package com.sybase.persistence;

import android.util.Log;
import com.sybase.persistence.Gatekeeper;
import java.io.Serializable;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.Iterator;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;

/* loaded from: classes4.dex */
public abstract class DataVault {
    private Boolean canBeOpenedWithDefaultPassword;
    private final Gatekeeper gatekeeper;
    protected final String id;
    private ILegacyDataVault legacy;
    protected final ReadWriteLock lock = new ReentrantReadWriteLock();
    private final LowLevelStorage lowLevelStorage;
    private final MetaInformation metaInformation;
    private final EncryptionKeyDerivation preferredDerivation;

    /* loaded from: classes4.dex */
    public static class DVPasswordPolicy implements Serializable {
        private static final DVPasswordPolicy DEFAULT_POLICY = new DVPasswordPolicy();
        private boolean isDefaultPasswordAllowed = true;
        private int minLength = 0;
        private boolean hasDigits = false;
        private boolean hasUpper = false;
        private boolean hasLower = false;
        private boolean hasSpecial = false;
        private int expirationDays = 0;
        private int minUniqueChars = 0;
        private int lockTimeout = 0;
        private int retryLimit = 0;
        private boolean fingerprintEnabled = true;

        public final boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            DVPasswordPolicy dVPasswordPolicy = (DVPasswordPolicy) obj;
            return this.isDefaultPasswordAllowed == dVPasswordPolicy.isDefaultPasswordAllowed && this.minLength == dVPasswordPolicy.minLength && this.hasDigits == dVPasswordPolicy.hasDigits && this.hasUpper == dVPasswordPolicy.hasUpper && this.hasLower == dVPasswordPolicy.hasLower && this.hasSpecial == dVPasswordPolicy.hasSpecial && this.expirationDays == dVPasswordPolicy.expirationDays && this.minUniqueChars == dVPasswordPolicy.minUniqueChars && this.lockTimeout == dVPasswordPolicy.lockTimeout && this.retryLimit == dVPasswordPolicy.retryLimit && this.fingerprintEnabled == dVPasswordPolicy.fingerprintEnabled;
        }

        public final int getExpirationDays() {
            return this.expirationDays;
        }

        public final boolean getFingerprintEnabled() {
            return this.fingerprintEnabled;
        }

        public final boolean getHasDigits() {
            return this.hasDigits;
        }

        public final boolean getHasLower() {
            return this.hasLower;
        }

        public final boolean getHasSpecial() {
            return this.hasSpecial;
        }

        public final boolean getHasUpper() {
            return this.hasUpper;
        }

        public final boolean getIsDefaultPasswordAllowed() {
            return this.isDefaultPasswordAllowed;
        }

        public final int getLockTimeout() {
            return this.lockTimeout;
        }

        public final int getMinLength() {
            return this.minLength;
        }

        public final int getMinUniqueChars() {
            return this.minUniqueChars;
        }

        public final int getRetryLimit() {
            return this.retryLimit;
        }

        public final int hashCode() {
            return ((((((((((((((((((((this.isDefaultPasswordAllowed ? 1 : 0) * 31) + this.minLength) * 31) + (this.hasDigits ? 1 : 0)) * 31) + (this.hasUpper ? 1 : 0)) * 31) + (this.hasLower ? 1 : 0)) * 31) + (this.hasSpecial ? 1 : 0)) * 31) + this.expirationDays) * 31) + this.minUniqueChars) * 31) + this.lockTimeout) * 31) + this.retryLimit) * 31) + (this.fingerprintEnabled ? 1 : 0);
        }

        public final void setExpirationDays(int i) {
            this.expirationDays = i;
        }

        public final void setFingerprintEnabled(boolean z) {
            this.fingerprintEnabled = z;
        }

        public final void setHasDigits(boolean z) {
            this.hasDigits = z;
        }

        public final void setHasLower(boolean z) {
            this.hasLower = z;
        }

        public final void setHasSpecial(boolean z) {
            this.hasSpecial = z;
        }

        public final void setHasUpper(boolean z) {
            this.hasUpper = z;
        }

