package com.nitrodesk.crypto;

import com.nitrodesk.data.appobjects.PolicyManager;
import com.nitrodesk.data.appobjects.SecurityConfig;
import com.nitrodesk.data.dataobjects.ND_SecurityConfigData;
import com.nitrodesk.keystore.KeyStoreServiceConnection;
import com.nitrodesk.libraries.data.DBProfile;
import com.nitrodesk.mdm.MDMBase;
import com.nitrodesk.nitroid.Constants;
import com.nitrodesk.nitroid.MainApp;
import com.nitrodesk.nitroid.helpers.Base64;
import com.nitrodesk.nitroid.helpers.CallLogger;
import com.nitrodesk.nitroid.helpers.StoopidHelpers;
import com.nitrodesk.servicemanager.BaseServiceProvider;
import java.io.BufferedReader;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStreamReader;
import java.lang.reflect.Field;
import java.lang.reflect.Modifier;
import java.security.SecureRandom;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class PINManager {
    protected static byte[] CurrentKeyData = null;
    public static String CurrentPIN = null;
    static int iterationCount = 1000;
    static int saltLength = 8;
    static int keyLength = 256;
    static String KeyWord = "NitroDesk, Inc.";

    public static void clearAllPINS() {
        File file = new File(SecurityConfig.getSafeKeyPath());
        File file2 = new File(SecurityConfig.getPINHashPath());
        file.delete();
        file2.delete();
        File file3 = new File(SecurityConfig.getShadowKeyPath());
        File file4 = new File(SecurityConfig.getShadowPINHashPath());
        file3.delete();
        file4.delete();
        new File(SecurityConfig.getSecurityConfigPath()).delete();
        try {
            KeyStoreServiceConnection.sendKeys(MainApp.Instance, DBProfile.getCurrProfile().mProfileID, (byte[]) null);
        } catch (Exception e) {
        }
    }

    public static byte[] getDecryptedEncryptionKeys(String str, boolean z) {
        try {
            File file = new File(z ? SecurityConfig.getShadowKeyPath() : SecurityConfig.getSafeKeyPath());
            DataInputStream dataInputStream = new DataInputStream(new FileInputStream(file));
            byte[] bArr = new byte[(int) file.length()];
            dataInputStream.readFully(bArr);
            dataInputStream.close();
            String[] split = new String(bArr).split("]");
            if (split.length == 3) {
                boolean z2 = false;
                if (split[0].startsWith("!")) {
                    z2 = true;
                    split[0] = split[0].replaceAll("!", "");
                }
                byte[] decode = Base64.decode(split[0]);
                byte[] decode2 = Base64.decode(split[1]);
                byte[] decode3 = Base64.decode(split[2]);
                if (z2) {
                    return new PBEAESBC(str, decode).decrypt(decode3);
                }
                SecretKey secretKey = getSecretKey(str, decode);
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                cipher.init(2, secretKey, new IvParameterSpec(decode2));
                return cipher.doFinal(decode3);
            }
        } catch (Exception e) {
        }
        return null;
    }

    protected static SecretKey getSecretKey(String str, byte[] bArr) {
        try {
            return new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, iterationCount, keyLength)).getEncoded(), "AES");
        } catch (Exception e) {
            return null;
        }
    }

    public static byte[] getSecurityToken() {
        return CurrentKeyData;
    }

    public static boolean hasPINSet() {
        return new File(SecurityConfig.getSafeKeyPath()).exists() && new File(SecurityConfig.getPINHashPath()).exists();
    }

    public static boolean isAbleToDecryptData() {
        if (hasPINSet()) {
            return keysAreLoaded();
        }
        if (PolicyManager.polDeviceEncryptionRequired() && PolicyManager.polDevicePasswordEnabled() && hasPINSet()) {
            return keysAreLoaded();
        }
        return true;
    }

    public static boolean isPINValid(String str) {
        return false;
    }

    public static boolean keysAreLoaded() {
        return CurrentKeyData != null;
    }

