package com.samsung.android.net.wifi;

import android.os.SystemClock;
import android.os.SystemProperties;
import android.text.TextUtils;
import android.util.Log;
import com.honeyspace.common.constants.ParserConstants;
import com.samsung.android.security.mdf.MdfUtils;
import com.samsung.android.service.vaultkeeper.VaultKeeperManager;
import com.sec.android.securestorage.SecureStorage;
import defpackage.oneui;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes5.dex */
public final class SemWifiEncryptPasswordMigration {
    private static boolean hasEverInstantiated;

    /* loaded from: classes5.dex */
    public static class WifiPasswordHelper {
        private static final int IV_LENGTH = 12;
        private static final int MAX_FAIL_COUNTER = 5;
        private static final int MAX_RETRY_COUNTER = 3;
        private static final boolean NO_SHIP = oneui.semIsProductDev();
        private static final String SS_KEY = "wifiConfig";
        private static final String TAG = "WifiPasswordManager";
        private static final int TAG_LENGTH = 16;
        private static final String USER_VAULT_NAME = "WIFI";
        private static byte[] mSeedKey;
        private static WifiPasswordHelper sInstance;
        private boolean mCanAccessDataFiles;
        private int mFailCounter;
        private boolean mIsSupported;
        private final List<String> mLocalLog;
        private SecureStorage mSecureStorage;
        private VaultKeeperManager mVkm;

        private WifiPasswordHelper() {
            if (SecureStorage.isSupported()) {
                this.mSecureStorage = new SecureStorage();
            } else {
                this.mVkm = VaultKeeperManager.getInstance(USER_VAULT_NAME);
            }
            this.mLocalLog = new ArrayList();
            this.mIsSupported = true;
        }

        static synchronized WifiPasswordHelper getPasswordHelper() {
            WifiPasswordHelper wifiPasswordHelper;
            synchronized (WifiPasswordHelper.class) {
                if (sInstance == null) {
                    sInstance = new WifiPasswordHelper();
                }
                wifiPasswordHelper = sInstance;
            }
            return wifiPasswordHelper;
        }

        private boolean getSeedKey() {
            long elapsedRealtime = NO_SHIP ? SystemClock.elapsedRealtime() : 0L;
            String str = "";
            if (this.mSecureStorage != null) {
                try {
                    if (NO_SHIP) {
                        logi("try to get seed KEY from secure storage");
                    }
                    mSeedKey = hexStringToByteArray(this.mSecureStorage.getString(SS_KEY));
                    if (isSeedKeyReady()) {
                        this.mFailCounter = 0;
                        StringBuilder sb = new StringBuilder();
                        sb.append("get KEY : success");
                        if (NO_SHIP) {
                            str = " duration:" + (SystemClock.elapsedRealtime() - elapsedRealtime);
                        }
                        sb.append(str);
                        logi(sb.toString());
                        return true;
                    }
                } catch (SecureStorage.SecureStorageException e10) {
                    mSeedKey = null;
                    if (SecureStorage.SecureStorageException.SECURE_STORAGE_ERROR_INPUT_DATA.equals(e10.getMessage())) {
                        loge("setupSeedKey: SS error SECURE_STORAGE_ERROR_INPUT_DATA " + e10);
                    } else if (SecureStorage.SecureStorageException.SECURE_STORAGE_ERROR_AUTHENTICATION.equals(e10.getMessage())) {
                        loge("setupSeedKey: SS error SECURE_STORAGE_ERROR_AUTHENTICATION " + e10);
                    } else if (SecureStorage.SecureStorageException.SECURE_STORAGE_ERROR_INTERNAL.equals(e10.getMessage())) {
                        loge("setupSeedKey: SS error SECURE_STORAGE_ERROR_INTERNAL " + e10);
                    } else {
                        loge("setupSeedKey: SS error else " + e10);
                    }
                }
                loge("get seed KEY failure");
            } else {
                VaultKeeperManager vaultKeeperManager = this.mVkm;
                if (vaultKeeperManager != null) {
                    mSeedKey = vaultKeeperManager.read(2);
                    if (isSeedKeyReady()) {
                        this.mFailCounter = 0;
                        StringBuilder sb2 = new StringBuilder();
                        sb2.append("get KEY : success");
                        if (NO_SHIP) {
                            str = " duration:" + (SystemClock.elapsedRealtime() - elapsedRealtime);
                        }
                        sb2.append(str);
                        logi(sb2.toString());
                        return true;
                    }
                    loge("get seed KEY failure. error vkm code: " + this.mVkm.getErrorCode());
                }
            }
            return false;
        }

