package com.sybase.persistence;

import android.database.Cursor;
import com.sybase.persistence.DataVault;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Iterator;
import java.util.NoSuchElementException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public abstract class DataVaultLegacy implements ILegacyDataVault {
    protected static final byte[] INIT_VECTOR = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
    protected static final MessageDigest MESSAGE_DIGEST;
    private static final String NAME_CHECK_VALUE = "CheckValue";
    private static final String NAME_DEFAULT_PASSWORD_ALLOWED = "DefaultPasswordAllowed";
    private static final String NAME_HAS_DIGITS = "HasDigits";
    private static final String NAME_HAS_LOWER = "HasLower";
    private static final String NAME_HAS_SPECIAL = "HasSpecial";
    private static final String NAME_HAS_UPPER = "HasUpper";
    private static final String NAME_LAST_UNLOCK_TIME = "LastUnlockTime";
    private static final String NAME_LOCK_TIMEOUT = "LockTimeout";
    private static final String NAME_MIN_LENGTH = "MinLength";
    private static final String NAME_MIN_UNIQUE_CHARS = "MinUniqueChars";
    private static final String NAME_PASSWORD_TIMEOUT = "PasswordTimeout";
    private static final String NAME_RETRY_COUNT = "RetryCount";
    private static final String NAME_RETRY_LIMIT = "RetryLimit";
    protected static final byte[] PASSWORD_CHECK_VALUE;
    private static final String PASSWORD_FOR_RETRY_COUNTS = "{DDB45DB3-2637-4dd1-9031-00113148FE44}";
    private static final String SALT_FOR_RETRY_COUNTS = "{C33149A9-AF63-4ba9-838B-4D2AB4775BAA}";
    private final byte[] encryptedPasswordCheckValue;
    protected final EncryptionHelper encryptionHelper;
    protected SecretKey encryptionKey;
    protected final String id;
    private final LegacyLowLevelStorage legacyLowLevelStorage;
    protected final SecretKey retryKey;

    static {
        try {
            MESSAGE_DIGEST = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA256);
            PASSWORD_CHECK_VALUE = "{32106045-CE45-4c9f-A0D4-DB645755D697}".getBytes(Charset.forName("UTF-8"));
        } catch (Exception e) {
            throw new ExceptionInInitializerError(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DataVaultLegacy(String str, LegacyLowLevelStorage legacyLowLevelStorage) {
        this.id = str;
        this.legacyLowLevelStorage = legacyLowLevelStorage;
        if (!legacyLowLevelStorage.exists()) {
            this.retryKey = null;
            this.encryptionHelper = null;
            this.encryptedPasswordCheckValue = null;
            return;
        }
        this.retryKey = deriveEncryptionKey((str + PASSWORD_FOR_RETRY_COUNTS).toCharArray(), SALT_FOR_RETRY_COUNTS.toCharArray());
        EncryptionHelper encryptionHelper = new EncryptionHelper("AES/CFB/NoPadding");
        this.encryptionHelper = encryptionHelper;
        byte[] loadConfigEntry = legacyLowLevelStorage.loadConfigEntry(encryptionHelper.encryptWithExternalIv(this.retryKey, INIT_VECTOR, NAME_CHECK_VALUE));
        if (loadConfigEntry == null) {
            legacyLowLevelStorage.delete();
        }
        this.encryptedPasswordCheckValue = loadConfigEntry;
    }

    private static char[] autoComputePassword(String str) throws DataVaultException {
        return ("!j2H^K)y3i&L5h@6#" + str).toCharArray();
    }

    private static char[] autoComputeSalt(String str) throws DataVaultException {
        return ("*9yG4n#(2nXY$-3o" + str).toCharArray();
    }

    private static byte[] charToByteArray(char[] cArr) {
        ByteBuffer encode = Charset.forName("UTF-8").encode(CharBuffer.wrap(cArr));
        return Arrays.copyOfRange(encode.array(), encode.position(), encode.limit());
    }

    private final SecretKey deriveEncryptionKey(char[] cArr, char[] cArr2) throws DataVaultException {
        SecretKeySpec secretKeySpec;
        if (cArr == null || cArr.length == 0) {
            cArr = autoComputePassword(this.id);
        }
        if (cArr2 == null || cArr2.length == 0) {
            cArr2 = autoComputeSalt(this.id);
        }
        synchronized (MESSAGE_DIGEST) {
            MESSAGE_DIGEST.reset();
            MESSAGE_DIGEST.update(charToByteArray(cArr));
            MESSAGE_DIGEST.update(charToByteArray(cArr2));
            secretKeySpec = new SecretKeySpec(MESSAGE_DIGEST.digest(), "AES");
        }
        return secretKeySpec;
    }

    private long getConfigValue(String str, long j, SecretKey secretKey) {
        byte[] loadConfigEntry = this.legacyLowLevelStorage.loadConfigEntry(this.encryptionHelper.encryptWithExternalIv(secretKey, INIT_VECTOR, str));
        return loadConfigEntry == null ? j : Long.parseLong(new String(this.encryptionHelper.decryptWithExternalIv(secretKey, INIT_VECTOR, loadConfigEntry), Charset.forName("UTF-8")));
    }

    private boolean isKeyValid(SecretKey secretKey) throws DataVaultException {
        try {
            return Arrays.equals(this.encryptionHelper.decryptWithExternalIv(secretKey, INIT_VECTOR, this.encryptedPasswordCheckValue), PASSWORD_CHECK_VALUE);
        } catch (DataVaultException unused) {
            return false;
        }
    }

    private void setConfigValue(String str, long j, SecretKey secretKey) {
        this.legacyLowLevelStorage.saveConfigEntry(this.encryptionHelper.encryptWithExternalIv(secretKey, INIT_VECTOR, str), this.encryptionHelper.encryptWithExternalIv(secretKey, INIT_VECTOR, Long.toString(j).getBytes(Charset.forName("UTF-8"))));
    }

    private void setRetryCount(long j) {
        setConfigValue(NAME_RETRY_COUNT, j, this.retryKey);
    }

