package com.markspace.mscloudkitbackup;

import android.util.Base64;
import com.dd.plist.NSArray;
import com.dd.plist.NSData;
import com.dd.plist.NSDictionary;
import com.dd.plist.NSNumber;
import com.dd.plist.NSString;
import com.markspace.backupserveraccess.mscloudkit.MSURLConnection;
import com.markspace.mscloudkitlib.MSCKContainer;
import com.markspace.mscloudkitlib.MSCanceller;
import com.markspace.mscloudkitlib.MSCloudKitManager;
import com.markspace.mscloudkitlib.MSCloudKitPCS;
import com.markspace.mscloudkitlib.MSException;
import com.markspace.mscloudkitlib.mscrypto.MSCryptoClient;
import com.markspace.mscloudkitlib.mscrypto.MSDER;
import com.markspace.mscloudkitlib.mspcs.MSBackupEscrow;
import com.markspace.mscloudkitlib.mspcs.MSKeyManager;
import com.markspace.mscloudkitlib.mspcs.MSKeyset;
import com.markspace.mscloudkitlib.utilities.MSDataUtilities;
import com.markspace.unityws.UnityConstants;
import com.sec.android.easyMover.data.contacts.SamsungAccountProfileConstants;
import com.sec.android.easyMoverCommon.CRLog;
import java.net.URL;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Locale;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class MSBackupBits {
    private static final String TAG = "MSDG[SmartSwitch]" + MSBackupBits.class.getSimpleName();

    /* loaded from: classes.dex */
    public static class Cancelled extends MSException {
    }

    /* loaded from: classes.dex */
    public static class GenericFailure extends MSException {
        public GenericFailure(String str) {
            super(str);
        }
    }

    /* loaded from: classes.dex */
    public static class Needs2FA extends MSException {
    }

    /* loaded from: classes.dex */
    public static class NeedsPassword extends MSException {
    }

    /* loaded from: classes.dex */
    public static class NeedsTOSUpdate extends MSException {
    }

    /* loaded from: classes.dex */
    public static class Result<Error_p extends Exception, Result_p> {
        public final Error_p mError;
        public final Result_p mResult;

        public Result(Error_p error_p) {
            this.mError = error_p;
            this.mResult = null;
        }

        public Result(Result_p result_p) {
            this.mError = null;
            this.mResult = result_p;
        }
    }

    /* loaded from: classes.dex */
    public static class Step1 {
        protected String mAccountSettingsUrl;
        protected String mAuthenticateUrl;
        protected String mCKAppInitUrl;
    }

    /* loaded from: classes.dex */
    public static class Step2 {
        public String mAuthStr;
        public String mCKAppInitUrl;
        public String mCloudKitToken;
        public long mDsPrsID;
        public String mEscrowProxyUrl;
        public String mMmeAuthToken;
    }

    public static Result<Exception, Step1> DoStep1(MSCanceller mSCanceller) {
        long epoch = mSCanceller.getEpoch();
        try {
            MSURLConnection mSURLConnection = new MSURLConnection(new URL("https://setup.icloud.com/configurations/init?context=settings"));
            mSURLConnection.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            byte[] responseData = mSURLConnection.getResponseData();
            if (mSCanceller.isCancelled(epoch)) {
                return new Result<>(new Cancelled());
            }
            if (responseData == null) {
                return new Result<>(new GenericFailure("Error getting configurations init"));
            }
            NSDictionary parsePList = MSDataUtilities.parsePList(responseData);
            if (parsePList == null) {
                return new Result<>(new GenericFailure("Error parsing init plist"));
            }
            NSDictionary nSDictionary = (NSDictionary) parsePList.objectForKey(UnityConstants.kURLs);
            if (nSDictionary == null) {
                return new Result<>(new GenericFailure("Missing urls in configuration result"));
            }
            Step1 step1 = new Step1();
            step1.mAuthenticateUrl = nSDictionary.objectForKey("authenticate").toString();
            step1.mAccountSettingsUrl = nSDictionary.objectForKey("getAccountSettings").toString();
            step1.mCKAppInitUrl = nSDictionary.objectForKey("ckAppInit").toString();
            if (step1.mAuthenticateUrl != null && step1.mAccountSettingsUrl != null && step1.mCKAppInitUrl != null) {
                return new Result<>(step1);
            }
            return new Result<>(new GenericFailure("Missing URL in urls"));
        } catch (Exception e) {
            return new Result<>(e);
        }
    }

