package com.jefftharris.passwdsafe;

import android.annotation.TargetApi;
import android.content.ContentValues;
import android.content.Context;
import android.content.SharedPreferences;
import android.database.Cursor;
import android.database.SQLException;
import android.database.sqlite.SQLiteDatabase;
import android.net.Uri;
import android.os.Handler;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import androidx.annotation.CheckResult;
import androidx.annotation.NonNull;
import androidx.core.hardware.fingerprint.FingerprintManagerCompat;
import androidx.core.os.CancellationSignal;
import com.jefftharris.passwdsafe.PasswdSafeDb;
import com.jefftharris.passwdsafe.SavedPasswordsMgr;
import com.jefftharris.passwdsafe.file.PasswdFileUri;
import com.jefftharris.passwdsafe.lib.ApiCompat;
import com.jefftharris.passwdsafe.lib.PasswdSafeUtil;
import com.jefftharris.passwdsafe.util.Pair;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import org.pwsafe.lib.Util;
import org.pwsafe.lib.file.Owner;
import org.pwsafe.lib.file.PwsPassword;

/* loaded from: classes.dex */
public final class SavedPasswordsMgr {
    private static final String KEYSTORE = "AndroidKeyStore";
    private static final String TAG = "SavedPasswordsMgr";
    private final Context itsContext;
    private final SavedPasswordsDb itsDb;

    @NonNull
    private final FingerprintMgr itsFingerprintMgr;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.jefftharris.passwdsafe.SavedPasswordsMgr$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$jefftharris$passwdsafe$file$PasswdFileUri$Type = new int[PasswdFileUri.Type.values().length];

        static {
            try {
                $SwitchMap$com$jefftharris$passwdsafe$file$PasswdFileUri$Type[PasswdFileUri.Type.GENERIC_PROVIDER.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$jefftharris$passwdsafe$file$PasswdFileUri$Type[PasswdFileUri.Type.EMAIL.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$jefftharris$passwdsafe$file$PasswdFileUri$Type[PasswdFileUri.Type.FILE.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$com$jefftharris$passwdsafe$file$PasswdFileUri$Type[PasswdFileUri.Type.SYNC_PROVIDER.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
        }
    }

    /* loaded from: classes.dex */
    public static class FingerprintMgr {
        public void authenticate(FingerprintManagerCompat.CryptoObject cryptoObject, int i, CancellationSignal cancellationSignal, FingerprintManagerCompat.AuthenticationCallback authenticationCallback, Handler handler) throws IllegalArgumentException, IllegalStateException {
            throw new IllegalStateException("Not implemented");
        }

        public boolean hasEnrolledFingerprints() {
            return false;
        }

        public boolean isHardwareDetected() {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class SavedPassword {
        private static final MessageDigest MD_SHA256;
        public final String itsEncPasswd;
        public final String itsIv;
        public final Uri itsUri;

        static {
            MessageDigest messageDigest;
            try {
                messageDigest = MessageDigest.getInstance("SHA-256");
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
                messageDigest = null;
            }
            MD_SHA256 = messageDigest;
        }

        public SavedPassword(String str, String str2, String str3) {
            this.itsUri = Uri.parse(str);
            this.itsIv = str2;
            this.itsEncPasswd = str3;
        }

        public static String getUriKey(Uri uri) throws UnsupportedEncodingException {
            return Base64.encodeToString(MD_SHA256.digest(uri.toString().getBytes("UTF-8")), 2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class SavedPasswordsDb {
        private static final String[] QUERY_COLUMNS = {"uri", PasswdSafeDb.DB_COL_SAVED_PASSWORDS_PROVIDER_URI, "display_name", PasswdSafeDb.DB_COL_SAVED_PASSWORDS_IV, PasswdSafeDb.DB_COL_SAVED_PASSWORDS_ENC_PASSWD};
        private static final int QUERY_COL_ENC_PASSWD = 4;
        private static final int QUERY_COL_IV = 3;
        private static final int QUERY_COL_URI = 0;
        private static final String WHERE_BY_PROVDISP = "provider_uri = ? AND display_name = ?";
        private static final String WHERE_BY_URI = "uri = ?";
        private final PasswdSafeDb itsDb;

