package org.odk.collect.android.utilities;

import android.content.ContentResolver;
import android.database.Cursor;
import android.net.Uri;
import android.os.Build;
import android.util.Log;
import com.google.android.gms.R;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.RandomAccessFile;
import java.io.UnsupportedEncodingException;
import java.io.Writer;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.io.IOUtils;
import org.kxml2.io.KXmlSerializer;
import org.kxml2.kdom.Document;
import org.kxml2.kdom.Element;
import org.odk.collect.android.application.Collect;
import org.odk.collect.android.exception.EncryptionException;
import org.odk.collect.android.logic.FormController;
import org.odk.collect.android.provider.FormsProviderAPI;
import org.xmlpull.v1.XmlSerializer;

/* loaded from: classes.dex */
public class EncryptionUtils {

    /* loaded from: classes.dex */
    public static final class EncryptedFormInformation {
        public final String base64RsaEncryptedSymmetricKey;
        public final String formId;
        public final String formVersion;
        public final FormController.InstanceMetadata instanceMetadata;
        public final byte[] ivSeedArray;
        public final PublicKey rsaPublicKey;
        public final SecretKeySpec symmetricKey;
        public final Base64Wrapper wrapper;
        private int ivCounter = 0;
        public final StringBuilder elementSignatureSource = new StringBuilder();
        private boolean isNotBouncyCastle = false;

        EncryptedFormInformation(String str, String str2, FormController.InstanceMetadata instanceMetadata, PublicKey publicKey, Base64Wrapper base64Wrapper) {
            this.formId = str;
            this.formVersion = str2;
            this.instanceMetadata = instanceMetadata;
            this.rsaPublicKey = publicKey;
            this.wrapper = base64Wrapper;
            byte[] bArr = new byte[32];
            new SecureRandom().nextBytes(bArr);
            this.symmetricKey = new SecretKeySpec(bArr, "AES/CFB/PKCS5Padding");
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                messageDigest.update(instanceMetadata.instanceId.getBytes("UTF-8"));
                messageDigest.update(bArr);
                byte[] digest = messageDigest.digest();
                this.ivSeedArray = new byte[16];
                for (int i = 0; i < 16; i++) {
                    this.ivSeedArray[i] = digest[i % digest.length];
                }
                try {
                    Cipher cipher = Cipher.getInstance("RSA/NONE/OAEPWithSHA256AndMGF1Padding");
                    cipher.init(1, publicKey);
                    byte[] doFinal = cipher.doFinal(bArr);
                    Log.i("EncryptionUtils", "AlgorithmUsed: " + cipher.getAlgorithm());
                    this.base64RsaEncryptedSymmetricKey = base64Wrapper.encodeToString(doFinal);
                    appendElementSignatureSource(str);
                    if (str2 != null) {
                        appendElementSignatureSource(str2.toString());
                    }
                    appendElementSignatureSource(this.base64RsaEncryptedSymmetricKey);
                    appendElementSignatureSource(instanceMetadata.instanceId);
                } catch (InvalidKeyException e) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e.printStackTrace();
                    throw new IllegalArgumentException(e.getMessage());
                } catch (NoSuchAlgorithmException e2) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e2.printStackTrace();
                    throw new IllegalArgumentException(e2.getMessage());
                } catch (BadPaddingException e3) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e3.printStackTrace();
                    throw new IllegalArgumentException(e3.getMessage());
                } catch (IllegalBlockSizeException e4) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e4.printStackTrace();
                    throw new IllegalArgumentException(e4.getMessage());
                } catch (NoSuchPaddingException e5) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e5.printStackTrace();
                    throw new IllegalArgumentException(e5.getMessage());
                }
            } catch (UnsupportedEncodingException e6) {
                Log.e("EncryptionUtils", e6.toString());
                e6.printStackTrace();
                throw new IllegalArgumentException(e6.getMessage());
            } catch (NoSuchAlgorithmException e7) {
                Log.e("EncryptionUtils", e7.toString());
                e7.printStackTrace();
                throw new IllegalArgumentException(e7.getMessage());
            }
        }

        public void appendElementSignatureSource(String str) {
            this.elementSignatureSource.append(str).append("\n");
        }