    public static Result<Exception, Step2> DoStep2(MSCanceller mSCanceller, Step1 step1, String str) {
        return new Result<>(new NeedsPassword());
    }

    public static Result<Exception, Step2> DoStep2(MSCanceller mSCanceller, Step1 step1, String str, String str2) {
        return DoStep2(mSCanceller, step1, str, str2, null);
    }

    public static Result<Exception, Step2> DoStep2(MSCanceller mSCanceller, Step1 step1, String str, String str2, String str3) {
        long epoch = mSCanceller.getEpoch();
        if (str3 == null) {
            str3 = "";
        }
        if (step1 == null || str == null || str2 == null) {
            return new Result<>(new GenericFailure("DoStep2, a parameter is null"));
        }
        try {
            Step2 step2 = new Step2();
            step2.mCKAppInitUrl = step1.mCKAppInitUrl;
            MSURLConnection mSURLConnection = new MSURLConnection(new URL(step1.mAuthenticateUrl));
            mSURLConnection.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            String encodeToString = Base64.encodeToString((str + ":" + str2 + str3).getBytes(), 2);
            StringBuilder sb = new StringBuilder();
            sb.append("Basic ");
            sb.append(encodeToString);
            mSURLConnection.addRequestHeader("Authorization", sb.toString());
            byte[] responseData = mSURLConnection.getResponseData();
            if (mSCanceller.isCancelled(epoch)) {
                return new Result<>(new Cancelled());
            }
            if (responseData == null) {
                return mSURLConnection.getLastResponseCode() == 409 ? new Result<>(new Needs2FA()) : new Result<>(new NeedsPassword());
            }
            NSDictionary parsePList = MSDataUtilities.parsePList(responseData);
            if (parsePList == null) {
                return new Result<>(new GenericFailure("Authenticate, responseAsPlist is null, 1"));
            }
            NSString nSString = (NSString) parsePList.objectForKey("localizedError");
            if (nSString != null && nSString.toString().equalsIgnoreCase("ACCOUNT_INVALID_HSA_TOKEN")) {
                return new Result<>(new Needs2FA());
            }
            NSDictionary nSDictionary = (NSDictionary) parsePList.objectForKey("appleAccountInfo");
            if (nSDictionary == null) {
                return new Result<>(new GenericFailure("Authenticate, appleAccountInfo is null"));
            }
            step2.mDsPrsID = ((NSNumber) nSDictionary.objectForKey("dsPrsID")).longValue();
            NSDictionary nSDictionary2 = (NSDictionary) parsePList.objectForKey("tokens");
            if (nSDictionary2 == null) {
                return new Result<>(new GenericFailure("Authenticate, tokens is null"));
            }
            step2.mMmeAuthToken = nSDictionary2.objectForKey("mmeAuthToken").toString();
            step2.mAuthStr = Base64.encodeToString((Long.toString(step2.mDsPrsID) + ":" + step2.mMmeAuthToken).getBytes(), 2);
            MSURLConnection mSURLConnection2 = new MSURLConnection(new URL(step1.mAccountSettingsUrl));
            mSURLConnection2.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            mSURLConnection2.addRequestHeader("Authorization", "Basic " + step2.mAuthStr);
            byte[] responseData2 = mSURLConnection2.getResponseData();
            if (mSCanceller.isCancelled(epoch)) {
                return new Result<>(new Cancelled());
            }
            if (responseData2 == null) {
                return new Result<>(new GenericFailure("Authenticate, responseBytes is zero"));
            }
            NSDictionary parsePList2 = MSDataUtilities.parsePList(responseData2);
            if (parsePList2 == null) {
                return new Result<>(new GenericFailure("Authenticate, responseAsPlist is null, 2"));
            }
            NSString nSString2 = (NSString) parsePList2.objectForKey("localizedError");
            if (nSString2 != null) {
                if (nSString2.toString().equalsIgnoreCase("MOBILEME_TERMS_OF_SERVICE_UPDATE")) {
                    return new Result<>(new NeedsTOSUpdate());
                }
                return new Result<>(new GenericFailure("Authenticate, localizedError: " + nSString2.toString()));
            }
            NSDictionary nSDictionary3 = (NSDictionary) parsePList2.objectForKey("tokens");
            if (nSDictionary3 == null) {
                return new Result<>(new GenericFailure("Authenticate, tokens is null"));
            }
            step2.mCloudKitToken = nSDictionary3.objectForKey("cloudKitToken").toString();
            step2.mEscrowProxyUrl = ((NSDictionary) ((NSDictionary) parsePList2.objectForKey("com.apple.mobileme")).objectForKey("com.apple.Dataclass.KeychainSync")).objectForKey("escrowProxyUrl").toString();
            return new Result<>(step2);
        } catch (Exception e) {
            return new Result<>(e);
        }
    }

