package com.markspace.backupserveraccess;

import android.util.Base64;
import com.markspace.backupserveraccess.request.ck.CkAppInitRequest;
import com.markspace.backupserveraccess.request.ck.CkFetchAccountSettingsRequest;
import com.markspace.backupserveraccess.request.ck.CkFetchAuthData;
import com.markspace.backupserveraccess.request.ck.CkFetchAuthRequest;
import com.markspace.backupserveraccess.request.ck.CkFetchEscrowRecordsRequest;
import com.markspace.backupserveraccess.request.ck.CkFetchUrlData;
import com.markspace.backupserveraccess.request.ck.CkFetchUrlRequest;
import com.markspace.backupserveraccess.request.ck.CkGetZoneRequest;
import com.markspace.backupserveraccess.request.ck.CkRecoverRequest;
import com.markspace.backupserveraccess.request.ck.CkSrpInitData;
import com.markspace.backupserveraccess.request.ck.CkSrpInitRequest;
import com.markspace.ckserveraccess.nano.MSCKDataTypesJava;
import com.markspace.mscloudkitlib.MSZoneRecord;
import com.markspace.mscloudkitlib.mscrypto.MSCryptoClient;
import com.markspace.mscloudkitlib.mscrypto.MSDER;
import com.markspace.mscloudkitlib.mspcs.MSBackupEscrow;
import com.markspace.mscloudkitlib.mspcs.MSKeyManager;
import com.markspace.mscloudkitlib.mspcs.MSKeyset;
import com.markspace.mscloudkitlib.mspcs.MSProtection;
import com.markspace.mscloudkitlib.utilities.plist.NSArray;
import com.markspace.mscloudkitlib.utilities.plist.NSData;
import com.markspace.mscloudkitlib.utilities.plist.NSDictionary;
import com.markspace.mscloudkitlib.utilities.plist.NSNumber;
import com.markspace.mscloudkitlib.utilities.plist.NSString;
import com.markspace.utility.MSDataUtilities;
import com.markspace.utility.MSLogger;
import com.sec.android.easyMover.migration.JSONConstants;
import com.sec.android.easyMoverBase.CRLog;
import com.sec.android.easyMoverCommon.CommonContexts;
import java.net.MalformedURLException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;

/* loaded from: classes.dex */
public class CloudKitSessionManager {
    private static final String TAG = "MSDG[SmartSwitch]" + CloudKitDeviceManager.class.getSimpleName();
    private String appleID;
    private BackupDavFactoryData backupDavFactoryData;
    private boolean canceled;
    private CkAppInitRequest ckAppInitRequest;
    private CkFetchAccountSettingsRequest ckFetchAccountSettingsRequest;
    private CkFetchAuthData ckFetchAuthData;
    private CkFetchAuthRequest ckFetchAuthRequest;
    private CkFetchEscrowRecordsRequest ckFetchEscrowRecordsRequest;
    private CkFetchUrlData ckFetchUrlData;
    private CkFetchUrlRequest ckFetchUrlRequest;
    private CkGetZoneRequest ckGetZoneRequest;
    private CkRecoverRequest ckRecoverRequest;
    private CkSrpInitRequest ckSrpInitRequest;
    private CloudKitHandlerData cloudKitHandlerData;
    private MSKeyset escrowKeyset;
    private String password;
    private boolean sessionOpened = true;
    private boolean mIs2FAEnabled = false;
    private MSLogger logger = new MSLogger(CommonContexts.getContextWrapper());

    public CloudKitSessionManager(BackupDavFactoryData backupDavFactoryData, CloudKitHandlerData cloudKitHandlerData) {
        this.canceled = false;
        this.backupDavFactoryData = backupDavFactoryData;
        this.cloudKitHandlerData = cloudKitHandlerData;
        this.logger.setAppendToLog(true);
        this.logger.setLogLevel(MSLogger.LOG_LEVEL_DEBUG);
        cloudKitHandlerData.keyManager = new MSKeyManager();
        this.canceled = false;
    }

    private boolean CloudKitAppInit() {
        CRLog.i(TAG, "CloudKitAppInit +++");
        boolean z = false;
        if (isStopped()) {
            return false;
        }
        try {
            this.ckAppInitRequest = new CkAppInitRequest(this.ckFetchAuthData, this.cloudKitHandlerData.ckFetchAccountSettingsData, this.ckFetchUrlData);
            this.cloudKitHandlerData.ckAppInitData = this.ckAppInitRequest.request();
            z = true;
        } catch (MSException e) {
            this.logger.log(e.getMessage());
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return z;
    }

