package org.pwsafe.lib.file;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.Iterator;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.SealedObject;
import org.pwsafe.lib.Util;
import org.pwsafe.lib.crypto.HmacPws;
import org.pwsafe.lib.crypto.SHA256Pws;
import org.pwsafe.lib.crypto.TwofishPws;
import org.pwsafe.lib.exception.EndOfFileException;
import org.pwsafe.lib.exception.MemoryKeyException;
import org.pwsafe.lib.exception.RecordLoadException;
import org.pwsafe.lib.exception.UnsupportedFileVersionException;

/* loaded from: classes.dex */
public final class PwsFileV3 extends PwsFile {
    public static final int VERSION = 3;
    public byte[] decryptedHmacKey;
    public byte[] decryptedRecordKey;
    HmacPws hasher;
    private PwsRecordV3 headerRecord;
    private SealedObject sealedHeaderV3;
    private byte[] stretchedPassword;
    private TwofishPws twofishCbc;
    public static final byte[] ID_STRING = "PWS3".getBytes();
    private static final byte[] EOF_BYTES_RAW = "PWS3-EOFPWS3-EOF".getBytes();

    public PwsFileV3() {
        setHeaderV3(new PwsFileHeaderV3());
        this.headerRecord = new PwsRecordV3(true);
    }

    public PwsFileV3(PwsStorage pwsStorage, Owner<PwsPassword>.Param param) throws EndOfFileException, IOException, UnsupportedFileVersionException {
        super(pwsStorage, param, null);
    }

    private byte[] checkPassword(Owner<PwsPassword>.Param param, String str, PwsFileHeaderV3 pwsFileHeaderV3, int i) {
        try {
            Owner<PwsPassword> use = param.use();
            try {
                byte[] stretchPassphrase = Util.stretchPassphrase(use.get().getBytes(str), pwsFileHeaderV3.getSalt(), i);
                if (Util.bytesAreEqual(pwsFileHeaderV3.getPassword(), SHA256Pws.digest(stretchPassphrase))) {
                    return stretchPassphrase;
                }
                use.close();
                return null;
            } finally {
                use.close();
            }
        } catch (UnsupportedEncodingException unused) {
            return null;
        }
    }

    private PwsFileHeaderV3 getHeaderV3() {
        try {
            return (PwsFileHeaderV3) this.sealedHeaderV3.getObject(getReadCipher());
        } catch (IOException | ClassNotFoundException | BadPaddingException | IllegalBlockSizeException e) {
            throw new MemoryKeyException(e);
        }
    }

    private void setHeaderV3(PwsFileHeaderV3 pwsFileHeaderV3) {
        try {
            this.sealedHeaderV3 = new SealedObject(pwsFileHeaderV3, getWriteCipher());
        } catch (IOException | IllegalBlockSizeException e) {
            throw new MemoryKeyException(e);
        }
    }

    @Override // org.pwsafe.lib.file.PwsFile
    public void dispose() {
        super.dispose();
        byte[] bArr = this.stretchedPassword;
        if (bArr != null) {
            Arrays.fill(bArr, (byte) 0);
        }
        byte[] bArr2 = this.decryptedHmacKey;
        if (bArr2 != null) {
            Arrays.fill(bArr2, (byte) 0);
        }
        byte[] bArr3 = this.decryptedRecordKey;
        if (bArr3 != null) {
            Arrays.fill(bArr3, (byte) 0);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.pwsafe.lib.file.PwsFile
    public int getBlockSize() {
        return 16;
    }

    @Override // org.pwsafe.lib.file.PwsFile
    public int getFileVersionMajor() {
        return 3;
    }

    public PwsRecord getHeaderRecord() {
        return this.headerRecord;
    }

    @Override // org.pwsafe.lib.file.PwsFile
    public PwsRecord newRecord() {
        return new PwsRecordV3();
    }