    public static boolean ForceIssuanceOf2FACode(String str, String str2) {
        try {
            MSURLConnection mSURLConnection = new MSURLConnection(new URL("https://setup.icloud.com/setup/ws/1/login"));
            mSURLConnection.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            mSURLConnection.addRequestHeader("Origin", "https://www.icloud.com");
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("apple_id", str);
            jSONObject.put("password", str2);
            jSONObject.put("extended_login", false);
            mSURLConnection.setRequestContent(jSONObject.toString().getBytes(Charset.forName("UTF-8")));
            new String(mSURLConnection.getResponseData());
            return true;
        } catch (Exception e) {
            CRLog.e(TAG, "Exception: " + e.getMessage());
            return false;
        }
    }

    public static Result<Exception, MSCKContainer> SetupContainer(MSCanceller mSCanceller, Step2 step2, MSKeyManager mSKeyManager, String str, String str2) {
        long epoch = mSCanceller.getEpoch();
        try {
            MSCKContainer mSCKContainer = new MSCKContainer(str, str2);
            mSCKContainer.setContainerCredentials(step2.mDsPrsID, step2.mMmeAuthToken, step2.mCloudKitToken);
            if (!mSCKContainer.setupContainerWithURL(step2.mCKAppInitUrl, MSDataUtilities.byteArrayToHexString(MSCryptoClient.generateEntropy(32)))) {
                return new Result<>(new Exception("Couldn't setupContainerWithURL"));
            }
            if (mSCanceller.isCancelled(epoch)) {
                return new Result<>(new Cancelled());
            }
            mSCKContainer.setPCS(new MSCloudKitPCS(mSKeyManager));
            return new Result<>(mSCKContainer);
        } catch (Exception e) {
            return new Result<>(e);
        }
    }

