package com.sybase.persistence;

import android.content.ContentValues;
import android.content.Context;
import android.content.pm.PackageManager;
import android.database.Cursor;
import android.database.sqlite.SQLiteDatabase;
import android.util.Log;
import com.sap.maf.tools.logon.core.reg.AppSettings;
import com.sybase.persistence.DataVault;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.net.StringEncodings;

/* loaded from: classes.dex */
public class PrivateDataVault extends DataVault {
    private static final String DBKEY_EXTERNALKEY = "EXTERNALKEY";
    private static final int ITCOUNT = 1000;
    private static final int ITCOUNT_LEGACY = 10000;
    private static final Cipher aesCBCCipher;
    private static Context context;
    private static final SecretKeyFactory secretKeyFactory;
    private String dataVaultID;
    private SecretKey dbKeyEncryptionKey;
    private SecretKey defaultKey;
    private SecretKey extEncryptionKey;
    private PrivateDataVaultLegacy legacyVault;
    private SecretKey retryEncryptionKey;
    private SecretKey valueEncryptionKey;
    private static Object lockObject = new Object();
    private static final Set<String> LONG_CONF_KEYS = new HashSet();
    private static final Set<String> BOOLEAN_CONF_KEYS = new HashSet();
    private static final Set<String> RETRY_CONF_KEYS = new HashSet();
    private boolean defaultPasscodeUsed = false;
    private byte[] ivKey = null;
    private DataVault.DVPasswordPolicy dvPasswordPolicy = new DataVault.DVPasswordPolicy();

    static {
        LONG_CONF_KEYS.add("LastUnlockTime");
        LONG_CONF_KEYS.add("LockTimeout");
        LONG_CONF_KEYS.add("PasswordTimeout");
        LONG_CONF_KEYS.add("LastPasswordResetTime");
        LONG_CONF_KEYS.add("VersionNumber");
        LONG_CONF_KEYS.add("MinLength");
        LONG_CONF_KEYS.add("MinUniqueChars");
        BOOLEAN_CONF_KEYS.add(AppSettings.PASSWORD_POLICY_ENABLED);
        BOOLEAN_CONF_KEYS.add("DefaultPasswordAllowed");
        BOOLEAN_CONF_KEYS.add("HasDigits");
        BOOLEAN_CONF_KEYS.add("HasUpper");
        BOOLEAN_CONF_KEYS.add("HasLower");
        BOOLEAN_CONF_KEYS.add("HasSpecial");
        RETRY_CONF_KEYS.add("RetryLimit");
        RETRY_CONF_KEYS.add("RetryCount");
        try {
            secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
            try {
                aesCBCCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            } catch (Exception e) {
                throw new ExceptionInInitializerError(e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new ExceptionInInitializerError(e2);
        }
    }

    private PrivateDataVault(String str, boolean z, char[] cArr) throws DataVaultException {
        if (str == null || str.length() == 0) {
            throw new DataVaultException("Invalid parameter", 4);
        }
        this.dataVaultID = str;
        synchronized (lockObject) {
            checkContext();
            this.dataVaultID = str;
            boolean vaultExists = vaultExists(str);
            if (!z && !vaultExists) {
                throw new DataVaultException("Vault does not exist", 3);
            }
            if (z && vaultExists) {
                throw new DataVaultException("Vault already exists", 1);
            }
            if (z) {
                createDataVault(cArr);
            } else if (vaultExists(str, "DATA_VAULT_2")) {
                loadDataVault();
            } else {
                this.legacyVault = new PrivateDataVaultLegacy(str);
            }
        }
    }

    private static void checkContext() throws DataVaultException {
        if (context == null) {
            throw new DataVaultException("Context not initialized", 4);
        }
    }

    private void checkDeleted() throws DataVaultException {
        if (!vaultExists(this.dataVaultID)) {
            throw new DataVaultException("Vault deleted", 3);
        }
    }

    private void checkPasswordCompatibility(char[] cArr, boolean z) throws DataVaultException {
        DataVault.DVPasswordPolicy internalGetPasswordPolicy = internalGetPasswordPolicy(z);
        if (!internalGetPasswordPolicy.getIsDefaultPasswordAllowed() && (cArr == null || cArr.length == 0)) {
            throw new DataVaultException("Password Violates set password policy", 50, internalGetPasswordPolicy);
        }
        if (internalGetPasswordPolicy.getIsDefaultPasswordAllowed() && (cArr == null || cArr.length == 0)) {
            return;
        }
        int length = cArr.length;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        boolean z5 = false;
        int i = 0;
        for (int i2 = 0; i2 < cArr.length; i2++) {
            char c = cArr[i2];
            if (c >= '0' && c <= '9') {
                z2 = true;
            } else if (c >= 'A' && c <= 'Z') {
                z3 = true;
            } else if (c < 'a' || c > 'z') {
                z5 = true;
            } else {
                z4 = true;
            }
            boolean z6 = true;
            int i3 = 0;
            while (true) {
                if (i3 >= i2) {
                    break;
                }
                if (cArr[i3] == cArr[i2]) {
                    z6 = false;
                    break;
                }
                i3++;
            }
            if (z6) {
                i++;
            }
        }
        if (internalGetPasswordPolicy.getMinLength() > 0 && length < internalGetPasswordPolicy.getMinLength()) {
            throw new DataVaultException("Password Violates set password policy", 51, internalGetPasswordPolicy);
        }
        if (internalGetPasswordPolicy.getHasDigits() && !z2) {
            throw new DataVaultException("Password Violates set password policy", 52, internalGetPasswordPolicy);
        }
        if (internalGetPasswordPolicy.getHasUpper() && !z3) {
            throw new DataVaultException("Password Violates set password policy", 53, internalGetPasswordPolicy);
        }
        if (internalGetPasswordPolicy.getHasLower() && !z4) {
            throw new DataVaultException("Password Violates set password policy", 54, internalGetPasswordPolicy);
        }
        if (internalGetPasswordPolicy.getHasSpecial() && !z5) {
            throw new DataVaultException("Password Violates set password policy", 55, internalGetPasswordPolicy);
        }
        if (internalGetPasswordPolicy.getMinUniqueChars() > 0 && i < internalGetPasswordPolicy.getMinUniqueChars()) {
            throw new DataVaultException("Password Violates set password policy", 56, internalGetPasswordPolicy);
        }
    }

    private void checkPasswordExpiration() throws DataVaultException {
        if (hasPasswordExpired()) {
            throw new DataVaultException("Password has expired.", 57, getPasswordPolicy());
        }
    }

    private void checkUnlocked() throws DataVaultException {
        if (isLocked()) {
            throw new DataVaultException("Vault is locked", 8);
        }
    }

    private void cleanPassword(char[] cArr) {
        if (cArr != null) {
            for (int i = 0; i < cArr.length; i++) {
                cArr[i] = 0;
            }
        }
    }

    private void createDataVault(char[] cArr) {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        saveSalt(bArr, this.dataVaultID, true);
        byte[] bArr2 = new byte[32];
        new SecureRandom().nextBytes(bArr2);
        saveSalt(bArr2, this.dataVaultID, false);
        this.ivKey = new byte[16];
        new SecureRandom().nextBytes(this.ivKey);
        saveIVKey(this.ivKey, this.dataVaultID);
        this.retryEncryptionKey = deriveEncryptionKey((this.dataVaultID + "{DDB45DB3-2637-4dd1-9031-00113148FE44}").toCharArray(), bArr, 1000);
        this.valueEncryptionKey = deriveEncryptionKey(cArr, bArr2, 1000);
        this.dbKeyEncryptionKey = deriveEncryptionKey(cArr, bArr, 1000);
        this.defaultPasscodeUsed = cArr == null;
        setConfigLong("VersionNumber", 2L);
        setConfigLong("RetryLimit", 0L);
        try {
            setConfigBlob("KeyAKiraly", "ocsibacsi".getBytes(StringEncodings.UTF8));
            setLastPasswordResetTime();
            setLastUnlockTime();
            cleanPassword(cArr);
        } catch (UnsupportedEncodingException e) {
            throw new DataVaultException("Error during setting key generation value.", 2, e);
        }
    }

