package boxcryptor.legacy.storages.implementation.amazons3;

import android.support.v4.media.session.PlaybackStateCompat;
import boxcryptor.legacy.common.async.CancellationToken;
import boxcryptor.legacy.common.async.OperationCanceledException;
import boxcryptor.legacy.common.log.Log;
import boxcryptor.legacy.common.parse.Parse;
import boxcryptor.legacy.common.parse.ParserException;
import boxcryptor.legacy.network.BackoffHandler;
import boxcryptor.legacy.network.IHttpClient;
import boxcryptor.legacy.network.NetworkService;
import boxcryptor.legacy.network.content.FileContent;
import boxcryptor.legacy.network.content.StringContent;
import boxcryptor.legacy.network.http.HttpMethod;
import boxcryptor.legacy.network.http.HttpRequest;
import boxcryptor.legacy.network.http.HttpResponse;
import boxcryptor.legacy.network.http.HttpStatusCode;
import boxcryptor.legacy.network.http.HttpUploadRequest;
import boxcryptor.legacy.network.http.HttpUrl;
import boxcryptor.legacy.network.util.HttpUtils;
import boxcryptor.legacy.storages.declaration.AbstractCloudStorageAuthenticator;
import boxcryptor.legacy.storages.declaration.IStorageOperator;
import boxcryptor.legacy.storages.enumeration.StorageType;
import boxcryptor.legacy.storages.exception.CloudStorageAuthException;
import boxcryptor.legacy.storages.implementation.amazons3.xml.Bucket;
import boxcryptor.legacy.storages.implementation.amazons3.xml.Error;
import boxcryptor.legacy.storages.implementation.amazons3.xml.ListAllMyBucketsResult;
import boxcryptor.legacy.storages.ui.StorageListSelectionListener;
import boxcryptor.legacy.storages.ui.StorageUserPasswordInputListener;
import com.burgstaller.okhttp.digest.fromhttpclient.HTTP;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.j256.ormlite.stmt.query.SimpleComparison;
import com.microsoft.appcenter.Constants;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.DigestInputStream;
import java.security.MessageDigest;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.TimeZone;
import java.util.TreeMap;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import kotlinx.serialization.json.internal.JsonReaderKt;
import org.spongycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
import ru.noties.markwon.image.network.NetworkSchemeHandler;

/* loaded from: classes.dex */
public class AmazonS3StorageAuthenticator extends AbstractCloudStorageAuthenticator {
    private static final SimpleDateFormat a = new SimpleDateFormat("yyyyMMdd", Locale.US);
    private static final SimpleDateFormat b = new SimpleDateFormat("yyyyMMdd'T'HHmmss'Z'", Locale.US);

    @JsonProperty("accessKeyId")
    public String accessKeyId;

    @JsonProperty("awsRegion")
    public String awsRegion;

    @JsonProperty("bucket")
    public String bucket;

    @JsonIgnore
    private IStorageOperator operator;

    @JsonProperty("secretAccessKey")
    public String secretAccessKey;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class AmazonDigestInputStream extends DigestInputStream {
        public AmazonDigestInputStream(InputStream inputStream, MessageDigest messageDigest) {
            super(inputStream, messageDigest);
        }

        @Override // java.io.FilterInputStream, java.io.InputStream
        public final long skip(long j) {
            if (j <= 0) {
                return j;
            }
            int min = (int) Math.min(PlaybackStateCompat.ACTION_PLAY_FROM_SEARCH, j);
            byte[] bArr = new byte[min];
            long j2 = j;
            while (j2 > 0) {
                int read = read(bArr, 0, (int) Math.min(j2, min));
                if (read == -1) {
                    if (j2 == j) {
                        return -1L;
                    }
                    return j - j2;
                }
                j2 -= read;
            }
            return j;
        }
    }

    public AmazonS3StorageAuthenticator() {
    }

    @JsonCreator
    public AmazonS3StorageAuthenticator(@JsonProperty("accessKeyId") String str, @JsonProperty("secretAccessKey") String str2, @JsonProperty("awsRegion") String str3, @JsonProperty("bucket") String str4) {
        this.accessKeyId = str;
        this.secretAccessKey = str2;
        this.awsRegion = str3;
        this.bucket = str4;
    }

