package org.keepassxc;

import com.iwebpp.crypto.TweetNaclFast;
import java.beans.PropertyChangeListener;
import java.beans.PropertyChangeSupport;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Random;
import java.util.UUID;
import java.util.concurrent.Callable;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import org.json.JSONArray;
import org.json.JSONObject;
import org.purejava.Credentials;
import org.purejava.KeepassProxyAccessException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/keepassxc/Connection.class */
public abstract class Connection implements AutoCloseable {
    private static final Logger log;
    private final PropertyChangeSupport support;
    private TweetNaclFast.Box box;
    private Optional<Credentials> credentials;
    private final String clientID;
    private static final int nonceLength = 24;
    private byte[] nonce;
    protected MessagePublisher messagePublisher;
    private final ScheduledExecutorService scheduler;
    static final /* synthetic */ boolean $assertionsDisabled;
    final ExecutorService executorService = Executors.newFixedThreadPool(2);
    private final ConcurrentLinkedQueue<JSONObject> queue = new ConcurrentLinkedQueue<>();
    private final int MAX_ERROR_COUNT = 4;
    private final int RECONNECT_DELAY_S = 15;
    private final AtomicReference<ScheduledFuture<?>> scheduledConnectCmd = new AtomicReference<>();
    private final long RESPONSE_DELAY_MS = 500;
    protected final String PROXY_NAME = "org.keepassxc.KeePassXC.BrowserServer";
    private final String NOT_CONNECTED = "Not connected to KeePassXC. Call connect().";
    private final String KEYEXCHANGE_MISSING = "Public keys need to be exchanged. Call changePublicKeys().";
    private final String MISSING_CLASS = "Credentials have not been initialized";
    public final String EXCEPTION_INFO = "Delaying association dialog response lookup due to https://github.com/keepassxreboot/keepassxc/issues/7099";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/keepassxc/Connection$MessageConsumer.class */
    public class MessageConsumer implements Callable<JSONObject> {
        private final String action;

        public MessageConsumer(String str) {
            this.action = str;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public JSONObject call() throws Exception {
            while (true) {
                JSONObject peek = Connection.this.queue.peek();
                if (null == peek) {
                    Thread.sleep(200L);
                } else if (Connection.this.isSignal(peek)) {
                    Connection.this.queue.poll();
                } else if (peek.toString().equals("{}")) {
                    Connection.this.queue.poll();
                    Connection.log.trace("KeePassXC send an empty response: {}", peek);
                } else if (peek.has("success") && (!peek.has("action") || !peek.getString("action").equals(this.action))) {
                    Connection.log.trace("Response added to queue: {}", peek);
                }
            }
            Connection.log.trace("Retrieved from queue: {}", Connection.this.queue.peek());
            return Connection.this.queue.poll();
        }
    }

    /* loaded from: input_file:org/keepassxc/Connection$MessagePublisher.class */
    class MessagePublisher implements Runnable {
        private boolean doStop = false;
        private int errorCount = 0;

        MessagePublisher() {
        }

        public synchronized void doStop() {
            this.doStop = true;
        }

        private synchronized boolean keepRunning() {
            return !this.doStop;
        }

        @Override // java.lang.Runnable
        public void run() {
            while (keepRunning()) {
                JSONObject cleartextResponse = Connection.this.getCleartextResponse();
                if (cleartextResponse.isEmpty()) {
                    this.errorCount++;
                    if (this.errorCount > 4) {
                        Connection.log.info("Too much errors - stopping MessagePublisher");
                        doStop();
                        Connection.this.reconnect();
                    }
                } else {
                    Connection.this.queue.offer(cleartextResponse);
                    this.errorCount = 0;
                }
            }
            Connection.log.debug("MessagePublisher stopped");
        }
    }

    public Connection() {
        byte[] bArr = new byte[nonceLength];
        new Random().nextBytes(bArr);
        this.clientID = b64encode(bArr);
        this.nonce = TweetNaclFast.randombytes(nonceLength);
        this.credentials = Optional.empty();
        this.support = new PropertyChangeSupport(this);
        this.scheduler = Executors.newSingleThreadScheduledExecutor();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void lauchMessagePublisher() {
        this.messagePublisher = new MessagePublisher();
        log.debug("MessagePublisher started");
        this.executorService.execute(this.messagePublisher);
    }

