package com.markspace.backupserveraccess;

import android.util.Base64;
import com.markspace.backupserveraccess.mscloudkit.MSURLConnection;
import com.markspace.backupserveraccess.request.ck.CkAppInitRequest;
import com.markspace.backupserveraccess.request.ck.CkFetchAccountSettingsRequest;
import com.markspace.backupserveraccess.request.ck.CkFetchAuthData;
import com.markspace.backupserveraccess.request.ck.CkFetchAuthRequest;
import com.markspace.backupserveraccess.request.ck.CkFetchEscrowRecordsRequest;
import com.markspace.backupserveraccess.request.ck.CkFetchUrlData;
import com.markspace.backupserveraccess.request.ck.CkFetchUrlRequest;
import com.markspace.backupserveraccess.request.ck.CkRecoverRequest;
import com.markspace.backupserveraccess.request.ck.CkSrpInitRequest;
import com.markspace.mscloudkitlib.MSCloudKitManager;
import com.markspace.mscloudkitlib.MSError;
import com.markspace.mscloudkitlib.mscrypto.MSCryptoClient;
import com.markspace.mscloudkitlib.mscrypto.MSDER;
import com.markspace.mscloudkitlib.mspcs.MSBackupEscrow;
import com.markspace.mscloudkitlib.mspcs.MSKeyManager;
import com.markspace.mscloudkitlib.mspcs.MSKeyset;
import com.markspace.mscloudkitlib.utilities.MSDataUtilities;
import com.markspace.mscloudkitlib.utilities.plist.NSArray;
import com.markspace.mscloudkitlib.utilities.plist.NSData;
import com.markspace.mscloudkitlib.utilities.plist.NSDictionary;
import com.markspace.mscloudkitlib.utilities.plist.NSNumber;
import com.markspace.mscloudkitlib.utilities.plist.NSString;
import com.markspace.utility.MSLogger;
import com.sec.android.easyMover.migration.JSONConstants;
import com.sec.android.easyMoverBase.CRLog;
import com.sec.android.easyMoverCommon.CommonContexts;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Locale;

/* loaded from: classes.dex */
public class CloudKitSessionManager {
    private static final String TAG = "MSDG[SmartSwitch]" + CloudKitDeviceManager.class.getSimpleName();
    private String appleID;
    private BackupDavFactoryData backupDavFactoryData;
    private boolean canceled;
    private CkAppInitRequest ckAppInitRequest;
    private CkFetchAccountSettingsRequest ckFetchAccountSettingsRequest;
    private CkFetchAuthData ckFetchAuthData;
    private CkFetchAuthRequest ckFetchAuthRequest;
    private CkFetchEscrowRecordsRequest ckFetchEscrowRecordsRequest;
    private CkFetchUrlData ckFetchUrlData;
    private CkFetchUrlRequest ckFetchUrlRequest;
    private CkRecoverRequest ckRecoverRequest;
    private CkSrpInitRequest ckSrpInitRequest;
    private CloudKitHandlerData cloudKitHandlerData;
    private MSKeyset escrowKeyset;
    String mAuthStr;
    String mEscrowProxyURL;
    private MSCloudKitManager mSessionManager;
    private String password;
    private boolean sessionOpened = true;
    private boolean mIs2FAEnabled = false;
    private MSLogger logger = new MSLogger(CommonContexts.getContextWrapper());

    public CloudKitSessionManager(BackupDavFactoryData backupDavFactoryData, CloudKitHandlerData cloudKitHandlerData) {
        this.canceled = false;
        this.backupDavFactoryData = backupDavFactoryData;
        this.cloudKitHandlerData = cloudKitHandlerData;
        this.logger.setAppendToLog(true);
        this.logger.setLogLevel(MSLogger.LOG_LEVEL_DEBUG);
        this.canceled = false;
    }

