package com.avira.common.security.new_aes;

import android.os.Build;
import android.os.Process;
import android.util.Base64;
import androidx.annotation.NonNull;
import com.avira.common.CommonLibrary;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.SecureRandomSpi;
import java.util.Arrays;
import java.util.Random;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.jetbrains.annotations.NotNull;

/* loaded from: classes.dex */
public class AesCbcWithIntegrity {
    public static final int BASE64_FLAGS = 2;
    public static final int ENCRYPTION_HEADERS_SIZE = 7;
    public static final int KEY_HEADERS_SIZE = 3;
    static final int MAX_RANDOMIZER_SIZE = 1024;

    /* renamed from: a, reason: collision with root package name */
    private static final boolean f1818a = !CommonLibrary.DEBUG;
    public static final String TAG = AesCbcWithIntegrity.class.getSimpleName();
    static final AtomicBoolean prngFixed = new AtomicBoolean(false);

    /* loaded from: classes.dex */
    public static class CipherTextIvMac {

        /* renamed from: a, reason: collision with root package name */
        private final byte[] f1819a;
        private final byte[] b;
        private final byte[] c;

        public CipherTextIvMac(String str) {
            String[] split = str.split(":");
            if (split.length != 3) {
                throw new IllegalArgumentException("Cannot parse iv:ciphertext:mac");
            }
            this.b = Base64.decode(split[0], 2);
            this.c = Base64.decode(split[1], 2);
            this.f1819a = Base64.decode(split[2], 2);
        }

        public CipherTextIvMac(@NonNull byte[] bArr) {
            if (bArr.length == 0) {
                throw new IllegalArgumentException("Cannot parse iv:ciphertext:mac");
            }
            String str = AesCbcWithIntegrity.TAG;
            String str2 = "CipherTextIvMac data length " + bArr.length;
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            int i = wrap.get();
            String str3 = AesCbcWithIntegrity.TAG;
            String str4 = "CipherTextIvMac prefixData length " + i;
            wrap.get(new byte[i]);
            int i2 = wrap.get();
            String str5 = AesCbcWithIntegrity.TAG;
            String str6 = "CipherTextIvMac iv length " + i2;
            this.b = new byte[i2];
            wrap.get(this.b);
            int i3 = wrap.getInt();
            this.f1819a = new byte[i3];
            String str7 = AesCbcWithIntegrity.TAG;
            String str8 = "CipherTextIvMac cipherText length " + i3;
            wrap.get(this.f1819a);
            this.c = new byte[wrap.get()];
            wrap.get(this.c);
        }

        public CipherTextIvMac(byte[] bArr, byte[] bArr2, byte[] bArr3) {
            this.f1819a = new byte[bArr.length];
            System.arraycopy(bArr, 0, this.f1819a, 0, bArr.length);
            this.b = new byte[bArr2.length];
            System.arraycopy(bArr2, 0, this.b, 0, bArr2.length);
            this.c = new byte[bArr3.length];
            System.arraycopy(bArr3, 0, this.c, 0, bArr3.length);
        }

        public static byte[] ivCipherConcat(byte[] bArr, byte[] bArr2) {
            byte[] bArr3 = new byte[bArr.length + bArr2.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
            return bArr3;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || CipherTextIvMac.class != obj.getClass()) {
                return false;
            }
            CipherTextIvMac cipherTextIvMac = (CipherTextIvMac) obj;
            return Arrays.equals(this.f1819a, cipherTextIvMac.f1819a) && Arrays.equals(this.b, cipherTextIvMac.b) && Arrays.equals(this.c, cipherTextIvMac.c);
        }

        public byte[] getCipherText() {
            return this.f1819a;
        }

        public byte[] getIv() {
            return this.b;
        }

        public byte[] getMac() {
            return this.c;
        }

        public int hashCode() {
            return ((((Arrays.hashCode(this.f1819a) + 31) * 31) + Arrays.hashCode(this.b)) * 31) + Arrays.hashCode(this.c);
        }