    private void reconnect() {
        ScheduledFuture<?> andSet = this.scheduledConnectCmd.getAndSet(this.scheduler.schedule(() -> {
            try {
                connect();
            } catch (IOException e) {
                reconnect();
            }
        }, 15L, TimeUnit.SECONDS));
        if (andSet != null) {
            andSet.cancel(false);
        }
    }

    public void addPropertyChangeListener(PropertyChangeListener propertyChangeListener) {
        this.support.addPropertyChangeListener(propertyChangeListener);
    }

    public void removePropertyChangeListener(PropertyChangeListener propertyChangeListener) {
        this.support.removePropertyChangeListener(propertyChangeListener);
    }

    public abstract void connect() throws IOException;

    protected abstract void sendCleartextMessage(String str) throws IOException;

    protected abstract JSONObject getCleartextResponse();

    /* JADX WARN: Code restructure failed: missing block: B:12:0x002b, code lost:
    
        if (r4.getString("action").equals("database-unlocked") != false) goto L10;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private boolean isSignal(org.json.JSONObject r4) {
        /*
            r3 = this;
            r0 = r4
            java.lang.String r1 = "action"
            boolean r0 = r0.has(r1)     // Catch: org.json.JSONException -> L34
            if (r0 == 0) goto L17
            r0 = r4
            java.lang.String r1 = "action"
            java.lang.String r0 = r0.getString(r1)     // Catch: org.json.JSONException -> L34
            java.lang.String r1 = "database-locked"
            boolean r0 = r0.equals(r1)     // Catch: org.json.JSONException -> L34
            if (r0 != 0) goto L2e
        L17:
            r0 = r4
            java.lang.String r1 = "action"
            boolean r0 = r0.has(r1)     // Catch: org.json.JSONException -> L34
            if (r0 == 0) goto L32
            r0 = r4
            java.lang.String r1 = "action"
            java.lang.String r0 = r0.getString(r1)     // Catch: org.json.JSONException -> L34
            java.lang.String r1 = "database-unlocked"
            boolean r0 = r0.equals(r1)     // Catch: org.json.JSONException -> L34
            if (r0 == 0) goto L32
        L2e:
            r0 = 1
            goto L33
        L32:
            r0 = 0
        L33:
            return r0
        L34:
            r5 = move-exception
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.keepassxc.Connection.isSignal(org.json.JSONObject):boolean");
    }

    private void sendEncryptedMessage(Map<String, Object> map) throws IOException {
        boolean z = false;
        if (!isConnected()) {
            throw new IllegalStateException("Not connected to KeePassXC. Call connect().");
        }
        byte[] serverPublicKey = this.credentials.orElseThrow(() -> {
            return new IllegalStateException("Public keys need to be exchanged. Call changePublicKeys().");
        }).getServerPublicKey();
        TweetNaclFast.Box.KeyPair ownKeypair = this.credentials.orElseThrow(() -> {
            return new IllegalStateException("Public keys need to be exchanged. Call changePublicKeys().");
        }).getOwnKeypair();
        if (map.containsKey("triggerUnlock") && map.get("triggerUnlock").equals("true")) {
            map.remove("triggerUnlock");
            z = true;
        }
        String jsonTxt = jsonTxt(map);
        log.trace("Send - encrypting the following message: {}", jsonTxt);
        this.box = new TweetNaclFast.Box(serverPublicKey, ownKeypair.getSecretKey());
        this.nonce = ramdomGenerateNonce();
        String b64encode = b64encode(this.box.box(jsonTxt.getBytes(), this.nonce));
        HashMap hashMap = new HashMap();
        hashMap.put("action", map.get("action").toString());
        hashMap.put("message", b64encode);
        hashMap.put("nonce", b64encode(this.nonce));
        hashMap.put("clientID", this.clientID);
        if (z) {
            hashMap.put("triggerUnlock", "true");
        }
        sendCleartextMessage(jsonTxt(hashMap));
    }

