package freenet.node;

import freenet.client.FECCodec;
import freenet.crypt.MasterSecret;
import freenet.crypt.PCFBMode;
import freenet.crypt.SHA256;
import freenet.crypt.UnsupportedCipherException;
import freenet.crypt.ciphers.Rijndael;
import freenet.support.Fields;
import freenet.support.io.Closer;
import freenet.support.io.FileUtil;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.EOFException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Random;

/* loaded from: input_file:freenet/node/MasterKeys.class */
public class MasterKeys {
    final byte[] clientCacheMasterKey;
    private final byte[] databaseKey;
    private final byte[] tempfilesMasterSecret;
    final long flags;
    static final long FLAG_ENCRYPT_DATABASE = 2;
    static final int OLD_HASH_LENGTH = 4;
    static final int HASH_LENGTH = 12;
    static final int VERSION = 1;
    static final long MAX_ITERATIONS = 1099511627776L;
    static int ITERATE_TIME = 1000;

    public MasterKeys(byte[] bArr, byte[] bArr2, byte[] bArr3, long j) {
        this.clientCacheMasterKey = bArr;
        this.databaseKey = bArr2;
        this.flags = j;
        this.tempfilesMasterSecret = bArr3;
    }

    public static MasterKeys createRandom(Random random) {
        byte[] bArr = new byte[32];
        random.nextBytes(bArr);
        byte[] bArr2 = new byte[32];
        random.nextBytes(bArr2);
        byte[] bArr3 = new byte[64];
        random.nextBytes(bArr3);
        return new MasterKeys(bArr, bArr2, bArr3, 0L);
    }

