package ch.cyberduck.core.sds.triplecrypt;

import ch.cyberduck.core.AbstractPath;
import ch.cyberduck.core.Credentials;
import ch.cyberduck.core.DescriptiveUrl;
import ch.cyberduck.core.Host;
import ch.cyberduck.core.HostPasswordStore;
import ch.cyberduck.core.LocaleFactory;
import ch.cyberduck.core.LoginOptions;
import ch.cyberduck.core.PasswordCallback;
import ch.cyberduck.core.PasswordStoreFactory;
import ch.cyberduck.core.Path;
import ch.cyberduck.core.exception.LoginCanceledException;
import ch.cyberduck.core.shared.DefaultUrlProvider;
import ch.cyberduck.core.vault.VaultCredentials;
import com.dracoon.sdk.crypto.Crypto;
import com.dracoon.sdk.crypto.CryptoException;
import com.dracoon.sdk.crypto.model.UserKeyPair;
import java.util.EnumSet;
import org.apache.log4j.Logger;

/* loaded from: input_file:ch/cyberduck/core/sds/triplecrypt/TripleCryptKeyPair.class */
public class TripleCryptKeyPair {
    private static final Logger log = Logger.getLogger(TripleCryptKeyPair.class);
    private final HostPasswordStore keychain = PasswordStoreFactory.get();

    public Credentials unlock(PasswordCallback passwordCallback, Host host, UserKeyPair userKeyPair) throws CryptoException, LoginCanceledException {
        return unlock(passwordCallback, host, userKeyPair, this.keychain.getPassword(String.format("Triple-Crypt Encryption Password (%s)", host.getCredentials().getUsername()), new DefaultUrlProvider(host).toUrl(new Path(String.valueOf('/'), EnumSet.of(AbstractPath.Type.volume, AbstractPath.Type.directory))).find(DescriptiveUrl.Type.provider).getUrl()), LocaleFactory.localizedString("Enter your decryption password to access encrypted data rooms.", "SDS"));
    }

    private Credentials unlock(PasswordCallback passwordCallback, Host host, UserKeyPair userKeyPair, String str, String str2) throws LoginCanceledException, CryptoException {
        Credentials withSaved;
        if (null == str) {
            withSaved = passwordCallback.prompt(host, LocaleFactory.localizedString("Decryption password required", "SDS"), str2, new LoginOptions(host.getProtocol()).user(false).password(true).anonymous(false).icon(host.getProtocol().disk()));
            if (withSaved.getPassword() == null) {
                throw new LoginCanceledException();
            }
        } else {
            withSaved = new VaultCredentials(str).withSaved(true);
        }
        if (!Crypto.checkUserKeyPair(userKeyPair, withSaved.getPassword())) {
            return unlock(passwordCallback, host, userKeyPair, null, String.format("%s. %s", LocaleFactory.localizedString("Invalid passphrase", "Credentials"), LocaleFactory.localizedString("Enter your decryption password to access encrypted data rooms.", "SDS")));
        }
        if (withSaved.isSaved()) {
            if (log.isInfoEnabled()) {
                log.info(String.format("Save encryption password for %s", host));
            }
            this.keychain.addPassword(String.format("Triple-Crypt Encryption Password (%s)", host.getCredentials().getUsername()), new DefaultUrlProvider(host).toUrl(new Path(String.valueOf('/'), EnumSet.of(AbstractPath.Type.volume, AbstractPath.Type.directory))).find(DescriptiveUrl.Type.provider).getUrl(), withSaved.getPassword());
        }
        return withSaved;
    }
}
