package com.everykey.android.keymanagement.c.c;

import android.content.Context;
import android.util.Base64;
import com.everykey.android.EverykeyApplication;
import com.everykey.android.c.b.h;
import com.everykey.android.c.b.k;
import com.everykey.android.keymanagement.c.b.f;
import com.everykey.android.keymanagement.c.b.l;
import com.everykey.android.keymanagement.c.c.d;
import com.everykey.android.keymanagement.lock.LockManager;
import com.everykey.android.services.RESTAPIService;
import com.everykey.android.utils.migration.a;
import com.everykey.android.utils.securestorage.g;
import java.io.IOException;
import java.io.StringWriter;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.UUID;
import javax.crypto.KeyGenerator;
import org.a.j.b.a.g;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class d {
    private static final String a = "d";
    private static d b;
    private final com.everykey.android.keymanagement.a.c c;
    private final String d;
    private Context e;
    private final Map<UUID, c> f = new HashMap();
    private int g = 0;

    /* loaded from: classes.dex */
    public interface a {
        void onPublicKeyFetched(com.everykey.android.keymanagement.c.c.a aVar);
    }

    /* loaded from: classes.dex */
    public interface b {
        void onVaultKeyCallback(c cVar);
    }

    private d(Context context) {
        this.c = com.everykey.android.keymanagement.a.c.a(context);
        this.d = LockManager.getInstance(context).getLockId();
        this.e = context;
    }

    public static l a(byte[] bArr) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            byte[] encoded = keyGenerator.generateKey().getEncoded();
            keyPairGenerator.initialize(4096);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            String a2 = a((RSAPublicKey) genKeyPair.getPublic());
            String a3 = a((RSAPublicKey) genKeyPair.getPublic(), (RSAPrivateKey) genKeyPair.getPrivate());
            return new l(a2, f.a(a3.getBytes(StandardCharsets.UTF_16LE), bArr), Base64.encodeToString(((com.everykey.android.keymanagement.c.c.b) com.everykey.android.keymanagement.c.c.a.a((RSAPublicKey) genKeyPair.getPublic(), (RSAPrivateKey) genKeyPair.getPrivate())).a(encoded), 0));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static synchronized d a(Context context) {
        d dVar;
        synchronized (d.class) {
            if (b == null) {
                b = new d(context);
            }
            dVar = b;
        }
        return dVar;
    }

    public static String a(RSAPublicKey rSAPublicKey) {
        try {
            org.a.j.b.a.c a2 = new org.a.g.a.a(rSAPublicKey).a();
            StringWriter stringWriter = new StringWriter();
            g gVar = new g(stringWriter);
            gVar.a(a2);
            gVar.flush();
            return stringWriter.toString();
        } catch (IOException e) {
            com.everykey.android.b.a.b(a, "Failed to generate PEM string.", e);
            return null;
        }
    }

    public static String a(RSAPublicKey rSAPublicKey, RSAPrivateKey rSAPrivateKey) {
        try {
            org.a.j.b.a.c a2 = new org.a.g.a.a(b(rSAPublicKey, rSAPrivateKey)).a();
            StringWriter stringWriter = new StringWriter();
            g gVar = new g(stringWriter);
            gVar.a(a2);
            gVar.flush();
            return stringWriter.toString();
        } catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException e) {
            com.everykey.android.b.a.b(a, "Failed to generate PEM.", e);
            return null;
        }
    }

