package com.acompli.accore.notifications;

import bolts.Task;
import com.acompli.accore.ACAccountManager;
import com.acompli.accore.ACAccountPersistenceManager;
import com.acompli.accore.ACClient;
import com.acompli.accore.ACCore;
import com.acompli.accore.features.FeatureManager;
import com.acompli.accore.model.ACMailAccount;
import com.acompli.accore.model.PushEncryptionKey;
import com.acompli.accore.util.BaseAnalyticsProvider;
import com.acompli.accore.util.concurrent.ClientCompletionBlock;
import com.acompli.accore.util.concurrent.TaskUtil;
import com.acompli.libcircle.ClInterfaces$ClResponseCallback;
import com.acompli.libcircle.Errors;
import com.acompli.thrift.client.generated.AccountActionType;
import com.acompli.thrift.client.generated.AddAccountActionResponse_297;
import com.acompli.thrift.client.generated.RegisterNotificationPublicKeyRequest_642;
import com.acompli.thrift.client.generated.RegisterNotificationPublicKeyResponse_643;
import com.acompli.thrift.client.generated.RemoveAccountActionResponse_452;
import com.facebook.imageutils.JfifUtil;
import com.microsoft.office.outlook.executors.OutlookExecutors;
import com.microsoft.office.outlook.logger.Logger;
import com.microsoft.office.outlook.logger.LoggerFactory;
import com.microsoft.outlook.telemetry.generated.OTNotificationDecryptionResult;
import com.microsoft.outlook.telemetry.generated.OTNotificationType;
import dagger.v1.Lazy;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Iterator;
import java.util.Vector;
import java.util.concurrent.Callable;
import okio.ByteString;

/* loaded from: classes.dex */
public class PushEncryptionKeysManager {
    private static final Logger e = LoggerFactory.getLogger("PushEncryptionKeysManager");
    private final Object a = new Object();
    private final Lazy<FeatureManager> b;
    private final BaseAnalyticsProvider c;
    private boolean d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static final class ClientGeneratedKeys {
        private final byte[] a;
        private final PrivateKey b;

        public ClientGeneratedKeys(byte[] bArr, PrivateKey privateKey) {
            this.a = bArr;
            this.b = privateKey;
        }

        public PrivateKey a() {
            return this.b;
        }

        public byte[] b() {
            return this.a;
        }
    }

    /* loaded from: classes.dex */
    public static class KeyRegistrationException extends Exception {
        private final ErrorType a;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: classes.dex */
        public enum ErrorType {
            NETWORK,
            SQL,
            THROTTLE
        }

        public KeyRegistrationException(String str, ErrorType errorType) {
            super(str);
            this.a = errorType;
        }

        public KeyRegistrationException(String str, Errors.ClError clError) {
            super(str);
            this.a = ErrorType.NETWORK;
        }

        public boolean a() {
            return this.a == ErrorType.SQL;
        }
    }

    /* loaded from: classes.dex */
    public static class MalformedPayloadBundleAttributesException extends Exception {
    }

    /* loaded from: classes.dex */
    public static class MalformedPayloadKeyException extends Exception {
    }

    /* loaded from: classes.dex */
    public static class PrivateKeyNotFoundException extends Exception {
    }

    public PushEncryptionKeysManager(Lazy<FeatureManager> lazy, BaseAnalyticsProvider baseAnalyticsProvider) {
        this.b = lazy;
        this.c = baseAnalyticsProvider;
    }

    private void a(ACCore aCCore, ACAccountManager aCAccountManager) {
        e.d("checkAllAccounts");
        ACAccountPersistenceManager p = aCCore.p();
        Vector<ACMailAccount> q1 = aCAccountManager.q1();
        synchronized (this.a) {
            Iterator<ACMailAccount> it = q1.iterator();
            while (it.hasNext()) {
                ACMailAccount next = it.next();
                if (f(next)) {
                    if (g(next)) {
                        if (!p.i(next.getAccountID())) {
                            c(aCCore, p, next);
                        }
                    } else if (p.i(next.getAccountID())) {
                        b(aCCore, p, next);
                    }
                }
            }
        }
    }

    private byte[] e(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: h, reason: merged with bridge method [inline-methods] */
    public /* synthetic */ Object i(ACCore aCCore, ACAccountManager aCAccountManager) throws Exception {
        a(aCCore, aCAccountManager);
        return null;
    }

