package me.proton.core.user.data;

import androidx.compose.animation.Scale$$ExternalSyntheticOutline0;
import androidx.room.InvalidationTracker$implementation$1;
import io.sentry.DateUtils;
import io.sentry.util.FileUtils;
import java.util.Arrays;
import kotlin.Result;
import kotlin.ResultKt;
import kotlin.coroutines.jvm.internal.ContinuationImpl;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.Intrinsics;
import me.proton.core.crypto.android.context.AndroidCryptoContext;
import me.proton.core.crypto.common.keystore.EncryptedByteArray;
import me.proton.core.crypto.common.keystore.KeyStoreCrypto;
import me.proton.core.crypto.common.keystore.PlainByteArray;
import me.proton.core.crypto.common.pgp.VerificationStatus;
import me.proton.core.domain.entity.UserId;
import me.proton.core.key.domain.entity.key.KeyId;
import me.proton.core.key.domain.entity.key.NestedPrivateKey;
import me.proton.core.key.domain.entity.key.PrivateKey;
import me.proton.core.key.domain.entity.key.PublicKeyRing;
import me.proton.core.key.domain.entity.key.UnlockedPrivateKey;
import me.proton.core.key.domain.entity.keyholder.KeyHolderContext;
import me.proton.core.user.data.repository.UserRepositoryImpl;
import me.proton.core.user.domain.entity.AddressType;
import me.proton.core.user.domain.entity.Email;
import me.proton.core.user.domain.entity.UserAddress;
import me.proton.core.user.domain.entity.UserAddressKey;
import me.proton.core.user.domain.repository.UserRepository;
import me.proton.core.util.android.sentry.TimberLogger;
import okhttp3.TlsVersion;
import okio.Path;
import org.jsoup.select.NodeTraversor;
import org.minidns.util.Hex;

/* loaded from: classes2.dex */
public final class UserAddressKeySecretProvider {
    public static final Companion Companion = new Object();
    public final AndroidCryptoContext cryptoContext;
    public final KeyStoreCrypto keyStoreCrypto;
    public final UserRepository passphraseRepository;

    /* loaded from: classes2.dex */
    public final class Companion {
    }

    /* loaded from: classes2.dex */
    public final class UserAddressKeySecret {
        public final EncryptedByteArray passphrase;
        public final String signature;
        public final String token;

        public UserAddressKeySecret(EncryptedByteArray passphrase, String str, String str2) {
            Intrinsics.checkNotNullParameter(passphrase, "passphrase");
            this.passphrase = passphrase;
            this.token = str;
            this.signature = str2;
        }

        public final boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof UserAddressKeySecret)) {
                return false;
            }
            UserAddressKeySecret userAddressKeySecret = (UserAddressKeySecret) obj;
            return Intrinsics.areEqual(this.passphrase, userAddressKeySecret.passphrase) && Intrinsics.areEqual(this.token, userAddressKeySecret.token) && Intrinsics.areEqual(this.signature, userAddressKeySecret.signature);
        }

        public final int hashCode() {
            int hashCode = Arrays.hashCode(this.passphrase.array) * 31;
            String str = this.token;
            int hashCode2 = (hashCode + (str == null ? 0 : str.hashCode())) * 31;
            String str2 = this.signature;
            return hashCode2 + (str2 != null ? str2.hashCode() : 0);
        }

        public final String toString() {
            StringBuilder sb = new StringBuilder("UserAddressKeySecret(passphrase=");
            sb.append(this.passphrase);
            sb.append(", token=");
            sb.append(this.token);
            sb.append(", signature=");
            return Scale$$ExternalSyntheticOutline0.m(this.signature, ")", sb);
        }
    }

    /* loaded from: classes2.dex */
    public abstract /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[AddressType.values().length];
            try {
                Path.Companion companion = AddressType.Companion;
                iArr[4] = 1;
            } catch (NoSuchFieldError unused) {
            }
            $EnumSwitchMapping$0 = iArr;
        }
    }

    public UserAddressKeySecretProvider(UserRepository passphraseRepository, AndroidCryptoContext cryptoContext) {
        Intrinsics.checkNotNullParameter(passphraseRepository, "passphraseRepository");
        Intrinsics.checkNotNullParameter(cryptoContext, "cryptoContext");
        this.passphraseRepository = passphraseRepository;
        this.cryptoContext = cryptoContext;
        this.keyStoreCrypto = cryptoContext.keyStoreCrypto;
    }