    void clearClientCacheKeys() {
        clear(this.clientCacheMasterKey);
    }

    public static MasterKeys read(File file, Random random, String str) throws MasterKeysWrongPasswordException, MasterKeysFileSizeException, IOException {
        System.err.println("Trying to read master keys file...");
        if (file != null && file.exists()) {
            long length = file.length();
            if (length > 1024) {
                throw new MasterKeysFileSizeException(true);
            }
            if (length < 104) {
                throw new MasterKeysFileSizeException(false);
            }
            int i = (int) length;
            try {
                try {
                    FileInputStream fileInputStream = new FileInputStream(file);
                    DataInputStream dataInputStream = new DataInputStream(fileInputStream);
                    if (length == 140) {
                        MasterKeys readOldFormat = readOldFormat(dataInputStream, i, random, str);
                        System.out.println("Read old-format master keys file. Writing new format master.keys ...");
                        readOldFormat.changePassword(file, str, random);
                        Closer.close(fileInputStream);
                        return readOldFormat;
                    }
                    if (dataInputStream.readInt() != 1) {
                        throw new IOException("Bad version for master.keys");
                    }
                    long readLong = dataInputStream.readLong();
                    if (readLong < 0 || readLong > MAX_ITERATIONS) {
                        throw new IOException("Bad iterations " + readLong + " for master.keys");
                    }
                    byte[] bArr = new byte[32];
                    dataInputStream.readFully(bArr);
                    byte[] bArr2 = new byte[32];
                    dataInputStream.readFully(bArr2);
                    byte[] bArr3 = new byte[(((i - bArr.length) - bArr2.length) - 4) - 8];
                    dataInputStream.readFully(bArr3);
                    byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
                    MessageDigest messageDigest = SHA256.getMessageDigest();
                    messageDigest.update(bytes);
                    messageDigest.update(bArr);
                    byte[] digest = messageDigest.digest();
                    if (readLong > 0) {
                        System.out.println("Decrypting master keys using password with " + readLong + " iterations...");
                        for (long j = 0; j < readLong; j++) {
                            messageDigest.update(bArr);
                            messageDigest.update(digest);
                            digest = messageDigest.digest();
                        }
                    }
                    try {
                        Rijndael rijndael = new Rijndael(FECCodec.MAX_TOTAL_BLOCKS_PER_SEGMENT, FECCodec.MAX_TOTAL_BLOCKS_PER_SEGMENT);
                        rijndael.initialize(digest);
                        PCFBMode.create(rijndael, bArr2).blockDecipher(bArr3, 0, bArr3.length);
                        byte[] copyOf = Arrays.copyOf(bArr3, bArr3.length - 12);
                        byte[] copyOfRange = Arrays.copyOfRange(bArr3, copyOf.length, bArr3.length);
                        clear(bArr3);
                        if (!Fields.byteArrayEqual(messageDigest.digest(copyOf), copyOfRange, 0, 0, 12)) {
                            clear(copyOf);
                            clear(copyOfRange);
                            throw new MasterKeysWrongPasswordException();
                        }
                        DataInputStream dataInputStream2 = new DataInputStream(new ByteArrayInputStream(copyOf));
                        long readLong2 = dataInputStream2.readLong();
                        byte[] bArr4 = new byte[32];
                        dataInputStream2.readFully(bArr4);
                        byte[] bArr5 = new byte[32];
                        dataInputStream2.readFully(bArr5);
                        byte[] bArr6 = new byte[64];
                        boolean z = false;
                        if (copyOf.length >= 136) {
                            dataInputStream2.readFully(bArr6);
                        } else {
                            System.err.println("Created new master secret for encrypted tempfiles");
                            random.nextBytes(bArr6);
                            z = true;
                        }
                        MasterKeys masterKeys = new MasterKeys(bArr4, bArr5, bArr6, readLong2);
                        clear(copyOf);
                        clear(copyOfRange);
                        System.err.println("Read old master keys file");
                        if (z) {
                            masterKeys.changePassword(file, str, random);
                        }
                        Closer.close(fileInputStream);
                        return masterKeys;
                    } catch (UnsupportedCipherException e) {
                        throw new Error(e);
                    }
                } catch (Throwable th) {
                    Closer.close((Closeable) null);
                    throw th;
                }
            } catch (EOFException e2) {
                throw new MasterKeysFileSizeException(false);
            } catch (FileNotFoundException e3) {
                Closer.close((Closeable) null);
            }
        }
        System.err.println("Creating new master keys file");
        MasterKeys createRandom = createRandom(random);
        createRandom.write(file, str, random);
        return createRandom;
    }

    private static MasterKeys readOldFormat(DataInputStream dataInputStream, int i, Random random, String str) throws IOException, MasterKeysWrongPasswordException {
        byte[] bArr = new byte[32];
        dataInputStream.readFully(bArr);
        byte[] bArr2 = new byte[32];
        dataInputStream.readFully(bArr2);
        byte[] bArr3 = new byte[(i - bArr.length) - bArr2.length];
        dataInputStream.readFully(bArr3);
        byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
        MessageDigest messageDigest = SHA256.getMessageDigest();
        messageDigest.update(bytes);
        messageDigest.update(bArr);
        byte[] digest = messageDigest.digest();
        try {
            Rijndael rijndael = new Rijndael(FECCodec.MAX_TOTAL_BLOCKS_PER_SEGMENT, FECCodec.MAX_TOTAL_BLOCKS_PER_SEGMENT);
            rijndael.initialize(digest);
            PCFBMode.create(rijndael, bArr2).blockDecipher(bArr3, 0, bArr3.length);
            byte[] copyOf = Arrays.copyOf(bArr3, bArr3.length - 4);
            byte[] copyOfRange = Arrays.copyOfRange(bArr3, copyOf.length, bArr3.length);
            clear(bArr3);
            if (!Fields.byteArrayEqual(messageDigest.digest(copyOf), copyOfRange, 0, 0, 4)) {
                clear(copyOf);
                clear(copyOfRange);
                throw new MasterKeysWrongPasswordException();
            }
            DataInputStream dataInputStream2 = new DataInputStream(new ByteArrayInputStream(copyOf));
            byte[] bArr4 = new byte[8];
            dataInputStream2.readFully(bArr4);
            long bytesToLong = Fields.bytesToLong(bArr4);
            byte[] bArr5 = new byte[32];
            dataInputStream2.readFully(bArr5);
            byte[] bArr6 = new byte[32];
            dataInputStream2.readFully(bArr6);
            byte[] bArr7 = new byte[64];
            System.err.println("Created new master secret for encrypted tempfiles");
            random.nextBytes(bArr7);
            MasterKeys masterKeys = new MasterKeys(bArr5, bArr6, bArr7, bytesToLong);
            clear(copyOf);
            clear(copyOfRange);
            return masterKeys;
        } catch (UnsupportedCipherException e) {
            throw new Error(e);
        }
    }