        public void appendFileSignatureSource(File file) {
            appendElementSignatureSource(file.getName() + "::" + FileUtils.getMd5Hash(file));
        }

        public String getBase64EncryptedElementSignature() {
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                messageDigest.update(this.elementSignatureSource.toString().getBytes("UTF-8"));
                byte[] digest = messageDigest.digest();
                try {
                    Cipher cipher = Cipher.getInstance("RSA/NONE/OAEPWithSHA256AndMGF1Padding");
                    cipher.init(1, this.rsaPublicKey);
                    return this.wrapper.encodeToString(cipher.doFinal(digest));
                } catch (InvalidKeyException e) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e.printStackTrace();
                    throw new IllegalArgumentException(e.getMessage());
                } catch (NoSuchAlgorithmException e2) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e2.printStackTrace();
                    throw new IllegalArgumentException(e2.getMessage());
                } catch (BadPaddingException e3) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e3.printStackTrace();
                    throw new IllegalArgumentException(e3.getMessage());
                } catch (IllegalBlockSizeException e4) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e4.printStackTrace();
                    throw new IllegalArgumentException(e4.getMessage());
                } catch (NoSuchPaddingException e5) {
                    Log.e("EncryptionUtils", "Unable to encrypt the symmetric key");
                    e5.printStackTrace();
                    throw new IllegalArgumentException(e5.getMessage());
                }
            } catch (UnsupportedEncodingException e6) {
                Log.e("EncryptionUtils", e6.toString());
                e6.printStackTrace();
                throw new IllegalArgumentException(e6.getMessage());
            } catch (NoSuchAlgorithmException e7) {
                Log.e("EncryptionUtils", e7.toString());
                e7.printStackTrace();
                throw new IllegalArgumentException(e7.getMessage());
            }
        }

        public Cipher getCipher() throws InvalidKeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchPaddingException {
            Cipher cipher;
            byte[] bArr = this.ivSeedArray;
            int length = this.ivCounter % this.ivSeedArray.length;
            bArr[length] = (byte) (bArr[length] + 1);
            this.ivCounter++;
            IvParameterSpec ivParameterSpec = new IvParameterSpec(this.ivSeedArray);
            try {
                cipher = Cipher.getInstance("AES/CFB/PKCS5Padding", "BC");
                this.isNotBouncyCastle = false;
            } catch (NoSuchProviderException e) {
                Log.w("EncryptionUtils", "Unable to obtain BouncyCastle provider! Decryption may fail!");
                e.printStackTrace();
                this.isNotBouncyCastle = true;
                cipher = Cipher.getInstance("AES/CFB/PKCS5Padding");
            }
            cipher.init(1, this.symmetricKey, ivParameterSpec);
            return cipher;
        }
    }

    public static boolean deletePlaintextFiles(File file) {
        boolean z = true;
        for (File file2 : file.getParentFile().listFiles()) {
            if (!file2.equals(file) && !file2.isDirectory() && !file2.getName().endsWith(".enc")) {
                z &= file2.delete();
            }
        }
        return z;
    }