        public SavedPasswordsDb(Context context) {
            this.itsDb = ((PasswdSafeApp) context.getApplicationContext()).getPasswdSafeDb();
            processDbUpgrade(context);
        }

        private void addSavedPassword(String str, String str2, String str3, String str4, String str5) throws Exception {
            final ContentValues contentValues = new ContentValues();
            contentValues.put("uri", str);
            contentValues.put(PasswdSafeDb.DB_COL_SAVED_PASSWORDS_PROVIDER_URI, str2);
            contentValues.put("display_name", str3);
            contentValues.put(PasswdSafeDb.DB_COL_SAVED_PASSWORDS_IV, str4);
            contentValues.put(PasswdSafeDb.DB_COL_SAVED_PASSWORDS_ENC_PASSWD, str5);
            this.itsDb.useDb(new PasswdSafeDb.DbUser() { // from class: com.jefftharris.passwdsafe.-$$Lambda$SavedPasswordsMgr$SavedPasswordsDb$BWwWN0lst0x6DtNHna4xEqt60CA
                @Override // com.jefftharris.passwdsafe.PasswdSafeDb.DbUser
                public final Object useDb(SQLiteDatabase sQLiteDatabase) {
                    return SavedPasswordsMgr.SavedPasswordsDb.lambda$addSavedPassword$2(contentValues, sQLiteDatabase);
                }
            });
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static Pair<String, String> getProviderAndDisplay(PasswdFileUri passwdFileUri, Context context) {
            return new Pair<>(passwdFileUri.getUri().buildUpon().path(null).query(null).toString(), passwdFileUri.getIdentifier(context, true));
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static /* synthetic */ Void lambda$addSavedPassword$2(ContentValues contentValues, SQLiteDatabase sQLiteDatabase) throws Exception {
            sQLiteDatabase.replaceOrThrow(PasswdSafeDb.DB_TABLE_SAVED_PASSWORDS, null, contentValues);
            return null;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static /* synthetic */ Void lambda$removeAllSavedPasswords$1(SQLiteDatabase sQLiteDatabase) throws Exception {
            sQLiteDatabase.delete(PasswdSafeDb.DB_TABLE_SAVED_PASSWORDS, null, null);
            return null;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static /* synthetic */ Void lambda$removeSavedPassword$0(Uri uri, SQLiteDatabase sQLiteDatabase) throws Exception {
            sQLiteDatabase.delete(PasswdSafeDb.DB_TABLE_SAVED_PASSWORDS, WHERE_BY_URI, new String[]{uri.toString()});
            return null;
        }

        private void processDbUpgrade(Context context) {
            SharedPreferences sharedPreferences = context.getSharedPreferences("saved", 0);
            for (String str : sharedPreferences.getAll().keySet()) {
                if (str.startsWith("key_")) {
                    String substring = str.substring(4);
                    String string = sharedPreferences.getString(str, null);
                    String string2 = sharedPreferences.getString("iv_" + str, null);
                    if (string != null && string2 != null) {
                        try {
                            addSavedPassword(substring, "", "", string2, string);
                        } catch (Exception e) {
                            Log.e(SavedPasswordsMgr.TAG, "Error upgrading keys", e);
                        }
                    }
                }
            }
            sharedPreferences.edit().clear().apply();
        }

        public void addSavedPassword(PasswdFileUri passwdFileUri, String str, String str2, Context context) throws Exception {
            Pair<String, String> providerAndDisplay = getProviderAndDisplay(passwdFileUri, context);
            addSavedPassword(passwdFileUri.toString(), providerAndDisplay.first, providerAndDisplay.second, str, str2);
        }