    private boolean authenticateSession() throws Exception {
        try {
            getConfigurations();
            this.mAuthStr = Base64.encodeToString((this.appleID + ":" + this.password).getBytes(), 2);
            String str = "Basic " + this.mAuthStr;
            MSURLConnection mSURLConnection = new MSURLConnection(new URL(this.cloudKitHandlerData.ckFetchUrlData.authenticateURL));
            mSURLConnection.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            mSURLConnection.addRequestHeader("Authorization", str);
            byte[] responseData = mSURLConnection.getResponseData();
            if (responseData == null) {
                throw new com.markspace.mscloudkitlib.MSException("Error authenticating");
            }
            MSCloudKitManager mSCloudKitManager = this.mSessionManager;
            NSDictionary parsePList = MSCloudKitManager.parsePList(responseData);
            if (parsePList == null) {
                throw new com.markspace.mscloudkitlib.MSException("Error parsing authorization plist");
            }
            NSDictionary nSDictionary = (NSDictionary) parsePList.objectForKey("appleAccountInfo");
            if (nSDictionary != null) {
                this.cloudKitHandlerData.dsPrsID = ((NSNumber) nSDictionary.objectForKey("dsPrsID")).longValue();
            }
            NSDictionary nSDictionary2 = (NSDictionary) parsePList.objectForKey("tokens");
            if (nSDictionary2 != null) {
                this.cloudKitHandlerData.mmeAuthToken = nSDictionary2.objectForKey("mmeAuthToken").toString();
            }
            MSError accountSettings = getAccountSettings();
            if (accountSettings != null) {
                throw new com.markspace.mscloudkitlib.MSException(accountSettings.getErrorMessage());
            }
            saveAuthToken(this.appleID, this.password, this.cloudKitHandlerData.mmeAuthToken, this.cloudKitHandlerData.dsPrsID);
            return true;
        } catch (com.markspace.mscloudkitlib.MSException e) {
            e = e;
            this.logger.log(e.getMessage());
            return false;
        } catch (MalformedURLException e2) {
            e = e2;
            this.logger.log(e.getMessage());
            return false;
        }
    }

    private MSError getAccountSettings() {
        try {
            this.mAuthStr = Base64.encodeToString((Long.toString(this.cloudKitHandlerData.dsPrsID) + ":" + this.cloudKitHandlerData.mmeAuthToken).getBytes(), 2);
            String str = "Basic " + this.mAuthStr;
            com.markspace.mscloudkitlib.MSURLConnection mSURLConnection = new com.markspace.mscloudkitlib.MSURLConnection(new URL(this.cloudKitHandlerData.ckFetchUrlData.accountSettingsURL));
            mSURLConnection.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            mSURLConnection.addRequestHeader("Authorization", str);
            byte[] responseData = mSURLConnection.getResponseData();
            if (responseData == null) {
                return new MSError(MSError.AUTHENTICATION_FAILED, "Authentication Error", "Error in authentication server response");
            }
            NSDictionary parsePList = MSCloudKitManager.parsePList(responseData);
            if (parsePList == null) {
                return new MSError(MSError.AUTHENTICATION_FAILED, "Authentication Error", "Error parsing authorization plist");
            }
            NSString nSString = (NSString) parsePList.objectForKey("localizedError");
            if (nSString != null) {
                return nSString.toString().equalsIgnoreCase("MOBILEME_TERMS_OF_SERVICE_UPDATE") ? new MSError(MSError.MOBILEME_TERMS_OF_SERVICE_UPDATE, "Account Settings Error", nSString.toString()) : new MSError(MSError.ACCOUNT_SETTINGS_ERROR, "Account Settings Error", nSString.toString());
            }
            NSDictionary nSDictionary = (NSDictionary) parsePList.objectForKey("tokens");
            if (nSDictionary != null) {
                this.cloudKitHandlerData.cloudKitToken = nSDictionary.objectForKey("cloudKitToken").toString();
            }
            this.mEscrowProxyURL = ((NSDictionary) ((NSDictionary) parsePList.objectForKey("com.apple.mobileme")).objectForKey("com.apple.Dataclass.KeychainSync")).objectForKey("escrowProxyUrl").toString();
            return null;
        } catch (MalformedURLException e) {
            this.logger.log(e.getMessage());
            return new MSError();
        }
    }

    private void getConfigurations() throws Exception {
        this.ckFetchUrlRequest = new CkFetchUrlRequest();
        this.cloudKitHandlerData.ckFetchUrlData = this.ckFetchUrlRequest.request();
    }