    private String a(HttpRequest httpRequest, String str) {
        String d = HttpUtils.d(httpRequest.d().e());
        if (d == null || d.equals("")) {
            d = "/";
        }
        return httpRequest.e().toString() + "\n" + d + "\n" + a(httpRequest.d().g()) + "\n" + c(httpRequest) + "\n" + d(httpRequest) + "\n" + str;
    }

    private String a(HttpRequest httpRequest, String str, Date date) {
        return "AWS4-HMAC-SHA256 Credential=" + (this.accessKeyId + "/" + a.format(date) + "/" + this.awsRegion + "/s3/aws4_request") + ", SignedHeaders=" + d(httpRequest) + ", Signature=" + b(httpRequest, str, date);
    }

    private String a(String str, Date date) {
        StringBuilder sb = new StringBuilder("AWS4-HMAC-SHA256");
        sb.append("\n");
        sb.append(b.format(date));
        sb.append("\n");
        sb.append(a.format(date) + "/" + this.awsRegion + "/s3/aws4_request");
        sb.append("\n");
        sb.append(a(a(str)));
        return sb.toString();
    }

    private String a(Map<String, String> map) {
        if (map == null) {
            return "";
        }
        TreeMap treeMap = new TreeMap();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            treeMap.put(HttpUtils.d(entry.getKey()), HttpUtils.d(entry.getValue()).replace("/", "%2F"));
        }
        StringBuilder sb = new StringBuilder();
        Iterator it = treeMap.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry entry2 = (Map.Entry) it.next();
            sb.append((String) entry2.getKey());
            sb.append(SimpleComparison.EQUAL_TO_OPERATION);
            if (entry2.getValue() != null && !JsonReaderKt.NULL.equals(entry2.getValue())) {
                sb.append((String) entry2.getValue());
            }
            if (it.hasNext()) {
                sb.append("&");
            }
        }
        return sb.toString();
    }

    private String a(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (byte b2 : bArr) {
            String hexString = Integer.toHexString(b2);
            if (hexString.length() == 1) {
                sb.append("0");
            } else if (hexString.length() == 8) {
                hexString = hexString.substring(6);
            }
            sb.append(hexString);
        }
        return sb.toString().toLowerCase(Locale.getDefault());
    }

    private byte[] a(InputStream inputStream) {
        AmazonDigestInputStream amazonDigestInputStream = new AmazonDigestInputStream(inputStream, MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA256));
        do {
        } while (amazonDigestInputStream.read(new byte[1024]) > -1);
        return amazonDigestInputStream.getMessageDigest().digest();
    }

    private byte[] a(String str) {
        MessageDigest messageDigest = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA256);
        messageDigest.update(str.getBytes(StandardCharsets.UTF_8));
        return messageDigest.digest();
    }

    private byte[] a(Date date) {
        return a(a(a(a(("AWS4" + this.secretAccessKey).getBytes(StandardCharsets.UTF_8), a.format(date)), this.awsRegion), "s3"), "aws4_request");
    }

    private byte[] a(byte[] bArr, String str) {
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(new SecretKeySpec(bArr, "HmacSHA256"));
        return mac.doFinal(str.getBytes(StandardCharsets.UTF_8));
    }

    private String b(HttpRequest httpRequest) {
        FileInputStream fileInputStream;
        if (httpRequest.a() != null && (httpRequest.a() instanceof StringContent)) {
            return a(a(((StringContent) httpRequest.a()).b()));
        }
        if (!(httpRequest instanceof HttpUploadRequest) || httpRequest.a() == null || !(httpRequest.a() instanceof FileContent)) {
            return a(a(""));
        }
        FileInputStream fileInputStream2 = null;
        try {
            fileInputStream = new FileInputStream(((FileContent) httpRequest.a()).c());
        } catch (Throwable th) {
            th = th;
        }
        try {
            String a2 = a(a(fileInputStream));
            try {
                fileInputStream.close();
            } catch (IOException e) {
                Log.o().b("amazon-s3-storage-authenticator calculate-content-hash", e, new Object[0]);
            }
            return a2;
        } catch (Throwable th2) {
            th = th2;
            fileInputStream2 = fileInputStream;
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e2) {
                    Log.o().b("amazon-s3-storage-authenticator calculate-content-hash", e2, new Object[0]);
                }
            }
            throw th;
        }
    }

    private String b(HttpRequest httpRequest, String str, Date date) {
        return a(a(a(date), a(a(httpRequest, str), date)));
    }