        public byte[] toByteArray() {
            Random random = new Random(System.currentTimeMillis());
            int nextInt = random.nextInt(30);
            byte[] bArr = new byte[nextInt];
            for (int i = 0; i < nextInt; i++) {
                bArr[i] = (byte) random.nextInt(254);
            }
            String str = AesCbcWithIntegrity.TAG;
            String str2 = "CipherTextIvMac toByteArray prefixSize length " + nextInt;
            String str3 = AesCbcWithIntegrity.TAG;
            String str4 = "CipherTextIvMac toByteArray iv length " + this.b.length;
            String str5 = AesCbcWithIntegrity.TAG;
            String str6 = "CipherTextIvMac toByteArray cipherText length " + this.f1819a.length;
            String str7 = AesCbcWithIntegrity.TAG;
            String str8 = "CipherTextIvMac toByteArray mac length " + this.c.length;
            int length = this.b.length + nextInt + this.f1819a.length + this.c.length + 7;
            ByteBuffer allocate = ByteBuffer.allocate(length < 1024 ? 1024 : length);
            allocate.put((byte) nextInt);
            allocate.put(bArr);
            allocate.put((byte) this.b.length);
            allocate.put(this.b);
            allocate.putInt(this.f1819a.length);
            allocate.put(this.f1819a);
            allocate.put((byte) this.c.length);
            allocate.put(this.c);
            if (1024 > length) {
                int i2 = 1024 - length;
                for (int i3 = 0; i3 < i2; i3++) {
                    allocate.put((byte) random.nextInt(254));
                }
            }
            return allocate.array();
        }

        @NotNull
        public String toString() {
            String encodeToString = Base64.encodeToString(this.b, 2);
            String encodeToString2 = Base64.encodeToString(this.f1819a, 2);
            return encodeToString + ":" + Base64.encodeToString(this.c, 2) + ":" + encodeToString2;
        }
    }

    /* loaded from: classes.dex */
    public static final class PrngFixes {

        /* renamed from: a, reason: collision with root package name */
        private static final byte[] f1820a = getBuildFingerprintAndDeviceSerial();

        /* loaded from: classes.dex */
        public static class LinuxPRNGSecureRandom extends SecureRandomSpi {
            private static final File URANDOM_FILE = new File("/dev/urandom");
            private static final Object sLock = new Object();
            private static DataInputStream sUrandomIn;
            private static OutputStream sUrandomOut;
            private boolean mSeeded;

            private DataInputStream getUrandomInputStream() {
                DataInputStream dataInputStream;
                synchronized (sLock) {
                    if (sUrandomIn == null) {
                        try {
                            sUrandomIn = new DataInputStream(new FileInputStream(URANDOM_FILE));
                        } catch (IOException e) {
                            throw new SecurityException("Failed to open " + URANDOM_FILE + " for reading", e);
                        }
                    }
                    dataInputStream = sUrandomIn;
                }
                return dataInputStream;
            }

            private OutputStream getUrandomOutputStream() throws IOException {
                OutputStream outputStream;
                synchronized (sLock) {
                    if (sUrandomOut == null) {
                        sUrandomOut = new FileOutputStream(URANDOM_FILE);
                    }
                    outputStream = sUrandomOut;
                }
                return outputStream;
            }

            @Override // java.security.SecureRandomSpi
            protected byte[] engineGenerateSeed(int i) {
                byte[] bArr = new byte[i];
                engineNextBytes(bArr);
                return bArr;
            }

            @Override // java.security.SecureRandomSpi
            protected void engineNextBytes(byte[] bArr) {
                DataInputStream urandomInputStream;
                if (!this.mSeeded) {
                    engineSetSeed(PrngFixes.access$100());
                }
                try {
                    synchronized (sLock) {
                        urandomInputStream = getUrandomInputStream();
                    }
                    synchronized (urandomInputStream) {
                        urandomInputStream.readFully(bArr);
                    }
                } catch (IOException e) {
                    throw new SecurityException("Failed to read from " + URANDOM_FILE, e);
                }
            }

