package me.proton.core.user.data;

import kotlin.coroutines.Continuation;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt__StringsKt;
import me.proton.core.crypto.common.context.CryptoContext;
import me.proton.core.crypto.common.keystore.EncryptedByteArray;
import me.proton.core.crypto.common.keystore.EncryptedByteArrayKt;
import me.proton.core.crypto.common.keystore.KeyStoreCrypto;
import me.proton.core.crypto.common.keystore.PlainByteArray;
import me.proton.core.crypto.common.pgp.PGPCrypto;
import me.proton.core.crypto.common.pgp.VerificationStatus;
import me.proton.core.domain.entity.UserId;
import me.proton.core.key.domain.KeyHolderCryptoKt;
import me.proton.core.key.domain.PrivateKeyCryptoKt;
import me.proton.core.key.domain.entity.key.KeyId;
import me.proton.core.key.domain.entity.key.NestedPrivateKey;
import me.proton.core.key.domain.entity.key.PrivateKey;
import me.proton.core.key.domain.entity.keyholder.KeyHolderContext;
import me.proton.core.user.domain.entity.AddressType;
import me.proton.core.user.domain.entity.Email;
import me.proton.core.user.domain.entity.EmailKt;
import me.proton.core.user.domain.entity.UserAddress;
import me.proton.core.user.domain.entity.UserAddressKey;
import me.proton.core.user.domain.repository.PassphraseRepository;

/* compiled from: UserAddressKeySecretProvider.kt */
/* loaded from: classes2.dex */
public final class UserAddressKeySecretProvider {
    public static final Companion Companion = new Companion(null);
    private final CryptoContext cryptoContext;
    private final KeyStoreCrypto keyStoreCrypto;
    private final PassphraseRepository passphraseRepository;

    /* compiled from: UserAddressKeySecretProvider.kt */
    /* loaded from: classes2.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final boolean tokenHasValidFormat(byte[] bArr) {
            boolean contains$default;
            if (bArr.length != 64) {
                return false;
            }
            for (byte b : bArr) {
                contains$default = StringsKt__StringsKt.contains$default((CharSequence) "0123456789abcdefABCDEF", (char) b, false, 2, (Object) null);
                if (!contains$default) {
                    return false;
                }
            }
            return true;
        }
    }

    /* compiled from: UserAddressKeySecretProvider.kt */
    /* loaded from: classes2.dex */
    public static final class UserAddressKeySecret {
        private final EncryptedByteArray passphrase;
        private final String signature;
        private final String token;

        public UserAddressKeySecret(EncryptedByteArray passphrase, String str, String str2) {
            Intrinsics.checkNotNullParameter(passphrase, "passphrase");
            this.passphrase = passphrase;
            this.token = str;
            this.signature = str2;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof UserAddressKeySecret)) {
                return false;
            }
            UserAddressKeySecret userAddressKeySecret = (UserAddressKeySecret) obj;
            return Intrinsics.areEqual(this.passphrase, userAddressKeySecret.passphrase) && Intrinsics.areEqual(this.token, userAddressKeySecret.token) && Intrinsics.areEqual(this.signature, userAddressKeySecret.signature);
        }

        public final EncryptedByteArray getPassphrase() {
            return this.passphrase;
        }

        public final String getSignature() {
            return this.signature;
        }

        public final String getToken() {
            return this.token;
        }

        public int hashCode() {
            int hashCode = this.passphrase.hashCode() * 31;
            String str = this.token;
            int hashCode2 = (hashCode + (str == null ? 0 : str.hashCode())) * 31;
            String str2 = this.signature;
            return hashCode2 + (str2 != null ? str2.hashCode() : 0);
        }

        public String toString() {
            return "UserAddressKeySecret(passphrase=" + this.passphrase + ", token=" + this.token + ", signature=" + this.signature + ")";
        }
    }