        public SavedPassword getSavedPassword(final PasswdFileUri passwdFileUri, final Context context) throws Exception {
            return (SavedPassword) this.itsDb.useDb(new PasswdSafeDb.DbUser<SavedPassword>() { // from class: com.jefftharris.passwdsafe.SavedPasswordsMgr.SavedPasswordsDb.1
                private SavedPassword getByQuery(SQLiteDatabase sQLiteDatabase, String str, String[] strArr) throws SQLException {
                    Cursor query = sQLiteDatabase.query(PasswdSafeDb.DB_TABLE_SAVED_PASSWORDS, SavedPasswordsDb.QUERY_COLUMNS, str, strArr, null, null, null);
                    try {
                        if (query.moveToFirst()) {
                            return new SavedPassword(query.getString(0), query.getString(3), query.getString(4));
                        }
                        query.close();
                        return null;
                    } finally {
                        query.close();
                    }
                }

                /* JADX WARN: Can't rename method to resolve collision */
                /* JADX WARN: Multi-variable type inference failed */
                @Override // com.jefftharris.passwdsafe.PasswdSafeDb.DbUser
                public SavedPassword useDb(SQLiteDatabase sQLiteDatabase) throws Exception {
                    SavedPassword byQuery = getByQuery(sQLiteDatabase, SavedPasswordsDb.WHERE_BY_URI, new String[]{passwdFileUri.toString()});
                    if (byQuery != null) {
                        return byQuery;
                    }
                    if (AnonymousClass1.$SwitchMap$com$jefftharris$passwdsafe$file$PasswdFileUri$Type[passwdFileUri.getType().ordinal()] != 1) {
                        return null;
                    }
                    Pair providerAndDisplay = SavedPasswordsDb.getProviderAndDisplay(passwdFileUri, context);
                    return getByQuery(sQLiteDatabase, SavedPasswordsDb.WHERE_BY_PROVDISP, new String[]{(String) providerAndDisplay.first, (String) providerAndDisplay.second});
                }
            });
        }

        public void removeAllSavedPasswords() throws Exception {
            this.itsDb.useDb(new PasswdSafeDb.DbUser() { // from class: com.jefftharris.passwdsafe.-$$Lambda$SavedPasswordsMgr$SavedPasswordsDb$p5W0tEgCLT7IJMW-CrOrVUux-W0
                @Override // com.jefftharris.passwdsafe.PasswdSafeDb.DbUser
                public final Object useDb(SQLiteDatabase sQLiteDatabase) {
                    return SavedPasswordsMgr.SavedPasswordsDb.lambda$removeAllSavedPasswords$1(sQLiteDatabase);
                }
            });
        }

        public void removeSavedPassword(final Uri uri) throws Exception {
            this.itsDb.useDb(new PasswdSafeDb.DbUser() { // from class: com.jefftharris.passwdsafe.-$$Lambda$SavedPasswordsMgr$SavedPasswordsDb$JlEHmaabeGv9hmUox3hWVU2rkFo
                @Override // com.jefftharris.passwdsafe.PasswdSafeDb.DbUser
                public final Object useDb(SQLiteDatabase sQLiteDatabase) {
                    return SavedPasswordsMgr.SavedPasswordsDb.lambda$removeSavedPassword$0(uri, sQLiteDatabase);
                }
            });
        }
    }

    /* loaded from: classes.dex */
    public static abstract class User extends FingerprintManagerCompat.AuthenticationCallback implements CancellationSignal.OnCancelListener {
        private final CancellationSignal itsCancelSignal = new CancellationSignal();

        public User() {
            this.itsCancelSignal.setOnCancelListener(this);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public CancellationSignal getCancelSignal() {
            return this.itsCancelSignal;
        }

        public void cancel() {
            this.itsCancelSignal.cancel();
        }

        protected abstract boolean isEncrypt();

        protected abstract void onStart();
    }

    public SavedPasswordsMgr(Context context) {
        this.itsContext = context.getApplicationContext();
        if (ApiCompat.SDK_VERSION >= 23) {
            this.itsFingerprintMgr = SavedPasswordsMgrMarshmallow.getFingerprintMgr(this.itsContext);
        } else {
            this.itsFingerprintMgr = new FingerprintMgr();
        }
        this.itsDb = new SavedPasswordsDb(this.itsContext);
    }

