package org.mozilla.gecko.fxa.authenticator;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.content.Context;
import android.os.Bundle;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import org.mozilla.gecko.background.common.log.Logger;
import org.mozilla.gecko.background.fxa.FxAccountUtils;
import org.mozilla.gecko.browserid.BrowserIDKeyPair;
import org.mozilla.gecko.browserid.RSACryptoImplementation;
import org.mozilla.gecko.db.BrowserContract;
import org.mozilla.gecko.fxa.FxAccountConstants;
import org.mozilla.gecko.sync.ExtendedJSONObject;
import org.mozilla.gecko.sync.Utils;
import org.mozilla.gecko.sync.crypto.HKDF;

/* loaded from: classes.dex */
public class AndroidFxAccount implements AbstractFxAccount {
    private static String LOG_TAG = AndroidFxAccount.class.getSimpleName();
    private Account account;
    private AccountManager accountManager;
    private Context context;

    public AndroidFxAccount(Context context, Account account) {
        this.context = context;
        this.account = account;
        this.accountManager = AccountManager.get(this.context);
    }

    public static Account addAndroidAccount(Context context, String str, String str2, String str3, String str4, String str5, byte[] bArr, byte[] bArr2, boolean z) throws UnsupportedEncodingException, GeneralSecurityException, URISyntaxException {
        if (str == null) {
            throw new IllegalArgumentException("email must not be null");
        }
        if (str2 == null) {
            throw new IllegalArgumentException("password must not be null");
        }
        if (str4 == null) {
            throw new IllegalArgumentException("idpServerURI must not be null");
        }
        if (str5 == null) {
            throw new IllegalArgumentException("tokenServerURI must not be null");
        }
        if ((bArr == null && bArr2 != null) || (bArr != null && bArr2 == null)) {
            throw new IllegalArgumentException("none or both of sessionToken and keyFetchToken may be null");
        }
        byte[] generateQuickStretchedPW = FxAccountUtils.generateQuickStretchedPW(str.getBytes("UTF-8"), str2.getBytes("UTF-8"));
        byte[] derive = HKDF.derive(generateQuickStretchedPW, new byte[0], FxAccountUtils.KW("unwrapBkey"), 32);
        Bundle bundle = new Bundle();
        bundle.putString("version", "3");
        bundle.putString("idpServerURI", str4);
        bundle.putString("tokenServerURI", str5);
        URI uri = new URI(str5);
        bundle.putString("audience", new URI(uri.getScheme(), uri.getHost(), null, null).toString());
        bundle.putString(BrowserContract.PARAM_PROFILE, str3);
        ExtendedJSONObject extendedJSONObject = new ExtendedJSONObject();
        extendedJSONObject.put("version", 1);
        extendedJSONObject.put("sessionToken", bArr == null ? null : Utils.byte2Hex(bArr));
        extendedJSONObject.put("keyFetchToken", bArr2 == null ? null : Utils.byte2Hex(bArr2));
        extendedJSONObject.put("verified", Boolean.valueOf(z));
        extendedJSONObject.put("unwrapkB", Utils.byte2Hex(derive));
        bundle.putString("descriptor", extendedJSONObject.object.toJSONString());
        Account account = new Account(str, "org.mozilla.fennec_account");
        if (!AccountManager.get(context).addAccountExplicitly(account, Utils.byte2Hex(generateQuickStretchedPW), bundle)) {
            return null;
        }
        FxAccountAuthenticator.enableSyncing$547a8d1e(account);
        return account;
    }

    private int getAccountVersion() {
        String userData = this.accountManager.getUserData(this.account, "version");
        if (userData == null) {
            return 0;
        }
        try {
            return Integer.parseInt(userData, 10);
        } catch (NumberFormatException e) {
            return 0;
        }
    }

    private String getBundleData(String str) {
        ExtendedJSONObject unbundle = unbundle();
        if (unbundle == null) {
            return null;
        }
        return unbundle.getString(str);
    }