    @Deprecated
    public static PrivateDataVault createVault(String str, String str2, String str3) throws DataVaultException {
        return createVault(str, str2 != null ? str2.toCharArray() : null);
    }

    public static PrivateDataVault createVault(String str, char[] cArr) throws DataVaultException {
        return new PrivateDataVault(str, true, cArr);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public byte[] decrypt(byte[] bArr, SecretKey secretKey) throws DataVaultException {
        try {
            if (secretKey == null) {
                throw new DataVaultException("Vault is locked", 8);
            }
            if (bArr == null) {
                return null;
            }
            byte[] bArr2 = new byte[16];
            byte[] bArr3 = new byte[bArr.length - 16];
            System.arraycopy(bArr, 0, bArr2, 0, 16);
            System.arraycopy(bArr, 16, bArr3, 0, bArr3.length);
            aesCBCCipher.init(2, secretKey, new IvParameterSpec(bArr2));
            byte[] doFinal = aesCBCCipher.doFinal(bArr3);
            if (doFinal.length < 64) {
                throw new DataVaultException("No hash code in data record!", 0);
            }
            byte[] bArr4 = new byte[64];
            byte[] bArr5 = new byte[doFinal.length - 64];
            System.arraycopy(doFinal, doFinal.length - 64, bArr4, 0, 64);
            System.arraycopy(doFinal, 0, bArr5, 0, doFinal.length - 64);
            if (calculateSHA256(bArr5).equals(new String(bArr4, StringEncodings.UTF8))) {
                return bArr5;
            }
            throw new DataVaultException("Corrupt data record!", 0);
        } catch (Exception e) {
            throw new DataVaultException(e.getMessage(), 6, e);
        }
    }

    private byte[] decryptDBKey(byte[] bArr, SecretKey secretKey) throws DataVaultException {
        try {
            if (secretKey == null) {
                throw new DataVaultException("Vault is locked", 8);
            }
            if (bArr == null) {
                return null;
            }
            aesCBCCipher.init(2, secretKey, new IvParameterSpec(this.ivKey));
            return aesCBCCipher.doFinal(bArr);
        } catch (Exception e) {
            throw new DataVaultException(e.getMessage(), 6, e);
        }
    }

    public static void deleteVault(String str) throws DataVaultException {
        if (str == null) {
            throw new DataVaultException("Invalid parameter", 4);
        }
        if (isTable("DATA_VAULT")) {
            PrivateDataVaultLegacy.deleteVault(str);
        }
        synchronized (lockObject) {
            checkContext();
            PrivateVaultDatabase.getInstance(context).getDb().delete("DATA_VAULT_2", "vault_id = ?", new String[]{str});
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:24:0x0016, code lost:
    
        if (r18.length == 0) goto L10;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static javax.crypto.spec.SecretKeySpec deriveEncryptionKey(char[] r18, byte[] r19, int r20) throws com.sybase.persistence.DataVaultException {
        /*
            r10 = 0
            if (r19 != 0) goto Lb
            java.lang.IllegalArgumentException r14 = new java.lang.IllegalArgumentException
            java.lang.String r15 = "Salt must not be null."
            r14.<init>(r15)
            throw r14
        Lb:
            long r12 = java.lang.System.currentTimeMillis()
            r4 = 256(0x100, float:3.59E-43)
            if (r18 == 0) goto L18
            r0 = r18
            int r14 = r0.length     // Catch: java.security.spec.InvalidKeySpecException -> L83
            if (r14 != 0) goto L2d
        L18:
            r0 = r19
            int r14 = r0.length     // Catch: java.security.spec.InvalidKeySpecException -> L83
            char[] r0 = new char[r14]     // Catch: java.security.spec.InvalidKeySpecException -> L83
            r18 = r0
            r8 = 0
        L20:
            r0 = r19
            int r14 = r0.length     // Catch: java.security.spec.InvalidKeySpecException -> L83
            if (r8 >= r14) goto L2d
            r14 = r19[r8]     // Catch: java.security.spec.InvalidKeySpecException -> L83
            char r14 = (char) r14     // Catch: java.security.spec.InvalidKeySpecException -> L83
            r18[r8] = r14     // Catch: java.security.spec.InvalidKeySpecException -> L83
            int r8 = r8 + 1
            goto L20
        L2d:
            javax.crypto.spec.PBEKeySpec r9 = new javax.crypto.spec.PBEKeySpec     // Catch: java.security.spec.InvalidKeySpecException -> L83
            r0 = r18
            r1 = r19
            r2 = r20
            r9.<init>(r0, r1, r2, r4)     // Catch: java.security.spec.InvalidKeySpecException -> L83
            javax.crypto.SecretKeyFactory r14 = com.sybase.persistence.PrivateDataVault.secretKeyFactory     // Catch: java.security.spec.InvalidKeySpecException -> L83
            javax.crypto.SecretKey r11 = r14.generateSecret(r9)     // Catch: java.security.spec.InvalidKeySpecException -> L83
            r9.clearPassword()     // Catch: java.security.spec.InvalidKeySpecException -> L83
            long r6 = java.lang.System.currentTimeMillis()
            javax.crypto.spec.SecretKeySpec r10 = new javax.crypto.spec.SecretKeySpec
            byte[] r14 = r11.getEncoded()
            java.lang.String r15 = "AES"
            r10.<init>(r14, r15)
            r14 = 10000(0x2710, float:1.4013E-41)
            r0 = r20
            if (r0 != r14) goto L82
            java.lang.String r14 = "PRIVATEDATAVAULT"
            java.lang.StringBuilder r15 = new java.lang.StringBuilder
            r15.<init>()
            java.lang.String r16 = "deriveEncryptionKey: "
            java.lang.StringBuilder r15 = r15.append(r16)
            r0 = r20
            java.lang.StringBuilder r15 = r15.append(r0)
            java.lang.String r16 = " --- "
            java.lang.StringBuilder r15 = r15.append(r16)
            long r16 = r6 - r12
            java.lang.StringBuilder r15 = r15.append(r16)
            java.lang.String r16 = " ms"
            java.lang.StringBuilder r15 = r15.append(r16)
            java.lang.String r15 = r15.toString()
            android.util.Log.w(r14, r15)
        L82:
            return r10
        L83:
            r5 = move-exception
            com.sybase.persistence.DataVaultException r14 = new com.sybase.persistence.DataVaultException
            java.lang.String r15 = "Key could not be generated"
            r16 = 0
            r0 = r16
            r14.<init>(r15, r0, r5)
            throw r14
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sybase.persistence.PrivateDataVault.deriveEncryptionKey(char[], byte[], int):javax.crypto.spec.SecretKeySpec");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public byte[] encrypt(byte[] bArr, SecretKey secretKey) throws DataVaultException {
        if (secretKey == null) {
            throw new DataVaultException("Vault is locked", 8);
        }
        if (bArr == null) {
            return null;
        }
        try {
            byte[] bArr2 = new byte[16];
            new SecureRandom().nextBytes(bArr2);
            aesCBCCipher.init(1, secretKey, new IvParameterSpec(bArr2));
            byte[] bytes = calculateSHA256(bArr).getBytes(StringEncodings.UTF8);
            byte[] bArr3 = new byte[bArr.length + bytes.length];
            System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
            System.arraycopy(bytes, 0, bArr3, bArr.length, bytes.length);
            byte[] doFinal = aesCBCCipher.doFinal(bArr3);
            byte[] bArr4 = new byte[bArr2.length + doFinal.length];
            System.arraycopy(bArr2, 0, bArr4, 0, 16);
            System.arraycopy(doFinal, 0, bArr4, 16, doFinal.length);
            return bArr4;
        } catch (Exception e) {
            throw new DataVaultException(e.getMessage(), 7, e);
        }
    }