    @TargetApi(23)
    private Cipher getKeyCipher(PasswdFileUri passwdFileUri, boolean z) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
        SavedPassword savedPassword;
        Uri uri = passwdFileUri.getUri();
        if (z) {
            e = null;
            savedPassword = null;
        } else {
            try {
                savedPassword = getSavedPassword(passwdFileUri);
                if (savedPassword != null) {
                    try {
                        uri = savedPassword.itsUri;
                    } catch (Exception e) {
                        e = e;
                    }
                }
                e = null;
            } catch (Exception e2) {
                e = e2;
                savedPassword = null;
            }
        }
        KeyStore keystore = getKeystore();
        String[] strArr = {getUriAlias2(uri), getUriAlias1(uri)};
        int length = strArr.length;
        Key key = null;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            String str = strArr[i];
            Key key2 = keystore.getKey(str, null);
            if (key2 != null) {
                PasswdSafeUtil.dbginfo(TAG, "getKeyCipher name %s", str);
                key = key2;
                break;
            }
            i++;
            key = key2;
        }
        if (key == null) {
            throw new IOException(this.itsContext.getString(R.string.key_not_found, uri));
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        if (z) {
            cipher.init(1, key);
        } else {
            if (savedPassword == null || TextUtils.isEmpty(savedPassword.itsIv)) {
                throw new IOException("Key IV not found for " + passwdFileUri, e);
            }
            cipher.init(2, key, new IvParameterSpec(Base64.decode(savedPassword.itsIv, 2)));
        }
        return cipher;
    }

    private KeyStore getKeystore() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE);
        keyStore.load(null);
        return keyStore;
    }

    private SavedPassword getSavedPassword(PasswdFileUri passwdFileUri) throws Exception {
        return this.itsDb.getSavedPassword(passwdFileUri, this.itsContext);
    }

    private static String getUriAlias1(Uri uri) {
        return "key_" + uri.toString();
    }

    private static String getUriAlias2(Uri uri) throws UnsupportedEncodingException {
        return "key2_" + SavedPassword.getUriKey(uri);
    }

    public void addSavedPassword(PasswdFileUri passwdFileUri, Owner<PwsPassword>.Param param, Cipher cipher) throws Exception {
        Owner<PwsPassword> use = param.use();
        Throwable th = null;
        try {
            try {
                String encodeToString = Base64.encodeToString(cipher.doFinal(use.get().getBytes("UTF-8")), 2);
                this.itsDb.addSavedPassword(passwdFileUri, Base64.encodeToString(cipher.getIV(), 2), encodeToString, this.itsContext);
                if (use != null) {
                    use.close();
                }
            } catch (Throwable th2) {
                th = th2;
                throw th;
            }
        } catch (Throwable th3) {
            if (use != null) {
                if (th != null) {
                    try {
                        use.close();
                    } catch (Throwable unused) {
                    }
                } else {
                    use.close();
                }
            }
            throw th3;
        }
    }

    @TargetApi(23)
    public synchronized void generateKey(PasswdFileUri passwdFileUri) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException, IOException {
        String uriAlias2 = getUriAlias2(passwdFileUri.getUri());
        PasswdSafeUtil.dbginfo(TAG, "generateKey: %s, key: %s", passwdFileUri, uriAlias2);
        if (!this.itsFingerprintMgr.hasEnrolledFingerprints()) {
            throw new IOException(this.itsContext.getString(R.string.no_fingerprints_registered));
        }
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", KEYSTORE);
            keyGenerator.init(new KeyGenParameterSpec.Builder(uriAlias2, 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setKeySize(256).setUserAuthenticationRequired(true).build());
            keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            Log.e(TAG, "generateKey failure", e);
            removeSavedPassword(passwdFileUri);
            throw e;
        }
    }

    public boolean isAvailable() {
        return this.itsFingerprintMgr.isHardwareDetected();
    }

    public synchronized boolean isSaved(PasswdFileUri passwdFileUri) {
        try {
        } catch (Exception e) {
            Log.e(TAG, "Error checking saved for " + passwdFileUri, e);
            return false;
        }
        return getSavedPassword(passwdFileUri) != null;
    }