    private static void encryptFile(File file, EncryptedFormInformation encryptedFormInformation) throws IOException, EncryptionException {
        RandomAccessFile randomAccessFile;
        ByteArrayOutputStream byteArrayOutputStream;
        CipherOutputStream cipherOutputStream;
        File file2 = new File(file.getParentFile(), file.getName() + ".enc");
        if (file2.exists() && !file2.delete()) {
            throw new IOException("Cannot overwrite " + file2.getAbsolutePath() + ". Perhaps the file is locked?");
        }
        encryptedFormInformation.appendFileSignatureSource(file);
        RandomAccessFile randomAccessFile2 = null;
        CipherOutputStream cipherOutputStream2 = null;
        try {
            try {
                Cipher cipher = encryptedFormInformation.getCipher();
                randomAccessFile = new RandomAccessFile(file2, "rws");
                try {
                    byteArrayOutputStream = new ByteArrayOutputStream();
                    cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
                } catch (Exception e) {
                    e = e;
                    randomAccessFile2 = randomAccessFile;
                } catch (Throwable th) {
                    th = th;
                    randomAccessFile2 = randomAccessFile;
                }
            } catch (Exception e2) {
                e = e2;
            }
        } catch (Throwable th2) {
            th = th2;
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            byte[] bArr = new byte[2048];
            for (int read = fileInputStream.read(bArr); read != -1; read = fileInputStream.read(bArr)) {
                cipherOutputStream.write(bArr, 0, read);
            }
            fileInputStream.close();
            cipherOutputStream.flush();
            cipherOutputStream.close();
            randomAccessFile.write(byteArrayOutputStream.toByteArray());
            Log.i("EncryptionUtils", "Encrpyted:" + file.getName() + " -> " + file2.getName());
            IOUtils.closeQuietly((OutputStream) cipherOutputStream);
            if (randomAccessFile != null) {
                randomAccessFile.close();
            }
        } catch (Exception e3) {
            e = e3;
            cipherOutputStream2 = cipherOutputStream;
            randomAccessFile2 = randomAccessFile;
            String str = "Error encrypting: " + file.getName() + " -> " + file2.getName();
            Log.e("EncryptionUtils", str, e);
            e.printStackTrace();
            throw new EncryptionException(str, e);
        } catch (Throwable th3) {
            th = th3;
            cipherOutputStream2 = cipherOutputStream;
            randomAccessFile2 = randomAccessFile;
            IOUtils.closeQuietly((OutputStream) cipherOutputStream2);
            if (randomAccessFile2 != null) {
                randomAccessFile2.close();
            }
            throw th;
        }
    }

    private static List<File> encryptSubmissionFiles(File file, File file2, EncryptedFormInformation encryptedFormInformation) throws IOException, EncryptionException {
        File[] listFiles = file.getParentFile().listFiles();
        ArrayList arrayList = new ArrayList();
        for (File file3 : listFiles) {
            if (!file3.equals(file) && !file3.equals(file2) && !file3.isDirectory() && !file3.getName().startsWith(".")) {
                if (file3.getName().endsWith(".enc")) {
                    file3.delete();
                } else {
                    arrayList.add(file3);
                }
            }
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            encryptFile((File) it.next(), encryptedFormInformation);
        }
        encryptFile(file2, encryptedFormInformation);
        return arrayList;
    }

