package org.cryptomator.cryptofs.health.dirid;

import com.google.common.io.BaseEncoding;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.ByteChannel;
import java.nio.channels.SeekableByteChannel;
import java.nio.charset.StandardCharsets;
import java.nio.file.CopyOption;
import java.nio.file.DirectoryStream;
import java.nio.file.FileAlreadyExistsException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicInteger;
import org.cryptomator.cryptofs.CiphertextDirectory;
import org.cryptomator.cryptofs.DirectoryIdBackup;
import org.cryptomator.cryptofs.VaultConfig;
import org.cryptomator.cryptofs.common.CiphertextFileType;
import org.cryptomator.cryptofs.common.Constants;
import org.cryptomator.cryptofs.health.api.CommonDetailKeys;
import org.cryptomator.cryptofs.health.api.DiagnosticResult;
import org.cryptomator.cryptolib.api.AuthenticationFailedException;
import org.cryptomator.cryptolib.api.Cryptor;
import org.cryptomator.cryptolib.api.FileNameCryptor;
import org.cryptomator.cryptolib.api.Masterkey;
import org.cryptomator.cryptolib.common.ByteBuffers;
import org.cryptomator.cryptolib.common.DecryptingReadableByteChannel;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/cryptomator/cryptofs/health/dirid/OrphanContentDir.class */
public class OrphanContentDir implements DiagnosticResult {
    private static final Logger LOG = LoggerFactory.getLogger(OrphanContentDir.class);
    private static final String FILE_PREFIX = "file";
    private static final String DIR_PREFIX = "directory";
    private static final String SYMLINK_PREFIX = "symlink";
    private static final String LONG_NAME_SUFFIX_BASE = "_withVeryLongName";
    final Path contentDir;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OrphanContentDir(Path path) {
        this.contentDir = path;
    }

    @Override // org.cryptomator.cryptofs.health.api.DiagnosticResult
    public DiagnosticResult.Severity getSeverity() {
        return DiagnosticResult.Severity.WARN;
    }

    @Override // org.cryptomator.cryptofs.health.api.DiagnosticResult
    public String toString() {
        return String.format("Orphan directory: %s", this.contentDir);
    }

    @Override // org.cryptomator.cryptofs.health.api.DiagnosticResult
    public Map<String, String> details() {
        return Map.of(CommonDetailKeys.ENCRYPTED_PATH, this.contentDir.toString());
    }

    @Override // org.cryptomator.cryptofs.health.api.DiagnosticResult
    public Optional<DiagnosticResult.Fix> getFix(Path path, VaultConfig vaultConfig, Masterkey masterkey, Cryptor cryptor) {
        return Optional.of(() -> {
            fix(path, vaultConfig, cryptor);
        });
    }

    private void fix(Path path, VaultConfig vaultConfig, Cryptor cryptor) throws IOException {
        MessageDigest sha1MessageDigest = getSha1MessageDigest();
        String num = Integer.toString((short) UUID.randomUUID().getMostSignificantBits(), 32);
        Path resolve = path.resolve(Constants.DATA_DIR_NAME);
        Path resolve2 = resolve.resolve(this.contentDir);
        String str = this.contentDir.getParent().getFileName().toString() + this.contentDir.getFileName().toString();
        Path prepareRecoveryDir = prepareRecoveryDir(path, cryptor.fileNameCryptor());
        if (prepareRecoveryDir.toAbsolutePath().equals(resolve2.toAbsolutePath())) {
            return;
        }
        CiphertextDirectory prepareStepParent = prepareStepParent(resolve, prepareRecoveryDir, cryptor, str);
        AtomicInteger atomicInteger = new AtomicInteger(1);
        AtomicInteger atomicInteger2 = new AtomicInteger(1);
        AtomicInteger atomicInteger3 = new AtomicInteger(1);
        String createClearnameToBeShortened = createClearnameToBeShortened(vaultConfig.getShorteningThreshold());
        Optional<String> retrieveDirId = retrieveDirId(resolve2, cryptor);
        DirectoryStream<Path> newDirectoryStream = Files.newDirectoryStream(resolve2, (DirectoryStream.Filter<? super Path>) this::matchesEncryptedContentPattern);
        try {
            for (Path path2 : newDirectoryStream) {
                boolean endsWith = path2.toString().endsWith(Constants.DEFLATED_FILE_SUFFIX);
                adoptOrphanedResource(path2, (String) retrieveDirId.map(str2 -> {
                    try {
                        return decryptFileName(path2, endsWith, str2, cryptor.fileNameCryptor());
                    } catch (IOException | AuthenticationFailedException e) {
                        LOG.warn("Unable to read and decrypt file name of {}:", path2, e);
                        return null;
                    }
                }).orElseGet(() -> {
                    String str3;
                    switch (determineCiphertextFileType(path2)) {
                        case FILE:
                            str3 = "file" + atomicInteger.getAndIncrement();
                            break;
                        case DIRECTORY:
                            str3 = "directory" + atomicInteger2.getAndIncrement();
                            break;
                        case SYMLINK:
                            str3 = "symlink" + atomicInteger3.getAndIncrement();
                            break;
                        default:
                            throw new MatchException((String) null, (Throwable) null);
                    }
                    return str3 + "_" + num + (endsWith ? createClearnameToBeShortened : Constants.ROOT_DIR_ID);
                }), endsWith, prepareStepParent, cryptor.fileNameCryptor(), sha1MessageDigest);
            }
            if (newDirectoryStream != null) {
                newDirectoryStream.close();
            }
            Files.deleteIfExists(resolve2.resolve(Constants.DIR_BACKUP_FILE_NAME));
            DirectoryStream<Path> newDirectoryStream2 = Files.newDirectoryStream(resolve2);
            try {
                for (Path path3 : newDirectoryStream2) {
                    Files.move(path3, prepareStepParent.path().resolve(path3.getFileName()), LinkOption.NOFOLLOW_LINKS);
                }
                if (newDirectoryStream2 != null) {
                    newDirectoryStream2.close();
                }
                Files.delete(resolve2);
            } catch (Throwable th) {
                if (newDirectoryStream2 != null) {
                    try {
                        newDirectoryStream2.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (Throwable th3) {
            if (newDirectoryStream != null) {
                try {
                    newDirectoryStream.close();
                } catch (Throwable th4) {
                    th3.addSuppressed(th4);
                }
            }
            throw th3;
        }
    }