    public final UserAddressKey generateUserAddressKey(boolean z, UserAddress userAddress, PrivateKey userPrivateKey, boolean z2) {
        UserAddressKeySecret userAddressKeySecret;
        Intrinsics.checkNotNullParameter(userAddress, "userAddress");
        Intrinsics.checkNotNullParameter(userPrivateKey, "userPrivateKey");
        KeyStoreCrypto keyStoreCrypto = this.keyStoreCrypto;
        AndroidCryptoContext androidCryptoContext = this.cryptoContext;
        if (z) {
            byte[] generateNewToken$default = TlsVersion.Companion.generateNewToken$default(androidCryptoContext.pgpCrypto);
            PlainByteArray plainByteArray = new PlainByteArray(generateNewToken$default);
            try {
                EncryptedByteArray encrypt = NodeTraversor.encrypt(plainByteArray, keyStoreCrypto);
                String encryptData = TlsVersion.Companion.encryptData(userPrivateKey, androidCryptoContext, generateNewToken$default);
                UnlockedPrivateKey unlock = TlsVersion.Companion.unlock(userPrivateKey, androidCryptoContext);
                try {
                    String signData = DateUtils.signData(unlock, androidCryptoContext, generateNewToken$default, null);
                    CloseableKt.closeFinally(unlock, null);
                    userAddressKeySecret = new UserAddressKeySecret(encrypt, encryptData, signData);
                    CloseableKt.closeFinally(plainByteArray, null);
                } finally {
                }
            } finally {
            }
        } else {
            EncryptedByteArray encryptedByteArray = userPrivateKey.passphrase;
            if (encryptedByteArray == null) {
                throw new IllegalStateException("Passphrase cannot be null.");
            }
            userAddressKeySecret = new UserAddressKeySecret(encryptedByteArray, null, null);
        }
        PlainByteArray decrypt = NodeTraversor.decrypt(userAddressKeySecret.passphrase, keyStoreCrypto);
        try {
            Email split = TlsVersion.Companion.split(userAddress.email);
            PrivateKey privateKey = new PrivateKey(androidCryptoContext.pgpCrypto.generateNewPrivateKey(split.username, split.domain, decrypt.array), z2, true, true, true, userAddressKeySecret.passphrase);
            AddressType addressType = userAddress.type;
            UserAddressKey userAddressKey = new UserAddressKey(userAddress.addressId, 3, (addressType == null ? -1 : WhenMappings.$EnumSwitchMapping$0[addressType.ordinal()]) == 1 ? 15 : 3, userAddressKeySecret.token, userAddressKeySecret.signature, null, true, new KeyId("temp"), privateKey);
            CloseableKt.closeFinally(decrypt, null);
            return userAddressKey;
        } finally {
        }
    }

    public final Object getPassphrase(UserId userId, KeyHolderContext keyHolderContext, UserAddressKey userAddressKey, ContinuationImpl continuationImpl) {
        String str;
        Object createFailure;
        TimberLogger timberLogger;
        if (!userAddressKey.active) {
            return null;
        }
        String str2 = userAddressKey.token;
        if (str2 == null || (str = userAddressKey.signature) == null) {
            return ((UserRepositoryImpl) this.passphraseRepository).getPassphrase(userId, continuationImpl);
        }
        PrivateKey privateKey = userAddressKey.privateKey;
        InvalidationTracker$implementation$1 invalidationTracker$implementation$1 = new InvalidationTracker$implementation$1(1, Companion, Companion.class, "tokenHasValidFormat", "tokenHasValidFormat([B)Z", 0, 28);
        PublicKeyRing publicKeyRing = keyHolderContext.publicKeyRing;
        String key = privateKey.key;
        Intrinsics.checkNotNullParameter(key, "key");
        try {
            createFailure = Hex.decryptNestedKeyOrThrow(keyHolderContext, key, str2, str, publicKeyRing, invalidationTracker$implementation$1, null);
        } catch (Throwable th) {
            createFailure = ResultKt.createFailure(th);
        }
        Throwable m1208exceptionOrNullimpl = Result.m1208exceptionOrNullimpl(createFailure);
        if (m1208exceptionOrNullimpl != null && (timberLogger = FileUtils.logger) != null) {
            timberLogger.d("core.key.default", "Cannot decrypt nested key.", m1208exceptionOrNullimpl);
        }
        if (createFailure instanceof Result.Failure) {
            createFailure = null;
        }
        NestedPrivateKey nestedPrivateKey = (NestedPrivateKey) createFailure;
        if (nestedPrivateKey == null) {
            return null;
        }
        if (nestedPrivateKey.status != VerificationStatus.Success) {
            nestedPrivateKey = null;
        }
        if (nestedPrivateKey != null) {
            return nestedPrivateKey.privateKey.passphrase;
        }
        return null;
    }
}