    private MSKeyset handleSRP6Exchange() {
        try {
            MSDataUtilities.hexStringToByteArray(MSCryptoClient.SRP_DEFAULT_PRIME_HEX_RAW);
            com.markspace.mscloudkitlib.MSURLConnection mSURLConnection = new com.markspace.mscloudkitlib.MSURLConnection(new URL(this.mEscrowProxyURL + "/escrowproxy/api/get_records"));
            mSURLConnection.addRequestHeader("Authorization", "X-MobileMe-AuthToken " + this.mAuthStr);
            mSURLConnection.setRequestContent("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n<key>command</key>\n<string>GETRECORDS</string>\n<key>label</key>\n<string>com.apple.protectedcloudstorage.record</string>\n<key>version</key>\n<integer>1</integer>\n</dict>\n</plist>\n".getBytes(Charset.forName("UTF-8")));
            byte[] responseData = mSURLConnection.getResponseData();
            if (responseData == null) {
                throw new com.markspace.mscloudkitlib.MSException("Error getting escrow proxy records");
            }
            NSArray nSArray = (NSArray) MSCloudKitManager.parsePList(responseData).objectForKey("metadataList");
            NSDictionary nSDictionary = null;
            boolean z = false;
            int i = 0;
            while (true) {
                if (i >= nSArray.count()) {
                    break;
                }
                NSDictionary nSDictionary2 = (NSDictionary) nSArray.objectAtIndex(i);
                String nSString = ((NSString) nSDictionary2.objectForKey("label")).toString();
                if (!nSString.equalsIgnoreCase("com.apple.protectedcloudstorage.record")) {
                    this.logger.logDebugFormat("Found multiple Escrow Record metadata objects. Skipping metadata for %s.", nSString);
                    i++;
                } else {
                    if (Long.parseLong(((NSString) nSDictionary2.objectForKey("remainingAttempts")).toString()) <= 5) {
                        throw new com.markspace.mscloudkitlib.MSException("WARNING: Only 5 SRP attempts remaining. Aborting.");
                    }
                    nSDictionary = MSCloudKitManager.parsePList(Base64.decode(((NSString) nSDictionary2.objectForKey("metadata")).toString(), 0));
                    z = true;
                }
            }
            if (!z) {
                throw new com.markspace.mscloudkitlib.MSException("ERROR: No metadata for protected cloud storage.");
            }
            com.markspace.mscloudkitlib.MSURLConnection mSURLConnection2 = new com.markspace.mscloudkitlib.MSURLConnection(new URL(this.mEscrowProxyURL + "/escrowproxy/api/srp_init"));
            mSURLConnection2.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            mSURLConnection2.addRequestHeader("Authorization", String.format(Locale.getDefault(), "X-MobileMe-AuthToken %s", this.mAuthStr));
            mSURLConnection2.addRequestHeader("Content-Type", "application/x-www-form-urlencoded");
            byte[] calculateSRPEphemeralA = MSCryptoClient.calculateSRPEphemeralA();
            mSURLConnection2.setRequestContent(String.format(Locale.getDefault(), "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n     <key>blob</key>\n     <string>%s</string>\n     <key>command</key>\n     <string>SRP_INIT</string>\n     <key>label</key>\n     <string>com.apple.protectedcloudstorage.record</string>\n     <key>version</key>\n     <integer>1</integer>\n</dict>\n</plist>", Base64.encodeToString(calculateSRPEphemeralA, 2)).getBytes(Charset.forName("UTF-8")));
            byte[] responseData2 = mSURLConnection2.getResponseData();
            if (responseData2 == null) {
                throw new com.markspace.mscloudkitlib.MSException("Error getting srp_init");
            }
            NSDictionary parsePList = MSCloudKitManager.parsePList(responseData2);
            if (!((NSString) parsePList.objectForKey("message")).toString().equalsIgnoreCase("Success")) {
                throw new com.markspace.mscloudkitlib.MSException("FAILED to init SRP...");
            }
            byte[] bytes = ((NSString) parsePList.objectForKey("dsid")).toString().getBytes();
            HashMap<String, byte[]> parseSRPSaltAndEphemeralB = MSCryptoClient.parseSRPSaltAndEphemeralB(Base64.decode(((NSString) parsePList.objectForKey("respBlob")).toString(), 0));
            byte[] bArr = parseSRPSaltAndEphemeralB.get("salt");
            byte[] bArr2 = parseSRPSaltAndEphemeralB.get("ephemeralKey");
            byte[] calculateSessionKey = MSCryptoClient.calculateSessionKey(bArr, bytes, calculateSRPEphemeralA, bArr2);
            byte[] calculateClientEvidenceMessage = MSCryptoClient.calculateClientEvidenceMessage(bArr, bytes, calculateSRPEphemeralA, bArr2);