            @Override // java.security.SecureRandomSpi
            protected void engineSetSeed(byte[] bArr) {
                OutputStream urandomOutputStream;
                try {
                    try {
                        synchronized (sLock) {
                            urandomOutputStream = getUrandomOutputStream();
                        }
                        urandomOutputStream.write(bArr);
                        urandomOutputStream.flush();
                    } catch (IOException unused) {
                        String str = "Failed to mix seed into " + URANDOM_FILE;
                    }
                } finally {
                    this.mSeeded = true;
                }
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: classes.dex */
        public static class LinuxPRNGSecureRandomProvider extends Provider {
            public LinuxPRNGSecureRandomProvider() {
                super("LinuxPRNG", 1.0d, "A Linux-specific random number provider that uses /dev/urandom");
                put("SecureRandom.SHA1PRNG", LinuxPRNGSecureRandom.class.getName());
                put("SecureRandom.SHA1PRNG ImplementedIn", "Software");
            }
        }

        private PrngFixes() {
        }

        static /* synthetic */ byte[] access$100() {
            return generateSeed();
        }

        static void apply() {
            applyOpenSSLFix();
            installLinuxPRNGSecureRandom();
        }

        private static void applyOpenSSLFix() throws SecurityException {
            int i = Build.VERSION.SDK_INT;
            if (i < 16 || i > 18) {
                return;
            }
            try {
                Class.forName("org.apache.harmony.xnet.provider.jsse.NativeCrypto").getMethod("RAND_seed", byte[].class).invoke(null, generateSeed());
                int intValue = ((Integer) Class.forName("org.apache.harmony.xnet.provider.jsse.NativeCrypto").getMethod("RAND_load_file", String.class, Long.TYPE).invoke(null, "/dev/urandom", 1024)).intValue();
                if (intValue == 1024) {
                    return;
                }
                throw new IOException("Unexpected number of bytes read from Linux PRNG: " + intValue);
            } catch (Exception e) {
                if (!AesCbcWithIntegrity.f1818a) {
                    throw new SecurityException("Failed to seed OpenSSL PRNG", e);
                }
            }
        }

        private static byte[] generateSeed() {
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
                dataOutputStream.writeLong(System.currentTimeMillis());
                dataOutputStream.writeLong(System.nanoTime());
                dataOutputStream.writeInt(Process.myPid());
                dataOutputStream.writeInt(Process.myUid());
                dataOutputStream.write(f1820a);
                dataOutputStream.close();
                return byteArrayOutputStream.toByteArray();
            } catch (IOException e) {
                throw new SecurityException("Failed to generate seed", e);
            }
        }

        private static byte[] getBuildFingerprintAndDeviceSerial() {
            StringBuilder sb = new StringBuilder();
            String str = Build.FINGERPRINT;
            if (str != null) {
                sb.append(str);
            }
            String deviceSerialNumber = getDeviceSerialNumber();
            if (deviceSerialNumber != null) {
                sb.append(deviceSerialNumber);
            }
            try {
                return sb.toString().getBytes("UTF-8");
            } catch (UnsupportedEncodingException unused) {
                throw new RuntimeException("UTF-8 encoding not supported");
            }
        }

        private static String getDeviceSerialNumber() {
            try {
                return (String) Build.class.getField("SERIAL").get(null);
            } catch (Exception unused) {
                return null;
            }
        }

        /* JADX WARN: Code restructure failed: missing block: B:50:0x001b, code lost:
        
            if ((r0[0] instanceof com.avira.common.security.new_aes.AesCbcWithIntegrity.PrngFixes.LinuxPRNGSecureRandomProvider) != false) goto L14;
         */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        private static void installLinuxPRNGSecureRandom() throws java.lang.SecurityException {
            /*
                Method dump skipped, instructions count: 249
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: com.avira.common.security.new_aes.AesCbcWithIntegrity.PrngFixes.installLinuxPRNGSecureRandom():void");
        }
    }