        private byte[] hexStringToByteArray(String str) {
            int length = str.length();
            byte[] bArr = new byte[length / 2];
            for (int i10 = 0; i10 < length; i10 += 2) {
                bArr[i10 / 2] = (byte) ((Character.digit(str.charAt(i10), 16) << 4) + Character.digit(str.charAt(i10 + 1), 16));
            }
            return bArr;
        }

        private boolean isPossibleDataAccess() {
            boolean z7 = this.mCanAccessDataFiles;
            if (z7) {
                return z7;
            }
            String str = SystemProperties.get("ro.crypto.type", "none");
            logi("ro.crypto.type is  " + str);
            String str2 = SystemProperties.get("vold.decrypt", "none");
            logi("vold.decrypt is " + str2);
            boolean equals = "block".equals(str) ? "trigger_restart_framework".equals(str2) : true;
            logi("possible to access data : " + equals);
            this.mCanAccessDataFiles = equals;
            return equals;
        }

        private boolean isSeedKeyReady() {
            byte[] bArr = mSeedKey;
            return (bArr == null || bArr.length == 0) ? false : true;
        }

        private void loge(String str) {
            if (NO_SHIP) {
                Log.e(TAG, str);
            }
            if (this.mLocalLog.size() > 10) {
                this.mLocalLog.remove(0);
            }
            this.mLocalLog.add(str);
        }

        private void logi(String str) {
            if (NO_SHIP) {
                Log.i(TAG, str);
            }
            if (this.mLocalLog.size() > 10) {
                this.mLocalLog.remove(0);
            }
            this.mLocalLog.add(str);
        }

        private synchronized boolean setupSeedKey() {
            if (!this.mIsSupported) {
                return false;
            }
            if (!isPossibleDataAccess()) {
                return false;
            }
            if (this.mFailCounter > 5) {
                return false;
            }
            for (int i10 = 0; i10 < 3; i10++) {
                if (i10 == 2) {
                    logi("KEY maybe not exist");
                }
                if (getSeedKey()) {
                    return true;
                }
            }
            this.mFailCounter++;
            loge("setup seed key failure " + this.mFailCounter);
            return false;
        }

        String decrypt(String str) {
            if (!this.mIsSupported || str == null || str.length() == 0) {
                return str;
            }
            if (!isSeedKeyReady() && !setupSeedKey()) {
                loge("decrypt failure : seed is not ready, failCount: " + this.mFailCounter);
                return str;
            }
            int length = str.length();
            if (length > 1 && str.charAt(0) == '\"' && str.charAt(length - 1) == '\"') {
                if (NO_SHIP) {
                    logi("decrypt ignore : password is not encrypted");
                }
                return str;
            }
            try {
                byte[] hexStringToByteArray = hexStringToByteArray(str);
                byte[] bArr = new byte[12];
                byte[] bArr2 = new byte[hexStringToByteArray.length - 12];
                for (int i10 = 0; i10 < 12; i10++) {
                    bArr[i10] = hexStringToByteArray[i10];
                }
                for (int i11 = 0; i11 < bArr2.length; i11++) {
                    bArr2[i11] = hexStringToByteArray[i11 + 12];
                }
                SecretKeySpec secretKeySpec = new SecretKeySpec(mSeedKey, MdfUtils.KEYPROP_KEY_ALGORITHM_AES);
                Cipher cipher = Cipher.getInstance(MdfUtils.MDF_CIPHER_MODE);
                cipher.init(2, secretKeySpec, new GCMParameterSpec(128, bArr));
                return new String(cipher.doFinal(bArr2));
            } catch (NegativeArraySizeException e10) {
                loge("decrypt failure : exception occurs " + e10);
                return str;
            } catch (Exception e11) {
                loge("decrypt failure : exception occurs " + e11);
                return str;
            }
        }

