package com.procore.lib.security.encryption.database.legacy;

import android.content.Context;
import com.google.crypto.tink.KeyTemplates;
import com.google.crypto.tink.StreamingAead;
import com.google.crypto.tink.integration.android.AndroidKeysetManager;
import com.google.crypto.tink.streamingaead.StreamingAeadConfig;
import com.procore.lib.coreutil.storage.FileUtils;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import kotlin.Metadata;
import kotlin.io.ByteStreamsKt;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;

@Metadata(d1 = {"\u00004\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u0012\n\u0002\b\u0002\b\u0001\u0018\u0000 \u00132\u00020\u0001:\u0001\u0013B\u0015\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006J\u0006\u0010\t\u001a\u00020\nJ\b\u0010\u000b\u001a\u00020\fH\u0002J\b\u0010\r\u001a\u00020\fH\u0002J\b\u0010\u000e\u001a\u00020\fH\u0002J\b\u0010\u000f\u001a\u00020\fH\u0002J\u0006\u0010\u0010\u001a\u00020\u0005J\f\u0010\u0011\u001a\u00020\u0012*\u00020\fH\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\bX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u0014"}, d2 = {"Lcom/procore/lib/security/encryption/database/legacy/LegacyTinkDatabasePassphraseProvider;", "", "appContext", "Landroid/content/Context;", "databaseName", "", "(Landroid/content/Context;Ljava/lang/String;)V", "streamingAead", "Lcom/google/crypto/tink/StreamingAead;", "clear", "", "getDirectory", "Ljava/io/File;", "getEncodedNonStreamingEncryptionKeyFile", "getEncryptionKeyFile", "getNonStreamingEncryptionKeyFile", "readPassphrase", "getAssociatedData", "", "Companion", "_lib_security_encryption"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes26.dex */
public final class LegacyTinkDatabasePassphraseProvider {
    private static final String ANDROID_KEYSET_MANAGER_KEYSET_NAME = "database_encryption_keyset";
    private static final String ANDROID_KEYSET_MANAGER_PREF_FILE_NAME = "database_encryption_prefs";
    private static final String DATABASE_ENCRYPTION_KEY_DIRECTORY = "database_encryption_keys";
    private final Context appContext;
    private final String databaseName;
    private final StreamingAead streamingAead;

    public LegacyTinkDatabasePassphraseProvider(Context appContext, String databaseName) {
        Intrinsics.checkNotNullParameter(appContext, "appContext");
        Intrinsics.checkNotNullParameter(databaseName, "databaseName");
        this.appContext = appContext;
        this.databaseName = databaseName;
        StreamingAeadConfig.register();
        Object primitive = new AndroidKeysetManager.Builder().withSharedPref(appContext, ANDROID_KEYSET_MANAGER_KEYSET_NAME, ANDROID_KEYSET_MANAGER_PREF_FILE_NAME).withKeyTemplate(KeyTemplates.get("AES256_GCM_HKDF_4KB")).build().getKeysetHandle().getPrimitive(StreamingAead.class);
        Intrinsics.checkNotNullExpressionValue(primitive, "Builder()\n            .w…treamingAead::class.java)");
        this.streamingAead = (StreamingAead) primitive;
    }

    private final byte[] getAssociatedData(File file) {
        String name = file.getName();
        Intrinsics.checkNotNullExpressionValue(name, "name");
        byte[] bytes = name.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        return bytes;
    }

    private final File getDirectory() {
        File file = new File(this.appContext.getFilesDir(), DATABASE_ENCRYPTION_KEY_DIRECTORY);
        file.mkdirs();
        return file;
    }

    private final File getEncodedNonStreamingEncryptionKeyFile() {
        return new File(getDirectory(), FileUtils.buildValidFilename(this.databaseName + "_encoded_non_streaming"));
    }

    private final File getEncryptionKeyFile() {
        return new File(getDirectory(), FileUtils.buildValidFilename(this.databaseName));
    }

    private final File getNonStreamingEncryptionKeyFile() {
        return new File(getDirectory(), FileUtils.buildValidFilename(this.databaseName + "_non_streaming"));
    }

    public final void clear() {
        getEncryptionKeyFile().delete();
        getNonStreamingEncryptionKeyFile().delete();
        getEncodedNonStreamingEncryptionKeyFile().delete();
    }

    public final String readPassphrase() {
        File encryptionKeyFile = getEncryptionKeyFile();
        InputStream inputStream = this.streamingAead.newDecryptingStream(new FileInputStream(encryptionKeyFile), getAssociatedData(encryptionKeyFile));
        try {
            Intrinsics.checkNotNullExpressionValue(inputStream, "inputStream");
            byte[] readBytes = ByteStreamsKt.readBytes(inputStream);
            CloseableKt.closeFinally(inputStream, null);
            return new String(readBytes, Charsets.UTF_8);
        } finally {
        }
    }
}
