package com.avast.android.ffl.v2;

import com.avast.android.ffl.AbstractFFLClient;
import com.avast.android.ffl.EncryptionException;
import com.avast.android.ffl.Hex;
import com.avast.android.ffl.KeyExpiredException;
import com.avast.android.ffl.LoggingProvider;
import com.avast.android.ffl.NonFFLResponseException;
import com.avast.android.ffl.RegistrationException;
import com.avast.crypto.FFLSpec;
import com.avast.crypto.KeyUtilityException;
import com.avast.crypto.PayloadException;
import com.avast.crypto.SymKeyUtility;
import com.avast.ffl.auth.proto.AuthProto$FFLAuthGenerateKeyRequest;
import com.avast.ffl.auth.proto.AuthProto$FFLAuthGenerateKeyResponse;
import com.avast.ffl.auth.proto.AuthProto$FFLAuthRegistrationRequest;
import com.avast.ffl.auth.proto.AuthProto$FFLAuthRegistrationResponse;
import com.avast.ffl.auth.proto.AuthProto$Identity;
import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Locale;
import java.util.concurrent.atomic.AtomicReference;
import org.apache.commons.codec.binary.Base64;
import org.jsoup.helper.HttpConnection;
import retrofit.client.Client;
import retrofit.client.Header;
import retrofit.client.Request;
import retrofit.client.Response;
import retrofit.mime.TypedInput;
import retrofit.mime.TypedOutput;

/* loaded from: classes.dex */
public class FFLV2ClientImpl extends AbstractFFLClient implements FFLV2Client {

    /* renamed from: ʻ, reason: contains not printable characters */
    private final AuthProto$Identity f23526;

    /* renamed from: ʼ, reason: contains not printable characters */
    private final boolean f23527;

    /* renamed from: ˏ, reason: contains not printable characters */
    private final AuthStorage f23528;

    /* renamed from: ᐝ, reason: contains not printable characters */
    private final AtomicReference<AuthClock> f23529;

    public FFLV2ClientImpl(Client client, LoggingProvider loggingProvider, AuthStorage authStorage, AuthProto$Identity authProto$Identity, String str) {
        this(client, loggingProvider, authStorage, authProto$Identity, str, false);
    }

    public FFLV2ClientImpl(Client client, LoggingProvider loggingProvider, AuthStorage authStorage, AuthProto$Identity authProto$Identity, String str, boolean z) {
        super(client, loggingProvider, str);
        this.f23529 = new AtomicReference<>();
        this.f23528 = authStorage;
        this.f23526 = authProto$Identity;
        this.f23527 = z;
    }

    /* renamed from: ʹ, reason: contains not printable characters */
    private void m23459(ClientKey clientKey) throws IOException {
        if (this.f23527) {
            this.f23528.mo23441(clientKey);
        } else {
            this.f23528.mo23444(clientKey);
        }
    }

    /* renamed from: ʼ, reason: contains not printable characters */
    private byte[] m23460(String str) throws UnsupportedEncodingException {
        return Base64.decodeBase64(m23461(str).getBytes("UTF-8"));
    }

    /* renamed from: ʽ, reason: contains not printable characters */
    private String m23461(String str) throws UnsupportedEncodingException {
        return URLDecoder.decode(str, "UTF-8");
    }

    /* renamed from: ʾ, reason: contains not printable characters */
    private Response m23462(Request request, ClientKey clientKey) throws IOException {
        try {
            return m23463(request, clientKey, m23471());
        } catch (InvalidRequestTimeException e) {
            int i = 1 >> 0;
            this.f23515.mo23434("Server rejected request due to invalid time. Updating offset to server time ($s)", Long.valueOf(e.m23478()));
            m23470(e.m23478());
            return m23463(request, clientKey, m23471());
        }
    }