            String encodeToString = Base64.encodeToString(MSCryptoClient.createSRPClientProof(parseSRPSaltAndEphemeralB.get("tag"), parseSRPSaltAndEphemeralB.get("uid"), calculateClientEvidenceMessage), 2);
            com.markspace.mscloudkitlib.MSURLConnection mSURLConnection3 = new com.markspace.mscloudkitlib.MSURLConnection(new URL(String.format(Locale.getDefault(), "%s/escrowproxy/api/recover", this.mEscrowProxyURL)));
            mSURLConnection3.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            mSURLConnection3.addRequestHeader("Authorization", String.format(Locale.getDefault(), "X-MobileMe-AuthToken %s", this.mAuthStr));
            mSURLConnection3.addRequestHeader("Content-Type", "application/x-apple-plist");
            mSURLConnection3.setRequestContent(String.format(Locale.getDefault(), "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n\t<key>blob</key>\n\t<string>%s</string>\n\t<key>command</key>\n\t<string>RECOVER</string>\n\t<key>label</key>\n\t<string>com.apple.protectedcloudstorage.record</string>\n\t<key>version</key>\n\t<integer>1</integer>\n</dict>\n</plist>", encodeToString).getBytes(Charset.forName("UTF-8")));
            byte[] responseData3 = mSURLConnection3.getResponseData();
            if (responseData3 == null) {
                throw new com.markspace.mscloudkitlib.MSException("Error getting escrow recovery");
            }
            HashMap<String, byte[]> parseSRPServerProof = MSCryptoClient.parseSRPServerProof(Base64.decode(MSCloudKitManager.parsePList(responseData3).objectForKey("respBlob").toString(), 0));
            MSCryptoClient.calculateHostEvidenceMessage(calculateSRPEphemeralA, calculateClientEvidenceMessage, calculateSessionKey);
            HashMap<String, Object> parseSRPPCSData = MSCryptoClient.parseSRPPCSData(MSCryptoClient.decryptAESBlock(parseSRPServerProof.get("data"), calculateSessionKey, parseSRPServerProof.get("iv"), 0));
            byte[] bArr3 = (byte[]) parseSRPPCSData.get("dsid");
            byte[] bArr4 = (byte[]) parseSRPPCSData.get("salt");
            NSDictionary parsePList2 = MSCloudKitManager.parsePList(MSCryptoClient.decryptAESBlock((byte[]) parseSRPPCSData.get("data"), MSCryptoClient.derivePCSKey(bArr3, bArr4, ((Integer) parseSRPPCSData.get("iterations")).intValue()), Arrays.copyOfRange(bArr4, 0, 16), 9));
            byte[] bytes2 = ((NSData) parsePList2.objectForKey("BackupBagPassword")).bytes();
            if (!Arrays.equals(MSCryptoClient.calculateSHA1(bytes2), ((NSData) parsePList2.objectForKey("BackupKeybagDigest")).bytes())) {
                throw new com.markspace.mscloudkitlib.MSException("backup keybag digest mismatch");
            }
            MSDER msder = new MSDER();
            HashMap<String, Object> parseKeySet = msder.parseKeySet(bytes2);
            NSDictionary nSDictionary3 = (NSDictionary) nSDictionary.objectForKey("ClientMetadata");
            NSDictionary nSDictionary4 = (NSDictionary) nSDictionary3.objectForKey("SecureBackupiCloudDataProtection");
            ((NSData) nSDictionary3.objectForKey("SecureBackupiCloudIdentityPublicData")).bytes();
            HashMap<String, Object> parseBackupEscrow = msder.parseBackupEscrow(((NSData) nSDictionary4.objectForKey("kPCSMetadataEscrowedKeys")).bytes());
            byte[] bArr5 = (byte[]) parseBackupEscrow.get("masterKeyPublic");
            HashMap hashMap = (HashMap) parseKeySet.get("keys");
            byte[] bArr6 = null;
            Iterator it = hashMap.keySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                HashMap hashMap2 = (HashMap) ((HashMap) hashMap.get((Integer) it.next())).get("keyData");
                if (Arrays.equals(bArr5, (byte[]) ((HashMap) hashMap2.get("publicKeyInfo")).get(JSONConstants.Appolicious.KEY))) {
                    byte[] bArr7 = (byte[]) hashMap2.get("privateKey");
                    bArr6 = bArr7.length > 32 ? Arrays.copyOfRange(bArr7, 32, 64) : bArr7;
                }
            }
            if (bArr6 == null) {
                throw new com.markspace.mscloudkitlib.MSException("Failed to retrieve master key");
            }
            return new MSKeyset(msder.parseKeySet(MSCryptoClient.decryptGCMBlock(new MSBackupEscrow(parseBackupEscrow).getData(), MSCryptoClient.unwrapEllipticalCurveKey(bArr5, bArr6, (byte[]) parseBackupEscrow.get("wrappedKey")))));
        } catch (com.markspace.mscloudkitlib.MSException e) {
            this.logger.log(e.getMessage());
            return null;
        } catch (Exception e2) {
            this.logger.log(e2.getMessage());
            return null;
        }
    }

