package com.sec.android.sidesync.lib.model;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.sec.android.sidesync.cryptopp.CryptoppNativeManager;
import com.sec.android.sidesync.cryptopp.ECDHKeyPair;
import com.sec.android.sidesync.cryptopp.SharedSecret;
import com.sec.android.sidesync.lib.util.Device;
import com.sec.android.sidesync30.type.AuthInformation;
import com.sec.android.sidesync30.type.Define;
import com.sec.android.sidesync30.utils.Debug;
import com.sec.android.sidesync30.utils.Preferences;
import com.sec.android.sidesync30.utils.Utils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Iterator;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.json.JSONTokener;

/* loaded from: classes.dex */
public class CryptoppManager {
    public static final int CLIENT = 1;
    private static final String KEY_ALIAS = "com.sec.android.sidesync_key";
    public static final int SERVER = 0;
    private static AuthInfo mAuthInfo;
    private static Context mContext;
    private static String mMAC;
    private static String mPassKey;
    private static byte[] mSessionKey;
    private ECDHKeyPair deviceKeyPair = null;
    private SharedSecret sharedSecret = null;
    private boolean mVerifiedHMAC = false;

    /* loaded from: classes.dex */
    public class AuthInfo {
        public String mDevice = null;
        public String mType = null;
        public String mMAC = null;
        public String mPubKey = null;
        public String mName = null;
        public String mHPubKey = null;
        public boolean mShow = false;
        public byte[] hmac = null;

        public AuthInfo() {
        }
    }

    static {
        System.loadLibrary("stlport_shared");
        System.loadLibrary("CryptoppManager");
        mAuthInfo = null;
        mMAC = null;
        mContext = null;
        mPassKey = null;
        mSessionKey = null;
    }

    public CryptoppManager(Context context) {
        mContext = context;
        mMAC = Utils.getSha1Base64Data(Device.getWifiMacAddress(mContext));
        if ("eng".equals(Build.TYPE)) {
            CryptoppNativeManager.setDebugMode(1);
        } else {
            CryptoppNativeManager.setDebugMode(0);
        }
        generateKeyPair();
    }

    public static String CbcDecryption(byte[] bArr) {
        if (mSessionKey == null) {
            Debug.log("mSessionKey == null");
            return null;
        }
        if (bArr == null) {
            Debug.log("cipher == null");
            return null;
        }
        if (bArr.length > 0) {
            return new String(CryptoppNativeManager.cbcDecryption(mSessionKey, bArr));
        }
        Debug.log("cipher.length <= 0");
        return null;
    }

    public static byte[] CbcEncryption(String str) {
        if (mSessionKey == null) {
            Debug.log("mSessionKey == null");
            return null;
        }
        if (str == null) {
            Debug.log("plain == null");
            return null;
        }
        if (str.length() > 0) {
            return CryptoppNativeManager.cbcEncryption(mSessionKey, str);
        }
        Debug.log("plain.length() <= 0");
        return null;
    }

    private static String _convertAllowedAuthList2JsonString(Context context, ArrayList<AuthInformation> arrayList) {
        if (arrayList == null || arrayList.size() == 0) {
            Debug.log("[_convertAllowedAuthList2JsonString] >  allowedList is null");
            return null;
        }
        JSONObject jSONObject = new JSONObject();
        try {
            JSONArray jSONArray = new JSONArray();
            Iterator<AuthInformation> it = arrayList.iterator();
            while (it.hasNext()) {
                AuthInformation next = it.next();
                JSONObject jSONObject2 = new JSONObject();
                jSONObject2.put(Define.JSON_AL_DEVICENAME, next.getName());
                jSONObject2.put(Define.JSON_AL_DEVICEMAC, next.getId());
                jSONObject2.put("DeviceType", next.getType());
                jSONObject2.put(Define.JSON_AL_PASSKEY, next.getPassKey());
                jSONArray.put(jSONObject2);
            }
            jSONObject.put(Define.JSON_AL_ALLOWEDLIST, jSONArray);
        } catch (JSONException e) {
            e.printStackTrace();
        }
        String jSONObject3 = jSONObject.toString();
        Debug.logD("[AllowedList2JsonString] >  strList : " + jSONObject3);
        return Utils.getDeviceOsVer() >= 23 ? encodeAllowedList(jSONObject3) : _encryptString_L(jSONObject3);
    }