    private byte[] encryptDBKey(byte[] bArr, SecretKey secretKey) throws DataVaultException {
        if (secretKey == null) {
            throw new DataVaultException("Vault is locked", 8);
        }
        if (bArr == null) {
            return null;
        }
        try {
            aesCBCCipher.init(1, secretKey, new IvParameterSpec(this.ivKey));
            return aesCBCCipher.doFinal(bArr);
        } catch (Exception e) {
            throw new DataVaultException(e.getMessage(), 7, e);
        }
    }

    private SecretKeySpec generateExtEncryptionKey() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        byte[] bArr2 = new byte[32];
        new SecureRandom().nextBytes(bArr2);
        try {
            return deriveEncryptionKey(new String(bArr2, StringEncodings.UTF8).toCharArray(), bArr, 1000);
        } catch (UnsupportedEncodingException e) {
            Log.e("PrivateDataVault", e.getMessage(), e);
            return null;
        }
    }

    private byte[] getConfigBlob(String str) throws DataVaultException {
        synchronized (lockObject) {
            checkContext();
            Cursor query = PrivateVaultDatabase.getInstance(context).getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE}, "vault_id = ? and item_key = ? and is_config = 1", new String[]{this.dataVaultID, str}, null, null, null);
            try {
                if (!query.moveToFirst()) {
                    return null;
                }
                return query.getBlob(0);
            } finally {
                query.close();
            }
        }
    }

    private boolean getConfigBool(String str, boolean z, boolean z2) throws DataVaultException {
        return getConfigLong(str, z ? 1L : 0L, z2) != 0;
    }

    private long getConfigLong(String str, long j, boolean z) throws DataVaultException {
        long j2;
        checkDeleted();
        boolean isRetryConfig = isRetryConfig(str);
        synchronized (lockObject) {
            if (z) {
                checkUnlocked();
            }
            j2 = j;
            String byteArrayToHashKey = byteArrayToHashKey(encryptDBKey(encodeString(str), isRetryConfig ? this.retryEncryptionKey : this.dbKeyEncryptionKey));
            checkContext();
            Cursor query = PrivateVaultDatabase.getInstance(context).getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE}, "vault_id = ? and item_key = ? and is_config = 1", new String[]{this.dataVaultID, byteArrayToHashKey}, null, null, null);
            try {
                if (query.moveToFirst()) {
                    byte[] decrypt = decrypt(query.getBlob(0), isRetryConfig ? this.retryEncryptionKey : this.valueEncryptionKey);
                    if (decrypt != null) {
                        try {
                            j2 = Long.parseLong(new String(decrypt, StringEncodings.UTF8));
                        } catch (UnsupportedEncodingException e) {
                            throw new DataVaultException("Error during config data conversion.", 2, e);
                        }
                    }
                }
            } finally {
                query.close();
            }
        }
        return j2;
    }

    private SecretKey getExtEncryptionKey() {
        synchronized (lockObject) {
            if (this.extEncryptionKey == null) {
                byte[] value = getValue(DBKEY_EXTERNALKEY);
                if (value == null) {
                    this.extEncryptionKey = generateExtEncryptionKey();
                    setValue(DBKEY_EXTERNALKEY, this.extEncryptionKey.getEncoded());
                } else {
                    this.extEncryptionKey = new SecretKeySpec(value, 0, value.length, "AES");
                }
            }
        }
        return this.extEncryptionKey;
    }

    private int getRetryCount() throws DataVaultException {
        return (int) getConfigLong("RetryCount", 0L, false);
    }

    public static PrivateDataVault getVault(String str) throws DataVaultException {
        return new PrivateDataVault(str, false, null);
    }

    private int getVersionNumber() throws DataVaultException {
        return (int) getConfigLong("VersionNumber", 1L, true);
    }

    private boolean hasPasswordExpired() throws DataVaultException {
        if (internalGetPasswordPolicy(false).getIsDefaultPasswordAllowed() && this.defaultPasscodeUsed) {
            return false;
        }
        long configLong = getConfigLong("PasswordTimeout", 0L, false);
        if (configLong > 0) {
            long time = new Date().getTime();
            long configLong2 = getConfigLong("LastPasswordResetTime", 0L, false);
            if (configLong2 > time) {
                lock();
                return true;
            }
            if (time - configLong2 > 24 * configLong * 60 * 60 * 1000) {
                return true;
            }
        }
        return false;
    }

    private boolean hasTimeoutElapsed() throws DataVaultException {
        if (((int) getConfigLong("LockTimeout", 0L, false)) > 0) {
            long time = new Date().getTime();
            long configLong = getConfigLong("LastUnlockTime", 0L, false);
            if (configLong > time) {
                lock();
                return true;
            }
            if (time - configLong > r2 * 1000) {
                lock();
                return true;
            }
        }
        return false;
    }

    public static void init(Context context2) throws DataVaultException {
        if (context2 == null) {
            throw new DataVaultException("Invalid parameter", 4);
        }
        synchronized (lockObject) {
            context = context2;
        }
        PrivateDataVaultLegacy.init(context2);
    }

    private DataVault.DVPasswordPolicy internalGetPasswordPolicy(boolean z) throws DataVaultException {
        DataVault.DVPasswordPolicy dVPasswordPolicy;
        checkDeleted();
        synchronized (lockObject) {
            if (z) {
                try {
                    checkUnlocked();
                } catch (DataVaultException e) {
                    dVPasswordPolicy = this.dvPasswordPolicy;
                }
            }
            dVPasswordPolicy = new DataVault.DVPasswordPolicy();
            dVPasswordPolicy.setIsDefaultPasswordAllowed(getConfigBool("DefaultPasswordAllowed", true, false));
            dVPasswordPolicy.setMinLength((int) getConfigLong("MinLength", 0L, false));
            dVPasswordPolicy.setHasDigits(getConfigBool("HasDigits", false, false));
            dVPasswordPolicy.setHasUpper(getConfigBool("HasUpper", false, false));
            dVPasswordPolicy.setHasLower(getConfigBool("HasLower", false, false));
            dVPasswordPolicy.setHasSpecial(getConfigBool("HasSpecial", false, false));
            dVPasswordPolicy.setExpirationDays((int) getConfigLong("PasswordTimeout", 0L, false));
            dVPasswordPolicy.setMinUniqueChars((int) getConfigLong("MinUniqueChars", 0L, false));
            dVPasswordPolicy.setLockTimeout((int) getConfigLong("LockTimeout", 0L, false));
            dVPasswordPolicy.setRetryLimit((int) getConfigLong("RetryLimit", 0L, false));
            this.dvPasswordPolicy = dVPasswordPolicy;
        }
        return dVPasswordPolicy;
    }