    public static void generateEncryptedSubmission(File file, File file2, EncryptedFormInformation encryptedFormInformation) throws IOException, EncryptionException {
        if (!file2.exists() || !file2.isFile()) {
            throw new IOException("No submission.xml found");
        }
        writeSubmissionManifest(encryptedFormInformation, file2, encryptSubmissionFiles(file, file2, encryptedFormInformation));
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static EncryptedFormInformation getEncryptedFormInformation(Uri uri, FormController.InstanceMetadata instanceMetadata) throws EncryptionException {
        String[] strArr;
        String str;
        ContentResolver contentResolver = Collect.getInstance().getContentResolver();
        Cursor cursor = null;
        try {
            if (contentResolver.getType(uri) == "vnd.android.cursor.item/vnd.odk.instance") {
                Cursor cursor2 = null;
                try {
                    Cursor query = contentResolver.query(uri, null, null, null, null);
                    if (query.getCount() != 1) {
                        String string = Collect.getInstance().getString(R.string.not_exactly_one_record_for_this_instance);
                        Log.e("EncryptionUtils", string);
                        throw new EncryptionException(string, null);
                    }
                    query.moveToFirst();
                    String string2 = query.getString(query.getColumnIndex("jrFormId"));
                    int columnIndex = query.getColumnIndex("jrVersion");
                    if (query.isNull(columnIndex)) {
                        strArr = new String[]{string2};
                        str = "jrFormId =? AND jrVersion IS NULL";
                    } else {
                        strArr = new String[]{string2, query.getString(columnIndex)};
                        str = "jrFormId =? AND jrVersion=?";
                    }
                    if (query != null) {
                        query.close();
                    }
                    cursor = contentResolver.query(FormsProviderAPI.FormsColumns.CONTENT_URI, null, str, strArr, null);
                    if (cursor.getCount() != 1) {
                        String string3 = Collect.getInstance().getString(R.string.not_exactly_one_blank_form_for_this_form_id);
                        Log.e("EncryptionUtils", string3);
                        throw new EncryptionException(string3, null);
                    }
                    cursor.moveToFirst();
                } catch (Throwable th) {
                    if (0 != 0) {
                        cursor2.close();
                    }
                    throw th;
                }
            } else if (contentResolver.getType(uri) == "vnd.android.cursor.item/vnd.odk.form") {
                cursor = contentResolver.query(uri, null, null, null, null);
                if (cursor.getCount() != 1) {
                    String string4 = Collect.getInstance().getString(R.string.not_exactly_one_blank_form_for_this_form_id);
                    Log.e("EncryptionUtils", string4);
                    throw new EncryptionException(string4, null);
                }
                cursor.moveToFirst();
            }
            String string5 = cursor.getString(cursor.getColumnIndex("jrFormId"));
            if (string5 == null || string5.length() == 0) {
                String string6 = Collect.getInstance().getString(R.string.no_form_id_specified);
                Log.e("EncryptionUtils", string6);
                throw new EncryptionException(string6, null);
            }
            int columnIndex2 = cursor.getColumnIndex("jrVersion");
            int columnIndex3 = cursor.getColumnIndex("base64RsaPublicKey");
            String string7 = cursor.isNull(columnIndex2) ? null : cursor.getString(columnIndex2);
            String string8 = cursor.isNull(columnIndex3) ? null : cursor.getString(columnIndex3);
            if (string8 == null || string8.length() == 0) {
            }
            int i = Build.VERSION.SDK_INT;
            if (i < 8) {
                String string9 = Collect.getInstance().getString(R.string.phone_does_not_support_encryption);
                Log.e("EncryptionUtils", string9);
                throw new EncryptionException(string9, null);
            }
            try {
                Base64Wrapper base64Wrapper = new Base64Wrapper();
                try {
                    try {
                        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(base64Wrapper.decode(string8)));
                        if (cursor != null) {
                            cursor.close();
                        }
                        if (instanceMetadata.instanceId == null) {
                            Log.e("EncryptionUtils", "No OpenRosa metadata block or no instanceId defined in that block");
                            return null;
                        }
                        try {
                            Cipher.getInstance("AES/CFB/PKCS5Padding", "BC");
                            return new EncryptedFormInformation(string5, string7, instanceMetadata, generatePublic, base64Wrapper);
                        } catch (NoSuchAlgorithmException e) {
                            e.printStackTrace();
                            Log.e("EncryptionUtils", "No BouncyCastle implementation of symmetric algorithm!");
                            return null;
                        } catch (NoSuchProviderException e2) {
                            e2.printStackTrace();
                            Log.e("EncryptionUtils", "No BouncyCastle provider for implementation of symmetric algorithm!");
                            return null;
                        } catch (NoSuchPaddingException e3) {
                            e3.printStackTrace();
                            Log.e("EncryptionUtils", "No BouncyCastle provider for padding implementation of symmetric algorithm!");
                            return null;
                        }
                    } catch (InvalidKeySpecException e4) {
                        e4.printStackTrace();
                        String string10 = Collect.getInstance().getString(R.string.invalid_rsa_public_key);
                        Log.e("EncryptionUtils", string10);
                        throw new EncryptionException(string10, e4);
                    }
                } catch (NoSuchAlgorithmException e5) {
                    String string11 = Collect.getInstance().getString(R.string.phone_does_not_support_rsa);
                    Log.e("EncryptionUtils", string11);
                    e5.printStackTrace();
                    throw new EncryptionException(string11, e5);
                }
            } catch (ClassNotFoundException e6) {
                String format = String.format(Collect.getInstance().getString(R.string.phone_does_not_have_base64_class), String.valueOf(i));
                Log.e("EncryptionUtils", format);
                e6.printStackTrace();
                throw new EncryptionException(format, e6);
            }
        } finally {
            if (cursor != null) {
                cursor.close();
            }
        }
    }