        public final void setIsDefaultPasswordAllowed(boolean z) {
            this.isDefaultPasswordAllowed = z;
        }

        public final void setLockTimeout(int i) {
            this.lockTimeout = i;
        }

        public final void setMinLength(int i) {
            this.minLength = i;
        }

        public final void setMinUniqueChars(int i) {
            this.minUniqueChars = i;
        }

        public final void setRetryLimit(int i) {
            this.retryLimit = i;
        }

        public final void validate() {
            if (getMinLength() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
            if (getExpirationDays() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
            if (getMinUniqueChars() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
            if (getLockTimeout() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
            if (getRetryLimit() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
        }

        public final void validatePassword(char[] cArr) {
            int length = cArr == null ? 0 : cArr.length;
            if (length == 0) {
                if (!getIsDefaultPasswordAllowed()) {
                    throw new DataVaultException("Password Violates set password policy", 50, this);
                }
                return;
            }
            boolean z = false;
            boolean z2 = false;
            boolean z3 = false;
            boolean z4 = false;
            int i = 0;
            for (int i2 = 0; i2 < length; i2++) {
                char c = cArr[i2];
                boolean z5 = true;
                if (c >= '0' && c <= '9') {
                    z = true;
                } else if (c >= 'A' && c <= 'Z') {
                    z2 = true;
                } else if (c < 'a' || c > 'z') {
                    z4 = true;
                } else {
                    z3 = true;
                }
                int i3 = 0;
                while (true) {
                    if (i3 >= i2) {
                        break;
                    }
                    if (cArr[i3] == cArr[i2]) {
                        z5 = false;
                        break;
                    }
                    i3++;
                }
                if (z5) {
                    i++;
                }
            }
            if (getMinLength() > 0 && length < getMinLength()) {
                throw new DataVaultException("Password Violates set password policy", 51, this);
            }
            if (getHasDigits() && !z) {
                throw new DataVaultException("Password Violates set password policy", 52, this);
            }
            if (getHasUpper() && !z2) {
                throw new DataVaultException("Password Violates set password policy", 53, this);
            }
            if (getHasLower() && !z3) {
                throw new DataVaultException("Password Violates set password policy", 54, this);
            }
            if (getHasSpecial() && !z4) {
                throw new DataVaultException("Password Violates set password policy", 55, this);
            }
            if (getMinUniqueChars() > 0 && i < getMinUniqueChars()) {
                throw new DataVaultException("Password Violates set password policy", 56, this);
            }
        }
    }

    static {
        Log.i("DataVault", "GO AWAY");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public DataVault(String str, boolean z, char[] cArr, ILegacyDataVault iLegacyDataVault, String str2, LowLevelStorage lowLevelStorage, EncryptionKeyDerivation encryptionKeyDerivation, EncryptionKeyDerivation... encryptionKeyDerivationArr) {
        if (iLegacyDataVault != null && iLegacyDataVault.isLegacyVaultPresent()) {
            this.legacy = iLegacyDataVault;
        }
        boolean z2 = this.legacy != null;
        this.metaInformation = new MetaInformation(str2, lowLevelStorage);
        boolean checkProperExistence = this.metaInformation.checkProperExistence();
        if ((checkProperExistence || z2) != z) {
            if (!z) {
                throw new DataVaultException("Vault already exists", 1);
            }
            throw new DataVaultException("Vault does not exist", 3);
        }
        this.id = str;
        this.preferredDerivation = encryptionKeyDerivation;
        this.gatekeeper = new Gatekeeper(str, getLifecycleManager(), this.metaInformation, encryptionKeyDerivation, encryptionKeyDerivationArr);
        this.lowLevelStorage = lowLevelStorage;
        if (checkProperExistence) {
            if (z2) {
                Log.w("DataVault", "Both a legacy and a latest variant exists of the same data vault. Destroying the legacy data vault. Identifier: " + str);
                iLegacyDataVault.delete();
                this.legacy = null;
            }
            setupMetaInformation();
        } else if (!z2) {
            setupMetaInformation();
            this.gatekeeper.unlockDirectly(cArr);
            long currentTimeMillis = System.currentTimeMillis();
            DataEntryEncryptionKeys keys = this.gatekeeper.getKeys();
            this.metaInformation.setLastPasswordResetTime(keys, currentTimeMillis);
            this.metaInformation.setLastUnlockTime(keys, currentTimeMillis);
            this.metaInformation.setVersionNumber(keys, 2L);
            this.metaInformation.setPolicy(keys, null);
        }
        if (cArr != null) {
            Arrays.fill(cArr, (char) 0);
        }
    }

