package app.homey.deviceevents;

import android.content.Context;
import android.provider.Settings;
import android.util.Base64;
import android.util.Log;
import app.homey.persistentlog.PersistentLog;
import app.homey.util.DeferredValue;
import app.homey.util.HTTPRequest;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Locale;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.RejectedExecutionException;
import java.util.concurrent.locks.ReentrantLock;
import javax.security.auth.x500.X500Principal;
import okhttp3.HttpUrl;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class MobileEvents {
    private static final String TAG = "MobileEvents";
    public static MobileEvents instance;
    private final ExecutorService executorService;
    private final boolean isModern = true;
    private final ReentrantLock lock = new ReentrantLock();
    private PrivateKey privateKey = null;
    private String userId = null;
    private String deviceId = null;

    private MobileEvents(ExecutorService executorService) {
        this.executorService = executorService;
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x0033  */
    /* JADX WARN: Removed duplicated region for block: B:13:0x0096  */
    /* JADX WARN: Removed duplicated region for block: B:16:0x009f  */
    /* JADX WARN: Removed duplicated region for block: B:18:0x0036  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.lang.String createCertificateInKeyStore(android.content.Context r6, java.security.KeyStore r7, java.lang.String r8) {
        /*
            r5 = this;
            java.lang.String r0 = "app.homey.MobileEvents2"
            boolean r1 = r7.isKeyEntry(r0)     // Catch: java.lang.Exception -> Lf
            if (r1 != 0) goto L11
            boolean r1 = r7.isCertificateEntry(r0)     // Catch: java.lang.Exception -> Lf
            if (r1 == 0) goto L2f
            goto L11
        Lf:
            r1 = move-exception
            goto L15
        L11:
            r7.deleteEntry(r0)     // Catch: java.lang.Exception -> Lf
            goto L2f
        L15:
            java.lang.String r2 = app.homey.deviceevents.MobileEvents.TAG
            java.lang.StringBuilder r3 = new java.lang.StringBuilder
            r3.<init>()
            java.lang.String r4 = "Failed to delete key :: "
            r3.append(r4)
            java.lang.String r1 = r1.getMessage()
            r3.append(r1)
            java.lang.String r1 = r3.toString()
            android.util.Log.e(r2, r1)
        L2f:
            boolean r1 = r5.isModern
            if (r1 == 0) goto L36
            java.lang.String r1 = "EC"
            goto L38
        L36:
            java.lang.String r1 = "RSA"
        L38:
            java.lang.String r2 = "AndroidKeyStore"
            java.security.KeyPairGenerator r1 = java.security.KeyPairGenerator.getInstance(r1, r2)
            java.lang.String r2 = app.homey.deviceevents.MobileEvents.TAG
            java.lang.String r3 = "SDK >= 23"
            android.util.Log.i(r2, r3)
            java.lang.StringBuilder r3 = new java.lang.StringBuilder
            r3.<init>()
            java.lang.String r4 = "OU="
            r3.append(r4)
            r3.append(r8)
            java.lang.String r8 = ", CN="
            r3.append(r8)
            java.lang.String r8 = r5.getDeviceId(r6)
            r3.append(r8)
            java.lang.String r8 = r3.toString()
            javax.security.auth.x500.X500Principal r3 = new javax.security.auth.x500.X500Principal
            r3.<init>(r8)
            android.security.keystore.KeyGenParameterSpec$Builder r8 = new android.security.keystore.KeyGenParameterSpec$Builder
            r4 = 4
            r8.<init>(r0, r4)
            android.security.keystore.KeyGenParameterSpec$Builder r8 = r8.setCertificateSubject(r3)
            java.math.BigInteger r0 = java.math.BigInteger.ONE
            android.security.keystore.KeyGenParameterSpec$Builder r8 = r8.setCertificateSerialNumber(r0)
            java.lang.String r0 = "SHA-256"
            java.lang.String[] r0 = new java.lang.String[]{r0}
            android.security.keystore.KeyGenParameterSpec$Builder r8 = r8.setDigests(r0)
            android.security.keystore.KeyGenParameterSpec r8 = r8.build()
            r1.initialize(r8)
            r1.generateKeyPair()
            java.lang.String r8 = "Keypair generated!"
            android.util.Log.i(r2, r8)
            java.security.cert.X509Certificate r6 = r5.loadCertificate(r6, r7)
            if (r6 == 0) goto L9f
            java.security.PublicKey r6 = r6.getPublicKey()
            java.lang.String r6 = r5.exportPublicKey(r6)
            return r6
        L9f:
            java.lang.Exception r6 = new java.lang.Exception
            java.lang.String r7 = "Certificate is null!"
            r6.<init>(r7)
            throw r6
        */
        throw new UnsupportedOperationException("Method not decompiled: app.homey.deviceevents.MobileEvents.createCertificateInKeyStore(android.content.Context, java.security.KeyStore, java.lang.String):java.lang.String");
    }

