package de.tutao.tutanota;

import android.content.Context;
import android.net.Uri;
import android.os.Build;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.io.IOUtils;
import org.apache.commons.io.input.CountingInputStream;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class Crypto {
    public static final byte[] FIXED_IV;
    private final Context context;
    private final SecureRandom randomizer;
    private static final OAEPParameterSpec OAEP_PARAMETER_SPEC = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT);
    private static final Integer ANDROID_6_SDK_VERSION = 23;

    /* loaded from: classes.dex */
    public static final class EncryptedFileInfo {
        private final long unencSize;
        private final String uri;

        public EncryptedFileInfo(String str, long j) {
            this.unencSize = j;
            this.uri = str;
        }

        public JSONObject toJSON() throws JSONException {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("uri", this.uri);
            jSONObject.put("unencSize", this.unencSize);
            return jSONObject;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class SubKeys {
        public SecretKeySpec cKey;
        public byte[] mKey;

        private SubKeys() {
        }
    }

    static {
        byte[] bArr = new byte[16];
        FIXED_IV = bArr;
        Arrays.fill(bArr, (byte) -120);
    }

    public Crypto(Context context) {
        this(context, new SecureRandom());
    }

    protected Crypto(Context context, SecureRandom secureRandom) {
        this.context = context;
        this.randomizer = secureRandom;
    }

    public static SecretKeySpec bytesToKey(byte[] bArr) {
        if (bArr.length == 16) {
            return new SecretKeySpec(bArr, "AES");
        }
        throw new RuntimeException("invalid key length: " + bArr.length);
    }

    private InputStream getCipherInputStream(InputStream inputStream, Cipher cipher) {
        return Build.VERSION.SDK_INT < ANDROID_6_SDK_VERSION.intValue() ? new TutaoCipherInputStream(inputStream, cipher) : new CipherInputStream(inputStream, cipher);
    }

    private static SubKeys getSubKeys(SecretKeySpec secretKeySpec, boolean z) throws NoSuchAlgorithmException {
        SubKeys subKeys = new SubKeys();
        if (z) {
            byte[] digest = MessageDigest.getInstance("SHA-256").digest(secretKeySpec.getEncoded());
            subKeys.cKey = new SecretKeySpec(Arrays.copyOfRange(digest, 0, 16), "AES");
            subKeys.mKey = Arrays.copyOfRange(digest, 16, 32);
        } else {
            subKeys.cKey = secretKeySpec;
        }
        return subKeys;
    }

    private static byte[] hmac256(byte[] bArr, byte[] bArr2) {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "HmacSHA256");
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(secretKeySpec);
            return mac.doFinal(bArr2);
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    private PrivateKey jsonToPrivateKey(JSONObject jSONObject) throws JSONException, NoSuchAlgorithmException, InvalidKeySpecException {
        return KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateKeySpec(new BigInteger(Utils.base64ToBytes(jSONObject.getString("modulus"))), new BigInteger(Utils.base64ToBytes(jSONObject.getString("privateExponent")))));
    }

    private PublicKey jsonToPublicKey(JSONObject jSONObject) throws JSONException {
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(Utils.base64ToBytes(jSONObject.getString("modulus"))), BigInteger.valueOf(65537L)));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private JSONObject keyPairToJson(KeyPair keyPair) throws JSONException {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("publicKey", publicKeyToJson((RSAPublicKey) keyPair.getPublic()));
        jSONObject.put("privateKey", privateKeyToJson((RSAPrivateCrtKey) keyPair.getPrivate()));
        return jSONObject;
    }

    private JSONObject privateKeyToJson(RSAPrivateCrtKey rSAPrivateCrtKey) throws JSONException {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("version", 0);
        jSONObject.put("modulus", Utils.bytesToBase64(rSAPrivateCrtKey.getModulus().toByteArray()));
        jSONObject.put("privateExponent", Utils.bytesToBase64(rSAPrivateCrtKey.getPrivateExponent().toByteArray()));
        jSONObject.put("primeP", Utils.bytesToBase64(rSAPrivateCrtKey.getPrimeP().toByteArray()));
        jSONObject.put("primeQ", Utils.bytesToBase64(rSAPrivateCrtKey.getPrimeQ().toByteArray()));
        jSONObject.put("primeExponentP", Utils.bytesToBase64(rSAPrivateCrtKey.getPrimeExponentP().toByteArray()));
        jSONObject.put("primeExponentQ", Utils.bytesToBase64(rSAPrivateCrtKey.getPrimeExponentQ().toByteArray()));
        jSONObject.put("crtCoefficient", Utils.bytesToBase64(rSAPrivateCrtKey.getCrtCoefficient().toByteArray()));
        return jSONObject;
    }

