package com.nextcloud.talk.utils;

import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.nextcloud.talk.api.NcApi;
import com.nextcloud.talk.application.NextcloudTalkApplication;
import com.nextcloud.talk.data.user.model.User;
import com.nextcloud.talk.events.EventStatus;
import com.nextcloud.talk.models.SignatureVerification;
import com.nextcloud.talk.models.json.push.PushConfigurationState;
import com.nextcloud.talk.models.json.push.PushRegistrationOverall;
import com.nextcloud.talk.users.UserManager;
import com.nextcloud.talk.utils.preferences.AppPreferences;
import com.nextcloud.talk2.R;
import io.reactivex.Observer;
import io.reactivex.SingleObserver;
import io.reactivex.disposables.Disposable;
import io.reactivex.schedulers.Schedulers;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.inject.Inject;
import org.greenrobot.eventbus.EventBus;

/* loaded from: classes3.dex */
public class PushUtils {
    private static final String TAG = "PushUtils";

    @Inject
    AppPreferences appPreferences;

    @Inject
    EventBus eventBus;
    private final File privateKeyFile;
    private final String proxyServer;
    private final File publicKeyFile;

    @Inject
    UserManager userManager;

    public PushUtils() {
        NextcloudTalkApplication.INSTANCE.getSharedApplication().getComponentApplication().inject(this);
        String absolutePath = NextcloudTalkApplication.INSTANCE.getSharedApplication().getDir("PushKeystore", 0).getAbsolutePath();
        this.publicKeyFile = new File(absolutePath, "push_key.pub");
        this.privateKeyFile = new File(absolutePath, "push_key.priv");
        this.proxyServer = NextcloudTalkApplication.INSTANCE.getSharedApplication().getResources().getString(R.string.nc_push_server_url);
    }

    private String bytesToHex(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append(Integer.toString((b & 255) + 256, 16).substring(1));
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void createOrUpdateUser(Map<String, String> map, final User user) throws IOException {
        PushConfigurationState pushConfigurationState = new PushConfigurationState();
        pushConfigurationState.setPushToken(map.get("pushToken"));
        pushConfigurationState.setDeviceIdentifier(map.get("deviceIdentifier"));
        pushConfigurationState.setDeviceIdentifierSignature(map.get("deviceIdentifierSignature"));
        pushConfigurationState.setUserPublicKey(map.get("userPublicKey"));
        pushConfigurationState.setUsesRegularPass(Boolean.FALSE);
        user.setPushConfigurationState(pushConfigurationState);
        this.userManager.saveUser(user).subscribe(new SingleObserver<Integer>() { // from class: com.nextcloud.talk.utils.PushUtils.3
            @Override // io.reactivex.SingleObserver
            public void onError(Throwable th) {
                PushUtils.this.eventBus.post(new EventStatus(UserIdUtils.INSTANCE.getIdForUser(user), EventStatus.EventType.PUSH_REGISTRATION, false));
            }

            @Override // io.reactivex.SingleObserver
            public void onSubscribe(Disposable disposable) {
            }

            @Override // io.reactivex.SingleObserver
            public void onSuccess(Integer num) {
                PushUtils.this.eventBus.post(new EventStatus(UserIdUtils.INSTANCE.getIdForUser(user), EventStatus.EventType.PUSH_REGISTRATION, true));
            }
        });
    }

    private String generateSHA512Hash(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");
            messageDigest.update(str.getBytes());
            return bytesToHex(messageDigest.digest());
        } catch (NoSuchAlgorithmException unused) {
            Log.d(TAG, "SHA-512 algorithm not supported");
            return "";
        }
    }