    /* loaded from: classes.dex */
    public static class SecretKeys {

        /* renamed from: a, reason: collision with root package name */
        private SecretKey f1821a;
        private SecretKey b;

        public SecretKeys(SecretKey secretKey, SecretKey secretKey2) {
            setConfidentialityKey(secretKey);
            setIntegrityKey(secretKey2);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || SecretKeys.class != obj.getClass()) {
                return false;
            }
            SecretKeys secretKeys = (SecretKeys) obj;
            return this.b.equals(secretKeys.b) && this.f1821a.equals(secretKeys.f1821a);
        }

        public SecretKey getConfidentialityKey() {
            return this.f1821a;
        }

        public SecretKey getIntegrityKey() {
            return this.b;
        }

        public int hashCode() {
            return ((this.f1821a.hashCode() + 31) * 31) + this.b.hashCode();
        }

        public void setConfidentialityKey(SecretKey secretKey) {
            this.f1821a = secretKey;
        }

        public void setIntegrityKey(SecretKey secretKey) {
            this.b = secretKey;
        }

        public byte[] toByteArray() {
            byte[] encoded = getConfidentialityKey().getEncoded();
            byte[] encoded2 = getIntegrityKey().getEncoded();
            Random random = new Random(System.currentTimeMillis());
            int nextInt = random.nextInt(30);
            byte[] bArr = new byte[nextInt];
            for (int i = 0; i < nextInt; i++) {
                bArr[i] = (byte) random.nextInt(254);
            }
            String str = AesCbcWithIntegrity.TAG;
            String str2 = "CipherTextIvMac toByteArray prefixSize length " + nextInt;
            String str3 = AesCbcWithIntegrity.TAG;
            String str4 = "CipherTextIvMac toByteArray confidentialityKey length " + encoded.length;
            String str5 = AesCbcWithIntegrity.TAG;
            String str6 = "CipherTextIvMac toByteArray integrityKey length " + encoded2.length;
            int length = encoded.length + nextInt + encoded2.length + 3;
            ByteBuffer allocate = ByteBuffer.allocate(length < 1024 ? 1024 : length);
            allocate.put((byte) nextInt);
            allocate.put(bArr);
            allocate.put((byte) encoded.length);
            allocate.put(encoded);
            allocate.put((byte) encoded2.length);
            allocate.put(encoded2);
            if (1024 > length) {
                int i2 = 1024 - length;
                for (int i3 = 0; i3 < i2; i3++) {
                    allocate.put((byte) random.nextInt(254));
                }
            }
            return allocate.array();
        }

        @NotNull
        public String toString() {
            return Base64.encodeToString(getConfidentialityKey().getEncoded(), 2) + ":" + Base64.encodeToString(getIntegrityKey().getEncoded(), 2);
        }
    }

    public static boolean constantTimeEq(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            return false;
        }
        int i = 0;
        for (int i2 = 0; i2 < bArr.length; i2++) {
            i |= bArr[i2] ^ bArr2[i2];
        }
        return i == 0;
    }

    private static byte[] copyOfRange(byte[] bArr, int i, int i2) {
        int i3 = i2 - i;
        byte[] bArr2 = new byte[i3];
        System.arraycopy(bArr, i, bArr2, 0, i3);
        return bArr2;
    }

    public static byte[] decrypt(CipherTextIvMac cipherTextIvMac, SecretKeys secretKeys) throws GeneralSecurityException {
        if (!constantTimeEq(generateMac(CipherTextIvMac.ivCipherConcat(cipherTextIvMac.getIv(), cipherTextIvMac.getCipherText()), secretKeys.getIntegrityKey()), cipherTextIvMac.getMac())) {
            throw new GeneralSecurityException("MAC stored in civ does not match computed MAC.");
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(2, secretKeys.getConfidentialityKey(), new IvParameterSpec(cipherTextIvMac.getIv()));
        return cipher.doFinal(cipherTextIvMac.getCipherText());
    }

    public static String decryptString(CipherTextIvMac cipherTextIvMac, SecretKeys secretKeys) throws UnsupportedEncodingException, GeneralSecurityException {
        return decryptString(cipherTextIvMac, secretKeys, "UTF-8");
    }

    public static String decryptString(CipherTextIvMac cipherTextIvMac, SecretKeys secretKeys, String str) throws UnsupportedEncodingException, GeneralSecurityException {
        return new String(decrypt(cipherTextIvMac, secretKeys), str);
    }

    public static CipherTextIvMac encrypt(String str, SecretKeys secretKeys) throws UnsupportedEncodingException, GeneralSecurityException {
        return encrypt(str, secretKeys, "UTF-8");
    }

    public static CipherTextIvMac encrypt(String str, SecretKeys secretKeys, String str2) throws UnsupportedEncodingException, GeneralSecurityException {
        return encrypt(str.getBytes(str2), secretKeys);
    }