    void b(ACCore aCCore, ACAccountPersistenceManager aCAccountPersistenceManager, ACMailAccount aCMailAccount) {
        Logger logger = e;
        logger.d("Disabling: " + aCMailAccount.getAccountID());
        if (!f(aCMailAccount)) {
            logger.e("  Account type is invalid, skipping: " + aCMailAccount.getAccountID());
            return;
        }
        final ClientCompletionBlock clientCompletionBlock = new ClientCompletionBlock();
        ACClient.D(aCCore, aCMailAccount.getAccountID(), AccountActionType.EnableNotificationEncryption, new ClInterfaces$ClResponseCallback<RemoveAccountActionResponse_452>(this) { // from class: com.acompli.accore.notifications.PushEncryptionKeysManager.2
            @Override // com.acompli.libcircle.ClInterfaces$ClResponseCallback
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public void onResponse(RemoveAccountActionResponse_452 removeAccountActionResponse_452) {
                clientCompletionBlock.m(removeAccountActionResponse_452);
                clientCompletionBlock.k();
            }

            @Override // com.acompli.libcircle.ClInterfaces$ClResponseCallback
            public void onError(Errors.ClError clError) {
                clientCompletionBlock.l(clError);
                clientCompletionBlock.k();
            }
        });
        clientCompletionBlock.n();
        if (!clientCompletionBlock.f()) {
            aCAccountPersistenceManager.H(aCMailAccount.getAccountID());
            logger.d("  Disabled: " + aCMailAccount.getAccountID());
            return;
        }
        logger.e("Error updating encryption flag for account " + aCMailAccount.getAccountID() + ": " + clientCompletionBlock.a());
    }

    void c(ACCore aCCore, ACAccountPersistenceManager aCAccountPersistenceManager, ACMailAccount aCMailAccount) {
        Logger logger = e;
        logger.d("Enabling: " + aCMailAccount.getAccountID());
        if (!f(aCMailAccount)) {
            logger.e("  Account type is invalid, skipping: " + aCMailAccount.getAccountID());
            return;
        }
        final ClientCompletionBlock clientCompletionBlock = new ClientCompletionBlock();
        ACClient.d(aCCore, aCMailAccount.getAccountID(), AccountActionType.EnableNotificationEncryption, new ClInterfaces$ClResponseCallback<AddAccountActionResponse_297>(this) { // from class: com.acompli.accore.notifications.PushEncryptionKeysManager.1
            @Override // com.acompli.libcircle.ClInterfaces$ClResponseCallback
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public void onResponse(AddAccountActionResponse_297 addAccountActionResponse_297) {
                clientCompletionBlock.m(addAccountActionResponse_297);
                clientCompletionBlock.k();
            }

            @Override // com.acompli.libcircle.ClInterfaces$ClResponseCallback
            public void onError(Errors.ClError clError) {
                clientCompletionBlock.l(clError);
                clientCompletionBlock.k();
            }
        });
        clientCompletionBlock.n();
        if (clientCompletionBlock.f()) {
            logger.e("Error updating encryption flag for account " + aCMailAccount.getAccountID() + ": " + clientCompletionBlock.a());
            return;
        }
        try {
            n(aCCore, aCAccountPersistenceManager, aCMailAccount.getAccountID());
            logger.d("  Enabled: " + aCMailAccount.getAccountID());
        } catch (KeyRegistrationException e2) {
            if (e2.a()) {
                j(e2, aCMailAccount.getAccountID());
            }
        } catch (InterruptedException unused) {
        } catch (Exception e3) {
            j(e3, aCMailAccount.getAccountID());
        }
        try {
            aCAccountPersistenceManager.F(aCMailAccount.getAccountID(), 10);
        } catch (Exception unused2) {
        }
    }