    public static Result<Exception, MSKeyset> SetupKeyset(MSCanceller mSCanceller, String str, String str2) {
        String str3;
        NSDictionary nSDictionary;
        boolean z;
        byte[] bArr;
        byte[] copyOfRange;
        String str4 = "salt";
        long epoch = mSCanceller.getEpoch();
        try {
            MSURLConnection mSURLConnection = new MSURLConnection(new URL(str + "/escrowproxy/api/get_records"));
            mSURLConnection.addRequestHeader("Authorization", "X-MobileMe-AuthToken " + str2);
            mSURLConnection.setRequestContent("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n<key>command</key>\n<string>GETRECORDS</string>\n<key>label</key>\n<string>com.apple.protectedcloudstorage.record</string>\n<key>version</key>\n<integer>1</integer>\n</dict>\n</plist>\n".getBytes(Charset.forName("UTF-8")));
            byte[] responseData = mSURLConnection.getResponseData();
            if (mSCanceller.isCancelled(epoch)) {
                return new Result<>(new Cancelled());
            }
            if (responseData == null) {
                return new Result<>(new MSException("Error getting escrow proxy records"));
            }
            NSArray nSArray = (NSArray) MSDataUtilities.parsePList(responseData).objectForKey("metadataList");
            int i = 0;
            while (true) {
                if (i >= nSArray.count()) {
                    str3 = str4;
                    nSDictionary = null;
                    z = false;
                    break;
                }
                NSDictionary nSDictionary2 = (NSDictionary) nSArray.objectAtIndex(i);
                String obj = nSDictionary2.objectForKey(SamsungAccountProfileConstants.MultiDataColumn.LABEL).toString();
                NSArray nSArray2 = nSArray;
                if (obj.equalsIgnoreCase("com.apple.protectedcloudstorage.record")) {
                    str3 = str4;
                    ((NSString) nSDictionary2.objectForKey("recordStatus")).toString();
                    long parseLong = Long.parseLong(((NSString) nSDictionary2.objectForKey("remainingAttempts")).toString());
                    ((NSNumber) nSDictionary2.objectForKey("silentAttemptAllowed")).longValue();
                    if (parseLong <= 5) {
                        return new Result<>(new MSException("WARNING: Only 5 SRP attempts remaining. Aborting."));
                    }
                    nSDictionary = MSDataUtilities.parsePList(Base64.decode(((NSString) nSDictionary2.objectForKey("metadata")).toString(), 0));
                    z = true;
                } else {
                    CRLog.d(TAG, "Found multiple Escrow Record metadata objects. Skipping metadata for " + obj);
                    i++;
                    nSArray = nSArray2;
                    str4 = str4;
                }
            }
            if (!z) {
                return new Result<>(new MSException("ERROR: No metadata for protected cloud storage."));
            }
            MSURLConnection mSURLConnection2 = new MSURLConnection(new URL(str + "/escrowproxy/api/srp_init"));
            mSURLConnection2.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            mSURLConnection2.addRequestHeader("Authorization", String.format(Locale.getDefault(), "X-MobileMe-AuthToken %s", str2));
            mSURLConnection2.addRequestHeader("Content-Type", "application/x-www-form-urlencoded");
            byte[] calculateSRPEphemeralA = MSCryptoClient.calculateSRPEphemeralA();
            NSDictionary nSDictionary3 = nSDictionary;
            mSURLConnection2.setRequestContent(String.format(Locale.getDefault(), "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n     <key>blob</key>\n     <string>%s</string>\n     <key>command</key>\n     <string>SRP_INIT</string>\n     <key>label</key>\n     <string>com.apple.protectedcloudstorage.record</string>\n     <key>version</key>\n     <integer>1</integer>\n</dict>\n</plist>", Base64.encodeToString(calculateSRPEphemeralA, 2)).getBytes(Charset.forName("UTF-8")));
            byte[] responseData2 = mSURLConnection2.getResponseData();
            if (mSCanceller.isCancelled(epoch)) {
                return new Result<>(new Cancelled());
            }
            if (responseData2 == null) {
                return new Result<>(new MSException("Error getting srp_init"));
            }
            NSDictionary parsePList = MSDataUtilities.parsePList(responseData2);
            if (!((NSString) parsePList.objectForKey("message")).toString().equalsIgnoreCase("Success")) {
                return new Result<>(new MSException("FAILED to init SRP..."));
            }
