package com.facebook.messenger.msys.filemanager.implementations;

import X.AbstractC07250cv;
import X.AnonymousClass001;
import X.AnonymousClass101;
import X.C00U;
import X.C08060eT;
import X.C0Va;
import X.C17690yJ;
import X.C18440zx;
import X.C185410q;
import X.C1LI;
import X.C1LJ;
import X.C1O4;
import X.C1OO;
import X.C22941Lk;
import X.InterfaceC008303x;
import X.InterfaceC195115j;
import com.facebook.crypto.module.LoggedInUserCrypto;
import com.facebook.messenger.msys.filemanager.implementations.DeviceEncryptionKeyProviderImpl;
import com.facebook.msys.mcf.MsysError;
import com.facebook.proxygen.LigerSamplePolicy;
import com.google.common.util.concurrent.SettableFuture;
import java.io.PrintStream;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public class FileEncryptionProviderImpl {
    public static int CURRENT_ENCRYPTION_VERSION = 1;
    public static final SettableFuture fileEncryptionProviderImplInitFuture = new SettableFuture();
    public static boolean sInitialized;
    public static byte[] sKey;
    public static boolean shouldUseStreaming;
    public C185410q _UL_mInjectionContext;
    public final C00U mMobileConfig = new C18440zx(8302);
    public final C00U mDeviceEncryptionKeyProvider = new C18440zx(28107);
    public final C00U mLogger = new C18440zx(8487);

    static {
        C17690yJ.A09("messengerfileencryptionorcajni");
    }

    public FileEncryptionProviderImpl(AnonymousClass101 anonymousClass101) {
        this._UL_mInjectionContext = new C185410q(anonymousClass101);
    }

    public static byte[] createKeyMaterialForCBC(byte[] bArr, int i) {
        byte[] bytes = "LSTincanStorage".getBytes(Charset.defaultCharset());
        byte[] doHmacSHA256 = doHmacSHA256(new byte[]{(byte) i}, bArr);
        if (doHmacSHA256 == null) {
            throw AnonymousClass001.A0H("Invalid key from doHmacSHA256");
        }
        int ceil = (int) Math.ceil(32 / 32.0d);
        byte[] bArr2 = new byte[32];
        byte[] bArr3 = new byte[32];
        int i2 = 0;
        int i3 = 0;
        while (i2 < ceil) {
            try {
                Mac mac = Mac.getInstance("HmacSHA256");
                try {
                    mac.init(new SecretKeySpec(doHmacSHA256, "HmacSHA256"));
                    if (i2 > 0) {
                        mac.update(bArr3);
                    }
                    mac.update(bytes);
                    i2++;
                    mac.update(new byte[]{(byte) i2});
                    bArr3 = mac.doFinal();
                    int i4 = 32 - i3;
                    if (i4 >= 32) {
                        i4 = 32;
                    }
                    System.arraycopy(bArr3, 0, bArr2, i3, i4);
                    i3 += i4;
                } catch (InvalidKeyException e) {
                    throw AnonymousClass001.A0H(e);
                }
            } catch (NoSuchAlgorithmException e2) {
                throw AnonymousClass001.A0H(e2);
            }
        }
        if (i3 == 32) {
            return bArr2;
        }
        throw AnonymousClass001.A0H("wrong number of copied bytes");
    }