    /* renamed from: ʿ, reason: contains not printable characters */
    private Response m23463(Request request, ClientKey clientKey, long j) throws IOException {
        byte[] bArr;
        try {
            final TypedOutput body = request.getBody();
            ArrayList arrayList = new ArrayList(request.getHeaders());
            String m23446 = m23467().m23446();
            byte[] m25919 = SymKeyUtility.m25919();
            byte[] m49491 = clientKey.m23451().m49491();
            FFLSpec fFLSpec = FFLSpec.V2;
            byte[] m25918 = SymKeyUtility.m25918(m25919, m49491, j, fFLSpec.mo25897());
            if (body != null) {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream((int) body.length());
                body.writeTo(byteArrayOutputStream);
                bArr = byteArrayOutputStream.toByteArray();
            } else {
                bArr = new byte[0];
            }
            final byte[] m25894 = (bArr == null || bArr.length <= 0) ? new byte[0] : fFLSpec.mo25896().m25894(bArr, m25919);
            arrayList.add(new Header(HttpConnection.CONTENT_ENCODING, "x-ffl"));
            arrayList.add(new Header("X-AVAST-FFL-Version", "2"));
            arrayList.add(new Header("X-AVAST-FFL-Mode", "SFSR"));
            arrayList.add(new Header("X-AVAST-Request-Time", Long.toString(j)));
            arrayList.add(new Header("X-AVAST-Client-Id-0", m23473(m23446)));
            arrayList.add(new Header("X-AVAST-Key-Id-0", m23469(clientKey.m23450().m49491())));
            arrayList.add(new Header("X-AVAST-ETEK-0", m23469(m25918)));
            Response execute = this.f23516.execute(new Request(request.getMethod(), request.getUrl(), arrayList, body != null ? new TypedOutput(this) { // from class: com.avast.android.ffl.v2.FFLV2ClientImpl.2
                @Override // retrofit.mime.TypedOutput
                public String fileName() {
                    return body.fileName();
                }

                @Override // retrofit.mime.TypedOutput
                public long length() {
                    return m25894.length;
                }

                @Override // retrofit.mime.TypedOutput
                public String mimeType() {
                    return body.mimeType();
                }

                @Override // retrofit.mime.TypedOutput
                public void writeTo(OutputStream outputStream) throws IOException {
                    outputStream.write(m25894);
                }
            } : null));
            final TypedInput body2 = execute.getBody();
            long length = body2 != null ? body2.length() : 0L;
            this.f23515.mo23433("Received response with status " + execute.getStatus() + "(" + execute.getReason() + ") and payload size " + length, new Object[0]);
            if (execute.getStatus() == 442) {
                throw new KeyExpiredException("Status code 442 from server");
            }
            final byte[] m25893 = body2 != null ? fFLSpec.mo25896().m25893(AbstractFFLClient.m23430(body2.in()), SymKeyUtility.m25916(m23465(execute), clientKey.m23451().m49491(), j, fFLSpec.mo25897())) : new byte[0];
            if (execute.getStatus() != 443) {
                return new Response(execute.getUrl(), execute.getStatus(), execute.getReason(), execute.getHeaders(), new TypedInput(this) { // from class: com.avast.android.ffl.v2.FFLV2ClientImpl.3
                    @Override // retrofit.mime.TypedInput
                    public InputStream in() throws IOException {
                        return new ByteArrayInputStream(m25893);
                    }

                    @Override // retrofit.mime.TypedInput
                    public long length() {
                        int i = 7 & 0;
                        return m25893.length;
                    }

                    @Override // retrofit.mime.TypedInput
                    public String mimeType() {
                        TypedInput typedInput = body2;
                        return typedInput != null ? typedInput.mimeType() : "application/octet-stream";
                    }
                });
            }
            throw new InvalidRequestTimeException(m23466(m25893));
        } catch (KeyUtilityException e) {
            e = e;
            throw new EncryptionException(e);
        } catch (PayloadException e2) {
            e = e2;
            throw new EncryptionException(e);
        } catch (InvalidKeyException e3) {
            e = e3;
            throw new EncryptionException(e);
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            throw new EncryptionException(e);
        }
    }