    public static CipherTextIvMac encrypt(byte[] bArr, SecretKeys secretKeys) throws GeneralSecurityException {
        byte[] generateIv = generateIv();
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(1, secretKeys.getConfidentialityKey(), new IvParameterSpec(generateIv));
        byte[] iv = cipher.getIV();
        byte[] doFinal = cipher.doFinal(bArr);
        return new CipherTextIvMac(doFinal, iv, generateMac(CipherTextIvMac.ivCipherConcat(iv, doFinal), secretKeys.getIntegrityKey()));
    }

    private static void fixPrng() {
        if (prngFixed.get()) {
            return;
        }
        synchronized (PrngFixes.class) {
            if (!prngFixed.get()) {
                PrngFixes.apply();
                prngFixed.set(true);
            }
        }
    }

    public static byte[] generateIv() throws GeneralSecurityException {
        return randomBytes(16);
    }

    public static SecretKeys generateKey() throws GeneralSecurityException {
        fixPrng();
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(128);
        return new SecretKeys(keyGenerator.generateKey(), new SecretKeySpec(randomBytes(32), "HmacSHA256"));
    }

    public static SecretKeys generateKeyFromPassword(String str, String str2) throws GeneralSecurityException {
        return generateKeyFromPassword(str, Base64.decode(str2, 2));
    }

    public static SecretKeys generateKeyFromPassword(String str, byte[] bArr) throws GeneralSecurityException {
        fixPrng();
        byte[] encoded = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, 10000, 384)).getEncoded();
        return new SecretKeys(new SecretKeySpec(copyOfRange(encoded, 0, 16), "AES"), new SecretKeySpec(copyOfRange(encoded, 16, 48), "HmacSHA256"));
    }

    public static byte[] generateMac(byte[] bArr, SecretKey secretKey) throws NoSuchAlgorithmException, InvalidKeyException {
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(secretKey);
        return mac.doFinal(bArr);
    }

    public static byte[] generateSalt() throws GeneralSecurityException {
        return randomBytes(128);
    }

    public static String keyString(SecretKeys secretKeys) {
        return secretKeys.toString();
    }

    public static SecretKeys keys(String str) throws InvalidKeyException {
        String[] split = str.split(":");
        if (split.length == 2) {
            return keys(Base64.decode(split[0], 2), Base64.decode(split[1], 2));
        }
        throw new IllegalArgumentException("Cannot parse aesKey:hmacKey");
    }

    public static SecretKeys keys(@NonNull byte[] bArr) throws InvalidKeyException {
        if (bArr.length <= 3) {
            throw new IllegalArgumentException("Cannot parse aesKey:hmacKey");
        }
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        int i = wrap.get();
        String str = "SecretKeys prefix length " + i;
        wrap.get(new byte[i]);
        int i2 = wrap.get();
        byte[] bArr2 = new byte[i2];
        String str2 = "SecretKeys confidentialityKey length " + i2;
        wrap.get(bArr2);
        int i3 = wrap.get();
        byte[] bArr3 = new byte[i3];
        String str3 = "SecretKeys integrityKey length " + i3;
        wrap.get(bArr3);
        return keys(bArr2, bArr3);
    }

    private static SecretKeys keys(@NonNull byte[] bArr, @NonNull byte[] bArr2) throws InvalidKeyException {
        if (bArr.length != 16) {
            throw new InvalidKeyException("confidentialityKeyBytes length is " + bArr.length + ". Base64 decoded key is not 128 bits");
        }
        if (bArr2.length == 32) {
            return new SecretKeys(new SecretKeySpec(bArr, 0, bArr.length, "AES"), new SecretKeySpec(bArr2, "HmacSHA256"));
        }
        throw new InvalidKeyException("integrityKeyBytes length is " + bArr2.length + ". Base64 decoded key is not 256 bits");
    }

    private static byte[] randomBytes(int i) throws GeneralSecurityException {
        fixPrng();
        byte[] bArr = new byte[i];
        SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
        return bArr;
    }

    public static String saltString(byte[] bArr) {
        return Base64.encodeToString(bArr, 2);
    }
}