    private static BigInteger a(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3) {
        BigInteger subtract = bigInteger.multiply(bigInteger2).subtract(BigInteger.ONE);
        int lowestSetBit = subtract.getLowestSetBit();
        BigInteger shiftRight = subtract.shiftRight(lowestSetBit);
        int i = 2;
        while (true) {
            BigInteger modPow = BigInteger.valueOf(i).modPow(shiftRight, bigInteger3);
            int i2 = 1;
            while (i2 <= lowestSetBit && !modPow.equals(BigInteger.ONE) && !modPow.equals(bigInteger3.subtract(BigInteger.ONE))) {
                BigInteger mod = modPow.multiply(modPow).mod(bigInteger3);
                if (mod.equals(BigInteger.ONE)) {
                    return modPow.subtract(BigInteger.ONE).gcd(bigInteger3);
                }
                i2++;
                modPow = mod;
            }
            i++;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void a(com.everykey.android.keymanagement.a.a aVar, c cVar) {
        if (cVar != null) {
            byte[] a2 = cVar.a();
            byte[] bArr = new byte[12];
            new SecureRandom().nextBytes(bArr);
            com.a.a.a.b.a(aVar.e(), 1, a2, bArr, (byte[]) null);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(com.everykey.android.keymanagement.a.a aVar, b bVar, Iterator it, JSONObject jSONObject) {
        try {
            int i = jSONObject.getInt("status");
            if (i >= 0) {
                f fVar = (f) com.everykey.android.utils.b.a.a(jSONObject.getJSONObject("KEK"), f.class);
                JSONObject jSONObject2 = jSONObject.getJSONObject("vaultKey");
                c cVar = new c(aVar, fVar, (f) com.everykey.android.utils.b.a.a(jSONObject2.getJSONObject("privateKey"), f.class), jSONObject2.getString("CEK"));
                this.f.put(aVar.g().a(), cVar);
                bVar.onVaultKeyCallback(cVar);
            } else if (i == -62) {
                com.everykey.android.b.a.d(a, "no RSA key need to check and create then migrate: " + this.g);
                if (this.g == 0) {
                    this.g++;
                    a(this.d, aVar);
                }
            } else {
                com.everykey.android.b.a.d(a, "Network error when getting RSA key: " + i);
                a((Iterator<com.everykey.android.keymanagement.a.a>) it, bVar);
            }
        } catch (Exception e) {
            e.printStackTrace();
            a((Iterator<com.everykey.android.keymanagement.a.a>) it, bVar);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(com.everykey.android.keymanagement.a.a aVar, b bVar, JSONObject jSONObject) {
        try {
            int i = jSONObject.getInt("status");
            if (i >= 0) {
                f fVar = (f) com.everykey.android.utils.b.a.a(jSONObject.getJSONObject("KEK"), f.class);
                JSONObject jSONObject2 = jSONObject.getJSONObject("vaultKey");
                c cVar = new c(aVar, fVar, (f) com.everykey.android.utils.b.a.a(jSONObject2.getJSONObject("privateKey"), f.class), jSONObject2.getString("CEK"));
                this.f.put(aVar.g().a(), cVar);
                bVar.onVaultKeyCallback(cVar);
            } else {
                com.everykey.android.b.a.d(a, "Network error when getting RSA key: " + i);
                bVar.onVaultKeyCallback(null);
            }
        } catch (Exception unused) {
            com.everykey.android.b.a.d(a, "Error parsing JSON");
            bVar.onVaultKeyCallback(null);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(final com.everykey.android.keymanagement.a.a aVar, String str, JSONObject jSONObject) {
        try {
            if (jSONObject.getInt("status") != 0) {
                byte[] a2 = a();
                RESTAPIService.a(this.e, new k(str, aVar.g().b(), f.a(a2, aVar.e()), a(a2), aVar.c()), new RESTAPIService.c() { // from class: com.everykey.android.keymanagement.c.c.-$$Lambda$d$8P9Ch1VOtBsdVymh9nbvGkV0qqQ
                    @Override // com.everykey.android.services.RESTAPIService.c
                    public final void onResponse(JSONObject jSONObject2) {
                        d.this.a(aVar, jSONObject2);
                    }
                });
                return;
            }
            for (com.everykey.android.keymanagement.a.a aVar2 : com.everykey.android.keymanagement.a.c.a(this.e).a(aVar.g())) {
                if (!aVar2.c().equals(aVar.c())) {
                    com.everykey.android.b.a.b(a, "would create new KEK crypto text for this key");
                    a(aVar2, new b() { // from class: com.everykey.android.keymanagement.c.c.-$$Lambda$d$uzqWhTkaZkvzSIKASOeV1mnVa3E
                        @Override // com.everykey.android.keymanagement.c.c.d.b
                        public final void onVaultKeyCallback(c cVar) {
                            d.a(com.everykey.android.keymanagement.a.a.this, cVar);
                        }
                    });
                }
            }
        } catch (JSONException e) {
            e.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(com.everykey.android.keymanagement.a.a aVar, JSONObject jSONObject) {
        try {
            if (jSONObject.getInt("status") == 0) {
                com.everykey.android.b.a.b(a, "we made a key lol, does other stuff work now?");
                com.everykey.android.utils.migration.b a2 = com.everykey.android.utils.migration.b.a(this.e);
                a2.a(aVar.g(), aVar);
                a2.a(new a.InterfaceC0043a() { // from class: com.everykey.android.keymanagement.c.c.-$$Lambda$d$4LOVn-tjg20SAlom6WjTrFRCwPM
                    @Override // com.everykey.android.utils.migration.a.InterfaceC0043a
                    public final void onMigrationComplete(boolean z) {
                        d.this.a(z);
                    }
                });
            } else {
                com.everykey.android.b.a.b(a, "unable to migrate to vault");
            }
        } catch (JSONException e) {
            e.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void a(a aVar, com.everykey.android.c.a.a.b bVar) {
        RSAPublicKey d = bVar.d();
        aVar.onPublicKeyFetched(d == null ? null : com.everykey.android.keymanagement.c.c.a.a(d));
    }