    private Key readKeyFromString(boolean z, String str) {
        String replace = z ? str.replaceAll("\\n", "").replace("-----BEGIN PUBLIC KEY-----", "").replace("-----END PUBLIC KEY-----", "") : str.replaceAll("\\n", "").replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "");
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            return z ? keyFactory.generatePublic(new X509EncodedKeySpec(Base64.decode(replace, 0))) : keyFactory.generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(replace, 0)));
        } catch (NoSuchAlgorithmException unused) {
            Log.d(TAG, "No such algorithm while reading key from string");
            return null;
        } catch (InvalidKeySpecException unused2) {
            Log.d(TAG, "Invalid key spec while reading key from string");
            return null;
        }
    }

    private void registerDeviceWithNextcloud(final NcApi ncApi, Map<String, String> map, final String str, final User user) {
        ncApi.registerDeviceForNotificationsWithNextcloud(ApiUtils.getCredentials(user.getUsername(), user.getToken()), ApiUtils.getUrlNextcloudPush(user.getBaseUrl()), map).subscribe(new Observer<PushRegistrationOverall>() { // from class: com.nextcloud.talk.utils.PushUtils.1
            @Override // io.reactivex.Observer
            public void onComplete() {
            }

            @Override // io.reactivex.Observer
            public void onError(Throwable th) {
                PushUtils.this.eventBus.post(new EventStatus(user.getId().longValue(), EventStatus.EventType.PUSH_REGISTRATION, false));
            }

            @Override // io.reactivex.Observer
            public void onNext(PushRegistrationOverall pushRegistrationOverall) {
                Log.d(PushUtils.TAG, "pushTokenHash successfully registered at nextcloud server.");
                HashMap hashMap = new HashMap();
                hashMap.put("pushToken", str);
                hashMap.put("deviceIdentifier", pushRegistrationOverall.getOcs().getData().getDeviceIdentifier());
                hashMap.put("deviceIdentifierSignature", pushRegistrationOverall.getOcs().getData().getSignature());
                hashMap.put("userPublicKey", pushRegistrationOverall.getOcs().getData().getPublicKey());
                PushUtils.this.registerDeviceWithPushProxy(ncApi, hashMap, user);
            }

            @Override // io.reactivex.Observer
            public void onSubscribe(Disposable disposable) {
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void registerDeviceWithPushProxy(NcApi ncApi, final Map<String, String> map, final User user) {
        ncApi.registerDeviceForNotificationsWithPushProxy(ApiUtils.getUrlPushProxy(), map).subscribeOn(Schedulers.io()).subscribe(new Observer<Void>() { // from class: com.nextcloud.talk.utils.PushUtils.2
            @Override // io.reactivex.Observer
            public void onComplete() {
            }

            @Override // io.reactivex.Observer
            public void onError(Throwable th) {
                PushUtils.this.eventBus.post(new EventStatus(user.getId().longValue(), EventStatus.EventType.PUSH_REGISTRATION, false));
            }

            @Override // io.reactivex.Observer
            public void onNext(Void r4) {
                try {
                    Log.d(PushUtils.TAG, "pushToken successfully registered at pushproxy.");
                    PushUtils.this.createOrUpdateUser(map, user);
                } catch (IOException e) {
                    Log.e(PushUtils.TAG, "IOException while updating user", e);
                }
            }

            @Override // io.reactivex.Observer
            public void onSubscribe(Disposable disposable) {
            }
        });
    }

    private int saveKeyToFile(Key key, String str) {
        byte[] encoded = key.getEncoded();
        try {
            if (!new File(str).exists() && !new File(str).createNewFile()) {
                return -1;
            }
            FileOutputStream fileOutputStream = new FileOutputStream(str);
            try {
                fileOutputStream.write(encoded);
                fileOutputStream.close();
                return 0;
            } finally {
            }
        } catch (FileNotFoundException unused) {
            Log.d(TAG, "Failed to save key to file");
            return -1;
        } catch (IOException unused2) {
            Log.d(TAG, "Failed to save key to file via IOException");
            return -1;
        }
    }