    private boolean matchesEncryptedContentPattern(Path path) {
        String path2 = path.getFileName().toString();
        return path2.length() >= 26 && (path2.endsWith(Constants.CRYPTOMATOR_FILE_SUFFIX) || path2.endsWith(Constants.DEFLATED_FILE_SUFFIX));
    }

    Path prepareRecoveryDir(Path path, FileNameCryptor fileNameCryptor) throws IOException {
        Path resolve = path.resolve(Constants.DATA_DIR_NAME);
        String hashDirectoryId = fileNameCryptor.hashDirectoryId(Constants.ROOT_DIR_ID);
        Path resolve2 = resolve.resolve(hashDirectoryId.substring(0, 2)).resolve(hashDirectoryId.substring(2)).toAbsolutePath().resolve(encrypt(fileNameCryptor, Constants.RECOVERY_DIR_NAME, Constants.ROOT_DIR_ID) + "/dir.c9r");
        if (Files.notExists(resolve2, LinkOption.NOFOLLOW_LINKS)) {
            Files.createDirectories(resolve2.getParent(), new FileAttribute[0]);
            Files.writeString(resolve2, Constants.RECOVERY_DIR_ID, StandardCharsets.UTF_8, new OpenOption[]{StandardOpenOption.CREATE_NEW, StandardOpenOption.WRITE});
        } else if (!Constants.RECOVERY_DIR_ID.equals(Files.readString(resolve2, StandardCharsets.UTF_8))) {
            throw new FileAlreadyExistsException("Directory /LOST+FOUND already exists, but with wrong directory id.");
        }
        String hashDirectoryId2 = fileNameCryptor.hashDirectoryId(Constants.RECOVERY_DIR_ID);
        Path absolutePath = resolve.resolve(hashDirectoryId2.substring(0, 2)).resolve(hashDirectoryId2.substring(2)).toAbsolutePath();
        Files.createDirectories(absolutePath, new FileAttribute[0]);
        return absolutePath;
    }

    CiphertextDirectory prepareStepParent(Path path, Path path2, Cryptor cryptor, String str) throws IOException {
        String uuid;
        Path resolve = path2.resolve(encrypt(cryptor.fileNameCryptor(), str, Constants.RECOVERY_DIR_ID) + "/dir.c9r");
        if (Files.exists(resolve, LinkOption.NOFOLLOW_LINKS)) {
            uuid = Files.readString(resolve, StandardCharsets.UTF_8);
        } else {
            Files.createDirectories(resolve.getParent(), new FileAttribute[0]);
            uuid = UUID.randomUUID().toString();
            Files.writeString(resolve, uuid, StandardCharsets.UTF_8, new OpenOption[]{StandardOpenOption.CREATE_NEW, StandardOpenOption.WRITE});
        }
        String hashDirectoryId = cryptor.fileNameCryptor().hashDirectoryId(uuid);
        Path absolutePath = path.resolve(hashDirectoryId.substring(0, 2)).resolve(hashDirectoryId.substring(2)).toAbsolutePath();
        Files.createDirectories(absolutePath, new FileAttribute[0]);
        CiphertextDirectory ciphertextDirectory = new CiphertextDirectory(uuid, absolutePath);
        try {
            DirectoryIdBackup.backupManually(cryptor, ciphertextDirectory);
        } catch (FileAlreadyExistsException e) {
        }
        return ciphertextDirectory;
    }