    private static ArrayList<AuthInformation> _convertJsonString2AllowedAuthList(Context context, String str) {
        ArrayList<AuthInformation> arrayList = null;
        JSONObject jSONObject = null;
        if (str == null) {
            Debug.log("[_convertJsonString2AllowedAuthList] > strList is null");
            return null;
        }
        Debug.logD("[_convertJsonString2AllowedAuthList] >  strList : " + str);
        String decodeAllowedList = Utils.getDeviceOsVer() >= 23 ? decodeAllowedList(str) : _decryptString_L(str);
        if (decodeAllowedList == null) {
            Debug.log("[_convertJsonString2AllowedAuthList] >  decodedList is null");
            return null;
        }
        try {
            jSONObject = (JSONObject) new JSONTokener(decodeAllowedList).nextValue();
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (jSONObject == null) {
            Debug.log("[_convertJsonString2AllowedAuthList] >  JsonAllowedList is null");
            return null;
        }
        try {
            JSONArray jSONArray = jSONObject.getJSONArray(Define.JSON_AL_ALLOWEDLIST);
            int length = jSONArray.length();
            if (length > 0) {
                ArrayList<AuthInformation> arrayList2 = new ArrayList<>();
                for (int i = 0; i < length; i++) {
                    try {
                        JSONObject jSONObject2 = jSONArray.getJSONObject(i);
                        String string = jSONObject2.getString(Define.JSON_AL_DEVICENAME);
                        String string2 = jSONObject2.getString(Define.JSON_AL_DEVICEMAC);
                        String string3 = jSONObject2.getString("DeviceType");
                        String string4 = jSONObject2.getString(Define.JSON_AL_PASSKEY);
                        AuthInformation authInformation = new AuthInformation();
                        authInformation.setInfo(string3, string2, string, string4);
                        arrayList2.add(authInformation);
                    } catch (JSONException e2) {
                        e = e2;
                        arrayList = arrayList2;
                        e.printStackTrace();
                        return arrayList;
                    }
                }
                arrayList = arrayList2;
            }
        } catch (JSONException e3) {
            e = e3;
        }
        return arrayList;
    }

    public static String _decryptString_L(String str) {
        _makeKeyFromKeystore_L(KEY_ALIAS);
        String str2 = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) ((KeyStore.PrivateKeyEntry) keyStore.getEntry(KEY_ALIAS, null)).getPrivateKey();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
            cipher.init(2, rSAPrivateKey);
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            byte[] bArr = new byte[arrayList.size()];
            for (int i = 0; i < bArr.length; i++) {
                bArr[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            str2 = new String(bArr, 0, bArr.length, StandardCharsets.UTF_8);
            return str2;
        } catch (Exception e) {
            e.printStackTrace();
            return str2;
        }
    }

    public static String _encryptString_L(String str) {
        _makeKeyFromKeystore_L(KEY_ALIAS);
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            RSAPublicKey rSAPublicKey = (RSAPublicKey) ((KeyStore.PrivateKeyEntry) keyStore.getEntry(KEY_ALIAS, null)).getCertificate().getPublicKey();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
            cipher.init(1, rSAPublicKey);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes(StandardCharsets.UTF_8));
            cipherOutputStream.close();
            return new String(Base64.encode(byteArrayOutputStream.toByteArray(), 2), StandardCharsets.UTF_8);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static void _makeKeyFromKeystore_L(String str) {
        Debug.log("makeKeyFromKeystore");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                return;
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 1);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(mContext).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            e.printStackTrace();
        }
    }

    public static void addAllowedAuth(Context context, AuthInformation authInformation) {
        if (authInformation == null) {
            Debug.log("addAuthInfo : authInfo == null");
            return;
        }
        ArrayList<AuthInformation> allowedAuthList = getAllowedAuthList(context);
        if (allowedAuthList == null) {
            allowedAuthList = new ArrayList<>();
        }
        int i = 0;
        while (true) {
            if (i >= allowedAuthList.size()) {
                break;
            }
            if (allowedAuthList.get(i).getId().equalsIgnoreCase(authInformation.getId())) {
                allowedAuthList.remove(i);
                break;
            }
            i++;
        }
        if (authInformation.getId() == null || authInformation.getId().equals("")) {
            Debug.log("@@ AUTH INFO LIST ADD = null");
            return;
        }
        allowedAuthList.add(0, authInformation);
        Debug.log("@@ AUTH INFO LIST ADD = " + authInformation.getId());
        setAuthInfoList(context, allowedAuthList);
        allowedAuthList.clear();
    }