    private String c(HttpRequest httpRequest) {
        ArrayList<String> arrayList = new ArrayList(httpRequest.b().keySet());
        Collections.sort(arrayList, String.CASE_INSENSITIVE_ORDER);
        Map<String, String> b2 = httpRequest.b();
        StringBuilder sb = new StringBuilder();
        for (String str : arrayList) {
            String replaceAll = str.toLowerCase().replaceAll("\\s+", " ");
            String str2 = b2.get(str);
            sb.append(replaceAll);
            sb.append(Constants.COMMON_SCHEMA_PREFIX_SEPARATOR);
            if (str2 != null) {
                sb.append(str2.replaceAll("\\s+", " "));
            }
            sb.append("\n");
        }
        return sb.toString();
    }

    private String d(HttpRequest httpRequest) {
        ArrayList<String> arrayList = new ArrayList(httpRequest.b().keySet());
        Collections.sort(arrayList, String.CASE_INSENSITIVE_ORDER);
        StringBuilder sb = new StringBuilder();
        for (String str : arrayList) {
            if (sb.length() > 0) {
                sb.append(";");
            }
            sb.append(str.toLowerCase());
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void e() {
        try {
            HttpRequest httpRequest = new HttpRequest(HttpMethod.GET, HttpUrl.c(NetworkSchemeHandler.SCHEME_HTTPS, d()));
            httpRequest.a(HTTP.TARGET_HOST, d());
            a(httpRequest);
            HttpResponse a2 = c().a(httpRequest, b(), new CancellationToken());
            if (a2.c() == HttpStatusCode.BadRequest) {
                Error error = (Error) Parse.e.a(((StringContent) a2.a()).b(), Error.class);
                if (error.getMessage() != null && error.getMessage().startsWith("The authorization header is malformed; the region 'us-east-1' is wrong; expecting")) {
                    String region = error.getRegion();
                    this.awsRegion = region;
                    if (region != null && !region.equals("")) {
                        HttpRequest httpRequest2 = new HttpRequest(HttpMethod.GET, HttpUrl.c(NetworkSchemeHandler.SCHEME_HTTPS, d()));
                        httpRequest2.a(HTTP.TARGET_HOST, d());
                        a(httpRequest2);
                        a2 = c().a(httpRequest2, b(), new CancellationToken());
                    }
                    this.authCompletionListener.onAuthenticationError(new CloudStorageAuthException("no aws region found"));
                    return;
                }
            }
            if (a2.c() == HttpStatusCode.OK) {
                this.authCompletionListener.onAuthenticationSuccess();
            } else {
                this.authCompletionListener.onAuthenticationError(new CloudStorageAuthException("aws region check failed"));
            }
        } catch (OperationCanceledException unused) {
            this.authCompletionListener.onAuthenticationCancelled();
        } catch (Exception e) {
            this.authCompletionListener.onAuthenticationError(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void f() {
        try {
            HttpRequest httpRequest = new HttpRequest(HttpMethod.GET, HttpUrl.c(NetworkSchemeHandler.SCHEME_HTTPS, d()));
            httpRequest.a(HTTP.TARGET_HOST, d());
            a(httpRequest);
            ListAllMyBucketsResult listAllMyBucketsResult = (ListAllMyBucketsResult) Parse.e.a(((StringContent) c().a(httpRequest, b(), new CancellationToken()).a()).b(), ListAllMyBucketsResult.class);
            if (listAllMyBucketsResult != null && listAllMyBucketsResult.getBuckets() != null && !listAllMyBucketsResult.getBuckets().isEmpty()) {
                final ArrayList arrayList = new ArrayList();
                Iterator<Bucket> it = listAllMyBucketsResult.getBuckets().iterator();
                while (it.hasNext()) {
                    arrayList.add(it.next().getName());
                }
                a(StorageType.AMAZONS3, arrayList, new StorageListSelectionListener() { // from class: boxcryptor.legacy.storages.implementation.amazons3.AmazonS3StorageAuthenticator.2
                    @Override // boxcryptor.legacy.storages.ui.StorageListSelectionListener
                    public void a(int i) {
                        AmazonS3StorageAuthenticator.this.bucket = (String) arrayList.get(i);
                        AmazonS3StorageAuthenticator.this.a(new Runnable() { // from class: boxcryptor.legacy.storages.implementation.amazons3.AmazonS3StorageAuthenticator.2.1
                            @Override // java.lang.Runnable
                            public void run() {
                                AmazonS3StorageAuthenticator.this.e();
                            }
                        });
                    }
                });
                return;
            }
            this.authCompletionListener.onAuthenticationError(new CloudStorageAuthException("no buckets found"));
        } catch (OperationCanceledException unused) {
            this.authCompletionListener.onAuthenticationCancelled();
        } catch (Exception e) {
            this.authCompletionListener.onAuthenticationError(e);
        }
    }