    private JSONObject publicKeyToJson(RSAPublicKey rSAPublicKey) throws JSONException {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("version", 0);
        jSONObject.put("modulus", Utils.bytesToBase64(rSAPublicKey.getModulus().toByteArray()));
        return jSONObject;
    }

    private byte[] rsaEncrypt(byte[] bArr, PublicKey publicKey, SecureRandom secureRandom) throws CryptoError {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            cipher.init(1, publicKey, OAEP_PARAMETER_SPEC, secureRandom);
            return cipher.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            e = e;
            throw new RuntimeException(e);
        } catch (InvalidKeyException e2) {
            e = e2;
            throw new CryptoError(e);
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            throw new RuntimeException(e);
        } catch (BadPaddingException e4) {
            e = e4;
            throw new CryptoError(e);
        } catch (IllegalBlockSizeException e5) {
            e = e5;
            throw new CryptoError(e);
        } catch (NoSuchPaddingException e6) {
            e = e6;
            throw new RuntimeException(e);
        }
    }

    public void aesDecrypt(byte[] bArr, InputStream inputStream, OutputStream outputStream, long j) throws IOException, CryptoError {
        try {
            try {
                if (j % 2 == 1) {
                    SubKeys subKeys = getSubKeys(bytesToKey(bArr), true);
                    byte[] encoded = subKeys.cKey.getEncoded();
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    IOUtils.copyLarge(inputStream, byteArrayOutputStream);
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    byte[] copyOfRange = Arrays.copyOfRange(byteArray, 1, byteArray.length - 32);
                    if (!Arrays.equals(hmac256(subKeys.mKey, copyOfRange), Arrays.copyOfRange(byteArray, byteArray.length - 32, byteArray.length))) {
                        throw new CryptoError("invalid mac");
                    }
                    inputStream = new ByteArrayInputStream(copyOfRange);
                    bArr = encoded;
                }
                byte[] bArr2 = new byte[16];
                IOUtils.read(inputStream, bArr2);
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                cipher.init(2, bytesToKey(bArr), new IvParameterSpec(bArr2));
                InputStream cipherInputStream = getCipherInputStream(inputStream, cipher);
                IOUtils.copyLarge(cipherInputStream, outputStream, new byte[1024000]);
                IOUtils.closeQuietly(inputStream);
                IOUtils.closeQuietly(cipherInputStream);
                IOUtils.closeQuietly(outputStream);
            } catch (InvalidAlgorithmParameterException e) {
                e = e;
                throw new RuntimeException(e);
            } catch (InvalidKeyException e2) {
                throw new CryptoError(e2);
            } catch (NoSuchAlgorithmException e3) {
                e = e3;
                throw new RuntimeException(e);
            } catch (NoSuchPaddingException e4) {
                e = e4;
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            IOUtils.closeQuietly((InputStream) null);
            IOUtils.closeQuietly(outputStream);
            throw th;
        }
    }

    public byte[] aesDecrypt(byte[] bArr, String str) throws CryptoError {
        return aesDecrypt(bArr, Utils.base64ToBytes(str));
    }

    public byte[] aesDecrypt(byte[] bArr, byte[] bArr2) throws CryptoError {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            aesDecrypt(bArr, new ByteArrayInputStream(bArr2), byteArrayOutputStream, bArr2.length);
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new CryptoError(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String aesDecryptFile(byte[] bArr, String str) throws IOException, CryptoError {
        FileInfo fileInfo = Utils.getFileInfo(this.context, Uri.parse(str));
        File file = new File(Utils.getDir(this.context), "temp/decrypted");
        file.mkdirs();
        File file2 = new File(file, fileInfo.name);
        aesDecrypt(bArr, this.context.getContentResolver().openInputStream(Uri.parse(str)), new FileOutputStream(file2), fileInfo.size);
        return Uri.fromFile(file2).toString();
    }

    public void aesEncrypt(byte[] bArr, InputStream inputStream, OutputStream outputStream, byte[] bArr2, boolean z) throws CryptoError, IOException {
        try {
            try {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
                SubKeys subKeys = getSubKeys(bytesToKey(bArr), z);
                cipher.init(1, subKeys.cKey, ivParameterSpec);
                InputStream cipherInputStream = getCipherInputStream(inputStream, cipher);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byteArrayOutputStream.write(bArr2);
                IOUtils.copy(cipherInputStream, byteArrayOutputStream);
                if (z) {
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    outputStream.write(new byte[]{1});
                    outputStream.write(byteArray);
                    outputStream.write(hmac256(subKeys.mKey, byteArray));
                } else {
                    outputStream.write(byteArrayOutputStream.toByteArray());
                }
                IOUtils.closeQuietly(inputStream);
                IOUtils.closeQuietly(cipherInputStream);
                IOUtils.closeQuietly(outputStream);
            } catch (InvalidAlgorithmParameterException e) {
                e = e;
                throw new RuntimeException(e);
            } catch (InvalidKeyException e2) {
                throw new CryptoError(e2);
            } catch (NoSuchAlgorithmException e3) {
                e = e3;
                throw new RuntimeException(e);
            } catch (NoSuchPaddingException e4) {
                e = e4;
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            IOUtils.closeQuietly((InputStream) null);
            IOUtils.closeQuietly(outputStream);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptedFileInfo aesEncryptFile(byte[] bArr, String str, byte[] bArr2) throws IOException, CryptoError {
        Uri parse = Uri.parse(str);
        FileInfo fileInfo = Utils.getFileInfo(this.context, parse);
        File file = new File(Utils.getDir(this.context), "temp/encrypted");
        file.mkdirs();
        File file2 = new File(file, fileInfo.name);
        CountingInputStream countingInputStream = new CountingInputStream(this.context.getContentResolver().openInputStream(parse));
        aesEncrypt(bArr, countingInputStream, new FileOutputStream(file2), bArr2, true);
        return new EncryptedFileInfo(Utils.fileToUri(file2), countingInputStream.getByteCount());
    }