    private byte[] internalGetValue(String str, int i) throws DataVaultException {
        byte[] bArr;
        checkDeleted();
        synchronized (lockObject) {
            checkUnlocked();
            if (str == null || str.length() == 0) {
                throw new DataVaultException("Name argument may not be empty or null", 4);
            }
            String byteArrayToHashKey = byteArrayToHashKey(encryptDBKey(encodeString(str), this.dbKeyEncryptionKey));
            checkContext();
            Cursor query = PrivateVaultDatabase.getInstance(context).getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE, DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_IS_CONFIG}, "vault_id = ? and item_key = ? and is_config <> 1", new String[]{this.dataVaultID, byteArrayToHashKey}, null, null, null);
            try {
                if (query.moveToFirst()) {
                    byte[] blob = query.getBlob(0);
                    if (blob != null && getVersionNumber() > 1) {
                        int i2 = query.getInt(1);
                        if (i != 0 && i2 != 0 && i != i2) {
                            throw new DataVaultException("Name argument may not be empty or null", 12);
                        }
                    }
                    bArr = decrypt(blob, this.valueEncryptionKey);
                } else {
                    bArr = null;
                }
                return bArr;
            } finally {
                query.close();
            }
        }
    }

    private void internalSetValue(String str, byte[] bArr, int i) throws DataVaultException {
        checkDeleted();
        synchronized (lockObject) {
            checkUnlocked();
            if (str == null || str.length() == 0) {
                throw new DataVaultException("Name argument may not be empty or null", 4);
            }
            String byteArrayToHashKey = byteArrayToHashKey(encryptDBKey(encodeString(str), this.dbKeyEncryptionKey));
            checkContext();
            PrivateVaultDatabase privateVaultDatabase = PrivateVaultDatabase.getInstance(context);
            if (bArr == null) {
                privateVaultDatabase.getDb().delete("DATA_VAULT_2", "vault_id = ? and item_key = ? and is_config <> 1", new String[]{this.dataVaultID, byteArrayToHashKey});
            } else {
                ContentValues contentValues = new ContentValues();
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE, encrypt(bArr, this.valueEncryptionKey));
                if (privateVaultDatabase.getDb().update("DATA_VAULT_2", contentValues, "vault_id = ? and item_key = ? and is_config <> 1", new String[]{this.dataVaultID, byteArrayToHashKey}) == 0) {
                    contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_ID, this.dataVaultID);
                    contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_KEY, byteArrayToHashKey);
                    contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_IS_CONFIG, Integer.valueOf(i));
                    if (privateVaultDatabase.getDb().insert("DATA_VAULT_2", null, contentValues) == -1) {
                        throw new DataVaultException("Error inserting row into DB", 7);
                    }
                }
            }
        }
    }

    private void internalUnlock(char[] cArr, boolean z) throws DataVaultException {
        checkDeleted();
        byte[] loadSalt = loadSalt(this.dataVaultID, true);
        byte[] loadSalt2 = loadSalt(this.dataVaultID, false);
        if (loadSalt == null) {
            throw new DataVaultException("Invalid Credentials", 4);
        }
        if (cArr != null || this.defaultKey == null) {
            this.dbKeyEncryptionKey = deriveEncryptionKey(cArr, loadSalt, 1000);
        } else {
            this.dbKeyEncryptionKey = this.defaultKey;
        }
        this.valueEncryptionKey = deriveEncryptionKey(cArr, loadSalt2, 1000);
        boolean z2 = false;
        if (!isValidDBKeyEncryptionKey(this.dbKeyEncryptionKey)) {
            z2 = true;
            if (getConfigBlob("KeyAKiraly") == null) {
                SecretKeySpec deriveEncryptionKey = deriveEncryptionKey(cArr, loadSalt, ITCOUNT_LEGACY);
                if (isValidDBKeyEncryptionKey(deriveEncryptionKey)) {
                    z2 = false;
                    reEncryptDB(deriveEncryptionKey, deriveEncryptionKey(cArr, loadSalt2, ITCOUNT_LEGACY), this.dbKeyEncryptionKey, this.valueEncryptionKey);
                }
            }
        }
        if (z2) {
            this.dbKeyEncryptionKey = null;
            this.valueEncryptionKey = null;
            int configLong = (int) getConfigLong("RetryLimit", 0L, false);
            int retryCount = getRetryCount() + 1;
            if (configLong <= 0 || retryCount <= configLong) {
                setRetryCount(retryCount);
                throw new DataVaultException("Invalid Credentials", 5);
            }
            deleteVault(this.dataVaultID);
            throw new DataVaultException("Vault deleted", 3);
        }
        if (getConfigBlob("KeyAKiraly") == null) {
            try {
                setConfigBlob("KeyAKiraly", "ocsibacsi".getBytes(StringEncodings.UTF8));
            } catch (UnsupportedEncodingException e) {
                throw new DataVaultException("Error during setting key generation value.", 2, e);
            }
        }
        this.defaultPasscodeUsed = cArr == null;
        if (z) {
            try {
                checkPasswordExpiration();
                checkPasswordCompatibility(cArr, false);
            } catch (DataVaultException e2) {
                setRetryCount(0);
                this.valueEncryptionKey = null;
                this.dbKeyEncryptionKey = null;
                this.defaultPasscodeUsed = false;
                throw e2;
            }
        }
        setRetryCount(0);
        setLastUnlockTime();
        cleanPassword(cArr);
    }

    public static boolean isContentProviderInstalled(Context context2) {
        boolean z = false;
        synchronized (lockObject) {
            try {
                context2.getPackageManager().getPackageInfo("com.sybase.dataprovider", 0);
                z = true;
            } catch (PackageManager.NameNotFoundException e) {
            }
        }
        return z;
    }

    private boolean isRetryConfig(String str) {
        return str.equals("RetryCount") || str.equals("RetryLimit");
    }

    private boolean isRetryLimitKey() {
        boolean z;
        checkDeleted();
        synchronized (lockObject) {
            String byteArrayToHashKey = byteArrayToHashKey(encryptDBKey(encodeString("RetryLimit"), this.retryEncryptionKey));
            checkContext();
            Cursor query = PrivateVaultDatabase.getInstance(context).getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE}, "vault_id = ? and item_key = ? and is_config = 1", new String[]{this.dataVaultID, byteArrayToHashKey}, null, null, null);
            try {
                z = query.moveToFirst();
            } finally {
                query.close();
            }
        }
        return z;
    }