    public static void createInstance(ExecutorService executorService) {
        if (instance == null) {
            instance = new MobileEvents(executorService);
        }
    }

    private String exportPublicKey(PublicKey publicKey) {
        return Base64.encodeToString(publicKey.getEncoded(), 2);
    }

    private String getPublicKeyFromKeyStore(Context context, KeyStore keyStore, String str) {
        X500Principal subjectX500Principal;
        X509Certificate loadCertificate = loadCertificate(context, keyStore);
        if (loadCertificate == null || (subjectX500Principal = loadCertificate.getSubjectX500Principal()) == null) {
            return null;
        }
        if (subjectX500Principal.getName().startsWith("OU=" + str)) {
            return exportPublicKey(loadCertificate.getPublicKey());
        }
        return null;
    }

    private String getTimestamp() {
        return new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ", Locale.UK).format(new Date());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void lambda$sendMobileEvent$0(Long l, JSONObject jSONObject, Context context, DeferredValue deferredValue, String str) {
        try {
            if (l.longValue() > 0) {
                try {
                    Thread.sleep(l.longValue());
                } catch (InterruptedException unused) {
                }
            }
            if (jSONObject == null) {
                jSONObject = new JSONObject();
            }
            this.lock.lock();
            try {
                if (this.privateKey != null) {
                    if (this.deviceId != null) {
                        if (this.userId == null) {
                        }
                        this.lock.unlock();
                        PersistentLog persistentLog = PersistentLog.instance;
                        String str2 = TAG;
                        persistentLog.logFmt(context, str2, "Sending mobile event %s", str);
                        JSONObject jSONObject2 = new JSONObject();
                        jSONObject2.put("event", str);
                        jSONObject2.put("data", jSONObject);
                        jSONObject2.put("timestamp", getTimestamp());
                        String jSONObject3 = jSONObject2.toString();
                        try {
                            Signature signature = Signature.getInstance("SHA256withECDSA");
                            signature.initSign(this.privateKey);
                            signature.update(jSONObject3.getBytes());
                            String encodeToString = Base64.encodeToString(signature.sign(), 2);
                            JSONObject jSONObject4 = new JSONObject();
                            jSONObject4.put("message", jSONObject3);
                            jSONObject4.put("signature", encodeToString);
                            jSONObject4.put("deviceId", this.deviceId);
                            jSONObject4.put("userId", this.userId);
                            PersistentLog.instance.logFmt(context, str2, "Sending signed payload: %s", jSONObject4.toString());
                            HTTPRequest.sendJSONPostRequest("https://mobile-events.athom.com/api/mobile/event", jSONObject4, deferredValue);
                        } catch (InvalidKeyException e) {
                            e = e;
                            PersistentLog.instance.logFmt(context, TAG, "Failed to sign message: %s", e);
                            deferredValue.onError(e);
                            return;
                        } catch (NoSuchAlgorithmException e2) {
                            e = e2;
                            PersistentLog.instance.logFmt(context, TAG, "Failed to sign message: %s", e);
                            deferredValue.onError(e);
                            return;
                        } catch (SignatureException e3) {
                            e = e3;
                            PersistentLog.instance.logFmt(context, TAG, "Failed to sign message: %s", e);
                            deferredValue.onError(e);
                            return;
                        }
                    }
                }
                KeyStore loadKeyStore = loadKeyStore(context);
                if (loadKeyStore == null) {
                    PersistentLog.instance.logFmt(context, TAG, "Failed to get keystore", new Object[0]);
                    deferredValue.onError(new Exception("Failed to get keystore"));
                    this.lock.unlock();
                    return;
                }
                loadCertificate(context, loadKeyStore);
                if (this.privateKey == null || this.deviceId == null || this.userId == null) {
                    PersistentLog.instance.logFmt(context, TAG, "Private key not available, skipping mobile event!", new Object[0]);
                    deferredValue.onError(new Exception("Private key not available, skipping mobile event!"));
                    this.lock.unlock();
                    return;
                }
                this.lock.unlock();
                PersistentLog persistentLog2 = PersistentLog.instance;
                String str22 = TAG;
                persistentLog2.logFmt(context, str22, "Sending mobile event %s", str);
                JSONObject jSONObject22 = new JSONObject();
                jSONObject22.put("event", str);
                jSONObject22.put("data", jSONObject);
                jSONObject22.put("timestamp", getTimestamp());
                String jSONObject32 = jSONObject22.toString();
                Signature signature2 = Signature.getInstance("SHA256withECDSA");
                signature2.initSign(this.privateKey);
                signature2.update(jSONObject32.getBytes());
                String encodeToString2 = Base64.encodeToString(signature2.sign(), 2);
                JSONObject jSONObject42 = new JSONObject();
                jSONObject42.put("message", jSONObject32);
                jSONObject42.put("signature", encodeToString2);
                jSONObject42.put("deviceId", this.deviceId);
                jSONObject42.put("userId", this.userId);
                PersistentLog.instance.logFmt(context, str22, "Sending signed payload: %s", jSONObject42.toString());
                HTTPRequest.sendJSONPostRequest("https://mobile-events.athom.com/api/mobile/event", jSONObject42, deferredValue);
            } catch (Throwable th) {
                this.lock.unlock();
                throw th;
            }
        } catch (Exception e4) {
            deferredValue.onError(e4);
        }
    }