    @Override // org.pwsafe.lib.file.PwsFile
    protected void open(Owner<PwsPassword>.Param param, String str) throws EndOfFileException, IOException, UnsupportedFileVersionException {
        setPassphrase(param);
        if (this.storage != null) {
            this.inStream = new ByteArrayInputStream(this.storage.load());
            this.lastStorageChange = this.storage.getModifiedDate();
        }
        PwsFileHeaderV3 pwsFileHeaderV3 = new PwsFileHeaderV3(this);
        setHeaderV3(pwsFileHeaderV3);
        int iter = pwsFileHeaderV3.getIter();
        this.stretchedPassword = null;
        if (str != null) {
            this.stretchedPassword = checkPassword(param, str, pwsFileHeaderV3, iter);
        }
        if (this.stretchedPassword == null) {
            Iterator<String> it = PwsFile.getPasswordEncodings().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String next = it.next();
                byte[] checkPassword = checkPassword(param, next, pwsFileHeaderV3, iter);
                this.stretchedPassword = checkPassword;
                if (checkPassword != null) {
                    str = next;
                    break;
                }
            }
        }
        if (this.stretchedPassword == null) {
            Owner<PwsPassword> use = param.use();
            try {
                this.stretchedPassword = Util.stretchPassphrase(use.get().getBytes(null), pwsFileHeaderV3.getSalt(), iter);
                if (!Util.bytesAreEqual(pwsFileHeaderV3.getPassword(), SHA256Pws.digest(this.stretchedPassword))) {
                    throw new IOException("Invalid password");
                }
                str = Charset.defaultCharset().name();
            } finally {
                use.close();
            }
        }
        setOpenPasswordEncoding(str);
        try {
            this.decryptedRecordKey = Util.mergeBytes(TwofishPws.processECB(this.stretchedPassword, false, pwsFileHeaderV3.getB1()), TwofishPws.processECB(this.stretchedPassword, false, pwsFileHeaderV3.getB2()));
            byte[] mergeBytes = Util.mergeBytes(TwofishPws.processECB(this.stretchedPassword, false, pwsFileHeaderV3.getB3()), TwofishPws.processECB(this.stretchedPassword, false, pwsFileHeaderV3.getB4()));
            this.decryptedHmacKey = mergeBytes;
            this.hasher = new HmacPws(mergeBytes);
            this.twofishCbc = new TwofishPws(this.decryptedRecordKey, false, pwsFileHeaderV3.getIV());
            try {
                readExtraHeader();
            } catch (RecordLoadException e) {
                throw new IOException("Error reading header record", e);
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new IOException("Error reading encrypted fields", e2);
        }
    }

    @Override // org.pwsafe.lib.file.PwsFile
    public void readDecryptedBytes(byte[] bArr) throws EndOfFileException, IOException {
        if (bArr.length == 0 || bArr.length % getBlockSize() != 0) {
            throw new IllegalArgumentException("buff length");
        }
        readBytes(bArr);
        if (Util.bytesAreEqual(bArr, EOF_BYTES_RAW)) {
            throw new EndOfFileException();
        }
        try {
            Util.copyBytes(this.twofishCbc.processCBC(bArr), bArr);
        } catch (Exception e) {
            e.printStackTrace();
            throw new IOException("Error decrypting field");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.pwsafe.lib.file.PwsFile
    public void readExtraHeader() throws EndOfFileException, IOException, RecordLoadException {
        this.headerRecord = new PwsRecordV3(this, true);
    }

    @Override // org.pwsafe.lib.file.PwsFile
    public void saveAs(PwsStorage pwsStorage) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        this.outStream = byteArrayOutputStream;
        try {
            try {
                PwsFileHeaderV3 headerV3 = getHeaderV3();
                headerV3.save(this);
                this.twofishCbc = new TwofishPws(this.decryptedRecordKey, true, headerV3.getIV());
                writeExtraHeader(this);
                Iterator<PwsRecord> records = getRecords();
                while (records.hasNext()) {
                    PwsRecordV3 pwsRecordV3 = (PwsRecordV3) records.next();
                    if (!pwsRecordV3.isHeaderRecord()) {
                        pwsRecordV3.saveRecord(this);
                    }
                }
                this.outStream.write(PwsRecordV3.EOF_BYTES_RAW);
                this.outStream.write(this.hasher.doFinal());
                this.outStream.close();
                if (pwsStorage.save(byteArrayOutputStream.toByteArray(), true)) {
                } else {
                    throw new IOException("Unable to save file");
                }
            } catch (IOException e) {
                try {
                    if (this.outStream != null) {
                        this.outStream.close();
                    }
                } catch (Exception unused) {
                }
                throw e;
            }
        } finally {
            this.outStream = null;
        }
    }

    @Override // org.pwsafe.lib.file.PwsFile
    public void writeEncryptedBytes(byte[] bArr) throws IOException {
        if (bArr.length == 0 || bArr.length % getBlockSize() != 0) {
            throw new IllegalArgumentException("buff length");
        }
        try {
            writeBytes(this.twofishCbc.processCBC(bArr));
        } catch (Exception unused) {
            throw new IOException("Error writing encrypted field");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.pwsafe.lib.file.PwsFile
    public void writeExtraHeader(PwsFile pwsFile) throws IOException {
        this.headerRecord.saveRecord(this);
    }
}
