package com.azure.authenticator.storage.database;

import android.content.ContentValues;
import android.content.Context;
import android.database.Cursor;
import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteException;
import android.database.sqlite.SQLiteOpenHelper;
import com.azure.authenticator.PhoneFactorApplication;
import com.azure.authenticator.accounts.AccountCapability;
import com.azure.authenticator.accounts.AccountType;
import com.azure.authenticator.encryption.AbstractEncryptionManager;
import com.azure.authenticator.encryption.MfaPinEncryptionManager;
import com.azure.authenticator.logging.ExternalLogger;
import com.azure.authenticator.storage.Storage;
import com.azure.authenticator.telemetry.AppTelemetryConstants;
import java.security.KeyStore;
import java.util.Locale;
import javax.crypto.SecretKey;

/* loaded from: classes.dex */
public class AccountsSQLiteDatabaseOpener extends SQLiteOpenHelper {
    private static final String AND = " and ";
    private static final String DB_NAME = "PhoneFactor";
    private static final int DB_VERSION = 17;
    private static final String NOT_NULL_AND_EMPTY_FORMAT = "(%s is not null and %s != \"\")";
    private static final String NULL_OR_EMPTY_FORMAT = "(%s is null or %s == \"\")";
    private Context _context;

    public AccountsSQLiteDatabaseOpener(Context context) {
        super(context, DB_NAME, (SQLiteDatabase.CursorFactory) null, 17);
        this._context = context;
    }

    private void migrateToVersion11(SQLiteDatabase sQLiteDatabase) {
        ContentValues contentValues = new ContentValues();
        contentValues.put("account_type", Integer.valueOf(AccountType.MSA.getValue()));
        contentValues.put("account_capability", Integer.valueOf(new AccountCapability(new AccountCapability.AccountCapabilityEnum[]{AccountCapability.AccountCapabilityEnum.MFA, AccountCapability.AccountCapabilityEnum.TOTP, AccountCapability.AccountCapabilityEnum.NGC}).getValue()));
        sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues, String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "cid", "cid") + AND + String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "ngc_ski", "ngc_ski"), null);
        ContentValues contentValues2 = new ContentValues();
        contentValues2.put("account_type", Integer.valueOf(AccountType.MSA.getValue()));
        contentValues2.put("account_capability", Integer.valueOf(new AccountCapability(new AccountCapability.AccountCapabilityEnum[]{AccountCapability.AccountCapabilityEnum.MFA, AccountCapability.AccountCapabilityEnum.TOTP}).getValue()));
        sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues2, String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "cid", "cid") + AND + String.format(Locale.US, NULL_OR_EMPTY_FORMAT, "ngc_ski", "ngc_ski"), null);
        ContentValues contentValues3 = new ContentValues();
        contentValues3.put("account_type", Integer.valueOf(AccountType.AAD.getValue()));
        contentValues3.put("account_capability", Integer.valueOf(new AccountCapability(new AccountCapability.AccountCapabilityEnum[]{AccountCapability.AccountCapabilityEnum.MFA}).getValue()));
        sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues3, String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "username", "username") + AND + String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "paws_url", "paws_url") + AND + "oath_enabled = 0", null);
        ContentValues contentValues4 = new ContentValues();
        contentValues4.put("account_type", Integer.valueOf(AccountType.AAD.getValue()));
        contentValues4.put("account_capability", Integer.valueOf(new AccountCapability(new AccountCapability.AccountCapabilityEnum[]{AccountCapability.AccountCapabilityEnum.MFA, AccountCapability.AccountCapabilityEnum.TOTP}).getValue()));
        sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues4, String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "username", "username") + AND + String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "paws_url", "paws_url") + AND + "oath_enabled = 1" + AND + String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "oath_secret_key", "oath_secret_key"), null);
        ContentValues contentValues5 = new ContentValues();
        contentValues5.put("account_type", Integer.valueOf(AccountType.AAD.getValue()));
        contentValues5.put("account_capability", Integer.valueOf(new AccountCapability(new AccountCapability.AccountCapabilityEnum[]{AccountCapability.AccountCapabilityEnum.NONE}).getValue()));
        sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues5, "group_key = ? and " + String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "username", "username") + AND + String.format(Locale.US, NULL_OR_EMPTY_FORMAT, "paws_url", "paws_url") + AND + String.format(Locale.US, NULL_OR_EMPTY_FORMAT, "oath_secret_key", "oath_secret_key"), new String[]{AccountsSQLiteDatabase.DEFAULT_GROUP_KEY_TEXT});
        ContentValues contentValues6 = new ContentValues();
        contentValues6.put("account_type", Integer.valueOf(AccountType.SECRET_KEY_BASED.getValue()));
        contentValues6.put("account_capability", Integer.valueOf(new AccountCapability(new AccountCapability.AccountCapabilityEnum[]{AccountCapability.AccountCapabilityEnum.TOTP}).getValue()));
        sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues6, "group_key = ? and " + String.format(Locale.US, NULL_OR_EMPTY_FORMAT, "cid", "cid") + AND + String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "username", "username") + AND + String.format(Locale.US, NULL_OR_EMPTY_FORMAT, "paws_url", "paws_url") + AND + String.format(Locale.US, NOT_NULL_AND_EMPTY_FORMAT, "oath_secret_key", "oath_secret_key"), new String[]{AccountsSQLiteDatabase.DEFAULT_GROUP_KEY_TEXT});
    }