    /* renamed from: ˈ, reason: contains not printable characters */
    private ByteString m23464() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return ByteString.m49486(bArr);
    }

    /* renamed from: ˉ, reason: contains not printable characters */
    private byte[] m23465(Response response) throws EncryptionException, UnsupportedEncodingException, NonFFLResponseException {
        String str = null;
        String str2 = null;
        String str3 = null;
        for (Header header : response.getHeaders()) {
            int i = 7 ^ 4;
            if ("X-AVAST-FFL-Version".equalsIgnoreCase(header.getName())) {
                str = header.getValue();
            } else if ("X-AVAST-FFL-Mode".equalsIgnoreCase(header.getName())) {
                str2 = header.getValue();
            } else if ("X-AVAST-ETEK-0".equalsIgnoreCase(header.getName())) {
                str3 = header.getValue();
            }
        }
        if (!"2".equals(str)) {
            throw new NonFFLResponseException("Invalid FFL version in server response: " + str, response);
        }
        if (!"SFSR".equals(str2)) {
            int i2 = 7 >> 7;
            if (!"SFMR".equals(str2)) {
                throw new EncryptionException("Invalid FFL mode in server response: " + str2);
            }
            this.f23515.mo23432("Ignoring all but the first recipient in SFMR mode", new Object[0]);
        }
        if (str3 != null) {
            return m23460(str3);
        }
        throw new EncryptionException("Missing ETEK in server response");
    }

    /* renamed from: ˌ, reason: contains not printable characters */
    private long m23466(byte[] bArr) throws IOException {
        try {
            return Long.parseLong(new String(bArr, "UTF-8"));
        } catch (NumberFormatException e) {
            throw new EncryptionException(e, "Cannot parse server time from respnse");
        }
    }

    /* renamed from: ˍ, reason: contains not printable characters */
    private ClientIdentity m23467() throws IOException {
        return this.f23527 ? this.f23528.mo23438() : this.f23528.mo23440();
    }

    /* renamed from: ˑ, reason: contains not printable characters */
    private ClientKey m23468() throws IOException {
        return this.f23527 ? this.f23528.mo23445() : this.f23528.mo23437();
    }

    /* renamed from: ͺ, reason: contains not printable characters */
    private String m23469(byte[] bArr) throws UnsupportedEncodingException {
        return m23473(new String(Base64.encodeBase64(bArr), "UTF-8"));
    }

    /* renamed from: י, reason: contains not printable characters */
    private void m23470(long j) throws IOException {
        long m23453 = DefaultClock.m23453(j);
        this.f23528.mo23436(m23453);
        this.f23529.set(new DefaultClock(m23453));
    }

    /* renamed from: ᐧ, reason: contains not printable characters */
    private long m23471() throws IOException {
        AuthClock authClock = this.f23529.get();
        if (authClock == null) {
            authClock = new DefaultClock(this.f23528.mo23442());
            this.f23529.set(authClock);
        }
        return authClock.mo23435();
    }

    /* renamed from: ᐨ, reason: contains not printable characters */
    private void m23472(ClientIdentity clientIdentity) throws IOException {
        ByteString m23464 = m23464();
        AuthProto$FFLAuthRegistrationRequest.Builder m26066 = AuthProto$FFLAuthRegistrationRequest.m26066();
        m26066.m26083(m23464);
        m26066.m26085(this.f23526);
        if (clientIdentity != null) {
            AuthProto$FFLAuthRegistrationRequest.Parent.Builder m26092 = AuthProto$FFLAuthRegistrationRequest.Parent.m26092();
            m26092.m26107(clientIdentity.m23446());
            m26092.m26108(clientIdentity.m23447());
            int i = 2 ^ 4;
            m26066.m26086(m26092);
        }
        final byte[] m49472 = m26066.m26084().m49472();
        Response execute = this.f23516.execute(new Request("POST", m23477(), null, new TypedOutput(this) { // from class: com.avast.android.ffl.v2.FFLV2ClientImpl.1
            @Override // retrofit.mime.TypedOutput
            public String fileName() {
                return null;
            }