    public byte[] decryptKey(Key key, byte[] bArr) throws CryptoError {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(2, key, new IvParameterSpec(FIXED_IV));
            return cipher.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            e = e;
            throw new RuntimeException(e);
        } catch (InvalidKeyException e2) {
            e = e2;
            throw new CryptoError(e);
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            throw new RuntimeException(e);
        } catch (BadPaddingException e4) {
            e = e4;
            throw new CryptoError(e);
        } catch (IllegalBlockSizeException e5) {
            e = e5;
            throw new CryptoError(e);
        } catch (NoSuchPaddingException e6) {
            e = e6;
            throw new RuntimeException(e);
        }
    }

    public byte[] decryptKey(byte[] bArr, byte[] bArr2) throws CryptoError {
        Objects.requireNonNull(bArr, "encryptionKey is null");
        return decryptKey(bytesToKey(bArr), bArr2);
    }

    public byte[] encryptKey(Key key, byte[] bArr) throws CryptoError {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(1, key, new IvParameterSpec(FIXED_IV));
            return cipher.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            e = e;
            throw new RuntimeException(e);
        } catch (InvalidKeyException e2) {
            e = e2;
            throw new CryptoError(e);
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            throw new RuntimeException(e);
        } catch (BadPaddingException e4) {
            e = e4;
            throw new CryptoError(e);
        } catch (IllegalBlockSizeException e5) {
            e = e5;
            throw new CryptoError(e);
        } catch (NoSuchPaddingException e6) {
            e = e6;
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized JSONObject generateRsaKey(byte[] bArr) throws JSONException, NoSuchProviderException, NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator;
        this.randomizer.setSeed(bArr);
        keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048, this.randomizer);
        return keyPairToJson(keyPairGenerator.generateKeyPair());
    }

    public SecureRandom getRandomizer() {
        return this.randomizer;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String rsaDecrypt(JSONObject jSONObject, byte[] bArr) throws CryptoError {
        try {
            return Utils.bytesToBase64(rsaDecrypt(jsonToPrivateKey(jSONObject), bArr));
        } catch (NoSuchAlgorithmException e) {
            e = e;
            throw new RuntimeException("rsaDecrypt error", e);
        } catch (InvalidKeySpecException e2) {
            throw new CryptoError(e2);
        } catch (JSONException e3) {
            e = e3;
            throw new RuntimeException("rsaDecrypt error", e);
        }
    }

    public byte[] rsaDecrypt(PrivateKey privateKey, byte[] bArr) throws CryptoError {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            cipher.init(2, privateKey, OAEP_PARAMETER_SPEC, this.randomizer);
            return cipher.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            e = e;
            throw new RuntimeException("rsaDecrypt error", e);
        } catch (InvalidKeyException e2) {
            e = e2;
            throw new CryptoError(e);
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            throw new RuntimeException("rsaDecrypt error", e);
        } catch (BadPaddingException e4) {
            e = e4;
            throw new CryptoError(e);
        } catch (IllegalBlockSizeException e5) {
            e = e5;
            throw new CryptoError(e);
        } catch (NoSuchPaddingException e6) {
            e = e6;
            throw new RuntimeException("rsaDecrypt error", e);
        }
    }

    String rsaEncrypt(PublicKey publicKey, byte[] bArr, byte[] bArr2) throws CryptoError {
        this.randomizer.setSeed(bArr2);
        return Utils.bytesToBase64(rsaEncrypt(bArr, publicKey, this.randomizer));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String rsaEncrypt(JSONObject jSONObject, byte[] bArr, byte[] bArr2) throws CryptoError {
        try {
            return rsaEncrypt(jsonToPublicKey(jSONObject), bArr, bArr2);
        } catch (JSONException e) {
            throw new RuntimeException(e);
        }
    }
}