    private static boolean isTable(String str) {
        return PrivateVaultDatabase.getInstance(context).getDb().rawQuery("SELECT name FROM sqlite_master WHERE type='table' AND name=?", new String[]{str}).moveToFirst();
    }

    private boolean isValidDBKeyEncryptionKey(SecretKey secretKey) throws DataVaultException {
        synchronized (lockObject) {
            Cursor query = PrivateVaultDatabase.getInstance(context).getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE}, "vault_id = ? and item_key = ? and is_config = 1", new String[]{this.dataVaultID, byteArrayToHashKey(encryptDBKey(encodeString("VersionNumber"), secretKey))}, null, null, null);
            try {
                return query.moveToFirst();
            } finally {
                query.close();
            }
        }
    }

    private void loadDataVault() {
        this.ivKey = loadIVKey(this.dataVaultID);
        byte[] loadSalt = loadSalt(this.dataVaultID, true);
        this.retryEncryptionKey = deriveEncryptionKey((this.dataVaultID + "{DDB45DB3-2637-4dd1-9031-00113148FE44}").toCharArray(), loadSalt, 1000);
        if (isRetryLimitKey()) {
            return;
        }
        SecretKey secretKey = this.retryEncryptionKey;
        this.retryEncryptionKey = deriveEncryptionKey((this.dataVaultID + "{DDB45DB3-2637-4dd1-9031-00113148FE44}").toCharArray(), loadSalt, ITCOUNT_LEGACY);
        int retryLimit = getRetryLimit();
        int retryCount = getRetryCount();
        this.retryEncryptionKey = secretKey;
        setConfigLong("RetryCount", retryCount);
        setConfigLong("RetryLimit", retryLimit);
        this.dvPasswordPolicy.setRetryLimit(retryLimit);
    }

    private static byte[] loadIVKey(String str) {
        if (str == null) {
            throw new DataVaultException("Invalid parameter", 4);
        }
        synchronized (lockObject) {
            checkContext();
            Cursor query = PrivateVaultDatabase.getInstance(context).getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE}, "vault_id = ? and item_key = ? and is_config = 1", new String[]{str, "ivKey"}, null, null, null);
            try {
                if (!query.moveToFirst()) {
                    return null;
                }
                return query.getBlob(query.getColumnIndex(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE));
            } finally {
                query.close();
            }
        }
    }

    private static byte[] loadSalt(String str, boolean z) {
        if (str == null) {
            throw new DataVaultException("Invalid parameter", 4);
        }
        String str2 = z ? "saltK" : "saltV";
        synchronized (lockObject) {
            checkContext();
            Cursor query = PrivateVaultDatabase.getInstance(context).getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE}, "vault_id = ? and item_key = ? and is_config = 1", new String[]{str, str2}, null, null, null);
            try {
                if (query.moveToFirst()) {
                    return query.getBlob(query.getColumnIndex(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE));
                }
                return null;
            } finally {
                query.close();
            }
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:7:0x0032. Please report as an issue. */
    private void migrateData(char[] cArr) {
        String str;
        SQLiteDatabase db = PrivateVaultDatabase.getInstance(context).getDb();
        db.beginTransaction();
        try {
            List<DataRecord> dataRecords = this.legacyVault.getDataRecords();
            this.legacyVault = null;
            PrivateDataVaultLegacy.deleteVault(this.dataVaultID);
            createDataVault(cArr);
            for (DataRecord dataRecord : dataRecords) {
                int type = dataRecord.getType();
                switch (type) {
                    case 0:
                    case 2:
                    case 3:
                        internalSetValue(dataRecord.getKey(), dataRecord.getValue(), type);
                    case 1:
                        if (LONG_CONF_KEYS.contains(dataRecord.getKey()) || BOOLEAN_CONF_KEYS.contains(dataRecord.getKey()) || RETRY_CONF_KEYS.contains(dataRecord.getKey())) {
                            if (dataRecord.getValue() == null) {
                                str = "0";
                            } else {
                                try {
                                    str = new String(dataRecord.getValue(), StringEncodings.UTF8);
                                } catch (UnsupportedEncodingException e) {
                                    throw new DataVaultException("Error during migration of config data.", 13, e);
                                }
                            }
                            setConfigLong(dataRecord.getKey(), Long.parseLong(str));
                        } else {
                            Log.w("MIGRATION", "Unknown config key: " + dataRecord.getKey());
                        }
                        break;
                }
            }
            db.setTransactionSuccessful();
        } finally {
            db.endTransaction();
        }
    }

    private void reEncryptConfigValue(String str, SecretKey secretKey, SecretKey secretKey2, SecretKey secretKey3, SecretKey secretKey4) throws DataVaultException {
        String byteArrayToHashKey = byteArrayToHashKey(encryptDBKey(encodeString(str), secretKey));
        byte[] configBlob = getConfigBlob(byteArrayToHashKey);
        setConfigBlob(byteArrayToHashKey, null);
        if (configBlob != null) {
            setConfigBlob(byteArrayToHashKey(encryptDBKey(encodeString(str), secretKey2)), encrypt(decrypt(configBlob, secretKey3), secretKey4));
        }
    }

    private void reEncryptDB(SecretKey secretKey, SecretKey secretKey2, SecretKey secretKey3, SecretKey secretKey4) throws DataVaultException {
        PrivateVaultDatabase privateVaultDatabase = PrivateVaultDatabase.getInstance(context);
        SQLiteDatabase db = privateVaultDatabase.getDb();
        db.beginTransaction();
        try {
            ArrayList arrayList = new ArrayList();
            Cursor query = privateVaultDatabase.getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_KEY}, "vault_id = ? and is_config <> 1", new String[]{this.dataVaultID}, null, null, null);
            try {
                for (boolean moveToFirst = query.moveToFirst(); moveToFirst; moveToFirst = query.moveToNext()) {
                    arrayList.add(query.getString(0));
                }
                query.close();
                for (int i = 0; i < arrayList.size(); i++) {
                    String str = (String) arrayList.get(i);
                    String decodeString = decodeString(decryptDBKey(hashKeyToByteArray(str), secretKey));
                    byte[] bArr = null;
                    int i2 = 0;
                    query = privateVaultDatabase.getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE, DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_IS_CONFIG}, "vault_id = ? and item_key = ? and is_config <> 1", new String[]{this.dataVaultID, str}, null, null, null);
                    try {
                        if (query.moveToFirst()) {
                            bArr = query.getBlob(0);
                            i2 = query.getInt(1);
                        }
                        query.close();
                        privateVaultDatabase.getDb().delete("DATA_VAULT_2", "vault_id = ? and item_key = ? and is_config <> 1", new String[]{this.dataVaultID, str});
                        if (bArr != null) {
                            String byteArrayToHashKey = byteArrayToHashKey(encryptDBKey(encodeString(decodeString), secretKey3));
                            byte[] encrypt = encrypt(decrypt(bArr, secretKey2), secretKey4);
                            privateVaultDatabase.getDb().delete("DATA_VAULT_2", "vault_id = ? and item_key = ? and is_config <> 1", new String[]{this.dataVaultID, byteArrayToHashKey});
                            ContentValues contentValues = new ContentValues();
                            contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE, encrypt);
                            contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_ID, this.dataVaultID);
                            contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_KEY, byteArrayToHashKey);
                            contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_IS_CONFIG, Integer.valueOf(i2));
                            if (privateVaultDatabase.getDb().insert("DATA_VAULT_2", null, contentValues) == -1) {
                                throw new DataVaultException("Error inserting row into DB", 7);
                            }
                        }
                    } finally {
                    }
                }
                setLastUnlockTime();
                setLastPasswordResetTime();
                reEncryptConfigValue("LastUnlockTime", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("LockTimeout", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("PasswordTimeout", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("LastPasswordResetTime", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("VersionNumber", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue(AppSettings.PASSWORD_POLICY_ENABLED, secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("DefaultPasswordAllowed", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("MinLength", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("HasDigits", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("HasUpper", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("HasLower", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("HasSpecial", secretKey, secretKey3, secretKey2, secretKey4);
                reEncryptConfigValue("MinUniqueChars", secretKey, secretKey3, secretKey2, secretKey4);
                db.setTransactionSuccessful();
            } finally {
            }
        } finally {
            db.endTransaction();
        }
    }