    private boolean getBundleDataBoolean$505cbf47(String str) {
        Boolean bool;
        ExtendedJSONObject unbundle = unbundle();
        if (unbundle == null || (bool = unbundle.getBoolean(str)) == null) {
            return false;
        }
        return bool.booleanValue();
    }

    private byte[] getBundleDataBytes(String str) {
        String str2;
        ExtendedJSONObject unbundle = unbundle();
        if (unbundle != null && (str2 = (String) unbundle.object.get(str)) != null) {
            return Utils.hex2Byte(str2);
        }
        return null;
    }

    private void persistBundle(ExtendedJSONObject extendedJSONObject) {
        this.accountManager.setUserData(this.account, "descriptor", extendedJSONObject.object.toJSONString());
    }

    private ExtendedJSONObject toJSONObject() {
        ExtendedJSONObject unbundle = unbundle();
        unbundle.put("email", this.account.name);
        try {
            unbundle.put("emailUTF8", Utils.byte2Hex(this.account.name.getBytes("UTF-8")));
        } catch (UnsupportedEncodingException e) {
        }
        unbundle.put("quickStretchedPW", this.accountManager.getPassword(this.account));
        return unbundle;
    }

    private ExtendedJSONObject unbundle() {
        String userData;
        int accountVersion = getAccountVersion();
        if (accountVersion >= 3 && accountVersion <= 3 && (userData = this.accountManager.getUserData(this.account, "descriptor")) != null) {
            return unbundleAccountV1(userData);
        }
        return null;
    }

    private static ExtendedJSONObject unbundleAccountV1(String str) {
        try {
            ExtendedJSONObject extendedJSONObject = new ExtendedJSONObject(str);
            if (1 == extendedJSONObject.getIntegerSafely("version").intValue()) {
                return extendedJSONObject;
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    private void updateBundleDataBytes(String str, byte[] bArr) {
        updateBundleValue(str, bArr == null ? null : Utils.byte2Hex(bArr));
    }

    private void updateBundleValue(String str, String str2) {
        ExtendedJSONObject unbundle = unbundle();
        if (unbundle == null) {
            return;
        }
        unbundle.put(str, str2);
        persistBundle(unbundle);
    }

    private void updateBundleValue$505cbf4b(String str) {
        ExtendedJSONObject unbundle = unbundle();
        if (unbundle == null) {
            return;
        }
        unbundle.put(str, true);
        persistBundle(unbundle);
    }

    public final void dump() {
        if (FxAccountConstants.LOG_PERSONAL_INFORMATION) {
            ExtendedJSONObject jSONObject = toJSONObject();
            ArrayList arrayList = new ArrayList(jSONObject.object.keySet());
            Collections.sort(arrayList);
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                FxAccountConstants.pii(LOG_TAG, str + ": " + jSONObject.get(str));
            }
        }
    }

    public final void forgetAccountTokens() {
        ExtendedJSONObject unbundle = unbundle();
        if (unbundle == null) {
            return;
        }
        unbundle.remove("sessionToken");
        unbundle.remove("keyFetchToken");
        persistBundle(unbundle);
    }

    public final void forgetQuickstretchedPW() {
        this.accountManager.setPassword(this.account, null);
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final String getAccountServerURI() {
        return this.accountManager.getUserData(this.account, "idpServerURI");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final String getAssertion() {
        return getBundleData("assertion");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final BrowserIDKeyPair getAssertionKeyPair() throws GeneralSecurityException {
        try {
            return RSACryptoImplementation.fromJSONObject(new ExtendedJSONObject(getBundleData("assertionKeyPair")));
        } catch (Exception e) {
            Logger.info(LOG_TAG, "Generating new assertion key pair.");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            BrowserIDKeyPair browserIDKeyPair = new BrowserIDKeyPair(new RSACryptoImplementation.RSASigningPrivateKey((RSAPrivateKey) generateKeyPair.getPrivate()), new RSACryptoImplementation.RSAVerifyingPublicKey((RSAPublicKey) generateKeyPair.getPublic()));
            ExtendedJSONObject unbundle = unbundle();
            if (unbundle == null) {
                unbundle = new ExtendedJSONObject();
            }
            ExtendedJSONObject extendedJSONObject = new ExtendedJSONObject();
            extendedJSONObject.put("privateKey", browserIDKeyPair.privateKey.toJSONObject());
            extendedJSONObject.put("publicKey", browserIDKeyPair.publicKey.toJSONObject());
            unbundle.put("assertionKeyPair", extendedJSONObject.object.toJSONString());
            persistBundle(unbundle);
            return browserIDKeyPair;
        }
    }