    @Override // boxcryptor.legacy.storages.declaration.IStorageAuthenticator
    public IStorageOperator a() {
        if (this.operator == null) {
            this.operator = new AmazonS3StorageOperator(this);
        }
        return this.operator;
    }

    @Override // boxcryptor.legacy.storages.declaration.IStorageAuthenticator
    public void a(CancellationToken cancellationToken) {
        a(StorageType.AMAZONS3, new StorageUserPasswordInputListener() { // from class: boxcryptor.legacy.storages.implementation.amazons3.AmazonS3StorageAuthenticator.1
            @Override // boxcryptor.legacy.storages.ui.StorageUserPasswordInputListener
            public void a(String str, String str2) {
                AmazonS3StorageAuthenticator.this.accessKeyId = str.trim();
                AmazonS3StorageAuthenticator.this.secretAccessKey = str2.trim();
                AmazonS3StorageAuthenticator amazonS3StorageAuthenticator = AmazonS3StorageAuthenticator.this;
                amazonS3StorageAuthenticator.awsRegion = "us-east-1";
                amazonS3StorageAuthenticator.a(new Runnable() { // from class: boxcryptor.legacy.storages.implementation.amazons3.AmazonS3StorageAuthenticator.1.1
                    @Override // java.lang.Runnable
                    public void run() {
                        AmazonS3StorageAuthenticator.this.f();
                    }
                });
            }
        });
    }

    public void a(HttpRequest httpRequest) {
        b.setTimeZone(TimeZone.getTimeZone("UTC"));
        a.setTimeZone(TimeZone.getTimeZone("UTC"));
        try {
            String b2 = b(httpRequest);
            Date date = new Date();
            httpRequest.a("x-amz-date", b.format(date));
            httpRequest.a("x-amz-content-sha256", b2);
            httpRequest.a("Authorization", a(httpRequest, b2, date));
        } catch (Exception e) {
            Log.o().a("amazon-s3-storage-authenticator add-authorization", e, new Object[0]);
        }
    }

    @Override // boxcryptor.legacy.storages.declaration.AbstractCloudStorageAuthenticator
    public BackoffHandler b() {
        return new AmazonS3BackoffHandler();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // boxcryptor.legacy.storages.declaration.AbstractCloudStorageAuthenticator
    public IHttpClient c() {
        String str;
        if (this.bucket != null) {
            str = this.bucket + ".";
        } else {
            str = "";
        }
        return NetworkService.d().a(new String[]{d(), str + "s3.amazonaws.com", str + "s3-external-1.amazonaws.com", str + "s3-us-west-2.amazonaws.com", str + "s3-us-west-1.amazonaws.com", str + "s3-eu-west-1.amazonaws.com", str + "s3.eu-central-1.amazonaws.com", str + "s3-eu-central-1.amazonaws.com", str + "s3-ap-southeast-1.amazonaws.com", str + "s3-ap-southeast-2.amazonaws.com", str + "s3-ap-northeast-1.amazonaws.com", str + "s3-sa-east-1.amazonaws.com"}, new String[]{"A9D53002E97E00E043244F3D170D6F4C414104FD"});
    }

    public String d() {
        if (this.bucket == null && this.awsRegion == null) {
            return "s3.amazonaws.com";
        }
        if (this.bucket == null) {
            return ("s3-" + this.awsRegion + ".amazonaws.com").replace("-us-east-1", "");
        }
        return this.bucket + (".s3-" + this.awsRegion + ".amazonaws.com").replace("-us-east-1", "");
    }

    public String toString() {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("storageType", StorageType.AMAZONS3.toString());
            hashMap.put("accessKeyId", Log.b(this.accessKeyId));
            hashMap.put("secretAccessKey", Log.b(this.secretAccessKey));
            hashMap.put("awsRegion", this.awsRegion);
            hashMap.put("bucket", this.bucket);
            return Parse.d.b(hashMap);
        } catch (ParserException unused) {
            return super.toString();
        }
    }
}
