package at.favre.lib.armadillo;

import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import at.favre.lib.armadillo.ByteArrayRuntimeObfuscator;
import at.favre.lib.armadillo.DerivedPasswordCache;
import at.favre.lib.armadillo.EncryptionProtocol;
import at.favre.lib.armadillo.EncryptionProtocolConfig;
import at.favre.lib.bytes.Bytes;
import at.favre.lib.crypto.HKDF;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.text.Normalizer;
import java.util.List;
import java.util.Objects;
import timber.log.Timber;

/* loaded from: classes.dex */
final class DefaultEncryptionProtocol implements EncryptionProtocol {
    private static final int CONTENT_SALT_LENGTH_BYTES = 16;
    private static final int CONTENT_SALT_SIZE_LENGTH_BYTES = 1;
    private static final int ENCRYPTED_CONTENT_SIZE_LENGTH_BYTES = 4;
    private static final int PROTOCOL_VERSION_LENGTH_BYTES = 4;
    private static final int STRETCHED_PASSWORD_LENGTH_BYTES = 32;
    private List<EncryptionProtocolConfig> additionalDecryptionConfigs;
    private EncryptionProtocolConfig defaultConfig;
    private final DerivedPasswordCache derivedPasswordCache;
    private final EncryptionFingerprint fingerprint;
    private final int keyLengthBit;
    private final byte[] preferenceSalt;
    private final SecureRandom secureRandom;
    private final StringMessageDigest stringMessageDigest;

    /* loaded from: classes.dex */
    public static final class Factory implements EncryptionProtocol.Factory {
        private final List<EncryptionProtocolConfig> additionalDecryptionConfigs;
        private EncryptionProtocolConfig defaultConfig;
        private final boolean enableDerivedPasswordCaching;
        private final EncryptionFingerprint fingerprint;
        private final SecureRandom secureRandom;
        private final StringMessageDigest stringMessageDigest;

        /* JADX INFO: Access modifiers changed from: package-private */
        public Factory(EncryptionProtocolConfig encryptionProtocolConfig, EncryptionFingerprint encryptionFingerprint, StringMessageDigest stringMessageDigest, SecureRandom secureRandom, boolean z, List<EncryptionProtocolConfig> list) {
            this.defaultConfig = encryptionProtocolConfig;
            this.fingerprint = encryptionFingerprint;
            this.stringMessageDigest = stringMessageDigest;
            this.secureRandom = secureRandom;
            this.enableDerivedPasswordCaching = z;
            this.additionalDecryptionConfigs = list;
        }

        @Override // at.favre.lib.armadillo.EncryptionProtocol.Factory
        public EncryptionProtocol create(byte[] bArr) {
            return new DefaultEncryptionProtocol(this.defaultConfig, bArr, this.fingerprint, this.stringMessageDigest, this.secureRandom, this.enableDerivedPasswordCaching, this.additionalDecryptionConfigs);
        }

        @Override // at.favre.lib.armadillo.EncryptionProtocol.Factory
        public DataObfuscator createDataObfuscator() {
            return this.defaultConfig.dataObfuscatorFactory.create(this.fingerprint.getBytes());
        }

        @Override // at.favre.lib.armadillo.EncryptionProtocol.Factory
        public SecureRandom getSecureRandom() {
            return this.secureRandom;
        }

        @Override // at.favre.lib.armadillo.EncryptionProtocol.Factory
        public StringMessageDigest getStringMessageDigest() {
            return this.stringMessageDigest;
        }

        @Override // at.favre.lib.armadillo.EncryptionProtocol.Factory
        @Nullable
        public ByteArrayRuntimeObfuscator obfuscatePassword(@Nullable char[] cArr) {
            return DefaultEncryptionProtocol.obfuscatePasswordInternal(cArr, this.secureRandom);
        }
    }

    private DefaultEncryptionProtocol(EncryptionProtocolConfig encryptionProtocolConfig, byte[] bArr, EncryptionFingerprint encryptionFingerprint, StringMessageDigest stringMessageDigest, SecureRandom secureRandom, boolean z, List<EncryptionProtocolConfig> list) {
        this.defaultConfig = encryptionProtocolConfig;
        this.preferenceSalt = bArr;
        this.fingerprint = encryptionFingerprint;
        this.stringMessageDigest = stringMessageDigest;
        this.keyLengthBit = encryptionProtocolConfig.authenticatedEncryption.byteSizeLength(encryptionProtocolConfig.keyStrength) * 8;
        this.secureRandom = secureRandom;
        this.derivedPasswordCache = new DerivedPasswordCache.Default(z, secureRandom);
        this.additionalDecryptionConfigs = list;
    }