    ClientGeneratedKeys d() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(PushEncryptionKey.getKeyMethodCurrentVersion());
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        PublicKey publicKey = generateKeyPair.getPublic();
        PrivateKey privateKey = generateKeyPair.getPrivate();
        byte[] e2 = e(JfifUtil.MARKER_SOS);
        byte[] bArr = new byte[512];
        System.arraycopy(publicKey.getEncoded(), 0, bArr, 0, 294);
        System.arraycopy(e2, 0, bArr, 294, JfifUtil.MARKER_SOS);
        return new ClientGeneratedKeys(bArr, privateKey);
    }

    public boolean f(ACMailAccount aCMailAccount) {
        return aCMailAccount != null && aCMailAccount.isMailAccount() && aCMailAccount.getAccountType() == ACMailAccount.AccountType.OMAccount;
    }

    boolean g(ACMailAccount aCMailAccount) {
        if (this.b.get().g(FeatureManager.Feature.u2)) {
            return true;
        }
        return aCMailAccount != null && aCMailAccount.isGccAccount();
    }

    public void j(Throwable th, int i) {
        e.e("General encryption key registration error.", th);
        this.c.i4(OTNotificationType.mail, i, OTNotificationDecryptionResult.decryption_error_general, null, th.getMessage());
    }

    public void k(ACCore aCCore, ACAccountPersistenceManager aCAccountPersistenceManager, ACMailAccount aCMailAccount) {
        if (g(aCMailAccount) && f(aCMailAccount)) {
            synchronized (this.a) {
                c(aCCore, aCAccountPersistenceManager, aCMailAccount);
            }
        }
    }

    public void l(final ACCore aCCore, final ACAccountManager aCAccountManager) {
        if (this.d) {
            return;
        }
        this.d = true;
        Task.d(new Callable() { // from class: com.acompli.accore.notifications.d
            @Override // java.util.concurrent.Callable
            public final Object call() {
                return PushEncryptionKeysManager.this.i(aCCore, aCAccountManager);
            }
        }, OutlookExecutors.getBackgroundExecutor()).p(TaskUtil.k());
    }

    public void m(ACCore aCCore, ACAccountPersistenceManager aCAccountPersistenceManager, ACMailAccount aCMailAccount) {
        Logger logger = e;
        logger.d("onOutOfBandMessage: " + aCMailAccount.getAccountID());
        if (g(aCMailAccount)) {
            if (f(aCMailAccount)) {
                synchronized (this.a) {
                    c(aCCore, aCAccountPersistenceManager, aCMailAccount);
                }
            } else {
                logger.e("  Account type is invalid, skipping: " + aCMailAccount.getAccountID());
            }
        }
    }

    void n(ACCore aCCore, ACAccountPersistenceManager aCAccountPersistenceManager, int i) throws NoSuchAlgorithmException, KeyRegistrationException, InterruptedException {
        ClientGeneratedKeys d = d();
        RegisterNotificationPublicKeyRequest_642 m377build = new RegisterNotificationPublicKeyRequest_642.Builder().accountID((short) i).publicKey(ByteString.of(d.b())).m377build();
        final ClientCompletionBlock clientCompletionBlock = new ClientCompletionBlock();
        aCCore.i0(m377build, new ClInterfaces$ClResponseCallback<RegisterNotificationPublicKeyResponse_643>(this) { // from class: com.acompli.accore.notifications.PushEncryptionKeysManager.3
            @Override // com.acompli.libcircle.ClInterfaces$ClResponseCallback
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public void onResponse(RegisterNotificationPublicKeyResponse_643 registerNotificationPublicKeyResponse_643) {
                clientCompletionBlock.m(registerNotificationPublicKeyResponse_643);
                clientCompletionBlock.k();
            }

            @Override // com.acompli.libcircle.ClInterfaces$ClResponseCallback
            public void onError(Errors.ClError clError) {
                clientCompletionBlock.l(clError);
                clientCompletionBlock.k();
            }
        });
        clientCompletionBlock.n();
        if (clientCompletionBlock.e()) {
            throw new InterruptedException("Error registering key, interrupted.");
        }
        if (clientCompletionBlock.f()) {
            throw new KeyRegistrationException("Error registering key.", clientCompletionBlock.a());
        }
        if (!aCAccountPersistenceManager.d(new PushEncryptionKey(i, ((RegisterNotificationPublicKeyResponse_643) clientCompletionBlock.d()).keyReference, d.a().getEncoded(), System.currentTimeMillis(), 0))) {
            throw new KeyRegistrationException("Error storing key to datastore.", KeyRegistrationException.ErrorType.SQL);
        }
    }
}