    private void saveDVPasswordPolicy(DataVault.DVPasswordPolicy dVPasswordPolicy) {
        this.dvPasswordPolicy.setIsDefaultPasswordAllowed(dVPasswordPolicy.getIsDefaultPasswordAllowed());
        this.dvPasswordPolicy.setMinLength(dVPasswordPolicy.getMinLength());
        this.dvPasswordPolicy.setHasDigits(dVPasswordPolicy.getHasDigits());
        this.dvPasswordPolicy.setHasUpper(dVPasswordPolicy.getHasUpper());
        this.dvPasswordPolicy.setHasLower(dVPasswordPolicy.getHasLower());
        this.dvPasswordPolicy.setHasSpecial(dVPasswordPolicy.getHasSpecial());
        this.dvPasswordPolicy.setExpirationDays(dVPasswordPolicy.getExpirationDays());
        this.dvPasswordPolicy.setMinUniqueChars(dVPasswordPolicy.getMinUniqueChars());
        this.dvPasswordPolicy.setLockTimeout(dVPasswordPolicy.getLockTimeout());
        this.dvPasswordPolicy.setRetryLimit(dVPasswordPolicy.getRetryLimit());
    }

    private void saveIVKey(byte[] bArr, String str) {
        synchronized (lockObject) {
            checkContext();
            PrivateVaultDatabase privateVaultDatabase = PrivateVaultDatabase.getInstance(context);
            ContentValues contentValues = new ContentValues();
            contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE, bArr);
            if (privateVaultDatabase.getDb().update("DATA_VAULT_2", contentValues, "vault_id = ? and item_key = ? and is_config = 1", new String[]{str, "ivKey"}) == 0) {
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_ID, str);
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_KEY, "ivKey");
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_IS_CONFIG, (Integer) 1);
                privateVaultDatabase.getDb().insert("DATA_VAULT_2", null, contentValues);
            }
        }
    }

    private void saveSalt(byte[] bArr, String str, boolean z) {
        String str2 = z ? "saltK" : "saltV";
        synchronized (lockObject) {
            checkContext();
            PrivateVaultDatabase privateVaultDatabase = PrivateVaultDatabase.getInstance(context);
            ContentValues contentValues = new ContentValues();
            contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE, bArr);
            if (privateVaultDatabase.getDb().update("DATA_VAULT_2", contentValues, "vault_id = ? and item_key = ? and is_config = 1", new String[]{str, str2}) == 0) {
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_ID, str);
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_KEY, str2);
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_IS_CONFIG, (Integer) 1);
                privateVaultDatabase.getDb().insert("DATA_VAULT_2", null, contentValues);
            }
        }
    }

    private void setConfigBlob(String str, byte[] bArr) throws DataVaultException {
        synchronized (lockObject) {
            checkContext();
            PrivateVaultDatabase privateVaultDatabase = PrivateVaultDatabase.getInstance(context);
            ContentValues contentValues = new ContentValues();
            contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE, bArr);
            if (privateVaultDatabase.getDb().update("DATA_VAULT_2", contentValues, "vault_id = ? and item_key = ? and is_config = 1", new String[]{this.dataVaultID, str}) == 0) {
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_ID, this.dataVaultID);
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_KEY, str);
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_IS_CONFIG, (Integer) 1);
                privateVaultDatabase.getDb().insert("DATA_VAULT_2", null, contentValues);
            }
        }
    }

    private void setConfigBool(String str, boolean z) throws DataVaultException {
        setConfigLong(str, z ? 1L : 0L);
    }

    private void setConfigLong(String str, long j) throws DataVaultException {
        checkDeleted();
        boolean isRetryConfig = isRetryConfig(str);
        synchronized (lockObject) {
            String byteArrayToHashKey = byteArrayToHashKey(encryptDBKey(encodeString(str), isRetryConfig ? this.retryEncryptionKey : this.dbKeyEncryptionKey));
            checkContext();
            PrivateVaultDatabase privateVaultDatabase = PrivateVaultDatabase.getInstance(context);
            ContentValues contentValues = new ContentValues();
            try {
                contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_VALUE, encrypt(Long.toString(j).getBytes(StringEncodings.UTF8), isRetryConfig ? this.retryEncryptionKey : this.valueEncryptionKey));
                if (privateVaultDatabase.getDb().update("DATA_VAULT_2", contentValues, "vault_id = ? and item_key = ? and is_config = 1", new String[]{this.dataVaultID, byteArrayToHashKey}) == 0) {
                    contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_ID, this.dataVaultID);
                    contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_KEY, byteArrayToHashKey);
                    contentValues.put(DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_IS_CONFIG, (Integer) 1);
                    privateVaultDatabase.getDb().insert("DATA_VAULT_2", null, contentValues);
                }
            } catch (UnsupportedEncodingException e) {
                throw new DataVaultException("Error during setting value.", 2, e);
            }
        }
    }

    private void setLastPasswordResetTime() throws DataVaultException {
        setConfigLong("LastPasswordResetTime", new Date().getTime());
    }

    private void setLastUnlockTime() throws DataVaultException {
        setConfigLong("LastUnlockTime", new Date().getTime());
    }

    private void setRetryCount(int i) throws DataVaultException {
        setConfigLong("RetryCount", i);
    }

    public static boolean vaultExists(String str) throws DataVaultException {
        boolean vaultExists = vaultExists(str, "DATA_VAULT_2");
        return (vaultExists || !isTable("DATA_VAULT")) ? vaultExists : vaultExists(str, "DATA_VAULT");
    }

    private static boolean vaultExists(String str, String str2) throws DataVaultException {
        boolean moveToFirst;
        if (str == null) {
            throw new DataVaultException("Invalid parameter", 4);
        }
        synchronized (lockObject) {
            checkContext();
            Cursor query = PrivateVaultDatabase.getInstance(context).getDb().query(str2, new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_ID}, "vault_id = ? ", new String[]{str}, null, null, null);
            try {
                moveToFirst = query.moveToFirst();
            } finally {
                query.close();
            }
        }
        return moveToFirst;
    }

    @Override // com.sybase.persistence.DataVault
    @Deprecated
    public void changePassword(String str, String str2) throws DataVaultException {
        if (str != null) {
            modifyPassword(str.toCharArray());
        } else {
            modifyPassword(null);
        }
    }