    private static void writeSubmissionManifest(EncryptedFormInformation encryptedFormInformation, File file, List<File> list) throws EncryptionException {
        int i;
        Document document = new Document();
        document.setStandalone(true);
        document.setEncoding("UTF-8");
        Element createElement = document.createElement("http://www.opendatakit.org/xforms/encrypted", "data");
        createElement.setPrefix(null, "http://www.opendatakit.org/xforms/encrypted");
        createElement.setAttribute(null, "id", encryptedFormInformation.formId);
        if (encryptedFormInformation.formVersion != null) {
            createElement.setAttribute(null, "version", encryptedFormInformation.formVersion);
        }
        createElement.setAttribute(null, "encrypted", "yes");
        document.addChild(0, 2, createElement);
        Element createElement2 = document.createElement("http://www.opendatakit.org/xforms/encrypted", "base64EncryptedKey");
        createElement2.addChild(0, 4, encryptedFormInformation.base64RsaEncryptedSymmetricKey);
        int i2 = 0 + 1;
        createElement.addChild(0, 2, createElement2);
        Element createElement3 = document.createElement("http://openrosa.org/xforms", "meta");
        createElement3.setPrefix("orx", "http://openrosa.org/xforms");
        Element createElement4 = document.createElement("http://openrosa.org/xforms", "instanceID");
        createElement4.addChild(0, 4, encryptedFormInformation.instanceMetadata.instanceId);
        createElement3.addChild(0, 2, createElement4);
        int i3 = i2 + 1;
        createElement.addChild(i2, 2, createElement3);
        int i4 = i3 + 1;
        createElement.addChild(i3, 7, "\n");
        if (list != null) {
            i = i4;
            for (File file2 : list) {
                Element createElement5 = document.createElement("http://www.opendatakit.org/xforms/encrypted", "media");
                Element createElement6 = document.createElement("http://www.opendatakit.org/xforms/encrypted", "file");
                createElement6.addChild(0, 4, file2.getName() + ".enc");
                createElement5.addChild(0, 2, createElement6);
                int i5 = i + 1;
                createElement.addChild(i, 2, createElement5);
                i = i5 + 1;
                createElement.addChild(i5, 7, "\n");
            }
        } else {
            i = i4;
        }
        Element createElement7 = document.createElement("http://www.opendatakit.org/xforms/encrypted", "encryptedXmlFile");
        createElement7.addChild(0, 4, file.getName() + ".enc");
        int i6 = i + 1;
        createElement.addChild(i, 2, createElement7);
        Element createElement8 = document.createElement("http://www.opendatakit.org/xforms/encrypted", "base64EncryptedElementSignature");
        createElement8.addChild(0, 4, encryptedFormInformation.getBase64EncryptedElementSignature());
        int i7 = i6 + 1;
        createElement.addChild(i6, 2, createElement8);
        FileOutputStream fileOutputStream = null;
        OutputStreamWriter outputStreamWriter = null;
        try {
            try {
                FileOutputStream fileOutputStream2 = new FileOutputStream(file);
                try {
                    OutputStreamWriter outputStreamWriter2 = new OutputStreamWriter(fileOutputStream2, "UTF-8");
                    try {
                        XmlSerializer kXmlSerializer = new KXmlSerializer();
                        kXmlSerializer.setOutput(outputStreamWriter2);
                        document.writeChildren(kXmlSerializer);
                        kXmlSerializer.flush();
                        outputStreamWriter2.flush();
                        fileOutputStream2.getChannel().force(true);
                        outputStreamWriter2.close();
                        IOUtils.closeQuietly((Writer) outputStreamWriter2);
                        IOUtils.closeQuietly((OutputStream) fileOutputStream2);
                    } catch (Exception e) {
                        e = e;
                        e.printStackTrace();
                        String str = "Error writing submission.xml for encrypted submission: " + file.getParentFile().getName();
                        Log.e("EncryptionUtils", str);
                        throw new EncryptionException(str, e);
                    } catch (Throwable th) {
                        th = th;
                        outputStreamWriter = outputStreamWriter2;
                        fileOutputStream = fileOutputStream2;
                        IOUtils.closeQuietly((Writer) outputStreamWriter);
                        IOUtils.closeQuietly((OutputStream) fileOutputStream);
                        throw th;
                    }
                } catch (Exception e2) {
                    e = e2;
                } catch (Throwable th2) {
                    th = th2;
                    fileOutputStream = fileOutputStream2;
                }
            } catch (Throwable th3) {
                th = th3;
            }
        } catch (Exception e3) {
            e = e3;
        }
    }
}