    private byte[] encode(byte[] bArr, byte[] bArr2) {
        ByteBuffer allocate = ByteBuffer.allocate(bArr.length + 5 + 4 + bArr2.length);
        allocate.putInt(this.defaultConfig.protocolVersion);
        allocate.put((byte) bArr.length);
        allocate.put(bArr);
        allocate.putInt(bArr2.length);
        allocate.put(bArr2);
        return allocate.array();
    }

    @NonNull
    private EncryptionProtocolConfig getConfigForDecryption(int i2) {
        EncryptionProtocolConfig encryptionProtocolConfig = this.defaultConfig;
        if (i2 == encryptionProtocolConfig.protocolVersion) {
            return encryptionProtocolConfig;
        }
        for (EncryptionProtocolConfig encryptionProtocolConfig2 : this.additionalDecryptionConfigs) {
            if (i2 == encryptionProtocolConfig2.protocolVersion) {
                return encryptionProtocolConfig2;
            }
        }
        throw new EncryptionProtocolException("illegal protocol version (" + i2 + ")");
    }

    private byte[] keyDerivationFunction(String str, byte[] bArr, byte[] bArr2, byte[] bArr3, @Nullable char[] cArr) {
        Bytes from = Bytes.from(bArr, bArr2, Bytes.from(str, Normalizer.Form.NFKD).array());
        if (cArr != null) {
            byte[] bArr4 = this.derivedPasswordCache.get(bArr2, cArr);
            if (bArr4 == null) {
                bArr4 = this.defaultConfig.keyStretchingFunction.stretch(bArr2, cArr, 32);
                this.derivedPasswordCache.put(bArr2, cArr, bArr4);
            }
            from = from.append(bArr4);
        }
        return HKDF.fromHmacSha512().extractAndExpand(bArr3, from.array(), Bytes.from("DefaultEncryptionProtocol").array(), this.keyLengthBit / 8);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static ByteArrayRuntimeObfuscator obfuscatePasswordInternal(@Nullable char[] cArr, SecureRandom secureRandom) {
        if (cArr == null) {
            return null;
        }
        return new ByteArrayRuntimeObfuscator.Default(Bytes.from(cArr).array(), secureRandom);
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    public byte[] decrypt(@NonNull String str, byte[] bArr) {
        return decrypt(str, null, bArr);
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    public byte[] decrypt(@NonNull String str, @Nullable char[] cArr, byte[] bArr) {
        byte[] bytes;
        long currentTimeMillis = System.currentTimeMillis();
        byte[] bArr2 = new byte[0];
        byte[] bArr3 = new byte[0];
        try {
            try {
                bytes = this.fingerprint.getBytes();
            } catch (Throwable th) {
                th = th;
            }
        } catch (AuthenticatedEncryptionException e2) {
            e = e2;
        }
        try {
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            EncryptionProtocolConfig configForDecryption = getConfigForDecryption(wrap.getInt());
            byte[] bArr4 = new byte[wrap.get()];
            wrap.get(bArr4);
            byte[] bArr5 = new byte[wrap.getInt()];
            wrap.get(bArr5);
            DataObfuscator create = configForDecryption.dataObfuscatorFactory.create(Bytes.from(str).append(bytes).array());
            try {
                create.deobfuscate(bArr5);
                create.clearKey();
                byte[] keyDerivationFunction = keyDerivationFunction(str, bytes, bArr4, this.preferenceSalt, cArr);
                byte[] decompress = configForDecryption.compressor.decompress(configForDecryption.authenticatedEncryption.decrypt(keyDerivationFunction, bArr5, Bytes.from(configForDecryption.protocolVersion).array()));
                Bytes.wrap(bytes).mutable().secureWipe();
                Bytes.wrap(keyDerivationFunction).mutable().secureWipe();
                Timber.v("decrypt took %d ms", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                return decompress;
            } catch (Throwable th2) {
                create.clearKey();
                throw th2;
            }
        } catch (AuthenticatedEncryptionException e3) {
            e = e3;
            throw new EncryptionProtocolException(e);
        } catch (Throwable th3) {
            th = th3;
            bArr2 = bytes;
            Bytes.wrap(bArr2).mutable().secureWipe();