    public static synchronized byte[] decryptFile(byte[] bArr) {
        int length;
        byte[] bArr2;
        synchronized (FileEncryptionProviderImpl.class) {
            try {
                Boolean bool = (Boolean) fileEncryptionProviderImplInitFuture.get(LigerSamplePolicy.CERT_DATA_SAMPLE_WEIGHT, TimeUnit.MILLISECONDS);
                AbstractC07250cv.A02("At this moment, if future was not set, that means sInitialized is false which means this should be captured.", bool);
                AbstractC07250cv.A03(bool.booleanValue());
            } catch (InterruptedException | NullPointerException | ExecutionException | TimeoutException unused) {
                C1O4.A00(C0Va.A00, "FileEncryptionProviderImpl", "FileEncryptionProvider failed to init when db decryption.");
                C08060eT.A0E("FileEncryptionProviderImpl", "FileEncryptionProvider failed to init when db decryption.");
            }
            Integer num = C0Va.A0C;
            C1O4.A00(num, "FileEncryptionProviderImpl", "Start decrypt DB file");
            if (sKey == null) {
                C1O4.A00(C0Va.A00, "FileEncryptionProviderImpl", "Failed to decrypt DB file: Null DEK Key");
                C08060eT.A0E("FileEncryptionProviderImpl", "Failed to decrypt DB file: Null DEK Key");
            } else if (bArr == null || (length = bArr.length) == 0 || 33 >= length) {
                C1O4.A00(C0Va.A00, "FileEncryptionProviderImpl", "Failed to decrypt DB file: Invalid input data");
                C08060eT.A0E("FileEncryptionProviderImpl", "Invalid input length");
            } else {
                byte b = bArr[0];
                int i = (length - 32) - 1;
                byte[] bArr3 = new byte[i];
                System.arraycopy(bArr, 1, bArr3, 0, i);
                byte[] bArr4 = new byte[32];
                System.arraycopy(bArr, i + 1, bArr4, 0, 32);
                byte[] createKeyMaterialForCBC = createKeyMaterialForCBC(sKey, b);
                byte[] bArr5 = new byte[16];
                System.arraycopy(createKeyMaterialForCBC, 0, bArr5, 0, 16);
                byte[] bArr6 = new byte[16];
                System.arraycopy(createKeyMaterialForCBC, 16, bArr6, 0, 16);
                if (Arrays.equals(bArr4, doHmacSHA256(bArr6, bArr3))) {
                    byte[] bArr7 = new byte[16];
                    System.arraycopy(bArr3, 0, bArr7, 0, 16);
                    int i2 = i - 16;
                    byte[] bArr8 = new byte[i2];
                    System.arraycopy(bArr3, 16, bArr8, 0, i2);
                    SecretKeySpec secretKeySpec = new SecretKeySpec(bArr5, "AES");
                    IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr7);
                    try {
                        try {
                            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                            cipher.init(2, secretKeySpec, ivParameterSpec);
                            bArr2 = cipher.doFinal(bArr8);
                        } catch (BadPaddingException | IllegalBlockSizeException unused2) {
                            bArr2 = null;
                        }
                        if (bArr2 != null) {
                            C1O4.A00(num, "FileEncryptionProviderImpl", "Decrypt DB file success");
                        } else {
                            C1O4.A00(C0Va.A00, "FileEncryptionProviderImpl", "Failed to decrypt DB file: Invalid output data");
                            C08060eT.A0E("FileEncryptionProviderImpl", "Error decrypt file.");
                        }
                        return bArr2;
                    } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
                        throw AnonymousClass001.A0H(e);
                    }
                }
                C08060eT.A0E("FileEncryptionProviderImpl", "computed MAC and expected MAC do not match");
            }
            return null;
        }
    }

    public static byte[] doHmacSHA256(byte[] bArr, byte[] bArr2) {
        if (bArr2 == null) {
            return null;
        }
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            try {
                mac.init(new SecretKeySpec(bArr, "HmacSHA256"));
                return mac.doFinal(bArr2);
            } catch (InvalidKeyException unused) {
                return null;
            }
        } catch (NoSuchAlgorithmException e) {
            throw AnonymousClass001.A0H(e);
        }
    }

    public static synchronized byte[] encryptFile(byte[] bArr) {
        byte[] bArr2;
        byte[] bArr3;
        synchronized (FileEncryptionProviderImpl.class) {
            try {
                Boolean bool = (Boolean) fileEncryptionProviderImplInitFuture.get(LigerSamplePolicy.CERT_DATA_SAMPLE_WEIGHT, TimeUnit.MILLISECONDS);
                AbstractC07250cv.A02("At this moment, if future was not set, that means sInitialized is false which means this should be captured.", bool);
                AbstractC07250cv.A03(bool.booleanValue());
            } catch (InterruptedException | NullPointerException | ExecutionException | TimeoutException unused) {
                C1O4.A00(C0Va.A00, "FileEncryptionProviderImpl", "FileEncryptionProvider failed to init when db encryption.");
            }
            Integer num = C0Va.A0C;
            C1O4.A00(num, "FileEncryptionProviderImpl", "Start encrypt DB file");
            byte[] bArr4 = sKey;
            bArr2 = null;
            if (bArr4 == null) {
                C1O4.A00(C0Va.A00, "FileEncryptionProviderImpl", "Failed to encrypt DB file: Null DEK Key");
            } else if (bArr == null || bArr.length == 0) {
                C1O4.A00(C0Va.A00, "FileEncryptionProviderImpl", "Failed to encrypt DB file: Invalid input data");
            } else {
                byte[] createKeyMaterialForCBC = createKeyMaterialForCBC(bArr4, CURRENT_ENCRYPTION_VERSION);
                byte[] bArr5 = new byte[16];
                System.arraycopy(createKeyMaterialForCBC, 0, bArr5, 0, 16);
                byte[] bArr6 = new byte[16];
                System.arraycopy(createKeyMaterialForCBC, 16, bArr6, 0, 16);
                byte[] bArr7 = new byte[16];
                new SecureRandom().nextBytes(bArr7);
                SecretKeySpec secretKeySpec = new SecretKeySpec(bArr5, "AES");
                IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr7);
                try {
                    try {
                        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                        cipher.init(1, secretKeySpec, ivParameterSpec);
                        bArr3 = cipher.doFinal(bArr);
                    } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
                        throw AnonymousClass001.A0H(e);
                    }
                } catch (BadPaddingException | IllegalBlockSizeException unused2) {
                    bArr3 = null;
                }
                if (bArr3 == null) {
                    C1O4.A00(C0Va.A00, "FileEncryptionProviderImpl", "Failed to encrypt DB file: Invalid output data");
                    C08060eT.A0E("FileEncryptionProviderImpl", "Error encrypt file.");
                } else {
                    int length = bArr3.length;
                    int i = length + 16;
                    byte[] bArr8 = new byte[i];
                    System.arraycopy(bArr7, 0, bArr8, 0, 16);
                    System.arraycopy(bArr3, 0, bArr8, 16, length);
                    byte[] doHmacSHA256 = doHmacSHA256(bArr6, bArr8);
                    if (doHmacSHA256 == null) {
                        C1O4.A00(C0Va.A00, "FileEncryptionProviderImpl", "Failed to encrypt DB file: Invalid output data");
                        C08060eT.A0E("FileEncryptionProviderImpl", "Error encrypt file.");
                    } else {
                        bArr2 = new byte[i + 32 + 1];
                        bArr2[0] = (byte) CURRENT_ENCRYPTION_VERSION;
                        System.arraycopy(bArr8, 0, bArr2, 1, i);
                        System.arraycopy(doHmacSHA256, 0, bArr2, i + 1, 32);
                        C1O4.A00(num, "FileEncryptionProviderImpl", "Encrypt DB file success");
                    }
                }
            }
        }
        return bArr2;
    }