    private boolean authenticateSession() {
        CRLog.i(TAG, "authenticateSession +++");
        boolean z = false;
        if (isStopped()) {
            return false;
        }
        try {
            this.ckFetchUrlRequest = new CkFetchUrlRequest();
            this.ckFetchUrlData = this.ckFetchUrlRequest.request();
            this.ckFetchAuthRequest = new CkFetchAuthRequest(this.appleID, this.password, this.ckFetchUrlData);
            this.ckFetchAuthData = this.ckFetchAuthRequest.request();
            this.ckFetchAccountSettingsRequest = new CkFetchAccountSettingsRequest(this.ckFetchAuthData, this.ckFetchUrlData);
            this.cloudKitHandlerData.ckFetchAccountSettingsData = this.ckFetchAccountSettingsRequest.request();
            z = true;
        } catch (MSException | MalformedURLException e) {
            this.logger.log(e.getMessage());
        }
        return z;
    }

    private MSZoneRecord getZone(MSCKDataTypesJava.MSCKZoneIdentifier mSCKZoneIdentifier, String str) throws MSException {
        this.ckGetZoneRequest = new CkGetZoneRequest(this.cloudKitHandlerData.ckFetchAccountSettingsData, mSCKZoneIdentifier, this.cloudKitHandlerData.ckAppInitData, this.cloudKitHandlerData.deviceHardwareID, this.logger);
        return this.ckGetZoneRequest.request();
    }

    private MSCKDataTypesJava.MSCKZoneIdentifier getZoneIdentifier(String str) {
        MSCKDataTypesJava.MSCKZoneIdentifier mSCKZoneIdentifier = new MSCKDataTypesJava.MSCKZoneIdentifier();
        MSCKDataTypesJava.MSCKRecordInfo mSCKRecordInfo = new MSCKDataTypesJava.MSCKRecordInfo();
        mSCKRecordInfo.name = str;
        mSCKRecordInfo.type = 7;
        mSCKZoneIdentifier.value = mSCKRecordInfo;
        MSCKDataTypesJava.MSCKRecordInfo mSCKRecordInfo2 = new MSCKDataTypesJava.MSCKRecordInfo();
        mSCKRecordInfo2.name = this.cloudKitHandlerData.ckAppInitData.cloudKitUserID;
        mSCKRecordInfo2.type = 6;
        mSCKZoneIdentifier.ownerIdentifier = mSCKRecordInfo2;
        return mSCKZoneIdentifier;
    }

