package com.sophos.jbase;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.Intent;
import android.os.AsyncTask;
import android.util.Base64;
import com.sophos.jbase.FdeRecoveryKey;
import com.sophos.jbase.JBKey;
import com.sophos.smsdkex.communication.rest.KeyRingAuthCommandHandler;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.spongycastle.bcpg.sig.RevocationReasonTags;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

/* loaded from: classes2.dex */
public class b extends AsyncTask<Void, Long, Integer> {

    /* renamed from: a, reason: collision with root package name */
    private InputStream f9565a;

    /* renamed from: b, reason: collision with root package name */
    private a f9566b;

    /* renamed from: c, reason: collision with root package name */
    private PrivateKey f9567c;

    /* renamed from: d, reason: collision with root package name */
    @SuppressLint({"StaticFieldLeak"})
    private Context f9568d;

    /* renamed from: e, reason: collision with root package name */
    private NodeList f9569e = null;

    /* loaded from: classes2.dex */
    public interface a {
        void a(EncryptionKey encryptionKey);
    }

    public b(Context context, InputStream inputStream, a aVar, PrivateKey privateKey) {
        this.f9568d = context.getApplicationContext();
        this.f9565a = inputStream;
        this.f9566b = aVar;
        this.f9567c = privateKey;
    }

    private int a(String str) {
        if ("ou".equals(str)) {
            return 16384;
        }
        if ("user".equals(str)) {
            return 4096;
        }
        if ("group".equals(str)) {
            return 8192;
        }
        com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "unknown key type!");
        return EncryptionKey.CBI_LOCAL_KEY;
    }

    private int a(Element element) {
        try {
            return Integer.valueOf(b(element, "KAttr"), 16).intValue();
        } catch (Exception e2) {
            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "failed to read key attribute!", e2);
            return 0;
        }
    }

    private EncryptionKey a(byte[] bArr, EncryptionKey encryptionKey, String str, String str2, int i) {
        byte[] bArr2 = {-51, 34, -1, 119};
        for (byte b2 = 0; b2 < 4; b2 = (byte) (b2 + 1)) {
            if (bArr2[b2] != bArr[b2]) {
                com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid key header");
                return null;
            }
        }
        if (bArr[4] != 1 || bArr[5] != 0 || bArr[6] != 0 || bArr[7] != 0) {
            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        if (bArr[8] != 1 || bArr[9] != 0 || bArr[10] != 2 || bArr[11] != 0) {
            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        if (bArr[12] != 0 || bArr[13] != 1 || bArr[14] != 0 || bArr[15] != 0) {
            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        if (bArr[16] != Byte.MIN_VALUE || bArr[17] != 0 || bArr[18] != 0 || bArr[19] != 0) {
            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        int i2 = 24;
        if (!(bArr[20] == 0 && bArr[21] == 0 && bArr[22] == 0 && bArr[23] == 0) && (i2 = 24 + (((((bArr[23] * RevocationReasonTags.NO_REASON) + bArr[22]) * 256) + bArr[21]) * 256) + bArr[20]) >= bArr.length) {
            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        byte[] copyOfRange = Arrays.copyOfRange(bArr, i2, bArr.length);
        if (encryptionKey != null) {
            if (copyOfRange.length < 40) {
                com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid key header");
                return null;
            }
            try {
                copyOfRange = c.a(encryptionKey.getJBKey(), copyOfRange);
            } catch (JBException e2) {
                com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid key header", e2);
                copyOfRange = null;
            }
        } else if (copyOfRange.length < 32) {
            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid key header");
            return null;
        }
        if (copyOfRange == null) {
            return null;
        }
        return new EncryptionKey(str, str2, new JBKey(copyOfRange, JBKey.JBCryptAlgorithm.JBAES, JBKey.JBKeySize.JBKeySize256), i);
    }

    private EncryptionKey a(byte[] bArr, String str, String str2, int i) {
        return a(bArr, null, str, str2, i);
    }

    public static Document a(InputStream inputStream) {
        try {
            return DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(inputStream));
        } catch (IOException | ParserConfigurationException | SAXException e2) {
            com.sophos.smsec.core.smsectrace.d.b("Error: ", e2.getMessage());
            return null;
        }
    }

    private Element a(String str, String str2) {
        for (int i = 0; i < this.f9569e.getLength(); i++) {
            Element element = (Element) this.f9569e.item(i);
            if (element.hasAttribute("type") && element.getAttribute("type").equals("followUpBlock") && element.hasAttribute("kdest") && element.getAttribute("kdest").equals(str2) && str.endsWith(b(element, "NameGID"))) {
                return element;
            }
        }
        return null;
    }

    private Element a(Node node, String str) {
        NodeList childNodes = node.getChildNodes();
        if (childNodes.getLength() <= 0) {
            return null;
        }
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (str.equals(item.getNodeName())) {
                return (Element) item;
            }
        }
        return null;
    }