    public static void clear(byte[] bArr) {
        if (bArr == null) {
            return;
        }
        Arrays.fill(bArr, (byte) 0);
    }

    public void changePassword(File file, String str, Random random) throws IOException {
        System.err.println("Writing new master.keys file");
        write(file, str, random);
    }

    private void write(File file, String str, Random random) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[32];
        random.nextBytes(bArr);
        byte[] bArr2 = new byte[32];
        random.nextBytes(bArr2);
        byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
        MessageDigest messageDigest = SHA256.getMessageDigest();
        messageDigest.update(bytes);
        messageDigest.update(bArr2);
        byte[] digest = messageDigest.digest();
        long j = 0;
        if (!str.isEmpty()) {
            long currentTimeMillis = System.currentTimeMillis();
            while (System.currentTimeMillis() < currentTimeMillis + ITERATE_TIME && j < 1099511627756L) {
                for (int i = 0; i < 10; i++) {
                    j++;
                    messageDigest.update(bArr2);
                    messageDigest.update(digest);
                    digest = messageDigest.digest();
                }
            }
            System.out.println("Encrypted password with " + j + " iterations.");
        }
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        dataOutputStream.writeInt(1);
        dataOutputStream.writeLong(j);
        byteArrayOutputStream.write(bArr2);
        byteArrayOutputStream.write(bArr);
        int length = bArr2.length + bArr.length + 4 + 8;
        dataOutputStream.writeLong(this.flags);
        byteArrayOutputStream.write(this.clientCacheMasterKey);
        byteArrayOutputStream.write(this.databaseKey);
        byteArrayOutputStream.write(this.tempfilesMasterSecret);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        messageDigest.update(byteArray, length, byteArray.length - length);
        byteArrayOutputStream.write(messageDigest.digest(), 0, 12);
        byte[] byteArray2 = byteArrayOutputStream.toByteArray();
        try {
            Rijndael rijndael = new Rijndael(FECCodec.MAX_TOTAL_BLOCKS_PER_SEGMENT, FECCodec.MAX_TOTAL_BLOCKS_PER_SEGMENT);
            rijndael.initialize(digest);
            PCFBMode.create(rijndael, bArr).blockEncipher(byteArray2, length, byteArray2.length - length);
            RandomAccessFile randomAccessFile = new RandomAccessFile(file, "rw");
            randomAccessFile.seek(0L);
            randomAccessFile.write(byteArray2);
            long length2 = randomAccessFile.length();
            if (length2 > byteArray2.length) {
                randomAccessFile.write(new byte[(int) (length2 - byteArray2.length)]);
                randomAccessFile.setLength(byteArray2.length);
            }
            randomAccessFile.getFD().sync();
            randomAccessFile.close();
        } catch (UnsupportedCipherException e) {
            throw new Error(e);
        }
    }

    public static void killMasterKeys(File file) throws IOException {
        FileUtil.secureDelete(file);
    }

    @Deprecated
    public DatabaseKey createDatabaseKey(Random random) {
        return createDatabaseKey();
    }

    public DatabaseKey createDatabaseKey() {
        return new DatabaseKey(this.databaseKey);
    }

    public MasterSecret getPersistentMasterSecret() {
        return new MasterSecret((byte[]) this.tempfilesMasterSecret.clone());
    }
}