        public String dump() {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("Dump of WifiPasswordManager");
            stringBuffer.append(ParserConstants.NEW_LINE);
            stringBuffer.append(" - supported: " + this.mIsSupported);
            stringBuffer.append(ParserConstants.NEW_LINE);
            StringBuilder sb = new StringBuilder();
            sb.append("   (secure storage: ");
            sb.append(this.mSecureStorage == null ? "false" : "true");
            sb.append(")");
            stringBuffer.append(sb.toString());
            stringBuffer.append(ParserConstants.NEW_LINE);
            StringBuilder sb2 = new StringBuilder();
            sb2.append("   (vaultkeeper: ");
            sb2.append(this.mVkm != null ? "true" : "false");
            sb2.append(")");
            stringBuffer.append(sb2.toString());
            stringBuffer.append(ParserConstants.NEW_LINE);
            stringBuffer.append(" - fail counter: " + this.mFailCounter);
            stringBuffer.append(ParserConstants.NEW_LINE);
            Iterator<String> it = this.mLocalLog.iterator();
            while (it.hasNext()) {
                stringBuffer.append(it.next());
                stringBuffer.append(ParserConstants.NEW_LINE);
            }
            return stringBuffer.toString();
        }

        public boolean isSupported() {
            return this.mIsSupported;
        }

        void resetSeedKey() {
            SecureStorage secureStorage = this.mSecureStorage;
            if (secureStorage == null) {
                VaultKeeperManager vaultKeeperManager = this.mVkm;
                if (vaultKeeperManager != null) {
                    int write = vaultKeeperManager.write(2, new byte[]{0});
                    if (NO_SHIP) {
                        logi("push new generated KEY, result:" + write);
                    }
                    if (write == 0) {
                        logi("reset KEY success");
                        return;
                    }
                    loge("reset KEY failure. vkm result: " + write);
                    return;
                }
                return;
            }
            try {
                secureStorage.put(SS_KEY, "");
                logi("reset KEY success");
            } catch (SecureStorage.SecureStorageException e10) {
                if (SecureStorage.SecureStorageException.SECURE_STORAGE_ERROR_INPUT_DATA.equals(e10.getMessage())) {
                    loge("reset: SS error SECURE_STORAGE_ERROR_INPUT_DATA " + e10);
                    return;
                }
                if (SecureStorage.SecureStorageException.SECURE_STORAGE_ERROR_AUTHENTICATION.equals(e10.getMessage())) {
                    loge("reset: SS error SECURE_STORAGE_ERROR_AUTHENTICATION " + e10);
                    return;
                }
                if (SecureStorage.SecureStorageException.SECURE_STORAGE_ERROR_INTERNAL.equals(e10.getMessage())) {
                    loge("reset: SS error SECURE_STORAGE_ERROR_INTERNAL " + e10);
                    return;
                }
                loge("reset: SS error else " + e10);
            }
        }
    }

    private SemWifiEncryptPasswordMigration() throws IllegalAccessException {
        throw new IllegalAccessException();
    }

    public static String decryptPassword(String str) {
        return !TextUtils.isEmpty(str) ? getPasswordHelper().decrypt(str) : str;
    }

    public static WifiPasswordHelper getPasswordHelper() {
        hasEverInstantiated = true;
        return WifiPasswordHelper.getPasswordHelper();
    }

    public static boolean hasEverInstantiated() {
        return hasEverInstantiated;
    }

    public static void resetSeedKey() {
        getPasswordHelper().resetSeedKey();
    }
}
