package com.google.api.gax.rpc.mtls;

import com.google.api.client.json.gson.GsonFactory;
import com.google.api.client.util.SecurityUtils;
import com.google.api.core.BetaApi;
import com.google.api.gax.rpc.internal.EnvironmentProvider;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableList;
import defpackage.be;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;

@BetaApi
/* loaded from: classes3.dex */
public class MtlsProvider {
    public static final String d = System.getProperty("user.home") + "/.secureConnect/context_aware_metadata.json";

    /* renamed from: a, reason: collision with root package name */
    public String f5956a;
    public EnvironmentProvider b;
    public ProcessProvider c;

    /* loaded from: classes3.dex */
    public static class DefaultProcessProvider implements ProcessProvider {
        @Override // com.google.api.gax.rpc.mtls.MtlsProvider.ProcessProvider
        public Process a(InputStream inputStream) throws IOException {
            if (inputStream == null) {
                return null;
            }
            return new ProcessBuilder(MtlsProvider.a(inputStream)).start();
        }
    }

    /* loaded from: classes3.dex */
    public enum MtlsEndpointUsagePolicy {
        NEVER,
        AUTO,
        ALWAYS
    }

    /* loaded from: classes3.dex */
    public interface ProcessProvider {
        Process a(InputStream inputStream) throws IOException;
    }

    public MtlsProvider() {
        this(be.f2979a, new DefaultProcessProvider(), d);
    }

    @VisibleForTesting
    public MtlsProvider(EnvironmentProvider environmentProvider, ProcessProvider processProvider, String str) {
        this.b = environmentProvider;
        this.c = processProvider;
        this.f5956a = str;
    }

    @VisibleForTesting
    public static ImmutableList<String> a(InputStream inputStream) throws IOException {
        return ((ContextAwareMetadataJson) new GsonFactory().c(inputStream).w(ContextAwareMetadataJson.class)).h();
    }

    @VisibleForTesting
    public static KeyStore c(InputStream inputStream, ProcessProvider processProvider) throws IOException, InterruptedException, GeneralSecurityException {
        Process a2 = processProvider.a(inputStream);
        int e = e(a2, 1000L);
        if (e == 0) {
            return SecurityUtils.a(a2.getInputStream());
        }
        throw new IOException("Cert provider command failed with exit code: " + e);
    }

    @VisibleForTesting
    public static int e(Process process, long j) throws IOException, InterruptedException {
        long currentTimeMillis = System.currentTimeMillis();
        while (j > 0) {
            Thread.sleep(Math.min(1 + j, 100L));
            j -= System.currentTimeMillis() - currentTimeMillis;
            try {
                return process.exitValue();
            } catch (IllegalThreadStateException unused) {
            }
        }
        process.destroy();
        throw new IOException("cert provider command timed out");
    }

    public KeyStore b() throws IOException {
        try {
            try {
                FileInputStream fileInputStream = new FileInputStream(this.f5956a);
                try {
                    KeyStore c = c(fileInputStream, this.c);
                    fileInputStream.close();
                    return c;
                } catch (Throwable th) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } catch (FileNotFoundException | GeneralSecurityException unused) {
                return null;
            }
        } catch (InterruptedException e) {
            throw new IOException("Interrupted executing certificate provider command", e);
        }
    }

    public MtlsEndpointUsagePolicy d() {
        String a2 = this.b.a("GOOGLE_API_USE_MTLS_ENDPOINT");
        return "never".equals(a2) ? MtlsEndpointUsagePolicy.NEVER : "always".equals(a2) ? MtlsEndpointUsagePolicy.ALWAYS : MtlsEndpointUsagePolicy.AUTO;
    }

    public boolean f() {
        return "true".equals(this.b.a("GOOGLE_API_USE_CLIENT_CERTIFICATE"));
    }
}