            Bytes.wrap(bArr3).mutable().secureWipe();
            Timber.v("decrypt took %d ms", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            throw th;
        }
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    @Nullable
    public char[] deobfuscatePassword(@Nullable ByteArrayRuntimeObfuscator byteArrayRuntimeObfuscator) {
        if (byteArrayRuntimeObfuscator == null) {
            return null;
        }
        CharBuffer decode = StandardCharsets.UTF_8.decode(ByteBuffer.wrap(byteArrayRuntimeObfuscator.getBytes()));
        if (decode.capacity() == decode.limit()) {
            return decode.array();
        }
        char[] cArr = new char[decode.remaining()];
        decode.get(cArr);
        return cArr;
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    public String deriveContentKey(String str) {
        return this.stringMessageDigest.derive(Bytes.from(str).append(this.preferenceSalt).encodeUtf8(), "contentKey");
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    public byte[] encrypt(@NonNull String str, byte[] bArr) {
        return encrypt(str, null, bArr);
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    public byte[] encrypt(@NonNull String str, @Nullable char[] cArr, byte[] bArr) {
        byte[] array;
        byte[] bytes;
        long currentTimeMillis = System.currentTimeMillis();
        byte[] bArr2 = new byte[0];
        byte[] bArr3 = new byte[0];
        try {
            try {
                array = Bytes.random(16, this.secureRandom).array();
                bytes = this.fingerprint.getBytes();
            } catch (Throwable th) {
                th = th;
            }
        } catch (AuthenticatedEncryptionException e2) {
            e = e2;
        }
        try {
            byte[] keyDerivationFunction = keyDerivationFunction(str, bytes, array, this.preferenceSalt, cArr);
            EncryptionProtocolConfig encryptionProtocolConfig = this.defaultConfig;
            byte[] encrypt = encryptionProtocolConfig.authenticatedEncryption.encrypt(keyDerivationFunction, encryptionProtocolConfig.compressor.compress(bArr), Bytes.from(this.defaultConfig.protocolVersion).array());
            DataObfuscator create = this.defaultConfig.dataObfuscatorFactory.create(Bytes.from(str).append(bytes).array());
            try {
                create.obfuscate(encrypt);
                create.clearKey();
                byte[] encode = encode(array, encrypt);
                Bytes.wrap(bytes).mutable().secureWipe();
                Bytes.wrap(keyDerivationFunction).mutable().secureWipe();
                Timber.v("encrypt took %d ms", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                return encode;
            } catch (Throwable th2) {
                create.clearKey();
                throw th2;
            }
        } catch (AuthenticatedEncryptionException e3) {
            e = e3;
            throw new EncryptionProtocolException(e);
        } catch (Throwable th3) {
            th = th3;
            bArr2 = bytes;
            Bytes.wrap(bArr2).mutable().secureWipe();
            Bytes.wrap(bArr3).mutable().secureWipe();
            Timber.v("encrypt took %d ms", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            throw th;
        }
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    public KeyStretchingFunction getKeyStretchingFunction() {
        return this.defaultConfig.keyStretchingFunction;
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    @Nullable
    public ByteArrayRuntimeObfuscator obfuscatePassword(@Nullable char[] cArr) {
        return obfuscatePasswordInternal(cArr, this.secureRandom);
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    public void setKeyStretchingFunction(@NonNull KeyStretchingFunction keyStretchingFunction) {
        EncryptionProtocolConfig.Builder newBuilder = EncryptionProtocolConfig.newBuilder(this.defaultConfig);
        Objects.requireNonNull(keyStretchingFunction);
        this.defaultConfig = newBuilder.keyStretchingFunction(keyStretchingFunction).build();
        this.derivedPasswordCache.wipe();
    }

    @Override // at.favre.lib.armadillo.EncryptionProtocol
    public void wipeDerivedPasswordCache() {
        this.derivedPasswordCache.wipe();
    }
}
