public static NestKeyStore getKeyStore() {
        NestAppKeyStore nestAppKeyStore;
        synchronized (b) {
            nestAppKeyStore = e;
            if (nestAppKeyStore == null) {
                throw new IllegalStateException("Nest Key Store not initialized");
            }
        }
        return nestAppKeyStore;
    }

    private final void h(abwo abwoVar) {
        int i = 0;
        while (i < this.i.size()) {
            if (abwoVar.a(this.i.get(i))) {
                this.i.remove(i);
            } else {
                i++;
            }
        }
    }

    private static final byte[] i(File file) throws IOException {
        FileInputStream openRead = new AtomicFile(file).openRead();
        try {
            byte[] bArr = new byte[(int) file.length()];
            openRead.read(bArr);
            return bArr;
        } finally {
            openRead.close();
        }
    }

    public static NestKeyStore initKeyStore(File file, Context context) throws Exception {
        NestAppKeyStore nestAppKeyStore;
        synchronized (b) {
            if (e != null) {
                throw new IllegalStateException("Nest Key Store already initialized");
            }
            nestAppKeyStore = new NestAppKeyStore(file, "com.nestlabs.nks.mwk", context);
            e = nestAppKeyStore;
        }
        return nestAppKeyStore;
    }

    private static final void j(File file, byte[] bArr) throws IOException {
        AtomicFile atomicFile = new AtomicFile(file);
        FileOutputStream startWrite = atomicFile.startWrite();
        try {
            startWrite.write(bArr);
            atomicFile.finishWrite(startWrite);
        } catch (Throwable th) {
            atomicFile.failWrite(startWrite);
            throw th;
        }
    }

    public final NestKeyStoreDB.StructureTableEntry a(String str) {
        for (NestKeyStoreDB.StructureTableEntry structureTableEntry : this.j) {
            if (structureTableEntry.getStructureId().equals(str)) {
                return structureTableEntry;
            }
        }
        return null;
    }

    public void addDummyCRK(String str) {
        synchronized (b) {
            try {
                List<NestKeyStoreDB.KeyTableEntry> list = this.i;
                NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
                newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ClientRootKey);
                newBuilder.setWeaveKeyId(66560);
                newBuilder.setStructureId(str);
                newBuilder.setKeyData(aiqo.v(new byte[]{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31}));
                list.add(newBuilder.build());
            } catch (Exception e2) {
                Log.e("NestKeyStoreImpl", "Failed to add dummy CRK.", e2);
            }
        }
    }

