package tice.managers.storageManagers;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.room.Room;
import androidx.room.RoomDatabase;
import ch.qos.logback.core.CoreConstants;
import java.security.KeyStore;
import java.util.Enumeration;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.inject.Inject;
import javax.inject.Named;
import kotlin.Lazy;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.sequences.SequencesKt;
import net.sqlcipher.database.SupportFactory;
import org.slf4j.Logger;
import tice.crypto.CryptoManagerType;
import tice.dagger.scopes.AppScope;
import tice.exceptions.DatabaseManagerException;
import tice.managers.storageManagers.StorageLockerType;
import tice.utility.Base64ConvertFunctionsKt;
import tice.utility.LoggingKt;

/* compiled from: DatabaseManager.kt */
@Metadata(d1 = {"\u0000V\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\b\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u0012\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0007\u0018\u0000 #2\u00020\u0001:\u0001#B!\b\u0007\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\b\b\u0001\u0010\u0006\u001a\u00020\u0007¢\u0006\u0002\u0010\bJ\f\u0010\u0013\u001a\u00060\u0014j\u0002`\u0015H\u0002J\u0018\u0010\u0016\u001a\u00060\u0014j\u0002`\u00152\n\u0010\u0017\u001a\u00060\u0014j\u0002`\u0018H\u0002J\u0014\u0010\u0019\u001a\u00060\u0014j\u0002`\u00182\u0006\u0010\u001a\u001a\u00020\u0014H\u0003J\b\u0010\u001b\u001a\u00020\u001cH\u0003J\u0010\u0010\u001d\u001a\n\u0018\u00010\u0014j\u0004\u0018\u0001`\u0015H\u0002J\n\u0010\u001e\u001a\u0004\u0018\u00010\u001cH\u0002J\u000e\u0010\u001f\u001a\u00020 2\u0006\u0010!\u001a\u00020\"R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u0011\u0010\u0006\u001a\u00020\u0007¢\u0006\b\n\u0000\u001a\u0004\b\t\u0010\nR\u000e\u0010\u000b\u001a\u00020\fX\u0082\u0004¢\u0006\u0002\n\u0000R\u001b\u0010\r\u001a\u00020\u000e8BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\u0011\u0010\u0012\u001a\u0004\b\u000f\u0010\u0010R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006$"}, d2 = {"Ltice/managers/storageManagers/DatabaseManager;", "", "storageLocker", "Ltice/managers/storageManagers/StorageLockerType;", "cryptoManager", "Ltice/crypto/CryptoManagerType;", "databaseKeyLength", "", "(Ltice/managers/storageManagers/StorageLockerType;Ltice/crypto/CryptoManagerType;I)V", "getDatabaseKeyLength", "()I", "keyStore", "Ljava/security/KeyStore;", "logger", "Lorg/slf4j/Logger;", "getLogger", "()Lorg/slf4j/Logger;", "logger$delegate", "Lkotlin/Lazy;", "createDatabaseKey", "", "Ltice/models/SecretKey;", "decryptWithMasterKey", "ciphertext", "Ltice/models/Ciphertext;", "encryptWithMasterKey", "plaintext", "generateMasterKey", "Ljavax/crypto/SecretKey;", "getStoredDatabaseKey", "loadMasterKey", "setupDatabase", "Ltice/managers/storageManagers/AppDatabase;", CoreConstants.CONTEXT_SCOPE_VALUE, "Landroid/content/Context;", "Companion", "app_productionFdroidRelease"}, k = 1, mv = {1, 5, 1}, xi = 48)
@AppScope
/* loaded from: classes2.dex */
public final class DatabaseManager {
    public static final String ALGORITHM_SPEC = "AES/GCM/NoPadding";
    public static final String KEYSTORE_PROVIDER = "AndroidKeyStore";
    public static final String MASTER_KEY_ALIAS = "MASTER_KEY";
    private final CryptoManagerType cryptoManager;
    private final int databaseKeyLength;
    private final KeyStore keyStore;

    /* renamed from: logger$delegate, reason: from kotlin metadata */
    private final Lazy logger;
    private final StorageLockerType storageLocker;

    @Inject
    public DatabaseManager(StorageLockerType storageLocker, CryptoManagerType cryptoManager, @Named("DATABASE_KEY_LENGTH") int i) {
        Intrinsics.checkNotNullParameter(storageLocker, "storageLocker");
        Intrinsics.checkNotNullParameter(cryptoManager, "cryptoManager");
        this.storageLocker = storageLocker;
        this.cryptoManager = cryptoManager;
        this.databaseKeyLength = i;
        this.logger = LoggingKt.getLogger(this);
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER);
        Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(KEYSTORE_PROVIDER)");
        this.keyStore = keyStore;
        keyStore.load(null);
    }