    private JSONObject getEncryptedResponseAndDecrypt(String str) throws KeepassProxyAccessException {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject = (JSONObject) this.executorService.submit(new MessageConsumer(str)).get();
        } catch (InterruptedException | ExecutionException e) {
            log.error(e.toString(), e.getCause());
        }
        if (jSONObject.has("error")) {
            throw new KeepassProxyAccessException("ErrorCode: " + jSONObject.getString("errorCode") + ", " + jSONObject.getString("error"));
        }
        byte[] open = this.box.open(b64decode(jSONObject.getString("message").getBytes()), b64decode(jSONObject.getString("nonce").getBytes()));
        if (open == null) {
            throw new KeepassProxyAccessException("Error: message could not be decrypted");
        }
        String str2 = new String(open, StandardCharsets.UTF_8);
        log.trace("Decrypted message: {}", str2);
        JSONObject jSONObject2 = new JSONObject(str2);
        if (jSONObject2.has("success")) {
            return jSONObject2;
        }
        throw new KeepassProxyAccessException("ErrorCode: " + jSONObject.getString("errorCode") + ", " + jSONObject.getString("error"));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void changePublicKeys() throws IOException, KeepassProxyAccessException {
        if (!isConnected()) {
            throw new IllegalStateException("Not connected to KeePassXC. Call connect().");
        }
        TweetNaclFast.Box.KeyPair keyPair = TweetNaclFast.Box.keyPair();
        this.nonce = ramdomGenerateNonce();
        sendCleartextMessage(jsonTxt(Map.of("action", "change-public-keys", "publicKey", b64encode(keyPair.getPublicKey()), "nonce", b64encode(this.nonce), "clientID", this.clientID)));
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject = (JSONObject) this.executorService.submit(new MessageConsumer("change-public-keys")).get();
        } catch (InterruptedException | ExecutionException e) {
            log.error(e.toString(), e.getCause());
        }
        if (!jSONObject.has("success")) {
            throw new KeepassProxyAccessException("ErrorCode: " + jSONObject.getString("errorCode") + ", " + jSONObject.getString("error"));
        }
        byte[] b64decode = b64decode(jSONObject.getString("publicKey").getBytes());
        this.box = new TweetNaclFast.Box(b64decode, keyPair.getSecretKey());
        if (this.credentials.isEmpty()) {
            setCredentials(Optional.of(new Credentials()));
        }
        this.credentials.orElseThrow(() -> {
            return new IllegalStateException("Credentials have not been initialized");
        }).setOwnKeypair(keyPair);
        this.credentials.orElseThrow(() -> {
            return new IllegalStateException("Credentials have not been initialized");
        }).setServerPublicKey(b64decode);
        this.support.firePropertyChange("credentialsCreated", (Object) null, this.credentials);
    }

    public void associate() throws IOException, KeepassProxyAccessException {
        TweetNaclFast.Box.KeyPair keyPair = TweetNaclFast.Box.keyPair();
        sendEncryptedMessage(Map.of("action", "associate", "key", b64encode(this.credentials.orElseThrow(() -> {
            return new IllegalStateException("Public keys need to be exchanged. Call changePublicKeys().");
        }).getOwnKeypair().getPublicKey()), "idKey", b64encode(keyPair.getPublicKey())));
        this.scheduler.schedule(() -> {
            JSONObject jSONObject = null;
            try {
                jSONObject = getEncryptedResponseAndDecrypt("associate");
            } catch (KeepassProxyAccessException e) {
                log.error(e.toString(), e.getCause());
            }
            if (!$assertionsDisabled && jSONObject == null) {
                throw new AssertionError();
            }
            this.credentials.orElseThrow(() -> {
                return new IllegalStateException("Credentials have not been initialized");
            }).setAssociateId(jSONObject.getString("id"));
            this.credentials.orElseThrow(() -> {
                return new IllegalStateException("Credentials have not been initialized");
            }).setIdKeyPublicKey(keyPair.getPublicKey());
            this.support.firePropertyChange("associated", (Object) null, this.credentials);
        }, 500L, TimeUnit.MILLISECONDS);
        throw new KeepassProxyAccessException("Delaying association dialog response lookup due to https://github.com/keepassxreboot/keepassxc/issues/7099");
    }

    public String getDatabasehash() throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "get-databasehash"));
        return getEncryptedResponseAndDecrypt("get-databasehash").getString("hash");
    }