    @Override // com.sybase.persistence.DataVault
    @Deprecated
    public void changePassword(String str, String str2, String str3, String str4) throws DataVaultException {
        synchronized (lockObject) {
            if (this.legacyVault != null) {
                this.legacyVault.unlock(str != null ? str.toCharArray() : null, str2 != null ? str2.toCharArray() : null, true);
                migrateData(str3.toCharArray());
            } else {
                modifyPassword(str != null ? str.toCharArray() : null, str3 != null ? str3.toCharArray() : null);
            }
        }
    }

    @Override // com.sybase.persistence.DataVault
    public void decrypt(final InputStream inputStream, final OutputStream outputStream, final EncrypDecryptListener encrypDecryptListener) throws DataVaultException {
        if (outputStream == null) {
            throw new DataVaultException("invalid unencryptedStream", 4);
        }
        if (inputStream == null) {
            throw new DataVaultException("invalid encryptedStream", 4);
        }
        final SecretKey extEncryptionKey = getExtEncryptionKey();
        new Thread(new Runnable() { // from class: com.sybase.persistence.PrivateDataVault.2
            @Override // java.lang.Runnable
            public void run() {
                while (inputStream.available() > 0) {
                    try {
                        int read = inputStream.read();
                        byte[] bArr = new byte[read];
                        inputStream.read(bArr, 0, read);
                        outputStream.write(PrivateDataVault.this.decrypt(bArr, extEncryptionKey));
                    } catch (IOException e) {
                        encrypDecryptListener.onFailure(inputStream, outputStream, new DataVaultException("Error during reading stream to decrypt", 6, e));
                        return;
                    }
                }
                encrypDecryptListener.onSucces(inputStream, outputStream);
            }
        }).start();
    }

    @Override // com.sybase.persistence.DataVault
    public byte[] decrypt(byte[] bArr) {
        return decrypt(bArr, getExtEncryptionKey());
    }

    @Override // com.sybase.persistence.DataVault
    public void deleteValue(String str) throws DataVaultException {
        checkDeleted();
        synchronized (lockObject) {
            checkUnlocked();
            setValue(str, null);
        }
    }

    @Override // com.sybase.persistence.DataVault
    public void encrypt(final InputStream inputStream, final OutputStream outputStream, final EncrypDecryptListener encrypDecryptListener) throws DataVaultException {
        if (inputStream == null) {
            throw new DataVaultException("invalid unencryptedStream", 4);
        }
        if (outputStream == null) {
            throw new DataVaultException("invalid encryptedStream", 4);
        }
        final SecretKey extEncryptionKey = getExtEncryptionKey();
        new Thread(new Runnable() { // from class: com.sybase.persistence.PrivateDataVault.1
            @Override // java.lang.Runnable
            public void run() {
                byte[] bArr = new byte[32768];
                try {
                    int read = inputStream.read(bArr);
                    while (read > 0) {
                        byte[] encrypt = read < 32768 ? PrivateDataVault.this.encrypt(Arrays.copyOf(bArr, read), extEncryptionKey) : PrivateDataVault.this.encrypt(bArr, extEncryptionKey);
                        outputStream.write(encrypt.length);
                        outputStream.write(encrypt);
                        read = inputStream.read(bArr);
                    }
                    encrypDecryptListener.onSucces(inputStream, outputStream);
                } catch (IOException e) {
                    encrypDecryptListener.onFailure(inputStream, outputStream, new DataVaultException("Error during reading stream to encrypt", 6, e));
                }
            }
        }).start();
    }

    @Override // com.sybase.persistence.DataVault
    public byte[] encrypt(byte[] bArr) {
        return encrypt(bArr, getExtEncryptionKey());
    }

    @Override // com.sybase.persistence.DataVault
    public DataVault.DVDataName[] getDataNames() throws DataVaultException {
        ArrayList arrayList = new ArrayList();
        checkDeleted();
        synchronized (lockObject) {
            checkUnlocked();
            checkContext();
            Cursor query = PrivateVaultDatabase.getInstance(context).getDb().query("DATA_VAULT_2", new String[]{DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_KEY, DataProviderConstants.DATA_VAULT_COL_DATA_VAULT_IS_CONFIG}, "vault_id = ? and is_config <> 1", new String[]{this.dataVaultID}, null, null, null);
            try {
                for (boolean moveToFirst = query.moveToFirst(); moveToFirst; moveToFirst = query.moveToNext()) {
                    String string = query.getString(0);
                    DataVault.DVDataName dVDataName = new DataVault.DVDataName();
                    dVDataName.setName("");
                    if (string != null) {
                        dVDataName.setName(decodeString(decryptDBKey(hashKeyToByteArray(string), this.dbKeyEncryptionKey)));
                    }
                    dVDataName.setType(query.getInt(1));
                    arrayList.add(dVDataName);
                }
            } finally {
                query.close();
            }
        }
        return (DataVault.DVDataName[]) arrayList.toArray(new DataVault.DVDataName[0]);
    }

    @Override // com.sybase.persistence.DataVault
    public int getLockTimeout() throws DataVaultException {
        return (int) getConfigLong("LockTimeout", 0L, true);
    }

    @Override // com.sybase.persistence.DataVault
    public DataVault.DVPasswordPolicy getPasswordPolicy() throws DataVaultException {
        return internalGetPasswordPolicy(true);
    }

    @Override // com.sybase.persistence.DataVault
    public int getRetryLimit() throws DataVaultException {
        return this.legacyVault != null ? this.legacyVault.getRetryLimit() : (int) getConfigLong("RetryLimit", 0L, false);
    }

    @Override // com.sybase.persistence.DataVault
    public String getString(String str) throws DataVaultException {
        return decodeString(internalGetValue(str, 2));
    }

    @Override // com.sybase.persistence.DataVault
    public byte[] getValue(String str) throws DataVaultException {
        return internalGetValue(str, 3);
    }

    @Override // com.sybase.persistence.DataVault
    public boolean isDefaultPasswordUsed() {
        boolean z;
        if (this.legacyVault != null) {
            return this.legacyVault.isDefaultPasswordUsed();
        }
        checkDeleted();
        synchronized (lockObject) {
            if (this.valueEncryptionKey != null) {
                return this.defaultPasscodeUsed;
            }
            byte[] loadSalt = loadSalt(this.dataVaultID, true);
            if (loadSalt == null) {
                return false;
            }
            SecretKeySpec deriveEncryptionKey = deriveEncryptionKey(null, loadSalt, 1000);
            if (isValidDBKeyEncryptionKey(deriveEncryptionKey)) {
                this.defaultKey = deriveEncryptionKey;
                z = true;
            } else {
                z = getConfigBlob("KeyAKiraly") == null ? isValidDBKeyEncryptionKey(deriveEncryptionKey(null, loadSalt, ITCOUNT_LEGACY)) : false;
            }
            return z;
        }
    }

    @Override // com.sybase.persistence.DataVault
    public boolean isLocked() throws DataVaultException {
        if (this.legacyVault != null) {
            return this.legacyVault.isLocked();
        }
        checkDeleted();
        synchronized (lockObject) {
            if (this.dbKeyEncryptionKey == null) {
                return true;
            }
            if (!isValidDBKeyEncryptionKey(this.dbKeyEncryptionKey)) {
                this.valueEncryptionKey = null;
                this.defaultPasscodeUsed = false;
                throw new DataVaultException("Credentials have changed. Vault is now locked.", 8);
            }
            if (!hasTimeoutElapsed()) {
                return false;
            }
            lock();
            return true;
        }
    }