    public boolean allowNestDevelopmentDevices() {
        return this.q;
    }

    public final NestKeyStoreDB.KeyTableEntry b(abwo abwoVar) {
        for (int i = 0; i < this.i.size(); i++) {
            NestKeyStoreDB.KeyTableEntry keyTableEntry = this.i.get(i);
            if (abwoVar.a(keyTableEntry)) {
                return keyTableEntry;
            }
        }
        return null;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void close() {
        synchronized (b) {
            this.o = false;
            this.p = false;
            this.g = null;
            this.h = null;
            this.i = null;
            this.j = null;
            this.n = null;
            this.k = null;
            this.l = null;
            this.m = null;
            Iterator<WeaveKeyExportClient> it = this.f.values().iterator();
            while (it.hasNext()) {
                it.next().a();
            }
            this.f.clear();
            e = null;
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public byte[] generateCRKExportRequest(String str) throws Exception {
        byte[] generateKeyExportRequest;
        synchronized (b) {
            verifyLoggedIn();
            String structureAccessToken = getStructureAccessToken(str);
            if (structureAccessToken == null) {
                throw new KeyNotFoundException(String.format("Access token for structure %s not found in key store", str));
            }
            byte[] decode = Base64.decode(structureAccessToken, 0);
            if (this.f.containsKey(str)) {
                this.f.get(str).a();
                this.f.remove(str);
            }
            WeaveKeyExportClient weaveKeyExportClient = new WeaveKeyExportClient();
            WeaveKeyExportClient.setAllowNestDevelopmentDevices(weaveKeyExportClient.b(), this.q);
            WeaveKeyExportClient.setAllowSHA1DeviceCertificates(weaveKeyExportClient.b(), this.q);
            generateKeyExportRequest = WeaveKeyExportClient.generateKeyExportRequest(weaveKeyExportClient.b(), 66560, 0L, decode);
            this.f.put(str, weaveKeyExportClient);
        }
        return generateKeyExportRequest;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public PasscodeEncrypter getPasscodeEncrypter() {
        abwu abwuVar;
        synchronized (b) {
            c();
            abwuVar = new abwu(this, this.m);
        }
        return abwuVar;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public WDMRequestSigner getRequestSigner() {
        abvx abvxVar;
        synchronized (b) {
            c();
            abvxVar = new abvx(this);
        }
        return abvxVar;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public String getServiceAuthToken() {
        String D;
        synchronized (b) {
            c();
            NestKeyStoreDB.KeyTableEntry b2 = b(new abwh());
            D = b2 != null ? b2.getKeyData().D() : null;
        }
        return D;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public String getStructureAccessToken(String str) throws Exception {
        String D;
        synchronized (b) {
            verifyLoggedIn();
            NestKeyStoreDB.KeyTableEntry b2 = b(new abvy(str));
            D = b2 != null ? b2.getKeyData().D() : null;
        }
        return D;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public boolean hasCRK(String str) {
        boolean g;
        synchronized (b) {
            verifyLoggedIn();
            g = g(new abwa(str));
        }
        return g;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public boolean isLoggedIn() {
        boolean z;
        synchronized (b) {
            c();
            z = this.p;
        }
        return z;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void processCRKExportResponse(String str, byte[] bArr) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            WeaveKeyExportClient weaveKeyExportClient = this.f.get(str);
            if (weaveKeyExportClient == null) {
                String valueOf = String.valueOf(str);
                throw new IllegalStateException(valueOf.length() != 0 ? "No CRK export in progress for structure ".concat(valueOf) : new String("No CRK export in progress for structure "));
            }
            byte[] processKeyExportResponse = WeaveKeyExportClient.processKeyExportResponse(weaveKeyExportClient.b(), 0L, bArr);
            weaveKeyExportClient.a();
            this.f.remove(str);
            h(new abvz(str));
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ClientRootKey);
            newBuilder.setWeaveKeyId(66560);
            newBuilder.setStructureId(str);
            newBuilder.setKeyData(aiqo.v(processKeyExportResponse));
            list.add(newBuilder.build());
            d();
        }
    }

    public void setAllowNestDevelopmentDevices(boolean z) {
        this.q = z;
    }

    public void setUseDummyPasscodeEncryption(boolean z) {
        this.r = z;
    }

    public void setUseTestAMKs(boolean z) {
        this.d = z;
    }

    public void setUseTestCRKs(boolean z) {
        this.c = z;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void setUserStructures(Collection<NestKeyStore.StructureInfo> collection) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            for (NestKeyStore.StructureInfo structureInfo : collection) {
                String structureId = structureInfo.getStructureId();
                NestKeyStoreDB.StructureTableEntry a2 = a(structureId);
                if (a2 != null && structureInfo.getFabricId() != a2.getFabricId()) {
                    h(new abwj(structureId));
                }
            }
            this.j.clear();
            for (NestKeyStore.StructureInfo structureInfo2 : collection) {
                List<NestKeyStoreDB.StructureTableEntry> list = this.j;
                NestKeyStoreDB.StructureTableEntry.Builder newBuilder = NestKeyStoreDB.StructureTableEntry.newBuilder();
                newBuilder.setStructureId(structureInfo2.getStructureId());
                newBuilder.setFabricId(structureInfo2.getFabricId());
                list.add(newBuilder.build());
            }
            h(new abwk(this));
            d();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void storeApplicationGroupMasterKeys(String str, Collection<NestKeyStore.ApplicationGroupMasterKeyInfo> collection) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            h(new abwl(str));
            for (NestKeyStore.ApplicationGroupMasterKeyInfo applicationGroupMasterKeyInfo : collection) {
                List<NestKeyStoreDB.KeyTableEntry> list = this.i;
                NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
                newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_AppGroupMasterKey);
                newBuilder.setWeaveKeyId(ajll.h(applicationGroupMasterKeyInfo.getGroupLocalId()));
                newBuilder.setStructureId(str);
                newBuilder.setAppGroupGlobalId(applicationGroupMasterKeyInfo.getGroupGlobalId());
                newBuilder.setKeyData(aiqo.v(applicationGroupMasterKeyInfo.getKeyData()));
                list.add(newBuilder.build());
            }
            d();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void storeEpochKeys(String str, Collection<NestKeyStore.EpochKeyInfo> collection) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            h(new abwm(str));
            for (NestKeyStore.EpochKeyInfo epochKeyInfo : collection) {
                List<NestKeyStoreDB.KeyTableEntry> list = this.i;
                NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
                newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_EpochKey);
                int keyId = epochKeyInfo.getKeyId();
                if (keyId < 0 || keyId > 7) {
                    throw new IllegalArgumentException("Invalid argument: epochKeyNumber");
                }
                newBuilder.setWeaveKeyId((keyId << 7) | 135168);
                newBuilder.setStructureId(str);
                newBuilder.setEpochStartTime(epochKeyInfo.getStartTime());
                newBuilder.setKeyData(aiqo.v(epochKeyInfo.getKeyData()));
                list.add(newBuilder.build());
            }
            d();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void storeServiceAuthToken(String str) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            h(new abwi());
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ServiceAuthToken);
            newBuilder.setKeyData(aiqo.z(str));
            list.add(newBuilder.build());
            d();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void storeStructureAccessToken(String str, String str2) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            Base64.decode(str2, 0);
            h(new abwn(str));
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_StructureAccessToken);
            newBuilder.setStructureId(str);
            newBuilder.setKeyData(aiqo.z(str2));
            list.add(newBuilder.build());
            d();
        }
    }

