package org.eclipse.equinox.internal.security.storage;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URL;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.spec.PBEKeySpec;
import org.eclipse.core.runtime.jobs.ILock;
import org.eclipse.core.runtime.jobs.Job;
import org.eclipse.equinox.internal.security.auth.AuthPlugin;
import org.eclipse.equinox.internal.security.auth.nls.SecAuthMessages;
import org.eclipse.equinox.internal.security.storage.friends.IStorageConstants;
import org.eclipse.equinox.internal.security.storage.friends.IUICallbacks;
import org.eclipse.equinox.internal.security.storage.friends.InternalExchangeUtils;
import org.eclipse.equinox.security.storage.StorageException;
import org.eclipse.equinox.security.storage.provider.IPreferencesContainer;
import org.eclipse.equinox.security.storage.provider.IProviderHints;
import org.eclipse.osgi.util.NLS;

/* loaded from: input_file:org/eclipse/equinox/internal/security/storage/SecurePreferencesRoot.class */
public class SecurePreferencesRoot extends SecurePreferences implements IStorageConstants {
    private static final String VERSION_KEY = "org.eclipse.equinox.security.preferences.version";
    private static final String VERSION_VALUE = "1";
    public static final String PROVIDER_PATH = "org.eclipse.equinox.security.storage.impl";
    private static final String description = "Equinox secure storage version 1.0";
    private static final String PROVIDER_NODE = "/org.eclipse.equinox.secure.storage";
    private static final String PASSWORD_VERIFICATION_NODE = "/org.eclipse.equinox.secure.storage/verification";
    private static final String PASSWORD_VERIFICATION_SAMPLE = "-> brown fox jumped over lazy dog <-";
    protected static final int MAX_ATTEMPTS = 20;
    private static ILock lock = Job.getJobManager().newLock();
    private URL location;
    private long timestamp;
    private boolean modified;
    private JavaEncryption cipher;
    private Map<String, PasswordExt> passwordCache;

    public SecurePreferencesRoot(URL url) throws IOException {
        super(null, null);
        this.timestamp = 0L;
        this.modified = false;
        this.cipher = new JavaEncryption();
        this.passwordCache = new HashMap(5);
        this.location = url;
        load();
    }

    public URL getLocation() {
        return this.location;
    }

    public JavaEncryption getCipher() {
        return this.cipher;
    }

    @Override // org.eclipse.equinox.internal.security.storage.SecurePreferences
    public boolean isModified() {
        return this.modified;
    }

    public void setModified(boolean z) {
        this.modified = z;
    }

    public void load() throws IOException {
        if (this.location == null) {
            return;
        }
        Properties properties = new Properties();
        InputStream inputStream = null;
        try {
            try {
                inputStream = StorageUtils.getInputStream(this.location);
                if (inputStream != null) {
                    properties.load(inputStream);
                    this.timestamp = getLastModified();
                }
                if (inputStream != null) {
                    inputStream.close();
                }
                Object obj = properties.get(VERSION_KEY);
                if (obj == null || VERSION_VALUE.equals(obj)) {
                    properties.remove(VERSION_KEY);
                    if (properties.containsKey(IStorageConstants.CIPHER_KEY) && properties.containsKey(IStorageConstants.KEY_FACTORY_KEY)) {
                        Object obj2 = properties.get(IStorageConstants.CIPHER_KEY);
                        Object obj3 = properties.get(IStorageConstants.KEY_FACTORY_KEY);
                        if ((obj2 instanceof String) && (obj3 instanceof String)) {
                            this.cipher.setAlgorithms((String) obj2, (String) obj3);
                        }
                        properties.remove(IStorageConstants.CIPHER_KEY);
                        properties.remove(IStorageConstants.KEY_FACTORY_KEY);
                    }
                    for (Map.Entry entry : properties.entrySet()) {
                        Object key = entry.getKey();
                        Object value = entry.getValue();
                        if ((key instanceof String) && (value instanceof String)) {
                            PersistedPath persistedPath = new PersistedPath((String) key);
                            if (persistedPath.getKey() != null) {
                                node(persistedPath.getPath()).internalPut(persistedPath.getKey(), (String) value);
                            }
                        }
                    }
                }
            } catch (IllegalArgumentException e) {
                AuthPlugin.getDefault().logError(NLS.bind(SecAuthMessages.badStorageURL, this.location.toString()), e);
                this.location = null;
                if (inputStream != null) {
                    inputStream.close();
                }
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                inputStream.close();
            }
            throw th;
        }
    }