    private void a(Element element, EncryptionKey encryptionKey) {
        String str;
        if (element == null) {
            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid Element parameter.");
            return;
        }
        Element a2 = a(element, "FDEKeys");
        if (a2 != null) {
            NodeList childNodes = a2.getChildNodes();
            if (childNodes.getLength() > 0) {
                for (int i = 0; i < childNodes.getLength(); i++) {
                    Element element2 = (Element) childNodes.item(i);
                    String b2 = b(element2, "MachineName");
                    String b3 = b(element2, "Drive");
                    FdeRecoveryKey.DriveType driveType = FdeRecoveryKey.DriveType.DATA;
                    if (b(element2, "DriveType").equalsIgnoreCase(FdeRecoveryKey.DriveType.BOOT.getTypeString())) {
                        driveType = FdeRecoveryKey.DriveType.BOOT;
                    }
                    FdeRecoveryKey.DriveType driveType2 = driveType;
                    FdeRecoveryKey.ProtectionType protectionType = FdeRecoveryKey.ProtectionType.FILEVAULT;
                    if (b(element2, "ProtectionType").equalsIgnoreCase(FdeRecoveryKey.ProtectionType.BITLOCKER.getTypeString())) {
                        protectionType = FdeRecoveryKey.ProtectionType.BITLOCKER;
                    }
                    FdeRecoveryKey.ProtectionType protectionType2 = protectionType;
                    byte[] decode = Base64.decode(b(element2, "Value"), 3);
                    if (encryptionKey != null) {
                        try {
                            str = new String(c.a(decode, 0, decode.length, encryptionKey.getJBKey(), null), StandardCharsets.UTF_8);
                        } catch (JBException e2) {
                            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "error decrypting key.", e2);
                            str = null;
                        }
                        i.a(new FdeRecoveryKey(b2, b3, driveType2, protectionType2, str, b(element2, "DateKeyStored"), b(element2, "KeyGuid"), b(element2, "RecoveryId")));
                    }
                }
            }
        }
    }

    private void a(Element element, EncryptionKey encryptionKey, int i, boolean z) {
        if (element == null) {
            com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "invalid Element parameter.");
            return;
        }
        Element a2 = a(element, "Keks");
        if (a2 != null) {
            NodeList childNodes = a2.getChildNodes();
            if (childNodes.getLength() > 0) {
                for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                    Element element2 = (Element) childNodes.item(i2);
                    EncryptionKey a3 = a(Base64.decode(b(element2, "BValue"), 3), encryptionKey, b(element2, "SName"), b(element2, "Guid"), a(element2) | i | 1048576);
                    if (a3 == null) {
                        com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "error decrypting key.");
                    } else {
                        this.f9566b.a(a3);
                    }
                }
            }
        }
        if (z) {
            String b2 = b(element, "ParentNameGID");
            if (b2.equals(b(element, "NameGID"))) {
                com.sophos.smsec.core.smsectrace.d.c("AsyncParseKeyFile", "reached root at " + b2);
                return;
            }
            String b3 = b(element, "ParentSEK");
            String b4 = b(element, "ParentType");
            EncryptionKey a4 = a(Base64.decode(b3, 3), encryptionKey, b(element, "ParentName"), b(element, "ParentNameGID"), a(b4) | 1048576);
            if (a4 == null) {
                com.sophos.smsec.core.smsectrace.d.b("AsyncParseKeyFile", "error decrypting key.");
            } else {
                a(a(b2, b4), a4, a(b4), true);
            }
        }
    }

    private String b(Node node, String str) {
        Element a2 = a(node, str);
        return a2 == null ? "" : a2.getTextContent();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    /* renamed from: a, reason: merged with bridge method [inline-methods] */
    public Integer doInBackground(Void... voidArr) {
        EncryptionKey encryptionKey;
        int i;
        Document a2 = a(this.f9565a);
        int i2 = 0;
        if (a2 != null) {
            this.f9569e = a2.getElementsByTagName("Block");
            if (this.f9569e.getLength() >= 0) {
                i.a(true);
                i.a();
            }
            int i3 = 0;
            while (true) {
                if (i3 >= this.f9569e.getLength()) {
                    break;
                }
                Element element = (Element) this.f9569e.item(i3);
                if (element.hasAttribute("type") && element.getAttribute("type").equals("startBlock")) {
                    Element a3 = a(element, "SEK");
                    if (a3 != null) {
                        String b2 = b(a3, "BValue");
                        int i4 = 3;
                        try {
                            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
                            cipher.init(2, this.f9567c);
                            encryptionKey = a(cipher.doFinal(Base64.decode(b2, 3)), b(element, "Name"), b(element, "NameGID"), 5246976);
                        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e2) {
                            com.sophos.smsec.core.smsectrace.d.d("AsyncParseKeyFile", "", e2);
                            encryptionKey = null;
                        }
                        if (encryptionKey == null) {
                            return 12;
                        }
                        a(element, encryptionKey, 131072, true);
                        a(element, encryptionKey);
                        Element a4 = a(element, "Groups");
                        if (a4 != null) {
                            NodeList childNodes = a4.getChildNodes();
                            int i5 = 0;
                            while (i5 < childNodes.getLength()) {
                                Element element2 = (Element) childNodes.item(i5);
                                if ("G".equals(element2.getNodeName())) {
                                    i = i5;
                                    EncryptionKey a5 = a(Base64.decode(b(element2, "SEK"), i4), encryptionKey, b(element2, "Name"), b(element2, "NameGID"), 1056768);
                                    if (a5 == null) {
                                        return 12;
                                    }
                                    a(a(b(element2, "NameGID"), "group"), a5, 8192, false);
                                } else {
                                    i = i5;
                                }
                                i5 = i + 1;
                                i4 = 3;
                            }
                        }
                    }
                    a aVar = this.f9566b;
                    if (aVar != null) {
                        aVar.a(null);
                    }
                } else {
                    i3++;
                }
            }
        } else {
            i2 = -1;
        }
        return Integer.valueOf(i2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    /* renamed from: a, reason: merged with bridge method [inline-methods] */
    public void onPostExecute(Integer num) {
        Intent putExtra = new Intent("com.sophos.smenc.keysync.done").putExtra(KeyRingAuthCommandHandler.EXTRA_AUTH_LAST_STATUS, num);
        if (this.f9568d.getPackageManager().queryBroadcastReceivers(putExtra, 0).isEmpty()) {
            com.sophos.smsec.core.smsectrace.d.j("seems that no one listens to key sync finished.");
        }
        this.f9568d.sendBroadcast(putExtra, "com.sophos.smenc.permission.KEYSYNC");
    }
}