    private void a(final String str, final com.everykey.android.keymanagement.a.a aVar) {
        RESTAPIService.a(this.e, new h(aVar.g().a()), new RESTAPIService.c() { // from class: com.everykey.android.keymanagement.c.c.-$$Lambda$d$nl7KyZU-E_HrDEdvyd67GTZWVT0
            @Override // com.everykey.android.services.RESTAPIService.c
            public final void onResponse(JSONObject jSONObject) {
                d.this.a(aVar, str, jSONObject);
            }
        });
    }

    private void a(final Iterator<com.everykey.android.keymanagement.a.a> it, final b bVar) {
        if (!it.hasNext()) {
            bVar.onVaultKeyCallback(null);
            return;
        }
        final com.everykey.android.keymanagement.a.a next = it.next();
        RESTAPIService.a(EverykeyApplication.a(), new com.everykey.android.c.b.g(this.d, next.c(), next.g().a().toString()), new RESTAPIService.c() { // from class: com.everykey.android.keymanagement.c.c.-$$Lambda$d$aE6Jw1Rhe0FA4Rewwpv9yhf07Gg
            @Override // com.everykey.android.services.RESTAPIService.c
            public final void onResponse(JSONObject jSONObject) {
                d.this.a(next, bVar, it, jSONObject);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(boolean z) {
        com.everykey.android.b.a.b(a, "we migrated creds: " + z);
        this.g = this.g + (-1);
    }

    public static byte[] a() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            return keyGenerator.generateKey().getEncoded();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    private static RSAPrivateCrtKey b(RSAPublicKey rSAPublicKey, RSAPrivateKey rSAPrivateKey) {
        BigInteger bigInteger;
        BigInteger bigInteger2;
        BigInteger publicExponent = rSAPublicKey.getPublicExponent();
        BigInteger privateExponent = rSAPrivateKey.getPrivateExponent();
        BigInteger modulus = rSAPublicKey.getModulus();
        BigInteger a2 = a(publicExponent, privateExponent, modulus);
        BigInteger divide = modulus.divide(a2);
        if (a2.compareTo(divide) > 0) {
            bigInteger2 = a2;
            bigInteger = divide;
        } else {
            bigInteger = a2;
            bigInteger2 = divide;
        }
        return (RSAPrivateCrtKey) KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateCrtKeySpec(modulus, publicExponent, privateExponent, bigInteger, bigInteger2, privateExponent.mod(bigInteger.subtract(BigInteger.ONE)), privateExponent.mod(bigInteger2.subtract(BigInteger.ONE)), bigInteger2.modInverse(bigInteger)));
    }

    public void a(final com.everykey.android.keymanagement.a.a aVar, final b bVar) {
        RESTAPIService.a(EverykeyApplication.a(), new com.everykey.android.c.b.g(this.d, aVar.c(), aVar.g().a().toString()), new RESTAPIService.c() { // from class: com.everykey.android.keymanagement.c.c.-$$Lambda$d$KfgF2HyKv2Oqb98eQQ0pOPLVAZs
            @Override // com.everykey.android.services.RESTAPIService.c
            public final void onResponse(JSONObject jSONObject) {
                d.this.a(aVar, bVar, jSONObject);
            }
        });
    }

    public void a(com.everykey.android.keymanagement.b.b bVar, b bVar2) {
        if (this.f.containsKey(bVar.a())) {
            bVar2.onVaultKeyCallback(this.f.get(bVar.a()));
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (com.everykey.android.keymanagement.a.a aVar : this.c.c((g.a) null)) {
            if (aVar.g().equals(bVar)) {
                arrayList.add(aVar);
            }
        }
        a(arrayList.iterator(), bVar2);
    }

    public void a(UUID uuid, final a aVar) {
        if (this.f.containsKey(uuid)) {
            aVar.onPublicKeyFetched(this.f.get(uuid).c());
        } else {
            RESTAPIService.a(EverykeyApplication.a(), new h(uuid), new RESTAPIService.a() { // from class: com.everykey.android.keymanagement.c.c.-$$Lambda$d$H09C2neYE_khbNi68aDSgwZ39XM
                @Override // com.everykey.android.services.RESTAPIService.a
                public final void onResponse(Object obj) {
                    d.a(d.a.this, (com.everykey.android.c.a.a.b) obj);
                }
            });
        }
    }
}