    public static String decodeAllowedList(String str) {
        Debug.log("decodeAllowedList");
        String str2 = null;
        try {
            byte[] doFinal = getCipher(2).doFinal(Base64.decode(str, 2));
            Debug.log("decryptedData.length : " + doFinal.length);
            String str3 = new String(doFinal, StandardCharsets.UTF_8);
            try {
                Debug.logD("after decode dec : " + str3);
                return str3;
            } catch (Exception e) {
                e = e;
                str2 = str3;
                e.printStackTrace();
                return str2;
            }
        } catch (Exception e2) {
            e = e2;
        }
    }

    public static void deleteKeyFromKeystore(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static String encodeAllowedList(String str) {
        Debug.log("encodeAllowedList");
        try {
            byte[] doFinal = getCipher(1).doFinal(str.getBytes(StandardCharsets.UTF_8));
            Debug.log("encryptData.length : " + doFinal.length);
            return new String(Base64.encode(doFinal, 2), StandardCharsets.UTF_8);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private void generateKeyPair() {
        this.deviceKeyPair = CryptoppNativeManager.generateKeyPair();
        Debug.logD(String.format("Device Key Pair: %s", this.deviceKeyPair.toString()));
    }

    public static ArrayList<AuthInformation> getAllowedAuthList(Context context) {
        return _convertJsonString2AllowedAuthList(context, Preferences.getString(context, Define.PREF_AUTH_INFO_LIST, null));
    }

    private static Cipher getCipher(int i) {
        Cipher cipher = null;
        try {
            cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            if (i == 1) {
                cipher.init(i, getKeyFromKeystore(KEY_ALIAS));
                Preferences.setString(mContext, Define.PREF_AUTH_INFO_LIST_IV, Base64.encodeToString(((IvParameterSpec) cipher.getParameters().getParameterSpec(IvParameterSpec.class)).getIV(), 2));
            } else {
                cipher.init(i, getKeyFromKeystore(KEY_ALIAS), new IvParameterSpec(Base64.decode(Preferences.getString(mContext, Define.PREF_AUTH_INFO_LIST_IV, null), 2)));
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return cipher;
    }

    private static SecretKey getKeyFromKeystore(String str) {
        Debug.log("getKeyFromKeystore");
        SecretKey secretKey = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            secretKey = (SecretKey) keyStore.getKey(str, null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            e.printStackTrace();
        }
        return secretKey != null ? secretKey : makeKeyFromKeystore(str);
    }

    public static String getPassKey() {
        return mPassKey;
    }

    public static boolean isAllowedAuth(Context context, String str) {
        boolean z = false;
        if (str == null) {
            Debug.log("isAllowedAuth : isAllowedAuth == null");
        } else {
            ArrayList<AuthInformation> allowedAuthList = getAllowedAuthList(context);
            if (allowedAuthList == null) {
                Debug.log("Not-authInfo-List is null");
            } else {
                z = false;
                int i = 0;
                while (true) {
                    if (i >= allowedAuthList.size()) {
                        break;
                    }
                    if (allowedAuthList.get(i) != null && allowedAuthList.get(i).getId() != null && allowedAuthList.get(i).getId().equalsIgnoreCase(str)) {
                        z = true;
                        break;
                    }
                    i++;
                }
                allowedAuthList.clear();
                Debug.logI("@ isAllowedAuth(" + str + ") : " + z);
            }
        }
        return z;
    }

    private static SecretKey makeKeyFromKeystore(String str) {
        Debug.log("makeKeyFromKeystore");
        try {
            KeyStore.getInstance("AndroidKeyStore").load(null);
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build());
            return keyGenerator.generateKey();
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static void removeAllowedAuth(Context context, AuthInformation authInformation) {
        if (authInformation == null || authInformation.getId() == null) {
            Debug.log("removeAuthInfo : authInfo == null");
            return;
        }
        ArrayList<AuthInformation> allowedAuthList = getAllowedAuthList(context);
        if (allowedAuthList == null) {
            Debug.log("Not-authInfo-List is null");
            return;
        }
        String id = authInformation.getId();
        Debug.log("@ Given device ID = " + id);
        int i = 0;
        while (true) {
            if (i >= allowedAuthList.size()) {
                break;
            }
            if (allowedAuthList.get(i) != null && allowedAuthList.get(i).getId() != null && allowedAuthList.get(i).getId().equalsIgnoreCase(id)) {
                Debug.logI("@ remove - " + id);
                allowedAuthList.remove(i);
                break;
            }
            i++;
        }
        setAuthInfoList(context, allowedAuthList);
        allowedAuthList.clear();
    }