    @CheckResult
    public Owner<PwsPassword> loadSavedPassword(PasswdFileUri passwdFileUri, Cipher cipher) throws IOException, BadPaddingException, IllegalBlockSizeException {
        SavedPassword savedPassword = null;
        try {
            e = null;
            savedPassword = getSavedPassword(passwdFileUri);
        } catch (Exception e) {
            e = e;
        }
        if (savedPassword == null || TextUtils.isEmpty(savedPassword.itsEncPasswd)) {
            throw new IOException(this.itsContext.getString(R.string.password_not_found, passwdFileUri), e);
        }
        byte[] decode = Base64.decode(savedPassword.itsEncPasswd, 2);
        byte[] doFinal = cipher.doFinal(decode);
        try {
            return PwsPassword.create(doFinal, "UTF-8");
        } finally {
            Util.clearArray(doFinal);
            Util.clearArray(decode);
        }
    }

    public synchronized void removeAllSavedPasswords() {
        try {
            this.itsDb.removeAllSavedPasswords();
        } catch (Exception e) {
            Log.e(TAG, "Error removing passwords", e);
        }
        if (isAvailable()) {
            try {
                KeyStore keystore = getKeystore();
                Enumeration<String> aliases = keystore.aliases();
                if (aliases != null) {
                    while (aliases.hasMoreElements()) {
                        String nextElement = aliases.nextElement();
                        PasswdSafeUtil.dbginfo(TAG, "removeAllSavedPasswords key: %s", nextElement);
                        keystore.deleteEntry(nextElement);
                    }
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                e2.printStackTrace();
            }
        }
    }

    public synchronized void removeSavedPassword(PasswdFileUri passwdFileUri) {
        Uri uri = passwdFileUri.getUri();
        try {
            SavedPassword savedPassword = getSavedPassword(passwdFileUri);
            if (savedPassword != null) {
                uri = savedPassword.itsUri;
            }
            this.itsDb.removeSavedPassword(uri);
        } catch (Exception e) {
            Log.e(TAG, "Error removing " + passwdFileUri, e);
        }
        if (isAvailable()) {
            PasswdSafeUtil.dbginfo(TAG, "removeSavedPassword: %s", passwdFileUri);
            try {
                try {
                    KeyStore keystore = getKeystore();
                    for (String str : new String[]{getUriAlias2(uri), getUriAlias1(uri)}) {
                        try {
                            keystore.deleteEntry(str);
                        } catch (KeyStoreException e2) {
                            e2.printStackTrace();
                        }
                    }
                } catch (KeyStoreException e3) {
                    e = e3;
                    e.printStackTrace();
                }
            } catch (IOException e4) {
                e = e4;
                e.printStackTrace();
            } catch (NoSuchAlgorithmException e5) {
                e = e5;
                e.printStackTrace();
            } catch (CertificateException e6) {
                e = e6;
                e.printStackTrace();
            }
        }
    }

    public boolean startPasswordAccess(PasswdFileUri passwdFileUri, User user) {
        try {
            this.itsFingerprintMgr.authenticate(new FingerprintManagerCompat.CryptoObject(getKeyCipher(passwdFileUri, user.isEncrypt())), 0, user.getCancelSignal(), user, null);
            user.onStart();
            return true;
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException | NoSuchPaddingException e) {
            String string = this.itsContext.getString(R.string.key_error, passwdFileUri, e.getLocalizedMessage());
            Log.e(TAG, string, e);
            user.onAuthenticationError(0, string);
            return false;
        }
    }
}