            byte[] bytes = ((NSString) parsePList.objectForKey("dsid")).toString().getBytes();
            HashMap<String, byte[]> parseSRPSaltAndEphemeralB = MSCryptoClient.parseSRPSaltAndEphemeralB(Base64.decode(((NSString) parsePList.objectForKey("respBlob")).toString(), 0));
            String str5 = str3;
            byte[] bArr2 = parseSRPSaltAndEphemeralB.get(str5);
            byte[] bArr3 = parseSRPSaltAndEphemeralB.get("ephemeralKey");
            byte[] calculateSessionKey = MSCryptoClient.calculateSessionKey(bArr2, bytes, calculateSRPEphemeralA, bArr3);
            String encodeToString = Base64.encodeToString(MSCryptoClient.createSRPClientProof(parseSRPSaltAndEphemeralB.get("tag"), parseSRPSaltAndEphemeralB.get("uid"), MSCryptoClient.calculateClientEvidenceMessage(bArr2, bytes, calculateSRPEphemeralA, bArr3)), 2);
            MSURLConnection mSURLConnection3 = new MSURLConnection(new URL(String.format(Locale.getDefault(), "%s/escrowproxy/api/recover", str)));
            mSURLConnection3.setRequestHeaders(MSCloudKitManager.basicHTTPHeaders());
            mSURLConnection3.addRequestHeader("Authorization", String.format(Locale.getDefault(), "X-MobileMe-AuthToken %s", str2));
            mSURLConnection3.addRequestHeader("Content-Type", "application/x-apple-plist");
            mSURLConnection3.setRequestContent(String.format(Locale.getDefault(), "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n<plist version=\"1.0\">\n<dict>\n\t<key>blob</key>\n\t<string>%s</string>\n\t<key>command</key>\n\t<string>RECOVER</string>\n\t<key>label</key>\n\t<string>com.apple.protectedcloudstorage.record</string>\n\t<key>version</key>\n\t<integer>1</integer>\n</dict>\n</plist>", encodeToString).getBytes(Charset.forName("UTF-8")));
            byte[] responseData3 = mSURLConnection3.getResponseData();
            if (mSCanceller.isCancelled(epoch)) {
                return new Result<>(new Cancelled());
            }
            if (responseData3 == null) {
                return new Result<>(new MSException("Error getting escrow recovery"));
            }
            HashMap<String, byte[]> parseSRPServerProof = MSCryptoClient.parseSRPServerProof(Base64.decode(MSDataUtilities.parsePList(responseData3).objectForKey("respBlob").toString(), 0));
            HashMap<String, Object> parseSRPPCSData = MSCryptoClient.parseSRPPCSData(MSCryptoClient.decryptAESBlock(parseSRPServerProof.get("data"), calculateSessionKey, parseSRPServerProof.get("iv"), 0));
            byte[] bArr4 = (byte[]) parseSRPPCSData.get("dsid");
            byte[] bArr5 = (byte[]) parseSRPPCSData.get(str5);
            NSDictionary parsePList2 = MSDataUtilities.parsePList(MSCryptoClient.decryptAESBlock((byte[]) parseSRPPCSData.get("data"), MSCryptoClient.derivePCSKey(bArr4, bArr5, ((Integer) parseSRPPCSData.get("iterations")).intValue()), Arrays.copyOfRange(bArr5, 0, 16), 9));
            byte[] bytes2 = ((NSData) parsePList2.objectForKey("BackupBagPassword")).bytes();
            if (!Arrays.equals(MSCryptoClient.calculateSHA1(bytes2), ((NSData) parsePList2.objectForKey("BackupKeybagDigest")).bytes())) {
                return new Result<>(new MSException("backup keybag digest mismatch"));
            }
            MSDER msder = new MSDER();
            HashMap<String, Object> parseKeySet = msder.parseKeySet(bytes2);
            HashMap<String, Object> parseBackupEscrow = msder.parseBackupEscrow(((NSData) ((NSDictionary) ((NSDictionary) nSDictionary3.objectForKey("ClientMetadata")).objectForKey("SecureBackupiCloudDataProtection")).objectForKey("kPCSMetadataEscrowedKeys")).bytes());
            byte[] bArr6 = (byte[]) parseBackupEscrow.get("masterKeyPublic");
            HashMap hashMap = (HashMap) parseKeySet.get("keys");
            Iterator it = hashMap.keySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                HashMap hashMap2 = (HashMap) ((HashMap) hashMap.get((Integer) it.next())).get("keyData");
                if (Arrays.equals(bArr6, (byte[]) ((HashMap) hashMap2.get("publicKeyInfo")).get("key"))) {
                    bArr = (byte[]) hashMap2.get("privateKey");
                    copyOfRange = bArr.length > 32 ? Arrays.copyOfRange(bArr, 32, 64) : null;
                }
            }
            bArr = copyOfRange;
            return bArr == null ? new Result<>(new MSException("Failed to retrieve master key")) : new Result<>(new MSKeyset(msder.parseKeySet(MSCryptoClient.decryptGCMBlock(new MSBackupEscrow(parseBackupEscrow).getData(), MSCryptoClient.unwrapEllipticalCurveKey(bArr6, bArr, (byte[]) parseBackupEscrow.get("wrappedKey"))))));
        } catch (Exception e) {
            return new Result<>(e);
        }
    }
}