    private void saveAuthToken(String str, String str2, String str3, long j) {
        byte[] calculateSHA1 = MSCryptoClient.calculateSHA1(str.getBytes());
        byte[] bytes = "derive a key    ".getBytes();
        byte[] bytes2 = "EagleDanceEagleD".getBytes();
        byte[] bytes3 = String.format(Locale.getDefault(), "%d:%s", Long.valueOf(j), str3).getBytes();
        str2.getBytes();
        byte[] encryptAESBlock = MSCryptoClient.encryptAESBlock(bytes3, MSCryptoClient.kdfDeriveKeyFromKDK(str2.getBytes(), bytes), bytes2);
        MSDataUtilities.byteArrayToHexString(calculateSHA1);
        MSDataUtilities.byteArrayToHexString(encryptAESBlock);
    }

    public void InitCloudKit(String str, String str2, String str3) throws Exception {
        this.appleID = str;
        this.password = str2 + str3;
        if (str3 == null || str3.length() <= 0) {
            this.mIs2FAEnabled = false;
        } else {
            this.mIs2FAEnabled = true;
        }
        this.cloudKitHandlerData.deviceSizes.clear();
        this.cloudKitHandlerData.deviceHardwareID = MSDataUtilities.byteArrayToHexString(MSCryptoClient.generateEntropy(32));
        this.mSessionManager = new MSCloudKitManager();
        if (!authenticateSession()) {
            throw new com.markspace.mscloudkitlib.MSException("Error: authentication failed");
        }
        MSKeyset handleSRP6Exchange = handleSRP6Exchange();
        if (handleSRP6Exchange == null) {
            throw new com.markspace.mscloudkitlib.MSException("Error: SRP exchange failed", com.markspace.mscloudkitlib.MSException.IS_FATAL);
        }
        this.cloudKitHandlerData.keyManager = new MSKeyManager();
        this.cloudKitHandlerData.keyManager.addECKeys(handleSRP6Exchange.getKeys());
    }

    public synchronized boolean isStopped() {
        if (this.canceled) {
            CRLog.w(TAG, "THREAD is canceled");
        }
        return this.canceled;
    }

    public synchronized void reset() {
        this.canceled = false;
    }

    public synchronized void stop() {
        CRLog.w(TAG, "THREAD is canceling");
        this.canceled = true;
        if (this.ckFetchUrlRequest != null) {
            this.ckFetchUrlRequest.stop();
        }
        if (this.ckFetchAuthRequest != null) {
            this.ckFetchAuthRequest.stop();
        }
        if (this.ckFetchAccountSettingsRequest != null) {
            this.ckFetchAccountSettingsRequest.stop();
        }
        if (this.ckFetchEscrowRecordsRequest != null) {
            this.ckFetchEscrowRecordsRequest.stop();
        }
        if (this.ckSrpInitRequest != null) {
            this.ckSrpInitRequest.stop();
        }
        if (this.ckRecoverRequest != null) {
            this.ckRecoverRequest.stop();
        }
        if (this.ckAppInitRequest != null) {
            this.ckAppInitRequest.stop();
        }
    }
}