    @Override // com.sybase.persistence.DataVault
    public void lock() throws DataVaultException {
        if (this.legacyVault != null) {
            return;
        }
        checkDeleted();
        synchronized (lockObject) {
            this.valueEncryptionKey = null;
            this.dbKeyEncryptionKey = null;
            this.defaultPasscodeUsed = false;
        }
    }

    @Override // com.sybase.persistence.DataVault
    public void modifyPassword(char[] cArr) throws DataVaultException {
        checkDeleted();
        synchronized (lockObject) {
            checkUnlocked();
            checkPasswordCompatibility(cArr, false);
            SecretKey secretKey = this.valueEncryptionKey;
            SecretKey secretKey2 = this.dbKeyEncryptionKey;
            SecretKey secretKey3 = this.retryEncryptionKey;
            byte[] bArr = new byte[32];
            new SecureRandom().nextBytes(bArr);
            saveSalt(bArr, this.dataVaultID, true);
            SecretKeySpec deriveEncryptionKey = deriveEncryptionKey(cArr, loadSalt(this.dataVaultID, false), 1000);
            SecretKeySpec deriveEncryptionKey2 = deriveEncryptionKey(cArr, bArr, 1000);
            SecretKeySpec deriveEncryptionKey3 = deriveEncryptionKey((this.dataVaultID + "{DDB45DB3-2637-4dd1-9031-00113148FE44}").toCharArray(), bArr, 1000);
            this.defaultPasscodeUsed = cArr == null;
            checkContext();
            reEncryptDB(secretKey2, secretKey, deriveEncryptionKey2, deriveEncryptionKey);
            reEncryptConfigValue("RetryLimit", secretKey3, deriveEncryptionKey3, secretKey3, deriveEncryptionKey3);
            this.dbKeyEncryptionKey = deriveEncryptionKey2;
            this.valueEncryptionKey = deriveEncryptionKey;
            this.retryEncryptionKey = deriveEncryptionKey3;
        }
        cleanPassword(cArr);
    }

    @Override // com.sybase.persistence.DataVault
    public void modifyPassword(char[] cArr, char[] cArr2) throws DataVaultException {
        synchronized (lockObject) {
            if (this.legacyVault != null) {
                if (cArr != null) {
                    this.legacyVault.unlock(cArr, null, true);
                } else {
                    this.legacyVault.unlock(null, null, true);
                }
                migrateData(cArr2);
            } else {
                internalUnlock(cArr, false);
                modifyPassword(cArr2);
            }
        }
    }

    @Override // com.sybase.persistence.DataVault
    public void resetLockTimeout() throws DataVaultException {
        checkDeleted();
        synchronized (lockObject) {
            checkUnlocked();
            setLastUnlockTime();
        }
    }

    protected void resetPasswordTimeout() throws DataVaultException {
        checkDeleted();
        synchronized (lockObject) {
            checkUnlocked();
            setLastPasswordResetTime();
        }
    }

    @Override // com.sybase.persistence.DataVault
    public void setLockTimeout(int i) throws DataVaultException {
        checkDeleted();
        if (i < 0) {
            throw new DataVaultException("Numeric argument may not be negative", 4);
        }
        checkUnlocked();
        setConfigLong("LockTimeout", i);
        this.dvPasswordPolicy.setLockTimeout(i);
    }

    @Override // com.sybase.persistence.DataVault
    public void setPasswordPolicy(DataVault.DVPasswordPolicy dVPasswordPolicy) throws DataVaultException {
        checkDeleted();
        synchronized (lockObject) {
            checkUnlocked();
            if (dVPasswordPolicy == null) {
                dVPasswordPolicy = new DataVault.DVPasswordPolicy();
            }
            if (dVPasswordPolicy.getMinLength() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
            if (dVPasswordPolicy.getExpirationDays() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
            if (dVPasswordPolicy.getMinUniqueChars() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
            if (dVPasswordPolicy.getLockTimeout() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
            if (dVPasswordPolicy.getRetryLimit() < 0) {
                throw new DataVaultException("Numeric argument may not be negative", 4);
            }
            setConfigBool("DefaultPasswordAllowed", dVPasswordPolicy.getIsDefaultPasswordAllowed());
            setConfigLong("MinLength", dVPasswordPolicy.getMinLength());
            setConfigBool("HasDigits", dVPasswordPolicy.getHasDigits());
            setConfigBool("HasUpper", dVPasswordPolicy.getHasUpper());
            setConfigBool("HasLower", dVPasswordPolicy.getHasLower());
            setConfigBool("HasSpecial", dVPasswordPolicy.getHasSpecial());
            setConfigLong("PasswordTimeout", dVPasswordPolicy.getExpirationDays());
            setConfigLong("MinUniqueChars", dVPasswordPolicy.getMinUniqueChars());
            setConfigLong("LockTimeout", dVPasswordPolicy.getLockTimeout());
            setConfigLong("RetryLimit", dVPasswordPolicy.getRetryLimit());
            saveDVPasswordPolicy(dVPasswordPolicy);
        }
    }

    @Override // com.sybase.persistence.DataVault
    public void setRetryLimit(int i) throws DataVaultException {
        checkDeleted();
        if (i < 0) {
            throw new DataVaultException("Numeric argument may not be negative", 4);
        }
        checkUnlocked();
        setConfigLong("RetryLimit", i);
        this.dvPasswordPolicy.setRetryLimit(i);
    }

    @Override // com.sybase.persistence.DataVault
    public void setString(String str, String str2) throws DataVaultException {
        if (getVersionNumber() > 0) {
            internalSetValue(str, encodeString(str2), 2);
        } else {
            internalSetValue(str, encodeString(str2), 0);
        }
    }

    @Override // com.sybase.persistence.DataVault
    public void setValue(String str, byte[] bArr) throws DataVaultException {
        if (getVersionNumber() > 0) {
            internalSetValue(str, bArr, 3);
        } else {
            internalSetValue(str, bArr, 0);
        }
    }

    @Override // com.sybase.persistence.DataVault
    @Deprecated
    public void unlock(String str, String str2) throws DataVaultException {
        synchronized (lockObject) {
            if (this.legacyVault != null) {
                this.legacyVault.unlock(str != null ? str.toCharArray() : null, str2 != null ? str2.toCharArray() : null, true);
                if (str != null) {
                    migrateData(str.toCharArray());
                } else {
                    migrateData(null);
                }
            }
            if (str != null) {
                internalUnlock(str.toCharArray(), true);
            } else {
                internalUnlock(null, true);
            }
        }
    }

    @Override // com.sybase.persistence.DataVault
    public void unlock(char[] cArr) throws DataVaultException {
        synchronized (lockObject) {
            if (this.legacyVault != null) {
                if (cArr != null) {
                    this.legacyVault.unlock(cArr, null, true);
                } else {
                    this.legacyVault.unlock(null, null, true);
                }
                migrateData(cArr);
            } else {
                internalUnlock(cArr, true);
            }
        }
    }
}