    public static void setAuthInfoList(Context context, ArrayList<AuthInformation> arrayList) {
        if (arrayList != null && arrayList.size() > 10) {
            for (int size = arrayList.size(); size > 10; size--) {
                arrayList.remove(size - 1);
            }
        }
        Preferences.setString(context, Define.PREF_AUTH_INFO_LIST, _convertAllowedAuthList2JsonString(context, arrayList));
    }

    public byte[] EncryptorWithMAC(String str) {
        if (this.sharedSecret != null) {
            return CryptoppNativeManager.EncryptorWithMAC(this.sharedSecret.sharedSecret, str);
        }
        Debug.log("sharedSecret == null");
        return null;
    }

    public boolean MacVerification() {
        if (this.sharedSecret != null) {
            return CryptoppNativeManager.MacVerification(this.sharedSecret.sharedSecret, mAuthInfo.hmac, makePlainMessage());
        }
        Debug.log("sharedSecret == null");
        return false;
    }

    public String PassKey(int i) {
        String str = null;
        switch (i) {
            case 0:
                str = String.valueOf(mAuthInfo.mMAC) + mMAC;
                break;
            case 1:
                str = String.valueOf(mMAC) + mAuthInfo.mMAC;
                break;
        }
        mPassKey = String.format(Locale.US, "%06d", Long.valueOf(str != null ? CryptoppNativeManager.PassKey(String.valueOf(Base64.encodeToString(this.sharedSecret.sharedSecret, 2)) + str) : 0L));
        mPassKey = mPassKey.substring(0, 6);
        return mPassKey;
    }

    public byte[] SHA256(byte[] bArr) {
        return CryptoppNativeManager.SHA256(bArr);
    }

    public void SessionKey(int i) {
        String str = null;
        switch (i) {
            case 0:
                str = String.valueOf(mAuthInfo.mMAC) + mMAC;
                break;
            case 1:
                str = String.valueOf(mMAC) + mAuthInfo.mMAC;
                break;
        }
        if (str != null) {
            mSessionKey = CryptoppNativeManager.SessionKey(this.sharedSecret.sharedSecret, str);
        }
        Debug.logD("Auth SessionKey : " + Utils.hex(mSessionKey));
    }

    public AuthInfo getAuthInfo() {
        return mAuthInfo;
    }

    public byte[] getPulbicKey() {
        if (this.deviceKeyPair != null) {
            return this.deviceKeyPair.publicKey;
        }
        return null;
    }

    public byte[] getSecretKey() {
        if (this.sharedSecret != null) {
            return this.sharedSecret.sharedSecret;
        }
        return null;
    }

    public boolean getVerifedHMAC() {
        return this.mVerifiedHMAC;
    }

    public void makeAuthInfo() {
        mAuthInfo = new AuthInfo();
    }

    public String makeHMACMessage() {
        return String.valueOf(mAuthInfo.mPubKey) + Base64.encodeToString(getPulbicKey(), 2) + mAuthInfo.mMAC + mMAC;
    }

    public String makePlainMessage() {
        return String.valueOf(Base64.encodeToString(getPulbicKey(), 2)) + mAuthInfo.mPubKey + mMAC + mAuthInfo.mMAC;
    }

    public int publicKeyLength() {
        if (this.deviceKeyPair != null) {
            return this.deviceKeyPair.publicKey.length;
        }
        return 0;
    }

    public void retrieveSharedSecret(byte[] bArr) {
        if (this.deviceKeyPair == null) {
            Debug.log("deviceKeyPair == null");
        } else {
            this.sharedSecret = CryptoppNativeManager.retrieveSharedSecret(bArr, this.deviceKeyPair.privateKey);
            Debug.logD(String.format("Secret : %s", this.sharedSecret.toString()));
        }
    }

    public int secretKeyLength() {
        if (this.sharedSecret != null) {
            return this.sharedSecret.sharedSecret.length;
        }
        return 0;
    }

    public void setVerifedHMAC(boolean z) {
        this.mVerifiedHMAC = z;
    }
}