    Optional<String> retrieveDirId(Path path, Cryptor cryptor) {
        Path resolve = path.resolve(Constants.DIR_BACKUP_FILE_NAME);
        ByteBuffer allocate = ByteBuffer.allocate(36);
        try {
            SeekableByteChannel newByteChannel = Files.newByteChannel(resolve, StandardOpenOption.READ);
            try {
                DecryptingReadableByteChannel createDecryptingReadableByteChannel = createDecryptingReadableByteChannel(newByteChannel, cryptor);
                try {
                    ByteBuffers.fill(createDecryptingReadableByteChannel, allocate);
                    allocate.flip();
                    if (createDecryptingReadableByteChannel != null) {
                        createDecryptingReadableByteChannel.close();
                    }
                    if (newByteChannel != null) {
                        newByteChannel.close();
                    }
                    return Optional.of(StandardCharsets.US_ASCII.decode(allocate).toString());
                } catch (Throwable th) {
                    if (createDecryptingReadableByteChannel != null) {
                        try {
                            createDecryptingReadableByteChannel.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (IOException e) {
            LOG.info("Unable to read {}.", resolve, e);
            return Optional.empty();
        }
    }

    DecryptingReadableByteChannel createDecryptingReadableByteChannel(ByteChannel byteChannel, Cryptor cryptor) {
        return new DecryptingReadableByteChannel(byteChannel, cryptor, true);
    }

    /* JADX WARN: Type inference failed for: r3v3, types: [byte[], byte[][]] */
    String decryptFileName(Path path, boolean z, String str, FileNameCryptor fileNameCryptor) throws IOException, AuthenticationFailedException {
        String readString = z ? Files.readString(path.resolve(Constants.INFLATED_FILE_NAME)) : path.getFileName().toString();
        return fileNameCryptor.decryptFilename(BaseEncoding.base64Url(), readString.substring(0, readString.length() - Constants.CRYPTOMATOR_FILE_SUFFIX.length()), (byte[][]) new byte[]{str.getBytes(StandardCharsets.UTF_8)});
    }

    void adoptOrphanedResource(Path path, String str, boolean z, CiphertextDirectory ciphertextDirectory, FileNameCryptor fileNameCryptor, MessageDigest messageDigest) throws IOException {
        String encrypt = encrypt(fileNameCryptor, str, ciphertextDirectory.dirId());
        if (!z) {
            Files.move(path, ciphertextDirectory.path().resolve(encrypt), new CopyOption[0]);
            return;
        }
        Path resolve = ciphertextDirectory.path().resolve(BaseEncoding.base64Url().encode(messageDigest.digest(encrypt.getBytes(StandardCharsets.UTF_8))) + ".c9s");
        Files.move(path, resolve, new CopyOption[0]);
        SeekableByteChannel newByteChannel = Files.newByteChannel(resolve.resolve(Constants.INFLATED_FILE_NAME), StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
        try {
            newByteChannel.write(ByteBuffer.wrap(encrypt.getBytes(StandardCharsets.UTF_8)));
            if (newByteChannel != null) {
                newByteChannel.close();
            }
        } catch (Throwable th) {
            if (newByteChannel != null) {
                try {
                    newByteChannel.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private static String createClearnameToBeShortened(int i) {
        return LONG_NAME_SUFFIX_BASE.repeat((((((i - 4) / 4) * 3) - 16) % LONG_NAME_SUFFIX_BASE.length()) + 1);
    }

    /* JADX WARN: Type inference failed for: r3v1, types: [byte[], byte[][]] */
    private static String encrypt(FileNameCryptor fileNameCryptor, String str, String str2) {
        return fileNameCryptor.encryptFilename(BaseEncoding.base64Url(), str, (byte[][]) new byte[]{str2.getBytes(StandardCharsets.UTF_8)}) + ".c9r";
    }

    private static CiphertextFileType determineCiphertextFileType(Path path) {
        return Files.exists(path.resolve(Constants.DIR_FILE_NAME), LinkOption.NOFOLLOW_LINKS) ? CiphertextFileType.DIRECTORY : Files.exists(path.resolve(Constants.SYMLINK_FILE_NAME), LinkOption.NOFOLLOW_LINKS) ? CiphertextFileType.SYMLINK : CiphertextFileType.FILE;
    }

    private static MessageDigest getSha1MessageDigest() {
        try {
            return MessageDigest.getInstance("SHA1");
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException("Every JVM needs to provide a SHA1 implementation.");
        }
    }
}