    private void checkIfExists() {
        if (!this.metaInformation.checkProperExistence()) {
            throw new DataVaultException("Vault does not exist", 3);
        }
    }

    private void checkIfUnlocked() {
        this.gatekeeper.checkLockTimeout();
        if (this.gatekeeper.getKeys() == null) {
            throw new DataVaultException("Vault is locked", 8);
        }
    }

    private byte[] doGetValue(String str, int i) {
        Lock readLock = this.lock.readLock();
        readLock.lock();
        try {
            checkIfExists();
            checkIfUnlocked();
            DataEntryEncryptionKeys keys = this.gatekeeper.getKeys();
            if (i != 0) {
                return getEncryptionLayer().loadAndDecryptEntry(keys, str, i);
            }
            for (int i2 : LowLevelStorage.DV_ALL_DATA_TYPES) {
                byte[] loadAndDecryptEntry = getEncryptionLayer().loadAndDecryptEntry(keys, str, i2);
                if (loadAndDecryptEntry != null) {
                    return loadAndDecryptEntry;
                }
            }
            return null;
        } finally {
            readLock.unlock();
        }
    }

    private void doModifyPassword(char[] cArr) {
        if (cArr != null && cArr.length == 0) {
            cArr = null;
        }
        DataEntryEncryptionKeys keys = this.gatekeeper.getKeys();
        this.metaInformation.getPolicy(keys).validatePassword(cArr);
        setupMetaInformation();
        this.gatekeeper.unlockDirectly(cArr);
        reEncryptDataVault(keys, this.gatekeeper.getKeys(), this.preferredDerivation);
        this.canBeOpenedWithDefaultPassword = Boolean.valueOf(cArr == null);
        doResetLockTimeout();
    }

    private void doResetLockTimeout() {
        this.metaInformation.setLastUnlockTime(this.gatekeeper.getKeys(), System.currentTimeMillis());
    }

    private void doSetValue(String str, byte[] bArr, int i) {
        Lock writeLock = this.lock.writeLock();
        writeLock.lock();
        try {
            checkIfExists();
            checkIfUnlocked();
            DataEntryEncryptionKeys keys = this.gatekeeper.getKeys();
            for (int i2 : LowLevelStorage.DV_ALL_DATA_TYPES) {
                if (i2 != i) {
                    getEncryptionLayer().saveAndEncryptEntry(keys, str, null, i2);
                }
            }
            getEncryptionLayer().saveAndEncryptEntry(keys, str, bArr, i);
        } finally {
            writeLock.unlock();
        }
    }

    private void doUnlock(char[] cArr, char[] cArr2, boolean z) {
        if (cArr != null && cArr.length == 0) {
            cArr = null;
        }
        Lock writeLock = this.lock.writeLock();
        writeLock.lock();
        try {
            ensureLegacyIsMigrated(cArr, cArr2);
            checkIfExists();
            Gatekeeper.UnlockProcess beginUnlock = this.gatekeeper.beginUnlock(cArr);
            if (beginUnlock == null) {
                throw new DataVaultException("Invalid Credentials", 4);
            }
            if (!beginUnlock.isEncryptedWithPreferredKeys()) {
                reEncryptDataVault(beginUnlock.successfulKeys, beginUnlock.preferredKeys, beginUnlock.successfulDerivation);
            }
            this.metaInformation.ensurePolicyIsStoredUnencrypted(beginUnlock.successfulKeys);
            beginUnlock.complete(z, true);
        } finally {
            writeLock.unlock();
        }
    }