    public final String getAudience() {
        return this.accountManager.getUserData(this.account, "audience");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final String getCertificate() {
        return getBundleData("certificate");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final byte[] getEmailUTF8() {
        try {
            return this.account.name.getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            return null;
        }
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final byte[] getKa() {
        return getBundleDataBytes("kA");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final byte[] getKb() {
        return getBundleDataBytes("kB");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final byte[] getKeyFetchToken() {
        return getBundleDataBytes("keyFetchToken");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final byte[] getQuickStretchedPW() {
        String password = this.accountManager.getPassword(this.account);
        if (password == null) {
            return null;
        }
        return Utils.hex2Byte(password);
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final byte[] getSessionToken() {
        return getBundleDataBytes("sessionToken");
    }

    public final String getSyncPrefsPath() throws GeneralSecurityException, UnsupportedEncodingException {
        String userData = this.accountManager.getUserData(this.account, BrowserContract.PARAM_PROFILE);
        String str = this.account.name;
        if (userData == null) {
            throw new IllegalStateException("Missing profile. Cannot fetch prefs.");
        }
        if (str == null) {
            throw new IllegalStateException("Missing username. Cannot fetch prefs.");
        }
        String tokenServerURI = getTokenServerURI();
        if (tokenServerURI == null) {
            throw new IllegalStateException("No token server URI. Cannot fetch prefs.");
        }
        String accountServerURI = getAccountServerURI();
        if (accountServerURI == null) {
            throw new IllegalStateException("No account server URI. Cannot fetch prefs.");
        }
        return Utils.getPrefsPath("org.mozilla.fennec.fxa", str, accountServerURI + "!" + tokenServerURI, userData, 1L);
    }

    public final String getTokenServerURI() {
        return this.accountManager.getUserData(this.account, "tokenServerURI");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final boolean isValid() {
        return !getBundleDataBoolean$505cbf47("invalid");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final boolean isVerified() {
        return getBundleDataBoolean$505cbf47("verified");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final void setAssertion(String str) {
        updateBundleValue("assertion", str);
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final void setCertificate(String str) {
        updateBundleValue("certificate", str);
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final void setInvalid() {
        updateBundleValue$505cbf4b("invalid");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final void setKa(byte[] bArr) {
        updateBundleValue("kA", Utils.byte2Hex(bArr));
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final void setKeyFetchToken(byte[] bArr) {
        updateBundleDataBytes("keyFetchToken", bArr);
    }

    public final void setQuickStretchedPW(byte[] bArr) {
        this.accountManager.setPassword(this.account, bArr == null ? null : Utils.byte2Hex(bArr));
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final void setSessionToken(byte[] bArr) {
        updateBundleDataBytes("sessionToken", bArr);
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final void setVerified() {
        updateBundleValue$505cbf4b("verified");
    }

    @Override // org.mozilla.gecko.fxa.authenticator.AbstractFxAccount
    public final void setWrappedKb(byte[] bArr) {
        if (bArr == null) {
            Logger.error(LOG_TAG, "wrappedKb is null: cannot set kB.");
            throw new IllegalArgumentException("wrappedKb is null: cannot set kB.");
        }
        byte[] bundleDataBytes = getBundleDataBytes("unwrapkB");
        if (bundleDataBytes == null) {
            Logger.error(LOG_TAG, "unwrapKb is null: cannot set kB.");
            return;
        }
        byte[] bArr2 = new byte[bArr.length];
        for (int i = 0; i < bArr.length; i++) {
            bArr2[i] = (byte) (bArr[i] ^ bundleDataBytes[i]);
        }
        updateBundleValue("kB", Utils.byte2Hex(bArr2));
    }
}
