package com.samsung.android.knox.sdp;

import android.os.SystemProperties;
import android.util.Log;
import com.android.internal.widget.LockscreenCredential;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import libcore.util.HexEncoding;

/* loaded from: classes5.dex */
public class StreamCipher {
    private static final int DEFAULT_KEY_LEN = 64;
    public static final long DEFAULT_KS_HANDLE = 0;
    private static final char[] HDR_CHARS;
    private static final int HDR_LEN;
    private static final int MAX_RETRY_CNT = 100;
    private static final String TAG = "StreamCipher.SDP";
    private static StreamCipher sInstance;
    private static final boolean DEBUG = "eng".equals(SystemProperties.get("ro.build.type"));
    private static final byte[] EMPTY_BYTES = new byte[0];
    private long mPublicHandle = 0;
    private final SecureRandom mSecureRandom = new SecureRandom();
    private final Map<Long, KeyStream> mKeyMap = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes5.dex */
    public static class KeyStream {
        private byte[] mKey;

        KeyStream(byte[] bArr) {
            this.mKey = bArr;
        }

        void destroy() {
            StreamCipher.clear(this.mKey);
        }

        byte[] getKey() {
            return this.mKey;
        }
    }

    static {
        char[] cArr = {221, 222};
        HDR_CHARS = cArr;
        HDR_LEN = cArr.length;
    }

    private StreamCipher() {
        initKeyMap();
    }

    private static boolean checkHeader(byte[] bArr, int i10) {
        for (int i11 = 0; i11 < HDR_LEN; i11++) {
            if ((bArr[i11] ^ bArr[i10 + i11]) != ((byte) HDR_CHARS[i11])) {
                return false;
            }
        }
        return true;
    }

    public static void clear(byte[] bArr) {
        if (bArr == null) {
            return;
        }
        Arrays.fill(bArr, 0, bArr.length, (byte) 0);
    }

    public static LockscreenCredential decryptStream(LockscreenCredential lockscreenCredential) {
        if (lockscreenCredential.isNone() || lockscreenCredential.size() < HDR_LEN * 2) {
            Log.d(TAG, "decryptStream is none or size zero. return duplicate.");
            return lockscreenCredential.duplicate();
        }
        int size = lockscreenCredential.size() / 2;
        int i10 = size - HDR_LEN;
        byte[] credential = lockscreenCredential.getCredential();
        if (!checkHeader(credential, size)) {
            Log.e(TAG, "Failed to decrypt stream due to invalid header. return duplicate.");
            return lockscreenCredential.duplicate();
        }
        byte[] bArr = new byte[i10];
        for (int i11 = 0; i11 < i10; i11++) {
            int i12 = HDR_LEN;
            bArr[i11] = (byte) (credential[(size + i11) + i12] ^ credential[i11 + i12]);
        }
        Log.d(TAG, "decryptStream type:" + lockscreenCredential.getType());
        try {
            return LockscreenCredential.streamCredential(lockscreenCredential.getType(), bArr);
        } finally {
            clear(bArr);
        }
    }

    public static byte[] decryptStream(byte[] bArr) {
        if (bArr != null) {
            int length = bArr.length;
            int i10 = HDR_LEN;
            if (length >= i10 * 2) {
                int length2 = bArr.length / 2;
                int i11 = length2 - i10;
                byte[] bArr2 = null;
                if (checkHeader(bArr, length2)) {
                    bArr2 = new byte[i11];
                    for (int i12 = 0; i12 < i11; i12++) {
                        int i13 = HDR_LEN;
                        bArr2[i12] = (byte) (bArr[(length2 + i12) + i13] ^ bArr[i12 + i13]);
                    }
                } else {
                    Log.e(TAG, "Failed to decrypt stream due to invalid header");
                }
                return bArr2;
            }
        }
        Log.d(TAG, "decryptStream - Invalid parameters");
        return null;
    }