    private void migrateToVersion12(SQLiteDatabase sQLiteDatabase) {
        ContentValues contentValues = new ContentValues();
        contentValues.put("is_totp_code_shown", (Boolean) false);
        sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues, "account_type = ?", new String[]{String.valueOf(AccountType.MSA.getValue())});
    }

    private void migrateToVersion13(SQLiteDatabase sQLiteDatabase, int i) {
        char c = 1;
        Cursor query = sQLiteDatabase.query(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, new String[]{"group_key", "username", "account_capability"}, "account_type = ? and cached_pin != ?", new String[]{String.valueOf(AccountType.AAD.getValue()), ""}, null, null, null);
        try {
            try {
                if (query.getCount() > 0) {
                    try {
                        Storage storage = new Storage(this._context);
                        KeyStore keyStore = KeyStore.getInstance(AbstractEncryptionManager.ANDROID_KEY_STORE_PROVIDER_NAME);
                        keyStore.load(null);
                        boolean z = false;
                        while (query.moveToNext()) {
                            if (new AccountCapability(query.getInt(query.getColumnIndex("account_capability"))).isMfa()) {
                                String string = query.getString(query.getColumnIndex("group_key"));
                                String string2 = query.getString(query.getColumnIndex("username"));
                                Locale locale = Locale.US;
                                Object[] objArr = new Object[2];
                                objArr[0] = string;
                                objArr[c] = string2;
                                String format = String.format(locale, MfaPinEncryptionManager.LEGACY_PIN_KEY_ALIAS_FORMAT, objArr);
                                Locale locale2 = Locale.US;
                                Object[] objArr2 = new Object[2];
                                objArr2[0] = string;
                                objArr2[c] = string2;
                                String format2 = String.format(locale2, MfaPinEncryptionManager.LEGACY_CIPHER_ALIAS, objArr2);
                                ContentValues contentValues = new ContentValues();
                                if (i < 12) {
                                    contentValues.put("mfa_pin_encryption_key_alias", format);
                                    storage.writeCipherIv(format, storage.readCipherIv(format2));
                                } else if (((SecretKey) keyStore.getKey(AbstractEncryptionManager.MFA_PIN_KEY_AND_CIPHER_ALIAS, null)) != null) {
                                    contentValues.put("mfa_pin_encryption_key_alias", AbstractEncryptionManager.MFA_PIN_KEY_AND_CIPHER_ALIAS);
                                    keyStore.deleteEntry(format);
                                    z = true;
                                } else {
                                    contentValues.put("mfa_pin_encryption_key_alias", format);
                                    storage.writeCipherIv(format, storage.readCipherIv(format2));
                                }
                                storage.removeCipherIv(format2);
                                sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues, "group_key = ? and username = ?", new String[]{string, string2});
                            }
                            c = 1;
                        }
                        if (!z) {
                            keyStore.deleteEntry(AbstractEncryptionManager.MFA_PIN_KEY_AND_CIPHER_ALIAS);
                        }
                    } catch (Exception e) {
                        e = e;
                        Exception exc = e;
                        ExternalLogger.e("Failed in keystore operation during db upgrade.", exc);
                        PhoneFactorApplication.telemetry.trackEvent(AppTelemetryConstants.Events.KeystoreOperationDuringDatabaseUpgradeFailed, exc);
                        query.close();
                    }
                }
            } catch (Throwable th) {
                th = th;
                Throwable th2 = th;
                query.close();
                throw th2;
            }
        } catch (Exception e2) {
            e = e2;
        } catch (Throwable th3) {
            th = th3;
            Throwable th22 = th;
            query.close();
            throw th22;
        }
        query.close();
    }

    private static void tryFixSingleQuoteBug(SQLiteDatabase sQLiteDatabase, String str) {
        try {
            Cursor query = sQLiteDatabase.query(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, new String[]{"_id"}, str + " = ?", new String[]{"''"}, null, null, null);
            Throwable th = null;
            while (query.moveToNext()) {
                try {
                    try {
                        ContentValues contentValues = new ContentValues();
                        contentValues.put(str, "");
                        sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues, "_id = ?", new String[]{String.valueOf(query.getLong(query.getColumnIndex("_id")))});
                        ExternalLogger.i("Updating " + str + " to empty string succeeded");
                        PhoneFactorApplication.telemetry.trackEvent(AppTelemetryConstants.Events.FixSingleQuoteIssueSucceed, AppTelemetryConstants.Properties.ColumnName, str);
                    } catch (Throwable th2) {
                        th = th2;
                        throw th;
                    }
                } finally {
                }
            }
            if (query != null) {
                query.close();
            }
        } catch (Exception e) {
            ExternalLogger.e("Error updating " + str + "to empty string", e);
            PhoneFactorApplication.telemetry.trackEvent(AppTelemetryConstants.Events.FixSingleQuoteIssueFailed, AppTelemetryConstants.Properties.ColumnName, str, e);
        }
    }