    private X509Certificate loadCertificate(Context context, KeyStore keyStore) {
        PrivateKey privateKey;
        X509Certificate x509Certificate;
        try {
            if (keyStore.getKey("app.homey.MobileEvents2", null) != null) {
                privateKey = (PrivateKey) keyStore.getKey("app.homey.MobileEvents2", null);
                x509Certificate = (X509Certificate) keyStore.getCertificate("app.homey.MobileEvents2");
            } else {
                privateKey = null;
                x509Certificate = null;
            }
            if (privateKey == null || x509Certificate == null) {
                return null;
            }
            this.privateKey = privateKey;
            String name = x509Certificate.getSubjectX500Principal().getName();
            this.userId = name.replaceFirst("^UID=", HttpUrl.FRAGMENT_ENCODE_SET).split(",")[0];
            this.deviceId = name.replaceFirst("^.*,\\s*CN=", HttpUrl.FRAGMENT_ENCODE_SET).split(",")[0];
            if (!name.contains("UID")) {
                this.userId = name.replaceFirst("^OU=", HttpUrl.FRAGMENT_ENCODE_SET).split(",")[0];
            }
            return x509Certificate;
        } catch (NullPointerException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
            PersistentLog.instance.logFmt(context, TAG, "Failed to get private key, unrecoverable: %s", e);
            try {
                keyStore.deleteEntry("app.homey.MobileEvents2");
            } catch (KeyStoreException unused) {
                PersistentLog.instance.logFmt(context, TAG, "Failed to delete private key after unrecoverable error: %s", e);
            }
            return null;
        }
    }

    private KeyStore loadKeyStore(Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                keyStore.load(null);
                return keyStore;
            } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
                PersistentLog.instance.logFmt(context, TAG, "Failed to init keyStore: %s", e);
                return null;
            }
        } catch (KeyStoreException e2) {
            PersistentLog.instance.logFmt(context, TAG, "Failed to get keystore: %s", e2);
            return null;
        }
    }

    public String createCertificate(Context context, String str) {
        this.lock.lock();
        try {
            KeyStore loadKeyStore = loadKeyStore(context);
            if (loadKeyStore != null) {
                return createCertificateInKeyStore(context, loadKeyStore, str);
            }
            throw new Exception("Failed to get keystore");
        } finally {
            this.lock.unlock();
        }
    }

    public void destroyKeyPair(Context context) {
        KeyStore loadKeyStore;
        this.lock.lock();
        try {
            try {
                loadKeyStore = loadKeyStore(context);
            } catch (KeyStoreException e) {
                Log.e(TAG, "Failed to delete keypair: " + e.getMessage());
            }
            if (loadKeyStore == null) {
                Log.e(TAG, "Failed to get keystore");
                return;
            }
            loadKeyStore.deleteEntry("app.homey.MobileEvents2");
            this.privateKey = null;
            this.userId = null;
            this.deviceId = null;
        } finally {
            this.lock.unlock();
        }
    }

    public String getDeviceId(Context context) {
        String string = Settings.Secure.getString(context.getContentResolver(), "android_id");
        if (string == null) {
            return "android:unknown";
        }
        return "android:" + string;
    }

    public String getOrCreatePublicKey(Context context, String str) {
        this.lock.lock();
        try {
            KeyStore loadKeyStore = loadKeyStore(context);
            if (loadKeyStore == null) {
                throw new Exception("Failed to get keystore");
            }
            String publicKeyFromKeyStore = getPublicKeyFromKeyStore(context, loadKeyStore, str);
            if (publicKeyFromKeyStore == null) {
                publicKeyFromKeyStore = createCertificateInKeyStore(context, loadKeyStore, str);
            }
            return publicKeyFromKeyStore;
        } finally {
            this.lock.unlock();
        }
    }

    public void sendMobileEvent(Context context, String str, JSONObject jSONObject, DeferredValue deferredValue) {
        sendMobileEvent(context, str, jSONObject, deferredValue, 0L);
    }

    public void sendMobileEvent(final Context context, final String str, final JSONObject jSONObject, final DeferredValue deferredValue, final Long l) {
        try {
            this.executorService.execute(new Runnable() { // from class: app.homey.deviceevents.MobileEvents$$ExternalSyntheticLambda0
                @Override // java.lang.Runnable
                public final void run() {
                    MobileEvents.this.lambda$sendMobileEvent$0(l, jSONObject, context, deferredValue, str);
                }
            });
        } catch (RejectedExecutionException e) {
            deferredValue.onError(e);
        }
    }
}