    @Override // org.eclipse.equinox.internal.security.storage.SecurePreferences
    public synchronized void flush() throws IOException {
        IUICallbacks callback;
        if (this.location != null && this.modified) {
            if (this.timestamp != 0 && this.timestamp != getLastModified() && (callback = CallbacksProvider.getDefault().getCallback()) != null) {
                Boolean ask = callback.ask(SecAuthMessages.fileModifiedMsg);
                if (ask == null) {
                    AuthPlugin.getDefault().frameworkLogError(SecAuthMessages.fileModifiedNote, 2, null);
                } else if (!ask.booleanValue()) {
                    return;
                }
            }
            Properties properties = new Properties();
            properties.put(VERSION_KEY, VERSION_VALUE);
            String cipherAlgorithm = this.cipher.getCipherAlgorithm();
            if (cipherAlgorithm != null) {
                properties.put(IStorageConstants.CIPHER_KEY, cipherAlgorithm);
                properties.put(IStorageConstants.KEY_FACTORY_KEY, this.cipher.getKeyFactoryAlgorithm());
            }
            flush(properties, null);
            OutputStream outputStream = null;
            try {
                outputStream = StorageUtils.getOutputStream(this.location);
                properties.store(outputStream, description);
                this.modified = false;
                if (outputStream != null) {
                    outputStream.close();
                }
                this.timestamp = getLastModified();
            } catch (Throwable th) {
                if (outputStream != null) {
                    outputStream.close();
                }
                throw th;
            }
        }
    }

    public PasswordExt getPassword(String str, IPreferencesContainer iPreferencesContainer, boolean z) throws StorageException {
        if (z) {
            PasswordExt defaultPassword = getDefaultPassword(iPreferencesContainer);
            if (defaultPassword != null) {
                return defaultPassword;
            }
            str = getDefaultModuleID(iPreferencesContainer);
        } else {
            if (str == null) {
                throw new StorageException(1, SecAuthMessages.invalidEntryFormat);
            }
            if ("org.eclipse.equinox.security.noModule".equals(str)) {
                PasswordExt defaultPassword2 = getDefaultPassword(iPreferencesContainer);
                if (defaultPassword2 != null) {
                    return defaultPassword2;
                }
                throw new StorageException(1, SecAuthMessages.noDefaultPassword);
            }
        }
        return getModulePassword(str, iPreferencesContainer);
    }

    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v19, types: [java.lang.Throwable, java.util.Map<java.lang.String, org.eclipse.equinox.internal.security.storage.PasswordExt>] */
    /* JADX WARN: Type inference failed for: r0v53, types: [java.util.Map<java.lang.String, org.eclipse.equinox.internal.security.storage.PasswordExt>] */
    /* JADX WARN: Type inference failed for: r0v54, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v58 */
    private PasswordExt getModulePassword(String str, IPreferencesContainer iPreferencesContainer) throws StorageException {
        if ("org.eclipse.equinox.security.noModule".equals(str)) {
            throw new StorageException(4, SecAuthMessages.loginNoPassword);
        }
        PasswordProviderModuleExt findStorageModule = PasswordProviderSelector.getInstance().findStorageModule(str);
        String id = findStorageModule.getID();
        PasswordExt passwordExt = null;
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        try {
            lock.acquire();
            synchronized (this.passwordCache) {
                if (this.passwordCache.containsKey(id)) {
                    PasswordExt passwordExt2 = this.passwordCache.get(id);
                    if (0 != 0) {
                        ((SecurePreferencesContainer) iPreferencesContainer).removeOption(IProviderHints.PROMPT_USER);
                    }
                    lock.release();
                    return passwordExt2;
                }
                if ((!CallbacksProvider.getDefault().runningUI() || InternalExchangeUtils.isJUnitApp()) && iPreferencesContainer != null && !iPreferencesContainer.hasOption(IProviderHints.PROMPT_USER)) {
                    ((SecurePreferencesContainer) iPreferencesContainer).setOption(IProviderHints.PROMPT_USER, Boolean.FALSE);
                    z3 = true;
                }
                SecurePreferences node = node(PASSWORD_VERIFICATION_NODE);
                boolean z4 = !node.hasKey(id);
                int i = z4 ? 1 : 0;
                int i2 = 0;
                while (true) {
                    if (i2 >= MAX_ATTEMPTS) {
                        break;
                    }
                    PBEKeySpec password = findStorageModule.getPassword(iPreferencesContainer, i);
                    if (password == null) {
                        if (z3) {
                            ((SecurePreferencesContainer) iPreferencesContainer).removeOption(IProviderHints.PROMPT_USER);
                        }
                        lock.release();
                        return null;
                    }
                    passwordExt = new PasswordExt(password, id);
                    if (z4) {
                        node.internalPut(id, getCipher().encrypt(passwordExt, StorageUtils.getBytes(createTestString())).toString());
                        markModified();
                        z2 = true;
                        z = true;
                        break;
                    }
                    try {
                    } catch (BadPaddingException | IllegalBlockSizeException e) {
                        if (!findStorageModule.changePassword(e, iPreferencesContainer)) {
                            break;
                        }
                    }
                    if (verifyTestString(StorageUtils.getString(getCipher().decrypt(passwordExt, new CryptoData(node.internalGet(id)))))) {
                        z = true;
                        break;
                    }
                    i2++;
                }
                if (z) {
                    ?? r0 = this.passwordCache;
                    synchronized (r0) {
                        this.passwordCache.put(id, passwordExt);
                        r0 = r0;
                    }
                }
                if (z3) {
                    ((SecurePreferencesContainer) iPreferencesContainer).removeOption(IProviderHints.PROMPT_USER);
                }
                lock.release();
                if (!z) {
                    throw new StorageException(4, SecAuthMessages.loginNoPassword);
                }
                if (z2) {
                    CallbacksProvider.getDefault().setupChallengeResponse(id, iPreferencesContainer);
                }
                return passwordExt;
            }
        } catch (Throwable th) {
            if (z3) {
                ((SecurePreferencesContainer) iPreferencesContainer).removeOption(IProviderHints.PROMPT_USER);
            }
            lock.release();
            throw th;
        }
    }