    private final byte[] createDatabaseKey() {
        getLogger().debug("Generate new database key.");
        byte[] generateDatabaseKey = this.cryptoManager.generateDatabaseKey(this.databaseKeyLength);
        getLogger().debug("Encrypting database key and store it.");
        byte[] encryptWithMasterKey = encryptWithMasterKey(generateDatabaseKey);
        StorageLockerType storageLockerType = this.storageLocker;
        StorageLockerType.StorageKey storageKey = StorageLockerType.StorageKey.ENCRYPTED_DATABASE_KEY;
        String encodeToString = Base64.encodeToString(encryptWithMasterKey, 2);
        Intrinsics.checkNotNullExpressionValue(encodeToString, "encodeToString(databaseK…phertext, Base64.NO_WRAP)");
        storageLockerType.store(storageKey, encodeToString);
        return generateDatabaseKey;
    }

    private final byte[] decryptWithMasterKey(byte[] ciphertext) {
        getLogger().debug("Decrypting with master key.");
        String load = this.storageLocker.load(StorageLockerType.StorageKey.DATABASE_KEY_ENCRYPTION_IV);
        byte[] dataFromBase64 = load == null ? null : Base64ConvertFunctionsKt.dataFromBase64(load);
        if (dataFromBase64 == null) {
            throw DatabaseManagerException.DatabaseEncryptionIVMissing.INSTANCE;
        }
        KeyStore.Entry entry = this.keyStore.getEntry(MASTER_KEY_ALIAS, null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
        SecretKey secretKey = ((KeyStore.SecretKeyEntry) entry).getSecretKey();
        Cipher cipher = Cipher.getInstance(ALGORITHM_SPEC);
        cipher.init(2, secretKey, new GCMParameterSpec(128, dataFromBase64));
        byte[] doFinal = cipher.doFinal(ciphertext);
        Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(ciphertext)");
        return doFinal;
    }

    private final byte[] encryptWithMasterKey(byte[] plaintext) {
        SecretKey loadMasterKey = loadMasterKey();
        if (loadMasterKey == null) {
            loadMasterKey = generateMasterKey();
        }
        getLogger().debug("Encrypting with master key.");
        Cipher cipher = Cipher.getInstance(ALGORITHM_SPEC);
        cipher.init(1, loadMasterKey);
        byte[] iv = cipher.getIV();
        byte[] ciphertext = cipher.doFinal(plaintext);
        StorageLockerType storageLockerType = this.storageLocker;
        StorageLockerType.StorageKey storageKey = StorageLockerType.StorageKey.DATABASE_KEY_ENCRYPTION_IV;
        Intrinsics.checkNotNullExpressionValue(iv, "iv");
        storageLockerType.store(storageKey, Base64ConvertFunctionsKt.toBase64String(iv));
        Intrinsics.checkNotNullExpressionValue(ciphertext, "ciphertext");
        return ciphertext;
    }

    private final SecretKey generateMasterKey() {
        getLogger().debug("Generating master key.");
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", KEYSTORE_PROVIDER);
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(MASTER_KEY_ALIAS, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").build();
        Intrinsics.checkNotNullExpressionValue(build, "Builder(MASTER_KEY_ALIAS…ONE)\n            .build()");
        keyGenerator.init(build);
        SecretKey generateKey = keyGenerator.generateKey();
        Intrinsics.checkNotNullExpressionValue(generateKey, "keyGenerator.generateKey()");
        return generateKey;
    }

    private final Logger getLogger() {
        return (Logger) this.logger.getValue();
    }

    private final byte[] getStoredDatabaseKey() {
        byte[] dataFromBase64;
        getLogger().debug("Loading encrypted database key.");
        String load = this.storageLocker.load(StorageLockerType.StorageKey.ENCRYPTED_DATABASE_KEY);
        if (load != null && (dataFromBase64 = Base64ConvertFunctionsKt.dataFromBase64(load)) != null) {
            return decryptWithMasterKey(dataFromBase64);
        }
        getLogger().debug("Did not find stored encrypted database key. Checking for key stored in plaintext.");
        String load2 = this.storageLocker.load(StorageLockerType.StorageKey.PLAINTEXT_DATABASE_KEY);
        if (load2 == null) {
            return null;
        }
        return Base64ConvertFunctionsKt.dataFromBase64(load2);
    }

    private final SecretKey loadMasterKey() {
        Enumeration<String> aliases = this.keyStore.aliases();
        Intrinsics.checkNotNullExpressionValue(aliases, "keyStore.aliases()");
        if (!SequencesKt.contains(SequencesKt.asSequence(CollectionsKt.iterator(aliases)), MASTER_KEY_ALIAS)) {
            return null;
        }
        getLogger().debug("Loading master key.");
        KeyStore.Entry entry = this.keyStore.getEntry(MASTER_KEY_ALIAS, null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
        return ((KeyStore.SecretKeyEntry) entry).getSecretKey();
    }

    public final int getDatabaseKeyLength() {
        return this.databaseKeyLength;
    }

    public final AppDatabase setupDatabase(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        byte[] storedDatabaseKey = getStoredDatabaseKey();
        if (storedDatabaseKey == null) {
            storedDatabaseKey = createDatabaseKey();
        }
        RoomDatabase build = Room.databaseBuilder(context, AppDatabase.class, "db").openHelperFactory(new SupportFactory(storedDatabaseKey)).build();
        Intrinsics.checkNotNullExpressionValue(build, "databaseBuilder(context,…ory)\n            .build()");
        return (AppDatabase) build;
    }
}