    public boolean useDummyPasscodeEncryption() {
        return this.r;
    }

    public boolean useTestAMKs() {
        return this.d;
    }

    public boolean useTestCRKs() {
        return this.c;
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void userLogin(String str) throws Exception {
        synchronized (b) {
            c();
            if (this.p) {
                throw new IllegalStateException("Nest Key Store already in logged-in state");
            }
            h(new abwf());
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ServiceAuthToken);
            newBuilder.setKeyData(aiqo.z(str));
            list.add(newBuilder.build());
            SecretKey e2 = e();
            this.k = new SymmetricDataEncrypter(e2, this.m);
            d();
            f(e2);
            this.p = true;
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void userLogout() throws Exception {
        synchronized (b) {
            c();
            wipe();
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void userPasswordChange(String str) throws Exception {
        synchronized (b) {
            verifyLoggedIn();
            h(new abwg());
            List<NestKeyStoreDB.KeyTableEntry> list = this.i;
            NestKeyStoreDB.KeyTableEntry.Builder newBuilder = NestKeyStoreDB.KeyTableEntry.newBuilder();
            newBuilder.setKeyType(NestKeyStoreDB.KeyType.KeyType_ServiceAuthToken);
            newBuilder.setKeyData(aiqo.z(str));
            list.add(newBuilder.build());
            SecretKey e2 = e();
            this.k = new SymmetricDataEncrypter(e2, this.m);
            d();
            f(e2);
        }
    }

    public void verifyLoggedIn() {
        synchronized (b) {
            if (!isLoggedIn()) {
                throw new IllegalStateException("Nest Key Store not in logged-in state");
            }
        }
    }

    @Override // com.google.android.libraries.nest.weavekit.NestKeyStore
    public void wipe() {
        synchronized (b) {
            this.i.clear();
            this.j.clear();
            this.k = null;
            File file = this.g;
            if (file.exists()) {
                try {
                    if (!file.delete()) {
                        Log.e("NestKeyStoreImpl", "wipe: failed to delete keystore file.");
                    }
                } catch (Exception e2) {
                    Log.e("NestKeyStoreImpl", "wipe: failed to delete keystore file.", e2);
                }
            }
            File file2 = this.h;
            if (file2.exists()) {
                try {
                    if (!file2.delete()) {
                        Log.e("NestKeyStoreImpl", "wipe: failed to delete master key file.");
                    }
                } catch (Exception e3) {
                    Log.e("NestKeyStoreImpl", "wipe: failed to delete master key file.", e3);
                }
            }
            try {
                this.l.destroyWrappingKey();
            } catch (Exception e4) {
                Log.e("NestKeyStoreImpl", "wipe: failed to destroy wrapping key.", e4);
            }
            this.p = false;
        }
    }
}
