package com.cisco.umbrella.crypto;

import android.content.Context;
import android.os.Build;
import com.cisco.anyconnect.vpn.android.util.AppLog;
import com.cisco.anyconnect.vpn.android.util.CustLogComponent;
import com.cisco.umbrella.network.NICBNotifier;
import com.cisco.umbrella.probe.UmbrellaProbeHandler;
import com.cisco.umbrella.util.ConfigHelper;
import com.cisco.umbrella.util.Constant;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import java.util.function.Consumer;

/* loaded from: classes.dex */
public class DNSCryptCertHandler {
    private static final String TAG = "DNSCryptCertHandler";
    private Context context;
    private DNSCryptHelper dnsCryptHelper;
    private boolean dnsCryptInitSuccessful;
    private ScheduledFuture<?> dnsCryptRefreshCertScheduledFuture;
    private ScheduledFuture<?> dnsCryptRetryCertScheduledFuture;
    private ScheduledExecutorService multiThreadedScheduledExecutorService;
    private NICBNotifier nicbNotifier;
    private UmbrellaProbeHandler umbrellaProbeHandler;

    public DNSCryptCertHandler(ScheduledExecutorService scheduledExecutorService, Context context, UmbrellaProbeHandler umbrellaProbeHandler, DNSCryptHelper dNSCryptHelper, NICBNotifier nICBNotifier) {
        AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, TAG, "DNSCryptCertHandler constructor called");
        this.multiThreadedScheduledExecutorService = scheduledExecutorService;
        this.context = context;
        this.dnsCryptHelper = dNSCryptHelper;
        this.umbrellaProbeHandler = umbrellaProbeHandler;
        this.nicbNotifier = nICBNotifier;
    }

    private void cancelRefreshCerts() {
        AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, TAG, "cancelRefreshCerts called");
        ScheduledFuture<?> scheduledFuture = this.dnsCryptRefreshCertScheduledFuture;
        if (scheduledFuture == null || scheduledFuture.isDone() || this.dnsCryptRefreshCertScheduledFuture.isCancelled()) {
            return;
        }
        this.dnsCryptRefreshCertScheduledFuture.cancel(true);
    }

    private void notifyNICB() {
        if (Build.VERSION.SDK_INT >= 24) {
            this.nicbNotifier.getSubscribers().forEach(new Consumer() { // from class: com.cisco.umbrella.crypto.DNSCryptCertHandler$$ExternalSyntheticLambda1
                @Override // java.util.function.Consumer
                public final void accept(Object obj) {
                    DNSCryptCertHandler.this.m725x1e8464a7((NICBNotifier.NICBCallback) obj);
                }
            });
        }
    }

    private void refreshCerts() {
        AppLog.logVerboseMessage(CustLogComponent.UMBRELLA_CONFIG, AppLog.Severity.DBG_INFO, TAG, "Refreshing certificate.");
        this.dnsCryptRefreshCertScheduledFuture = this.multiThreadedScheduledExecutorService.scheduleWithFixedDelay(new Runnable() { // from class: com.cisco.umbrella.crypto.DNSCryptCertHandler$$ExternalSyntheticLambda0
            @Override // java.lang.Runnable
            public final void run() {
                DNSCryptCertHandler.this.m726x62571bb7();
            }
        }, 30L, 30L, TimeUnit.MINUTES);
    }

    public void cancelCertFetch() {
        AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, TAG, "cancelCertFetch called");
        ScheduledFuture<?> scheduledFuture = this.dnsCryptRetryCertScheduledFuture;
        if (scheduledFuture == null || scheduledFuture.isDone() || this.dnsCryptRetryCertScheduledFuture.isCancelled()) {
            return;
        }
        this.dnsCryptRetryCertScheduledFuture.cancel(true);
    }

    public void cleanUp() {
        AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, TAG, "cleanUp called");
        cancelRefreshCerts();
        cancelCertFetch();
        this.dnsCryptRefreshCertScheduledFuture = null;
        this.dnsCryptRetryCertScheduledFuture = null;
    }

    public void initDNSCrypt() {
        cancelCertFetch();
        AppLog.Severity severity = AppLog.Severity.DBG_INFO;
        String str = TAG;
        AppLog.logDebugMessage(severity, str, "initDNSCrypt called");
        if (ConfigHelper.isFedRamp()) {
            this.dnsCryptInitSuccessful = this.dnsCryptHelper.initDNSCrypt(true, this.context.getApplicationInfo().nativeLibraryDir + "/libacciscocrypto.so", this.umbrellaProbeHandler.getResolverIP(), ConfigHelper.getConfig(Constant.FIPS_CERT_QUERY_HOSTNAME), ConfigHelper.getConfig(Constant.FIPS_CERT_PROVIDER_KEY));
        } else {
            this.dnsCryptInitSuccessful = this.dnsCryptHelper.initDNSCrypt(false, "", this.umbrellaProbeHandler.getResolverIP(), ConfigHelper.getConfig(Constant.UMBRELLA_CERT_QUERY_HOSTNAME), ConfigHelper.getConfig(Constant.UMBRELLA_CERT_PROVIDER_KEY));
        }
        if (this.dnsCryptInitSuccessful) {
            cancelCertFetch();
            AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, str, "Certificate fetch successful");
            refreshCerts();
        } else {
            AppLog.logVerboseMessage(CustLogComponent.UMBRELLA_CONFIG, AppLog.Severity.DBG_INFO, str, "Certificate fetch failed, retrying in 30seconds..");
            this.dnsCryptRetryCertScheduledFuture = this.multiThreadedScheduledExecutorService.scheduleWithFixedDelay(new Runnable() { // from class: com.cisco.umbrella.crypto.DNSCryptCertHandler$$ExternalSyntheticLambda2
                @Override // java.lang.Runnable
                public final void run() {
                    DNSCryptCertHandler.this.initDNSCrypt();
                }
            }, 30L, 30L, TimeUnit.SECONDS);
        }
        notifyNICB();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$notifyNICB$1$com-cisco-umbrella-crypto-DNSCryptCertHandler, reason: not valid java name */
    public /* synthetic */ void m725x1e8464a7(NICBNotifier.NICBCallback nICBCallback) {
        nICBCallback.informNICB(Constant.DNS_CRYPT_CERT_FETCHED, this.dnsCryptInitSuccessful);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$refreshCerts$0$com-cisco-umbrella-crypto-DNSCryptCertHandler, reason: not valid java name */
    public /* synthetic */ void m726x62571bb7() {
        this.dnsCryptHelper.refreshCerts(this.umbrellaProbeHandler.getResolverIP());
    }
}