    public String getDatabasehash(boolean z) throws IOException, KeepassProxyAccessException {
        HashMap hashMap = new HashMap();
        hashMap.put("action", "get-databasehash");
        hashMap.put("triggerUnlock", Boolean.toString(z));
        sendEncryptedMessage(hashMap);
        return getEncryptedResponseAndDecrypt("get-databasehash").getString("hash");
    }

    public void testAssociate(String str, String str2) throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "test-associate", "id", str, "key", str2));
        getEncryptedResponseAndDecrypt("test-associate");
    }

    public JSONObject getLogins(String str, String str2, boolean z, List<Map<String, String>> list) throws IOException, KeepassProxyAccessException {
        JSONArray jSONArray = new JSONArray();
        for (Map<String, String> map : list) {
            JSONObject jSONObject = new JSONObject(map);
            if (!jSONObject.has("id") || !jSONObject.has("key") || jSONObject.length() != 2) {
                throw new KeepassProxyAccessException("JSON object key is malformed");
            }
            jSONArray.put((Map) map);
        }
        sendEncryptedMessage(Map.of("action", "get-logins", "url", ensureNotNull(str), "submitUrl", ensureNotNull(str2), "httpAuth", Boolean.valueOf(z), "keys", jSONArray));
        return getEncryptedResponseAndDecrypt("get-logins");
    }

    public JSONObject setLogin(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "set-login", "url", ensureNotNull(str), "submitUrl", ensureNotNull(str2), "id", ensureNotNull(str3), "login", ensureNotNull(str4), "password", ensureNotNull(str5), "group", ensureNotNull(str6), "groupUuid", ensureNotNull(str7), "uuid", ensureNotNull(str8)));
        return getEncryptedResponseAndDecrypt("set-login");
    }

    public JSONObject getDatabaseGroups() throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "get-database-groups"));
        return getEncryptedResponseAndDecrypt("get-database-groups");
    }

    public JSONObject generatePassword() throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "generate-password", "clientID", this.clientID));
        return getEncryptedResponseAndDecrypt("generate-password");
    }

    public JSONObject lockDatabase() throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "lock-database"));
        return getEncryptedResponseAndDecrypt("lock-database");
    }

    public JSONObject createNewGroup(String str) throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "create-new-group", "groupName", ensureNotNull(str)));
        return getEncryptedResponseAndDecrypt("create-new-group");
    }

    public JSONObject getTotp(String str) throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "get-totp", "uuid", ensureNotNull(str)));
        return getEncryptedResponseAndDecrypt("get-totp");
    }

    public JSONObject deleteEntry(String str) throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "delete-entry", "uuid", ensureNotNull(str)));
        return getEncryptedResponseAndDecrypt("delete-entry");
    }

    public JSONObject requestAutotype(String str) throws IOException, KeepassProxyAccessException {
        sendEncryptedMessage(Map.of("action", "request-autotype", "groupName", ensureNotNull(str)));
        return getEncryptedResponseAndDecrypt("request-autotype");
    }

    private String jsonTxt(Map<String, Object> map) {
        return new JSONObject(map).toString();
    }

    private byte[] ramdomGenerateNonce() {
        return TweetNaclFast.randombytes(nonceLength);
    }

    private String b64encode(byte[] bArr) {
        return Base64.getEncoder().encodeToString(bArr);
    }

    private byte[] b64decode(byte[] bArr) {
        return Base64.getDecoder().decode(bArr);
    }

    private String generateHEXUUID() {
        return UUID.randomUUID().toString().replace("-", "");
    }

    private String ensureNotNull(String str) {
        return null == str ? "" : str;
    }

    public String getIdKeyPairPublicKey() {
        return (String) this.credentials.map(credentials -> {
            return b64encode(credentials.getIdKeyPublicKey());
        }).orElse("");
    }

    public String getAssociateId() {
        return (String) this.credentials.map((v0) -> {
            return v0.getAssociateId();
        }).orElse("");
    }

    public void setCredentials(Optional<Credentials> optional) {
        this.credentials = optional;
    }

    protected abstract boolean isConnected();

    @Override // java.lang.AutoCloseable
    public abstract void close() throws Exception;

    static {
        $assertionsDisabled = !Connection.class.desiredAssertionStatus();
        log = LoggerFactory.getLogger(Connection.class);
    }
}