            @Override // retrofit.mime.TypedOutput
            public long length() {
                return m49472.length;
            }

            @Override // retrofit.mime.TypedOutput
            public String mimeType() {
                return "application/octet-stream";
            }

            @Override // retrofit.mime.TypedOutput
            public void writeTo(OutputStream outputStream) throws IOException {
                outputStream.write(m49472);
            }
        }));
        int i2 = 5 & 5;
        if (execute.getStatus() != 200) {
            boolean z = true | true;
            throw new RegistrationException("Return code of AUTH service should be 200, is " + execute.getStatus());
        }
        try {
            AuthProto$FFLAuthRegistrationResponse parseFrom = AuthProto$FFLAuthRegistrationResponse.parseFrom(execute.getBody().in());
            Calendar calendar = Calendar.getInstance();
            calendar.setTimeInMillis(parseFrom.m26112());
            this.f23515.mo23434("Registered as %s Client ID %s with CIGT %s", clientIdentity != null ? "app" : "root", parseFrom.m26111(), Hex.m23431(m23464.m49491()));
            int i3 = 4 & 7;
            this.f23515.mo23434("Received new AUTH key ID %s, version %s, expiration %s", Hex.m23431(parseFrom.m26113().m49491()), Long.valueOf(parseFrom.m26114()), new SimpleDateFormat("yyyy-MM-dd HH:mm:ss", Locale.US).format(calendar.getTime()));
            ClientIdentity clientIdentity2 = new ClientIdentity(m23464, parseFrom.m26111());
            ClientKey clientKey = new ClientKey(parseFrom.m26113(), parseFrom.m26116(), parseFrom.m26114(), parseFrom.m26112());
            if (clientIdentity != null) {
                this.f23528.mo23443(clientIdentity2, clientKey);
            } else {
                this.f23528.mo23439(clientIdentity2, clientKey);
            }
        } catch (InvalidProtocolBufferException e) {
            throw new RegistrationException(e, "Could not parse registration GPB response");
        }
    }

    /* renamed from: ι, reason: contains not printable characters */
    private String m23473(String str) throws UnsupportedEncodingException {
        return URLEncoder.encode(str, "UTF-8");
    }

    /* renamed from: ﾞ, reason: contains not printable characters */
    private ClientKey m23474(ClientIdentity clientIdentity, ClientKey clientKey) throws IOException {
        AuthProto$FFLAuthGenerateKeyRequest.Builder m26032 = AuthProto$FFLAuthGenerateKeyRequest.m26032();
        m26032.m26051(clientIdentity.m23447());
        m26032.m26050(clientIdentity.m23446());
        m26032.m26054(clientKey.m23452());
        m26032.m26053(this.f23526);
        final byte[] m49472 = m26032.m26052().m49472();
        Response execute = this.f23516.execute(new Request("POST", m23476(), null, new TypedOutput(this) { // from class: com.avast.android.ffl.v2.FFLV2ClientImpl.4
            {
                int i = 4 << 6;
            }

            @Override // retrofit.mime.TypedOutput
            public String fileName() {
                return null;
            }

            @Override // retrofit.mime.TypedOutput
            public long length() {
                return m49472.length;
            }

            @Override // retrofit.mime.TypedOutput
            public String mimeType() {
                return "application/octet-stream";
            }