    public static LockscreenCredential encryptStream(LockscreenCredential lockscreenCredential) {
        if (lockscreenCredential.isNone() || lockscreenCredential.size() == 0) {
            Log.d(TAG, "encryptStream is none or size zero. return duplicate.");
            return lockscreenCredential.duplicate();
        }
        int size = lockscreenCredential.size();
        int i10 = HDR_LEN;
        int i11 = (size + i10) * 2;
        int i12 = i10 + size;
        byte[] bArr = new byte[i11];
        new SecureRandom().nextBytes(bArr);
        fillHeader(bArr, i12);
        byte[] credential = lockscreenCredential.getCredential();
        for (int i13 = 0; i13 < size; i13++) {
            int i14 = HDR_LEN;
            bArr[i12 + i13 + i14] = (byte) (bArr[i14 + i13] ^ credential[i13]);
        }
        Log.d(TAG, "encryptStream type:" + lockscreenCredential.getType());
        return LockscreenCredential.streamCredential(lockscreenCredential.getType(), bArr);
    }

    public static byte[] encryptStream(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            Log.d(TAG, "encryptStream - Invalid parameters");
            return null;
        }
        int length = bArr.length;
        int i10 = HDR_LEN;
        int i11 = (length + i10) * 2;
        int i12 = i10 + length;
        byte[] bArr2 = new byte[i11];
        new SecureRandom().nextBytes(bArr2);
        fillHeader(bArr2, i12);
        for (int i13 = 0; i13 < length; i13++) {
            int i14 = HDR_LEN;
            bArr2[i12 + i13 + i14] = (byte) (bArr2[i14 + i13] ^ bArr[i13]);
        }
        return bArr2;
    }

    private static void fillHeader(byte[] bArr, int i10) {
        for (int i11 = 0; i11 < HDR_LEN; i11++) {
            bArr[i10 + i11] = (byte) (bArr[i11] ^ ((byte) HDR_CHARS[i11]));
        }
    }

    private byte[] generateKey(int i10) {
        if (i10 > 0) {
            byte[] bArr = new byte[i10];
            this.mSecureRandom.nextBytes(bArr);
            return bArr;
        }
        byte[] bArr2 = new byte[64];
        Arrays.fill(bArr2, 0, bArr2.length, (byte) 0);
        return bArr2;
    }

    public static synchronized StreamCipher getInstance() {
        StreamCipher streamCipher;
        synchronized (StreamCipher.class) {
            if (sInstance == null) {
                sInstance = new StreamCipher();
            }
            streamCipher = sInstance;
        }
        return streamCipher;
    }

    private KeyStream getKeyStreamLocked(long j6) {
        return this.mKeyMap.get(Long.valueOf(j6));
    }

    private void initKeyMap() {
        synchronized (this.mKeyMap) {
            this.mKeyMap.clear();
            byte[] bArr = new byte[64];
            Arrays.fill(bArr, 0, bArr.length, (byte) 0);
            registerKeyStream(0L, new KeyStream(bArr));
            if (DEBUG) {
                Log.d(TAG, "init :: Key map has been initialized");
            }
        }
    }

    private boolean registerKeyStream(long j6, KeyStream keyStream) {
        return registerKeyStream(Long.valueOf(j6), keyStream);
    }

    private boolean registerKeyStream(Long l10, KeyStream keyStream) {
        synchronized (this.mKeyMap) {
            if (this.mKeyMap.containsKey(l10)) {
                return false;
            }
            this.mKeyMap.put(l10, keyStream);
            if (!DEBUG) {
                return true;
            }
            Log.d(TAG, "register :: handle = " + l10.longValue());
            return true;
        }
    }

    private byte[] streamCipher(byte[] bArr, byte[] bArr2) throws IllegalArgumentException {
        if (bArr == null || bArr.length == 0 || bArr2 == null || bArr2.length == 0) {
            throw new IllegalArgumentException("Invalid parameter");
        }
        byte[] bArr3 = new byte[bArr.length];
        if (bArr.length > bArr2.length) {
            int i10 = 0;
            int i11 = 0;
            while (i10 < bArr.length) {
                bArr3[i10] = (byte) (bArr[i10] ^ bArr2[i11]);
                i10++;
                i11 = i10 % bArr2.length;
            }
        } else {
            for (int i12 = 0; i12 < bArr.length; i12++) {
                bArr3[i12] = (byte) (bArr[i12] ^ bArr2[i12]);
            }
        }
        return bArr3;
    }