    public static boolean isMCPEnabledForFileEncryption() {
        return C22941Lk.A01(0);
    }

    public static native boolean nativeDecryptFile(String str, String str2, long j);

    public static native boolean nativeEncryptFile(String str, String str2, long j);

    public static void throwMsysError(Throwable th) {
        AbstractC07250cv.A03(th instanceof MsysError);
        throw th;
    }

    /* JADX WARN: Type inference failed for: r0v20, types: [X.1OL] */
    public synchronized void initialize() {
        int length;
        byte[] copyOf;
        if (!sInitialized) {
            InterfaceC008303x interfaceC008303x = (InterfaceC008303x) this.mLogger.get();
            if (C1O4.A00 == null) {
                C1O4.A00 = interfaceC008303x;
            }
            DeviceEncryptionKeyProviderImpl deviceEncryptionKeyProviderImpl = (DeviceEncryptionKeyProviderImpl) this.mDeviceEncryptionKeyProvider.get();
            synchronized (deviceEncryptionKeyProviderImpl) {
                try {
                    if (DeviceEncryptionKeyProviderImpl.A03 == null) {
                        DeviceEncryptionKeyProviderImpl.A02 = new C1OO() { // from class: X.1OL
                            @Override // X.C1OO
                            public void CUt(byte[] bArr) {
                                if (bArr == null) {
                                    C08060eT.A0E("com.facebook.messenger.msys.filemanager.implementations.DeviceEncryptionKeyProviderImpl", "mLoggedInUserDeviceEncryptionKey set with null keys");
                                }
                                DeviceEncryptionKeyProviderImpl.A00(bArr);
                            }

                            @Override // X.C1OO
                            public void Cie() {
                                DeviceEncryptionKeyProviderImpl.A00(null);
                            }
                        };
                        try {
                            ((LoggedInUserCrypto) deviceEncryptionKeyProviderImpl.A01.get()).A02(DeviceEncryptionKeyProviderImpl.A02);
                        } catch (C1LI | C1LJ e) {
                            C08060eT.A0H("com.facebook.messenger.msys.filemanager.implementations.DeviceEncryptionKeyProviderImpl", "Failed to config account key setter", e);
                        }
                    }
                } catch (Throwable th) {
                    throw th;
                }
            }
            synchronized (((DeviceEncryptionKeyProviderImpl) this.mDeviceEncryptionKeyProvider.get())) {
                try {
                    byte[] bArr = DeviceEncryptionKeyProviderImpl.A03;
                    if (bArr == null || (length = bArr.length) == 0) {
                        StringBuilder A0h = AnonymousClass001.A0h();
                        A0h.append("com.facebook.messenger.msys.filemanager.implementations.DeviceEncryptionKeyProviderImpl");
                        PrintStream printStream = System.out;
                        Object[] objArr = new Object[1];
                        AnonymousClass001.A1J(objArr, 0, bArr == null);
                        throw AnonymousClass001.A0P(AnonymousClass001.A0X(printStream.printf(" Error fetching DeviceEncryptionKey. mLoggedInUserDeviceEncryptionKey == null: %b", objArr), A0h));
                    }
                    copyOf = Arrays.copyOf(bArr, length);
                } catch (Throwable th2) {
                    throw th2;
                }
            }
            sKey = copyOf;
            fileEncryptionProviderImplInitFuture.set(true);
            sInitialized = true;
            boolean AUT = ((InterfaceC195115j) this.mMobileConfig.get()).AUT(36320150420470102L);
            shouldUseStreaming = AUT;
            CURRENT_ENCRYPTION_VERSION = AUT ? 1 : 0;
        }
    }

    public synchronized void reset() {
        byte[] bArr = sKey;
        if (bArr != null) {
            Arrays.fill(bArr, (byte) 0);
        }
        sKey = null;
        sInitialized = false;
        fileEncryptionProviderImplInitFuture.set(false);
    }
}