    private static boolean loadEncryptionKeys(String str, boolean z) {
        try {
            byte[] decryptedEncryptionKeys = getDecryptedEncryptionKeys(str, z);
            if (decryptedEncryptionKeys != null) {
                CurrentPIN = str;
                CurrentKeyData = decryptedEncryptionKeys;
                SecurityConfig.resetEncryptionKey(CurrentKeyData);
                BaseServiceProvider.clearAccountSettings();
                try {
                    KeyStoreServiceConnection.sendKeys(MainApp.Instance, DBProfile.getCurrProfile().mProfileID, CurrentKeyData);
                } catch (Exception e) {
                }
            }
            return decryptedEncryptionKeys != null;
        } catch (Exception e2) {
            return false;
        }
    }

    public static SecurityConfig loadSecurityConfiguration() {
        try {
            File file = new File(SecurityConfig.getSecurityConfigPath());
            if (!file.exists()) {
                return null;
            }
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new FileInputStream(file)));
            SecurityConfig securityConfig = new SecurityConfig();
            for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
                String[] split = readLine.split("=");
                if (split.length == 2) {
                    String str = split[0];
                    String str2 = split[1];
                    Field field = securityConfig.getClass().getField(str);
                    if (field != null) {
                        try {
                            if (field.getType().equals(Boolean.TYPE)) {
                                field.setBoolean(securityConfig, Boolean.parseBoolean(str2));
                            } else if (field.getType().equals(Integer.TYPE)) {
                                field.setInt(securityConfig, Integer.parseInt(str2));
                            } else if (field.getType().equals(Date.class)) {
                                field.set(securityConfig, new Date(Long.parseLong(str2)));
                            } else {
                                field.set(securityConfig, str2);
                            }
                        } catch (Exception e) {
                        }
                    }
                }
            }
            bufferedReader.close();
            return null;
        } catch (Exception e2) {
            return null;
        }
    }

    public static boolean needsKeyManagement() {
        MDMBase mDMBase = MDMBase.getInstance();
        return (mDMBase == null || mDMBase.mMDMID.equals(Constants.SELF_MDM)) && PolicyManager.polDeviceEncryptionRequired() && PolicyManager.polDevicePasswordEnabled();
    }

    public static void resetEncryptionKeys() {
        CurrentKeyData = null;
        SecurityConfig.resetEncryptionKey(CurrentKeyData);
    }

    public static void saveSecurityConfiguration(SecurityConfig securityConfig) {
        try {
            StringBuilder sb = new StringBuilder();
            File file = new File(SecurityConfig.getSecurityConfigPath());
            if (!needsKeyManagement()) {
                file.delete();
                return;
            }
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            for (Field field : securityConfig.getClass().getFields()) {
                if (!field.getName().equalsIgnoreCase(ND_SecurityConfigData.FLD_PINIFREQUIRED) && !Modifier.isStatic(field.getModifiers()) && !Modifier.isFinal(field.getModifiers()) && field.get(securityConfig) != null) {
                    if (field.getType().equals(Date.class)) {
                        Date date = (Date) field.get(securityConfig);
                        if (date != null) {
                            sb.append(field.getName() + "=" + date.getTime() + "\n");
                        }
                    } else {
                        sb.append(field.getName() + "=" + field.get(securityConfig) + "\n");
                    }
                }
            }
            fileOutputStream.write(sb.toString().getBytes());
            fileOutputStream.close();
            if (StoopidHelpers.isNullOrEmpty(securityConfig.PINIfRequired)) {
                return;
            }
            byte[] currentKeyData = AES2.getCurrentKeyData();
            if (currentKeyData != null) {
                CurrentKeyData = currentKeyData;
                AES2.removeCurrentKeyData();
            }
            if (CurrentKeyData != null) {
                secureWithPIN(securityConfig.PINIfRequired, false);
                securityConfig.PINIfRequired = null;
            }
        } catch (Exception e) {
        }
    }