    public void clearKeyStream() {
        synchronized (this.mKeyMap) {
            for (Long l10 : this.mKeyMap.keySet()) {
                if (DEBUG) {
                    Log.d(TAG, "clear :: handle = " + l10.longValue());
                }
                if (l10.longValue() != 0) {
                    KeyStream keyStream = this.mKeyMap.get(l10);
                    if (keyStream != null) {
                        keyStream.destroy();
                    }
                }
            }
            initKeyMap();
        }
    }

    public byte[] getCipher(byte[] bArr, long j6) {
        if (bArr == null) {
            return null;
        }
        return streamCipher(bArr, j6);
    }

    public String getEncodedCipher(String str, long j6) {
        if (str == null) {
            return null;
        }
        byte[] bytes = str.getBytes();
        try {
            return getEncodedCipher(bytes, j6);
        } finally {
            clear(bytes);
        }
    }

    public String getEncodedCipher(byte[] bArr, long j6) {
        if (bArr == null) {
            return null;
        }
        return String.valueOf(HexEncoding.encode(streamCipher(bArr, j6)));
    }

    public byte[] getKey(long j6) {
        byte[] bArr = null;
        synchronized (this.mKeyMap) {
            KeyStream keyStreamLocked = getKeyStreamLocked(j6);
            if (keyStreamLocked != null) {
                Log.d(TAG, "Key found with handle " + j6);
                bArr = keyStreamLocked.getKey();
            }
        }
        return bArr;
    }

    public long getPublicHandle() {
        return issueKeyStream();
    }

    public long issueKeyStream() {
        synchronized (this.mKeyMap) {
            if (this.mPublicHandle == 0 || !this.mKeyMap.containsKey(Long.valueOf(this.mPublicHandle))) {
                this.mPublicHandle = issueKeyStream(64);
            }
        }
        return this.mPublicHandle;
    }

    public long issueKeyStream(int i10) {
        long j6 = 0;
        if (i10 <= 0) {
            return 0L;
        }
        int i11 = 0;
        while (true) {
            if (i11 >= 100) {
                break;
            }
            long nextLong = this.mSecureRandom.nextLong();
            if (nextLong != 0 && registerKeyStream(nextLong, new KeyStream(generateKey(i10)))) {
                j6 = nextLong;
                break;
            }
            i11++;
        }
        if (DEBUG) {
            Log.d(TAG, "issue :: handle = " + j6);
        }
        return j6;
    }

    public byte[] restoreCipher(byte[] bArr, long j6) {
        if (bArr == null) {
            return null;
        }
        return streamCipher(bArr, j6);
    }

    public String restoreEncodedCipher(String str, long j6) {
        if (str == null) {
            return null;
        }
        String str2 = null;
        try {
            byte[] streamCipher = streamCipher(HexEncoding.decode(str.toCharArray(), true), j6);
            str2 = new String(streamCipher);
            clear(streamCipher);
            return str2;
        } catch (Exception e10) {
            Log.e(TAG, "restore :: Failed to decode cipher");
            return str2;
        }
    }

    public byte[] streamCipher(byte[] bArr, long j6) {
        byte[] streamCipher;
        if (bArr == null) {
            return null;
        }
        if (bArr.length == 0) {
            return EMPTY_BYTES;
        }
        synchronized (this.mKeyMap) {
            KeyStream keyStreamLocked = getKeyStreamLocked(j6);
            if (keyStreamLocked == null) {
                if (DEBUG) {
                    Log.d(TAG, "cipher :: Key stream not found... critical!");
                }
                keyStreamLocked = new KeyStream(generateKey(bArr.length));
                registerKeyStream(j6, keyStreamLocked);
            }
            streamCipher = streamCipher(bArr, keyStreamLocked.getKey());
        }
        return streamCipher;
    }
}