    private boolean handleSRP6Exchange() {
        NSDictionary request;
        CRLog.i(TAG, "handleSRP6Exchange +++");
        boolean z = false;
        if (isStopped()) {
            return false;
        }
        NSDictionary nSDictionary = null;
        try {
            MSDataUtilities.hexStringToByteArray(MSCryptoClient.SRP_DEFAULT_PRIME_HEX_RAW);
            this.ckFetchEscrowRecordsRequest = new CkFetchEscrowRecordsRequest(this.cloudKitHandlerData.ckFetchAccountSettingsData, this.ckFetchAuthData);
            request = this.ckFetchEscrowRecordsRequest.request();
        } catch (MSException e) {
            this.logger.log(e.getMessage());
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        if (request == null) {
            throw new MSException("Error escrowRecordsPlist is null");
        }
        NSArray nSArray = (NSArray) request.objectForKey("metadataList");
        boolean z2 = false;
        int i = 0;
        while (true) {
            if (i >= nSArray.count()) {
                break;
            }
            NSDictionary nSDictionary2 = (NSDictionary) nSArray.objectAtIndex(i);
            String nSString = ((NSString) nSDictionary2.objectForKey("label")).toString();
            if (nSString.equalsIgnoreCase("com.apple.protectedcloudstorage.record")) {
                ((NSString) nSDictionary2.objectForKey("recordStatus")).toString();
                long parseLong = Long.parseLong(((NSString) nSDictionary2.objectForKey("remainingAttempts")).toString());
                ((NSNumber) nSDictionary2.objectForKey("silentAttemptAllowed")).longValue();
                if (parseLong <= 5) {
                    throw new MSException("WARNING: Only 5 SRP attempts remaining. Aborting.");
                }
                nSDictionary = CkHeaderFactory.parsePList(Base64.decode(((NSString) nSDictionary2.objectForKey("metadata")).toString(), 0));
                z2 = true;
            } else {
                this.logger.logDebugFormat("Found multiple Escrow Record metadata objects. Skipping metadata for %s.", nSString);
                i++;
            }
        }
        if (!z2) {
            throw new MSException("ERROR: No metadata for protected cloud storage.");
        }
        this.ckSrpInitRequest = new CkSrpInitRequest(this.ckFetchAuthData, this.cloudKitHandlerData.ckFetchAccountSettingsData);
        CkSrpInitData request2 = this.ckSrpInitRequest.request();
        if (request2 == null) {
            return false;
        }
        Base64.encodeToString(MSCryptoClient.createSRPClientProof(request2.tag, request2.uid, CkSrpInitData.M1), 2);
        this.ckRecoverRequest = new CkRecoverRequest(this.ckFetchAuthData, this.cloudKitHandlerData.ckFetchAccountSettingsData, request2);
        NSDictionary request3 = this.ckRecoverRequest.request();
        if (request3 == null) {
            throw new MSException("parsePList returns null");
        }
        HashMap<String, byte[]> parseSRPServerProof = MSCryptoClient.parseSRPServerProof(Base64.decode(request3.objectForKey("respBlob").toString(), 0));
        HashMap<String, Object> parseSRPPCSData = MSCryptoClient.parseSRPPCSData(MSCryptoClient.decryptAESBlock(parseSRPServerProof.get("data"), request2.theSessionKey, parseSRPServerProof.get("iv"), 0));
        byte[] bArr = (byte[]) parseSRPPCSData.get("dsid");
        byte[] bArr2 = (byte[]) parseSRPPCSData.get("salt");
        NSDictionary parsePList = CkHeaderFactory.parsePList(MSCryptoClient.decryptAESBlock((byte[]) parseSRPPCSData.get("data"), MSCryptoClient.derivePCSKey(bArr, bArr2, ((Integer) parseSRPPCSData.get("iterations")).intValue()), Arrays.copyOfRange(bArr2, 0, 16), 9));
        if (parsePList == null) {
            throw new MSException("ERROR parsePList returns null");
        }
        byte[] bytes = ((NSData) parsePList.objectForKey("BackupBagPassword")).bytes();
        if (!Arrays.equals(MSCryptoClient.calculateSHA1(bytes), ((NSData) parsePList.objectForKey("BackupKeybagDigest")).bytes())) {
            throw new MSException("backup keybag digest mismatch");
        }
        MSDER msder = new MSDER();
        HashMap<String, Object> parseKeySet = msder.parseKeySet(bytes);
        if (parseKeySet == null) {
            throw new MSException("ERROR theKeySet is null. parseKeySet returns null");
        }
        if (nSDictionary == null) {
            throw new MSException("ERROR getRecordsMetaData is null. parsePList returns null");
        }
        HashMap<String, Object> parseBackupEscrow = msder.parseBackupEscrow(((NSData) ((NSDictionary) ((NSDictionary) nSDictionary.objectForKey("ClientMetadata")).objectForKey("SecureBackupiCloudDataProtection")).objectForKey("kPCSMetadataEscrowedKeys")).bytes());
        if (parseBackupEscrow == null) {
            throw new MSException("ERROR parseBackupEscrow returns null");
        }
        byte[] bArr3 = (byte[]) parseBackupEscrow.get("masterKeyPublic");
        HashMap hashMap = (HashMap) parseKeySet.get("keys");
        byte[] bArr4 = null;
        Iterator it = hashMap.keySet().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            HashMap hashMap2 = (HashMap) ((HashMap) hashMap.get((Integer) it.next())).get("keyData");
            if (Arrays.equals(bArr3, (byte[]) ((HashMap) hashMap2.get("publicKeyInfo")).get(JSONConstants.Appolicious.KEY))) {
                byte[] bArr5 = (byte[]) hashMap2.get("privateKey");
                bArr4 = bArr5.length > 32 ? Arrays.copyOfRange(bArr5, 32, 64) : bArr5;
            }
        }
        if (bArr4 == null) {
            throw new MSException("Failed to retrieve master key");
        }
        this.escrowKeyset = new MSKeyset(msder.parseKeySet(MSCryptoClient.decryptGCMBlock(new MSBackupEscrow(parseBackupEscrow).getData(), MSCryptoClient.unwrapEllipticalCurveKey(bArr3, bArr4, (byte[]) parseBackupEscrow.get("wrappedKey")))));
        z = true;
        return z;
    }