    public static void secureWithPIN(String str, boolean z) {
        try {
            SecureRandom secureRandom = new SecureRandom();
            byte[] bArr = new byte[saltLength];
            secureRandom.nextBytes(bArr);
            PBEAESBC pbeaesbc = new PBEAESBC(str, bArr);
            byte[] bArr2 = pbeaesbc.CurrentIV;
            byte[] bArr3 = (byte[]) CurrentKeyData.clone();
            byte[] encrypt = pbeaesbc.encrypt(CurrentKeyData);
            CurrentKeyData = bArr3;
            String encode = Base64.encode(bArr);
            String encode2 = Base64.encode(bArr2);
            String str2 = "!" + encode + "]" + encode2 + "]" + Base64.encode(encrypt);
            FileOutputStream fileOutputStream = new FileOutputStream(new File(z ? SecurityConfig.getShadowKeyPath() : SecurityConfig.getSafeKeyPath()));
            fileOutputStream.write(str2.getBytes());
            fileOutputStream.close();
            String str3 = "!" + encode + "]" + encode2 + "]" + KeyWord + "]" + Base64.encode(pbeaesbc.encrypt(KeyWord.getBytes()));
            FileOutputStream fileOutputStream2 = new FileOutputStream(new File(z ? SecurityConfig.getShadowPINHashPath() : SecurityConfig.getPINHashPath()));
            fileOutputStream2.write(str3.getBytes());
            fileOutputStream2.close();
            try {
                KeyStoreServiceConnection.sendKeys(MainApp.Instance, DBProfile.getCurrProfile().mProfileID, CurrentKeyData);
            } catch (Exception e) {
            }
        } catch (Exception e2) {
            CallLogger.Log("Exception encrypting data :" + e2.getMessage());
        }
    }

    public static void setCurrentPIN(String str) {
        CurrentPIN = str;
    }

    public static boolean setSecurityToken(byte[] bArr, String str) {
        if (str == null || bArr == null || bArr.length == 0) {
            CallLogger.Log(true, "Continuation key not set, profile or token is null");
            return false;
        }
        if (!DBProfile.getCurrentProfileID().equals(str)) {
            CallLogger.Log(true, "Continuation key not set, profile is different");
            return false;
        }
        if (CurrentKeyData != null && CurrentKeyData.length > 0) {
            CallLogger.Log(true, "Continuation key not set, Already have key data");
            return false;
        }
        CurrentKeyData = bArr;
        SecurityConfig.resetEncryptionKey(CurrentKeyData);
        BaseServiceProvider.clearAccountSettings();
        return true;
    }

    public static boolean validatePIN(String str, boolean z) {
        File file;
        byte[] doFinal;
        try {
            file = new File(z ? SecurityConfig.getShadowPINHashPath() : SecurityConfig.getPINHashPath());
        } catch (Exception e) {
            CallLogger.Log("Exception checking pin :" + e.getMessage());
        }
        if (!file.exists()) {
            return false;
        }
        DataInputStream dataInputStream = new DataInputStream(new FileInputStream(file));
        byte[] bArr = new byte[(int) file.length()];
        dataInputStream.readFully(bArr);
        dataInputStream.close();
        String[] split = new String(bArr).split("]");
        if (split.length == 4) {
            boolean z2 = false;
            if (split[0].startsWith("!")) {
                z2 = true;
                split[0] = split[0].replaceAll("!", "");
            }
            byte[] decode = Base64.decode(split[0]);
            byte[] decode2 = Base64.decode(split[1]);
            String str2 = split[2];
            byte[] decode3 = Base64.decode(split[3]);
            if (z2) {
                doFinal = new PBEAESBC(str, decode).decrypt(decode3);
            } else {
                SecretKey secretKey = getSecretKey(str, decode);
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                cipher.init(2, secretKey, new IvParameterSpec(decode2));
                doFinal = cipher.doFinal(decode3);
            }
            if (new String(doFinal).equals(str2)) {
                loadEncryptionKeys(str, z);
                return true;
            }
        }
        return false;
    }
}