            @Override // retrofit.mime.TypedOutput
            public void writeTo(OutputStream outputStream) throws IOException {
                outputStream.write(m49472);
            }
        }));
        if (execute.getStatus() == 409) {
            throw new KeyVersionConflictException("Conflict when requesting new key with previous version: " + clientKey.m23452());
        }
        if (execute.getStatus() != 200) {
            throw new GenerateKeyException("Return code of AUTH service should be 200, is " + execute.getStatus());
        }
        try {
            AuthProto$FFLAuthGenerateKeyResponse parseFrom = AuthProto$FFLAuthGenerateKeyResponse.parseFrom(execute.getBody().in());
            Calendar calendar = Calendar.getInstance();
            int i = 1 ^ 4;
            calendar.setTimeInMillis(parseFrom.m26058());
            int i2 = 4 << 3;
            int i3 = 6 & 4;
            this.f23515.mo23434("Received new AUTH key ID %s, version %s, expiration %s", Hex.m23431(parseFrom.m26059().m49491()), Long.valueOf(parseFrom.m26057()), new SimpleDateFormat("yyyy-MM-dd HH:mm:ss", Locale.US).format(calendar.getTime()));
            ClientKey clientKey2 = new ClientKey(parseFrom.m26059(), parseFrom.m26056(), parseFrom.m26057(), parseFrom.m26058());
            m23459(clientKey2);
            return clientKey2;
        } catch (InvalidProtocolBufferException e) {
            int i4 = 6 & 3;
            throw new GenerateKeyException("Could not parse generate key GPB response", e);
        }
    }

    @Override // retrofit.client.Client
    public Response execute(Request request) throws IOException, KeyExpiredException {
        ClientIdentity mo23438 = this.f23528.mo23438();
        if (mo23438 == null) {
            throw new IllegalStateException("Root Client ID not registered");
        }
        ClientIdentity mo23440 = this.f23528.mo23440();
        if (mo23440 == null) {
            throw new IllegalStateException("App Client ID not registered");
        }
        int i = 1 >> 3;
        if (mo23440.m23448(mo23438)) {
            return m23462(request, m23468());
        }
        throw new AppClientIdMismatchException("App Client ID is not derived from root Client ID");
    }

    @Override // com.avast.android.ffl.v2.FFLV2Client
    /* renamed from: ˊ */
    public void mo23454() throws IOException {
        ClientIdentity mo23438 = this.f23528.mo23438();
        if (mo23438 == null) {
            throw new IllegalStateException("Root client id must be registered before registering app client id.");
        }
        m23472(mo23438);
    }

    @Override // com.avast.android.ffl.v2.FFLV2Client
    /* renamed from: ˋ */
    public void mo23455() throws IOException {
        ClientKey m23468 = m23468();
        ClientIdentity m23467 = m23467();
        if (m23468 == null || m23467 == null) {
            throw new IllegalStateException("App client is not registered with auth server");
        }
        m23459(new ClientKey(m23468.m23450(), m23468.m23451(), m23468.m23452() + 1, m23468.m23449()));
        m23474(m23467, m23468);
    }

    @Override // com.avast.android.ffl.v2.FFLV2Client
    /* renamed from: ˎ */
    public void mo23456() throws IOException {
        m23472(null);
    }

    @Override // com.avast.android.ffl.v2.FFLV2Client
    /* renamed from: ˏ */
    public boolean mo23457() throws IOException {
        return (this.f23528.mo23440() == null || this.f23528.mo23437() == null) ? false : true;
    }

    /* renamed from: ՙ, reason: contains not printable characters */
    public FFLV2ClientImpl m23475() {
        FFLV2ClientImpl fFLV2ClientImpl;
        if (this.f23527) {
            fFLV2ClientImpl = this;
        } else {
            int i = 3 << 4;
            fFLV2ClientImpl = new FFLV2ClientImpl(this.f23516, this.f23515, this.f23528, this.f23526, this.f23517, true);
        }
        return fFLV2ClientImpl;
    }

    /* renamed from: ـ, reason: contains not printable characters */
    protected String m23476() {
        return "https://" + this.f23517 + "/V2/KEY";
    }

    @Override // com.avast.android.ffl.v2.FFLV2Client
    /* renamed from: ᐝ */
    public boolean mo23458() throws IOException {
        return this.f23528.mo23438() != null;
    }

    /* renamed from: ﹳ, reason: contains not printable characters */
    protected String m23477() {
        return "https://" + this.f23517 + "/V2/REG";
    }
}