    /* compiled from: UserAddressKeySecretProvider.kt */
    /* loaded from: classes2.dex */
    public /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[AddressType.values().length];
            try {
                iArr[AddressType.External.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            $EnumSwitchMapping$0 = iArr;
        }
    }

    public UserAddressKeySecretProvider(PassphraseRepository passphraseRepository, CryptoContext cryptoContext) {
        Intrinsics.checkNotNullParameter(passphraseRepository, "passphraseRepository");
        Intrinsics.checkNotNullParameter(cryptoContext, "cryptoContext");
        this.passphraseRepository = passphraseRepository;
        this.cryptoContext = cryptoContext;
        this.keyStoreCrypto = cryptoContext.getKeyStoreCrypto();
    }

    private final UserAddressKeySecret generateUserAddressKeySecret(PrivateKey privateKey, boolean z) {
        if (!z) {
            EncryptedByteArray passphrase = privateKey.getPassphrase();
            if (passphrase != null) {
                return new UserAddressKeySecret(passphrase, null, null);
            }
            throw new IllegalStateException("Passphrase cannot be null.".toString());
        }
        PlainByteArray plainByteArray = new PlainByteArray(PGPCrypto.DefaultImpls.generateNewToken$default(this.cryptoContext.getPgpCrypto(), 0L, 1, null));
        try {
            UserAddressKeySecret userAddressKeySecret = new UserAddressKeySecret(EncryptedByteArrayKt.encrypt(plainByteArray, this.keyStoreCrypto), PrivateKeyCryptoKt.encryptData(privateKey, this.cryptoContext, plainByteArray.getArray()), PrivateKeyCryptoKt.signData$default(privateKey, this.cryptoContext, plainByteArray.getArray(), null, 4, null));
            CloseableKt.closeFinally(plainByteArray, null);
            return userAddressKeySecret;
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                CloseableKt.closeFinally(plainByteArray, th);
                throw th2;
            }
        }
    }

    public final UserAddressKey generateUserAddressKey(boolean z, UserAddress userAddress, PrivateKey userPrivateKey, boolean z2) {
        Intrinsics.checkNotNullParameter(userAddress, "userAddress");
        Intrinsics.checkNotNullParameter(userPrivateKey, "userPrivateKey");
        UserAddressKeySecret generateUserAddressKeySecret = generateUserAddressKeySecret(userPrivateKey, z);
        PlainByteArray decrypt = EncryptedByteArrayKt.decrypt(generateUserAddressKeySecret.getPassphrase(), this.keyStoreCrypto);
        try {
            Email emailSplit = EmailKt.getEmailSplit(userAddress);
            PrivateKey privateKey = new PrivateKey(this.cryptoContext.getPgpCrypto().generateNewPrivateKey(emailSplit.getUsername(), emailSplit.getDomain(), decrypt.getArray()), z2, true, false, false, generateUserAddressKeySecret.getPassphrase(), 24, null);
            AddressType type = userAddress.getType();
            UserAddressKey userAddressKey = new UserAddressKey(userAddress.getAddressId(), 3, (type == null ? -1 : WhenMappings.$EnumSwitchMapping$0[type.ordinal()]) == 1 ? 15 : 3, generateUserAddressKeySecret.getToken(), generateUserAddressKeySecret.getSignature(), null, true, new KeyId("temp"), privateKey, 32, null);
            CloseableKt.closeFinally(decrypt, null);
            return userAddressKey;
        } finally {
        }
    }

    public final Object getPassphrase(UserId userId, KeyHolderContext keyHolderContext, UserAddressKey userAddressKey, Continuation continuation) {
        PrivateKey privateKey;
        if (!userAddressKey.getActive()) {
            return null;
        }
        if (userAddressKey.getToken() == null || userAddressKey.getSignature() == null) {
            return this.passphraseRepository.getPassphrase(userId, continuation);
        }
        String key = userAddressKey.getPrivateKey().getKey();
        String token = userAddressKey.getToken();
        if (token == null) {
            throw new IllegalArgumentException("Required value was null.".toString());
        }
        String signature = userAddressKey.getSignature();
        if (signature == null) {
            throw new IllegalArgumentException("Required value was null.".toString());
        }
        NestedPrivateKey decryptNestedKeyOrNull$default = KeyHolderCryptoKt.decryptNestedKeyOrNull$default(keyHolderContext, key, token, signature, null, new UserAddressKeySecretProvider$getPassphrase$2(Companion), null, 40, null);
        if (decryptNestedKeyOrNull$default == null) {
            return null;
        }
        if (!(decryptNestedKeyOrNull$default.getStatus() == VerificationStatus.Success)) {
            decryptNestedKeyOrNull$default = null;
        }
        if (decryptNestedKeyOrNull$default == null || (privateKey = decryptNestedKeyOrNull$default.getPrivateKey()) == null) {
            return null;
        }
        return privateKey.getPassphrase();
    }
}