    private PasswordExt getDefaultPassword(IPreferencesContainer iPreferencesContainer) {
        if (!iPreferencesContainer.hasOption(IProviderHints.DEFAULT_PASSWORD)) {
            return null;
        }
        Object option = iPreferencesContainer.getOption(IProviderHints.DEFAULT_PASSWORD);
        if (option instanceof PBEKeySpec) {
            return new PasswordExt((PBEKeySpec) option, "org.eclipse.equinox.security.noModule");
        }
        return null;
    }

    private String getDefaultModuleID(IPreferencesContainer iPreferencesContainer) {
        if (!iPreferencesContainer.hasOption(IProviderHints.REQUIRED_MODULE_ID)) {
            return null;
        }
        Object option = iPreferencesContainer.getOption(IProviderHints.REQUIRED_MODULE_ID);
        if (option instanceof String) {
            return (String) option;
        }
        return null;
    }

    public boolean onChangePassword(IPreferencesContainer iPreferencesContainer, String str) {
        try {
            PasswordProviderModuleExt findStorageModule = PasswordProviderSelector.getInstance().findStorageModule(str);
            PBEKeySpec password = findStorageModule.getPassword(iPreferencesContainer, 3);
            if (password == null) {
                return false;
            }
            String id = findStorageModule.getID();
            PasswordExt passwordExt = new PasswordExt(password, id);
            try {
                node(PASSWORD_VERIFICATION_NODE).internalPut(id, getCipher().encrypt(passwordExt, StorageUtils.getBytes(createTestString())).toString());
                markModified();
                try {
                    flush();
                    cachePassword(id, passwordExt);
                    CallbacksProvider.getDefault().setupChallengeResponse(id, iPreferencesContainer);
                    return true;
                } catch (IOException e) {
                    AuthPlugin.getDefault().logError(NLS.bind(SecAuthMessages.encryptingError, id, PASSWORD_VERIFICATION_NODE), e);
                    return false;
                }
            } catch (StorageException e2) {
                AuthPlugin.getDefault().logError(NLS.bind(SecAuthMessages.encryptingError, id, PASSWORD_VERIFICATION_NODE), e2);
                return false;
            }
        } catch (StorageException unused) {
            return false;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.util.Map<java.lang.String, org.eclipse.equinox.internal.security.storage.PasswordExt>] */
    /* JADX WARN: Type inference failed for: r0v2, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v6 */
    public void cachePassword(String str, PasswordExt passwordExt) {
        ?? r0 = this.passwordCache;
        synchronized (r0) {
            this.passwordCache.put(str, passwordExt);
            r0 = r0;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.util.Map<java.lang.String, org.eclipse.equinox.internal.security.storage.PasswordExt>] */
    /* JADX WARN: Type inference failed for: r0v2, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v5 */
    public void clearPasswordCache() {
        ?? r0 = this.passwordCache;
        synchronized (r0) {
            this.passwordCache.clear();
            r0 = r0;
        }
    }

    private long getLastModified() {
        return new File(this.location.getPath()).lastModified();
    }

    private String createTestString() {
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.setSeed(System.currentTimeMillis());
        long nextInt = secureRandom.nextInt(10000);
        long nextInt2 = secureRandom.nextInt(10000);
        StringBuilder sb = new StringBuilder();
        sb.append(nextInt);
        sb.append('\t');
        sb.append(nextInt2);
        sb.append('\t');
        sb.append(nextInt2);
        sb.append('\t');
        sb.append(nextInt);
        return sb.toString();
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:25:0x0057. Please report as an issue. */
    private boolean verifyTestString(String str) {
        if (str == null || str.length() == 0) {
            return false;
        }
        if (PASSWORD_VERIFICATION_SAMPLE.equals(str)) {
            return true;
        }
        String[] split = str.split("\t");
        if (split == null || split.length == 0 || split.length != 4) {
            return false;
        }
        long j = -1;
        long j2 = -1;
        for (int i = 0; i < 4; i++) {
            if (split[i] == null || split[i].length() == 0) {
                return false;
            }
            try {
                switch (i) {
                    case StorageException.INTERNAL_ERROR /* 0 */:
                        j = Long.decode(split[i]).longValue();
                    case 1:
                        j2 = Long.decode(split[i]).longValue();
                    case 2:
                        if (Long.decode(split[i]).longValue() != j2) {
                            return false;
                        }
                    case StorageException.DECRYPTION_ERROR /* 3 */:
                        if (Long.decode(split[i]).longValue() != j) {
                            return false;
                        }
                    default:
                }
            } catch (NumberFormatException unused) {
                return false;
            }
        }
        return true;
    }
}