    private void ensureLegacyIsMigrated(char[] cArr, char[] cArr2) {
        if (this.legacy != null) {
            if (!this.legacy.unlock(cArr, cArr2)) {
                if (this.legacy.isLegacyVaultPresent()) {
                    throw new DataVaultException("Invalid Credentials", 4);
                }
                this.legacy = null;
                throw new DataVaultException("Vault deleted", 3);
            }
            setupMetaInformation();
            DataEntryEncryptionKeys dataEntryEncryptionKeys = new DataEntryEncryptionKeys(this.preferredDerivation.derive(cArr, this.metaInformation.getEntryKeySalt()), this.preferredDerivation.derive(cArr, this.metaInformation.getEntryValueSalt()));
            Iterator<DataEntry> retrieveAllDataEntries = this.legacy.retrieveAllDataEntries();
            if (retrieveAllDataEntries != null) {
                while (retrieveAllDataEntries.hasNext()) {
                    DataEntry next = retrieveAllDataEntries.next();
                    getEncryptionLayer().saveAndEncryptEntry(dataEntryEncryptionKeys, next.key, next.value, next.type);
                }
            }
            Long retryCount = this.legacy.getRetryCount();
            if (retryCount != null) {
                this.metaInformation.setRetryCount(retryCount.longValue());
            }
            Long lastUnlockTime = this.legacy.getLastUnlockTime();
            if (lastUnlockTime != null) {
                this.metaInformation.setLastUnlockTime(dataEntryEncryptionKeys, lastUnlockTime.longValue());
            }
            this.metaInformation.setPolicy(dataEntryEncryptionKeys, this.legacy.getPasswordPolicy());
            this.metaInformation.setLastPasswordResetTime(dataEntryEncryptionKeys, System.currentTimeMillis());
            this.metaInformation.setVersionNumber(dataEntryEncryptionKeys, 2L);
            this.legacy.delete();
            this.legacy = null;
        }
    }

    private EncryptionLayer getEncryptionLayer() {
        return this.metaInformation.encryptionLayer;
    }

    private char[] getRetryParameterPassword() {
        return (this.id + "{DDB45DB3-2637-4dd1-9031-00113148FE44}").toCharArray();
    }

    private void reEncryptDataVault(DataEntryEncryptionKeys dataEntryEncryptionKeys, DataEntryEncryptionKeys dataEntryEncryptionKeys2, EncryptionKeyDerivation encryptionKeyDerivation) {
        LowLevelTransactionalStorage lowLevelTransactionalStorage = this.lowLevelStorage instanceof LowLevelTransactionalStorage ? (LowLevelTransactionalStorage) this.lowLevelStorage : null;
        if (lowLevelTransactionalStorage != null) {
            lowLevelTransactionalStorage.begin();
        }
        try {
            EncryptionLayer encryptionLayer = getEncryptionLayer();
            Iterator<DataEntry> entries = encryptionLayer.entries(dataEntryEncryptionKeys, false, true);
            while (entries.hasNext()) {
                DataEntry next = entries.next();
                encryptionLayer.saveAndEncryptEntry(dataEntryEncryptionKeys, next.key, null, next.type);
                encryptionLayer.saveAndEncryptEntry(dataEntryEncryptionKeys2, next.key, next.value, next.type);
            }
            this.metaInformation.reEncryptAll(dataEntryEncryptionKeys, dataEntryEncryptionKeys2, getRetryParameterPassword(), encryptionKeyDerivation, this.preferredDerivation);
            this.metaInformation.setPreferredDerivationFingerprint(this.preferredDerivation);
            this.metaInformation.setLastPasswordResetTime(dataEntryEncryptionKeys, -1L);
            this.metaInformation.setLastPasswordResetTime(dataEntryEncryptionKeys2, System.currentTimeMillis());
            if (lowLevelTransactionalStorage != null) {
                lowLevelTransactionalStorage.commit();
            }
        } catch (Error | RuntimeException e) {
            if (lowLevelTransactionalStorage != null) {
                lowLevelTransactionalStorage.rollback();
            }
            this.gatekeeper.lock();
            throw e;
        }
    }