    @Override // android.database.sqlite.SQLiteOpenHelper
    public void onCreate(SQLiteDatabase sQLiteDatabase) {
        sQLiteDatabase.execSQL("create table accounts(\t_id integer primary key autoincrement,\tgroup_key text not null,\tname text not null,\tusername text not null,\tpaws_url text not null,\toath_enabled integer not null,\toath_secret_key text not null,   cid text not null,   cached_pin text not null,   ux_position integer not null,   ngc_ski text not null,   aad_user_id text not null,   aad_tenant_id text not null,   account_capability integer not null,   account_type integer not null,   is_totp_code_shown integer not null,\tencrypted_oath_secret_key text not null,\tmfa_pin_encryption_key_alias text not null,\tidentity_provider text not null,\taad_ngc_totp_enabled integer not null,\taad_permission integer not null)");
    }

    @Override // android.database.sqlite.SQLiteOpenHelper
    public void onUpgrade(SQLiteDatabase sQLiteDatabase, int i, int i2) {
        ExternalLogger.i("Upgrading database from version " + i + " to version " + i2);
        sQLiteDatabase.execSQL("drop table if exists gcm_sender");
        sQLiteDatabase.execSQL("drop table if exists c2dm_sender");
        try {
            sQLiteDatabase.execSQL("alter table accounts add column oath_secret_key text not null default ''");
            sQLiteDatabase.execSQL("alter table accounts add column oath_enabled integer not null default 0");
        } catch (SQLiteException e) {
            ExternalLogger.w("Failed to create columns for oath_secret_key and oath_enabled; most likely they already exist.", e);
        }
        if (i < 7) {
            sQLiteDatabase.execSQL("alter table accounts add column cid text not null default ''");
        }
        if (i < 8) {
            sQLiteDatabase.execSQL("alter table accounts add column cached_pin text not null default ''");
        }
        if (i < 9) {
            sQLiteDatabase.execSQL("alter table accounts add column ux_position integer not null default -1");
        }
        if (i < 10) {
            sQLiteDatabase.execSQL("alter table accounts add column ngc_ski text not null default ''");
        }
        if (i < 11) {
            sQLiteDatabase.execSQL("alter table accounts add column account_type integer not null default 0");
            sQLiteDatabase.execSQL("alter table accounts add column aad_user_id text not null default ''");
            sQLiteDatabase.execSQL("alter table accounts add column account_capability integer not null default 0");
            migrateToVersion11(sQLiteDatabase);
        }
        if (i < 12) {
            sQLiteDatabase.execSQL("alter table accounts add column is_totp_code_shown integer not null default 1");
            sQLiteDatabase.execSQL("alter table accounts add column encrypted_oath_secret_key text not null default ''");
            migrateToVersion12(sQLiteDatabase);
        }
        if (i < 13) {
            sQLiteDatabase.execSQL("alter table accounts add column mfa_pin_encryption_key_alias text not null default ''");
            migrateToVersion13(sQLiteDatabase, i);
        }
        if (i < 14) {
            sQLiteDatabase.execSQL("alter table accounts add column identity_provider text not null default ''");
        }
        if (i < 15) {
            sQLiteDatabase.execSQL("alter table accounts add column aad_tenant_id text not null default ''");
            tryFixSingleQuoteBug(sQLiteDatabase, "encrypted_oath_secret_key");
            tryFixSingleQuoteBug(sQLiteDatabase, "aad_user_id");
        }
        if (i < 16) {
            sQLiteDatabase.execSQL("alter table accounts add column aad_ngc_totp_enabled integer not null default 0");
            ContentValues contentValues = new ContentValues();
            contentValues.put("aad_ngc_totp_enabled", (Boolean) true);
            sQLiteDatabase.update(AccountsSQLiteDatabase.DEFAULT_TABLE_NAME, contentValues, "account_type = ? and group_key != ?", new String[]{String.valueOf(AccountType.AAD.getValue()), AccountsSQLiteDatabase.DEFAULT_GROUP_KEY_TEXT});
        }
        if (i < 17) {
            sQLiteDatabase.execSQL("alter table accounts add column aad_permission integer not null default 0");
        }
    }
}