    public int generateRsa2048KeyPair() {
        if (this.publicKeyFile.exists() || this.privateKeyFile.exists()) {
            return -1;
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            return (saveKeyToFile(generateKeyPair.getPrivate(), this.privateKeyFile.getAbsolutePath()) == 0 && saveKeyToFile(generateKeyPair.getPublic(), this.publicKeyFile.getAbsolutePath()) == 0) ? 0 : -2;
        } catch (NoSuchAlgorithmException unused) {
            Log.d(TAG, "RSA algorithm not supported");
            return -2;
        }
    }

    public void pushRegistrationToServer(NcApi ncApi) {
        String pushToken = this.appPreferences.getPushToken();
        if (TextUtils.isEmpty(pushToken)) {
            Log.e(TAG, "push token was empty when trying to register at nextcloud server");
            return;
        }
        String lowerCase = generateSHA512Hash(pushToken).toLowerCase();
        PublicKey publicKey = (PublicKey) readKeyFromFile(true);
        if (publicKey != null) {
            String str = "-----BEGIN PUBLIC KEY-----\n" + new String(Base64.encode(publicKey.getEncoded(), 2)).replaceAll("(.{64})", "$1\n") + "\n-----END PUBLIC KEY-----\n";
            for (User user : this.userManager.getUsers().blockingGet()) {
                if (!user.getScheduledForDeletion()) {
                    HashMap hashMap = new HashMap();
                    hashMap.put("format", "json");
                    hashMap.put("pushTokenHash", lowerCase);
                    hashMap.put("devicePublicKey", str);
                    hashMap.put("proxyServer", this.proxyServer);
                    registerDeviceWithNextcloud(ncApi, hashMap, pushToken, user);
                }
            }
        }
    }

    public Key readKeyFromFile(boolean z) {
        try {
            FileInputStream fileInputStream = new FileInputStream(z ? this.publicKeyFile.getAbsolutePath() : this.privateKeyFile.getAbsolutePath());
            try {
                byte[] bArr = new byte[fileInputStream.available()];
                fileInputStream.read(bArr);
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                if (z) {
                    PublicKey generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(bArr));
                    fileInputStream.close();
                    return generatePublic;
                }
                PrivateKey generatePrivate = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr));
                fileInputStream.close();
                return generatePrivate;
            } catch (Throwable th) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (FileNotFoundException unused) {
            Log.d(TAG, "Failed to find path while reading the Key");
            return null;
        } catch (IOException unused2) {
            Log.d(TAG, "IOException while reading the key");
            return null;
        } catch (NoSuchAlgorithmException unused3) {
            Log.d(TAG, "RSA algorithm not supported");
            return null;
        } catch (InvalidKeySpecException unused4) {
            Log.d(TAG, "InvalidKeySpecException while reading the key");
            return null;
        }
    }

    public SignatureVerification verifySignature(byte[] bArr, byte[] bArr2) {
        SignatureVerification signatureVerification = new SignatureVerification();
        signatureVerification.setSignatureValid(false);
        List<User> blockingGet = this.userManager.getUsers().blockingGet();
        try {
            Signature signature = Signature.getInstance("SHA512withRSA");
            if (blockingGet != null && blockingGet.size() > 0) {
                for (User user : blockingGet) {
                    if (user.getPushConfigurationState() != null) {
                        signature.initVerify((PublicKey) readKeyFromString(true, user.getPushConfigurationState().getUserPublicKey()));
                        signature.update(bArr2);
                        if (signature.verify(bArr)) {
                            signatureVerification.setSignatureValid(true);
                            signatureVerification.setUser(user);
                            return signatureVerification;
                        }
                    }
                }
            }
        } catch (InvalidKeyException unused) {
            Log.d(TAG, "Invalid key while trying to verify");
        } catch (NoSuchAlgorithmException unused2) {
            Log.d(TAG, "No such algorithm");
        } catch (SignatureException unused3) {
            Log.d(TAG, "Signature exception while trying to verify");
        }
        return signatureVerification;
    }
}