    private void setupMetaInformation() {
        this.metaInformation.setup(getRetryParameterPassword(), this.preferredDerivation);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void delete() {
        Lock writeLock = this.lock.writeLock();
        writeLock.lock();
        try {
            if (this.legacy != null) {
                this.legacy.delete();
            }
            if (this.metaInformation.checkProperExistence()) {
                this.lowLevelStorage.delete();
            }
        } finally {
            writeLock.unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final boolean exists() {
        Lock readLock = this.lock.readLock();
        readLock.lock();
        try {
            return this.legacy != null ? this.legacy.isLegacyVaultPresent() : this.metaInformation.checkProperExistence();
        } finally {
            readLock.unlock();
        }
    }

    abstract DataVaultLifecycleManager<?> getLifecycleManager();

    public final long getRetryCount() {
        return this.gatekeeper.getRetryCount();
    }

    public int getRetryLimit() {
        Lock readLock = this.lock.readLock();
        readLock.lock();
        try {
            if (this.legacy != null) {
                return this.legacy.getRetryLimit();
            }
            checkIfExists();
            return (int) this.metaInformation.getRetryLimit();
        } finally {
            readLock.unlock();
        }
    }

    public final String getString(String str) {
        if (str == null) {
            throw new DataVaultException("Name argument may not be empty or null", 4);
        }
        byte[] doGetValue = doGetValue(str, 2);
        if (doGetValue != null) {
            return new String(doGetValue, Charset.forName("UTF-8"));
        }
        return null;
    }

    public final byte[] getValue(String str) {
        if (str != null) {
            return doGetValue(str, 3);
        }
        throw new DataVaultException("Name argument may not be empty or null", 4);
    }

    public final boolean isLocked() {
        Lock lock;
        Lock readLock = this.lock.readLock();
        readLock.lock();
        try {
            if (this.legacy != null) {
                readLock.unlock();
                return true;
            }
            checkIfExists();
            if (this.gatekeeper.getKeys() == null) {
                readLock.unlock();
                return true;
            }
            readLock.unlock();
            lock = this.lock.writeLock();
            try {
                lock.lock();
                checkIfExists();
                if (this.gatekeeper.getKeys() == null) {
                    lock.unlock();
                    return true;
                }
                this.gatekeeper.checkLockTimeout();
                boolean z = this.gatekeeper.getKeys() == null;
                lock.unlock();
                return z;
            } catch (Throwable th) {
                th = th;
                lock.unlock();
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
            lock = readLock;
        }
    }

    public final void modifyPassword(char[] cArr) {
        Lock writeLock = this.lock.writeLock();
        writeLock.lock();
        try {
            checkIfExists();
            checkIfUnlocked();
            doModifyPassword(cArr);
        } finally {
            writeLock.unlock();
        }
    }

    public final void setPasswordPolicy(DVPasswordPolicy dVPasswordPolicy) {
        if (dVPasswordPolicy != null) {
            dVPasswordPolicy.validate();
        }
        Lock writeLock = this.lock.writeLock();
        writeLock.lock();
        try {
            checkIfExists();
            DataEntryEncryptionKeys keys = this.gatekeeper.getKeys();
            if (!this.metaInformation.isPolicyStoredUnencrypted() && keys == null) {
                throw new DataVaultException("The password policy has been saved with an earlier version of this library. It must be unlocked first before the policy can be returned or modified.", 8);
            }
            this.metaInformation.setPolicy(keys, dVPasswordPolicy);
        } finally {
            writeLock.unlock();
        }
    }

    public final void setString(String str, String str2) {
        if (str == null) {
            throw new DataVaultException("Name argument may not be empty or null", 4);
        }
        doSetValue(str, str2 != null ? str2.getBytes(Charset.forName("UTF-8")) : null, 2);
    }

    public final void setValue(String str, byte[] bArr) {
        if (str == null) {
            throw new DataVaultException("Name argument may not be empty or null", 4);
        }
        doSetValue(str, bArr, 3);
    }

    public final void unlock(char[] cArr) {
        doUnlock(cArr, null, true);
    }
}