    private boolean setupZoneProtection() {
        MSZoneRecord zone;
        CRLog.i(TAG, "setupZoneProtection +++");
        boolean z = false;
        if (isStopped()) {
            return false;
        }
        try {
            this.cloudKitHandlerData.keyManager.addECKeys(this.escrowKeyset.getKeys());
            this.cloudKitHandlerData.defaultZoneIdentifier = getZoneIdentifier("_defaultZone");
            zone = getZone(this.cloudKitHandlerData.defaultZoneIdentifier, this.cloudKitHandlerData.ckAppInitData.ckDeviceURL);
        } catch (MSException e) {
            this.logger.log(e.getMessage());
        }
        if (zone == null) {
            throw new MSException("ERROR: Failed to get default zone record");
        }
        if (!this.cloudKitHandlerData.keyManager.decodeProtection(new MSProtection(zone, MSProtection.ZONE_PROTECTION))) {
            throw new MSException("ERROR: Failed to decode default zone");
        }
        if (zone.getRecordProtectionInfo() != null && zone.getRecordProtectionInfo().getProtectionInfoTag().length() > 0) {
            this.cloudKitHandlerData.defaultZoneChildProtection = new MSProtection(zone, MSProtection.ZONE_CHILD_PROTECTION);
            if (!this.cloudKitHandlerData.keyManager.decodeProtection(this.cloudKitHandlerData.defaultZoneChildProtection)) {
                throw new MSException("ERROR: Failed to decode default zone child protection");
            }
        }
        this.cloudKitHandlerData.syncZoneIdentifier = getZoneIdentifier("mbksync");
        MSZoneRecord zone2 = getZone(this.cloudKitHandlerData.syncZoneIdentifier, this.cloudKitHandlerData.ckAppInitData.ckDeviceURL);
        if (zone2 == null) {
            throw new MSException("ERROR: syncZone is null");
        }
        if (!this.cloudKitHandlerData.keyManager.decodeProtection(new MSProtection(zone2, MSProtection.ZONE_PROTECTION))) {
            throw new MSException("ERROR: Failed to decode mbsync zone");
        }
        z = true;
        return z;
    }

    public void fetchSession(String str, String str2, String str3) throws Exception {
        CRLog.i(TAG, "getDeviceList +++");
        try {
        } catch (MSException e) {
            this.logger.log(e.getMessage());
        }
        if (isStopped()) {
            throw new MSException("Error: getDeviceList is interrupted");
        }
        this.appleID = str;
        this.password = str2 + str3;
        if (str3 == null || str3.length() <= 0) {
            this.mIs2FAEnabled = false;
        } else {
            this.mIs2FAEnabled = true;
        }
        this.cloudKitHandlerData.deviceHardwareID = MSDataUtilities.byteArrayToHexString(MSCryptoClient.generateEntropy(32));
        if (!authenticateSession()) {
            throw new MSException("Error: authentication failed");
        }
        if (!handleSRP6Exchange()) {
            throw new MSException("Error: SRP exchange failed");
        }
        if (!CloudKitAppInit()) {
            throw new MSException("Error: Failed to initialize CloudKit application");
        }
        if (!setupZoneProtection()) {
            CRLog.e(TAG, "Error: Zone protection setup failed");
            throw new MSException("Error: Zone protection setup failed");
        }
        CRLog.i(TAG, "getDeviceList ---");
    }

    public synchronized boolean isStopped() {
        if (this.canceled) {
            CRLog.w(TAG, "THREAD is canceled");
        }
        return this.canceled;
    }

    public synchronized void reset() {
        this.canceled = false;
    }

    public synchronized void stop() {
        CRLog.w(TAG, "THREAD is canceling");
        this.canceled = true;
        if (this.ckFetchUrlRequest != null) {
            this.ckFetchUrlRequest.stop();
        }
        if (this.ckFetchAuthRequest != null) {
            this.ckFetchAuthRequest.stop();
        }
        if (this.ckFetchAccountSettingsRequest != null) {
            this.ckFetchAccountSettingsRequest.stop();
        }
        if (this.ckFetchEscrowRecordsRequest != null) {
            this.ckFetchEscrowRecordsRequest.stop();
        }
        if (this.ckSrpInitRequest != null) {
            this.ckSrpInitRequest.stop();
        }
        if (this.ckRecoverRequest != null) {
            this.ckRecoverRequest.stop();
        }
        if (this.ckAppInitRequest != null) {
            this.ckAppInitRequest.stop();
        }
        if (this.ckGetZoneRequest != null) {
            this.ckGetZoneRequest.stop();
        }
    }
}