    @Override // com.sybase.persistence.ILegacyDataVault
    public final boolean canBeOpenedWithDefaultPassword() {
        return isKeyValid(deriveEncryptionKey(null, null));
    }

    @Override // com.sybase.persistence.ILegacyDataVault
    public final void delete() {
        this.legacyLowLevelStorage.delete();
    }

    @Override // com.sybase.persistence.ILegacyDataVault
    public final Long getLastUnlockTime() {
        return Long.valueOf(getConfigValue(NAME_LAST_UNLOCK_TIME, 0L, this.encryptionKey));
    }

    @Override // com.sybase.persistence.ILegacyDataVault
    public DataVault.DVPasswordPolicy getPasswordPolicy() {
        DataVault.DVPasswordPolicy dVPasswordPolicy = new DataVault.DVPasswordPolicy();
        dVPasswordPolicy.setRetryLimit(getRetryLimit());
        dVPasswordPolicy.setIsDefaultPasswordAllowed(getConfigValue(NAME_DEFAULT_PASSWORD_ALLOWED, 0L, this.encryptionKey) != 0);
        dVPasswordPolicy.setMinLength((int) getConfigValue(NAME_MIN_LENGTH, 0L, this.encryptionKey));
        dVPasswordPolicy.setHasDigits(getConfigValue(NAME_HAS_DIGITS, 0L, this.encryptionKey) != 0);
        dVPasswordPolicy.setHasUpper(getConfigValue(NAME_HAS_UPPER, 0L, this.encryptionKey) != 0);
        dVPasswordPolicy.setHasLower(getConfigValue(NAME_HAS_LOWER, 0L, this.encryptionKey) != 0);
        dVPasswordPolicy.setHasSpecial(getConfigValue(NAME_HAS_SPECIAL, 0L, this.encryptionKey) != 0);
        dVPasswordPolicy.setExpirationDays((int) getConfigValue(NAME_PASSWORD_TIMEOUT, 0L, this.encryptionKey));
        dVPasswordPolicy.setMinUniqueChars((int) getConfigValue(NAME_MIN_UNIQUE_CHARS, 0L, this.encryptionKey));
        dVPasswordPolicy.setLockTimeout((int) getConfigValue(NAME_LOCK_TIMEOUT, 0L, this.encryptionKey));
        return dVPasswordPolicy;
    }

    @Override // com.sybase.persistence.ILegacyDataVault
    public final Long getRetryCount() {
        return Long.valueOf(getConfigValue(NAME_RETRY_COUNT, 0L, this.retryKey));
    }

    @Override // com.sybase.persistence.ILegacyDataVault
    public final int getRetryLimit() {
        return (int) getConfigValue(NAME_RETRY_LIMIT, 0L, this.retryKey);
    }

    @Override // com.sybase.persistence.ILegacyDataVault
    public final boolean isLegacyVaultPresent() {
        return this.legacyLowLevelStorage.exists();
    }

    @Override // com.sybase.persistence.ILegacyDataVault
    public final Iterator<DataEntry> retrieveAllDataEntries() {
        final Cursor allDataEntries = this.legacyLowLevelStorage.allDataEntries();
        return new Iterator<DataEntry>() { // from class: com.sybase.persistence.DataVaultLegacy.1
            private boolean next;

            {
                boolean moveToFirst = allDataEntries.moveToFirst();
                this.next = moveToFirst;
                if (moveToFirst) {
                    return;
                }
                allDataEntries.close();
            }

            @Override // java.util.Iterator
            public boolean hasNext() {
                return this.next;
            }

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.Iterator
            public DataEntry next() {
                if (!hasNext()) {
                    throw new NoSuchElementException();
                }
                try {
                    return new DataEntry(DataVaultLegacy.this.encryptionHelper.decryptWithExternalIv(DataVaultLegacy.this.encryptionKey, DataVaultLegacy.INIT_VECTOR, allDataEntries.getString(0)), DataVaultLegacy.this.encryptionHelper.decryptWithExternalIv(DataVaultLegacy.this.encryptionKey, DataVaultLegacy.INIT_VECTOR, allDataEntries.getBlob(1)), allDataEntries.getInt(2));
                } finally {
                    boolean moveToNext = allDataEntries.moveToNext();
                    this.next = moveToNext;
                    if (!moveToNext) {
                        allDataEntries.close();
                    }
                }
            }
        };
    }

    @Override // com.sybase.persistence.ILegacyDataVault
    public final boolean unlock(char[] cArr, char[] cArr2) {
        SecretKey deriveEncryptionKey = deriveEncryptionKey(cArr, cArr2);
        if (isKeyValid(deriveEncryptionKey)) {
            this.encryptionKey = deriveEncryptionKey;
            return true;
        }
        long longValue = getRetryCount().longValue() + 1;
        int retryLimit = getRetryLimit();
        if (retryLimit <= 0 || longValue <= retryLimit) {
            setRetryCount(longValue);
            return false;
        }
        delete();
        return false;
    }
}
