package com.cmtelematics.drivewell.service.tag;

import android.bluetooth.BluetoothGattCharacteristic;
import android.content.Context;
import android.support.annotation.NonNull;
import android.util.Base64;
import com.cmtelematics.drivewell.common.NetworkResultStatus;
import com.cmtelematics.drivewell.service.CLog;
import com.cmtelematics.drivewell.service.appserver.AppServerTagAuthorizeTask;
import com.cmtelematics.drivewell.service.tag.TagSynchronousAccess;
import com.cmtelematics.drivewell.service.types.TagAuthorizationRequest;
import com.cmtelematics.drivewell.service.types.TagAuthorizationResponse;
import com.cmtelematics.drivewell.service.types.TagInstruction;
import com.cmtelematics.drivewell.service.types.TagSessionKey;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes.dex */
public class TagAuthorizer {
    private boolean aborting = false;

    @NonNull
    private final Context mContext;
    private final TagSynchronousAccess mSync;
    private final BluetoothGattCharacteristic mTagAuthorize;

    @NonNull
    private final String mTagMacAddress;

    @NonNull
    private final String tag;

    /* loaded from: classes.dex */
    public enum AuthorizeResult {
        SUCCESS,
        FAIL_MISSING_CHALLENGE,
        FAIL_SERVER_REJECTION,
        FAIL_MISC
    }

    public TagAuthorizer(@NonNull Context context, @NonNull String str, BluetoothGattCharacteristic bluetoothGattCharacteristic, TagSynchronousAccess tagSynchronousAccess) {
        this.mContext = context;
        this.mTagMacAddress = str;
        this.mTagAuthorize = bluetoothGattCharacteristic;
        this.mSync = tagSynchronousAccess;
        this.tag = "TagAuth-" + str;
    }

    private boolean tryAuth() {
        CLog.i(this.tag, "Authorize tag: try each key");
        for (int i = 0; i < 2; i++) {
            this.mSync.authKey(i, this.mTagAuthorize);
            readTagChallenge();
            if (this.mSync.isTagAuthorized()) {
                CLog.i(this.tag, "Tag authorized");
                return true;
            }
            CLog.i(this.tag, "Failed to authorize tag");
        }
        CLog.i(this.tag, "Tag not authorized");
        this.mSync.deauth();
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void abort() {
        this.aborting = true;
    }

    public AuthorizeResult authorizeTag() {
        byte[] readTagChallenge = readTagChallenge();
        CLog.i(this.tag, "Tag challenge read");
        if (this.mSync.isTagAuthorized()) {
            CLog.i(this.tag, "Tag already authorized");
            return AuthorizeResult.SUCCESS;
        }
        if (!this.mSync.isTagAuthorizationRequired()) {
            CLog.i(this.tag, "Auth not required");
            return AuthorizeResult.SUCCESS;
        }
        if (readTagChallenge == null) {
            CLog.w(this.tag, "Failed to read challenge - retry");
            try {
                Thread.sleep(1000L);
            } catch (Exception unused) {
                CLog.i(this.tag, "Exception in sleep");
            }
            if (readTagChallenge() == null) {
                CLog.i(this.tag, "Authorize tag: Missing challenge");
                return AuthorizeResult.FAIL_MISSING_CHALLENGE;
            }
        }
        List<TagSessionKey> sessionKeys = getSessionKeys();
        if (sessionKeys != null) {
            this.mSync.setSessionKeys(sessionKeys);
        }
        if (tryAuth()) {
            return AuthorizeResult.SUCCESS;
        }
        for (int i = 0; i < 2; i++) {
            byte[] readTagChallenge2 = readTagChallenge();
            if (readTagChallenge2 == null) {
                CLog.w(this.tag, "Unable to read challenge on attempt " + i);
            } else {
                AppServerTagAuthorizeTask appServerTagAuthorizeTask = new AppServerTagAuthorizeTask(this.mContext, new TagAuthorizationRequest(this.mTagMacAddress, readTagChallenge2));
                NetworkResultStatus makeRequest = appServerTagAuthorizeTask.makeRequest();
                TagAuthorizationResponse response = appServerTagAuthorizeTask.getResponse();
                if (response != null) {
                    if (installSessionKey(response.getSessionKey(), response.instructions)) {
                        return AuthorizeResult.SUCCESS;
                    }
                } else if (makeRequest != NetworkResultStatus.NETWORK_FAILURE) {
                    CLog.e(this.tag, "Tag refused by server during authorize_tag call.");
                    return AuthorizeResult.FAIL_SERVER_REJECTION;
                }
            }
        }
        return AuthorizeResult.FAIL_MISC;
    }

    List<TagSessionKey> getSessionKeys() {
        return TagDb.get(this.mContext).getTagSessionKeys(this.mTagMacAddress);
    }

    public boolean installSessionKey(TagSessionKey tagSessionKey, List<TagInstruction> list) {
        boolean z;
        if (this.aborting) {
            return false;
        }
        if (this.mTagAuthorize == null) {
            CLog.e(this.tag, "Cannot install key if no auth characteristic exists.");
            return false;
        }
        if (list == null || list.size() != 2) {
            CLog.w(this.tag, "No instructions or wrong size in installSessionKey");
            z = false;
        } else {
            z = true;
            Iterator<TagInstruction> it = list.iterator();
            while (it.hasNext()) {
                byte[] decode = Base64.decode(it.next().data, 0);
                CLog.i(this.tag, "Writing auth instruction " + TagCrypto.bytesToHex(decode));
                if (!this.mSync.write(this.mTagAuthorize, decode, TagSynchronousAccess.WriteMode.Unencrypted)) {
                    CLog.w(this.tag, "Auth instruction failed");
                    z = false;
                }
            }
        }
        if (!z) {
            CLog.w(this.tag, "Unable to install new key.");
            return false;
        }
        if (tagSessionKey != null) {
            saveSessionKey(tagSessionKey);
        }
        return tryAuth();
    }

    public byte[] readTagChallenge() {
        byte[] bArr = null;
        if (this.aborting) {
            return null;
        }
        if (this.mTagAuthorize == null) {
            CLog.i(this.tag, "No auth characteristic - older firmware?");
            return null;
        }
        byte b2 = 0;
        int i = 0;
        while (true) {
            if (i < 2) {
                byte[] read = this.mSync.read(this.mTagAuthorize);
                if (read != null) {
                    byte b3 = read[16];
                    CLog.i(this.tag, "read auth flags " + ((int) b3) + " on attempt " + i);
                    bArr = Arrays.copyOfRange(read, 0, 16);
                    b2 = b3;
                    break;
                }
                CLog.e(this.tag, "Failed to read challenge from tag on attempt " + i);
                i++;
            } else {
                break;
            }
        }
        this.mSync.setChallenge(bArr, b2);
        return bArr;
    }

    void saveSessionKey(TagSessionKey tagSessionKey) {
        TagDb tagDb = TagDb.get(this.mContext);
        List<TagSessionKey> tagSessionKeys = tagDb.getTagSessionKeys(this.mTagMacAddress);
        tagDb.saveTagSessionKeys(this.mTagMacAddress, tagSessionKey, tagSessionKeys.size() > 1 ? tagSessionKeys.get(0) : null);
        this.mSync.addSessionKey(tagSessionKey);
    }
}
