package com.duckduckgo.securestorage.impl;

import com.duckduckgo.di.scopes.AppScope;
import com.duckduckgo.securestorage.impl.encryption.EncryptionHelper;
import com.duckduckgo.securestorage.impl.encryption.RandomBytesGenerator;
import com.duckduckgo.securestorage.store.SecureStorageKeyRepository;
import com.squareup.anvil.annotations.ContributesBinding;
import java.security.Key;
import javax.inject.Inject;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import okio.ByteString;

/* compiled from: SecureStorageKeyProvider.kt */
@ContributesBinding(scope = AppScope.class)
@Metadata(d1 = {"\u0000>\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0006\b\u0007\u0018\u0000 \u00172\u00020\u0001:\u0001\u0017B'\b\u0007\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\u0006\u0010\b\u001a\u00020\t¢\u0006\u0002\u0010\nJ\b\u0010\u000b\u001a\u00020\fH\u0016J\u0010\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u0010H\u0002J\u0018\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\u00122\u0006\u0010\u000f\u001a\u00020\u0010H\u0002J\b\u0010\u0014\u001a\u00020\u0012H\u0002J\b\u0010\u0015\u001a\u00020\u0012H\u0016J\b\u0010\u0016\u001a\u00020\u000eH\u0016J\u0010\u0010\u0016\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u0010H\u0002R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u0018"}, d2 = {"Lcom/duckduckgo/securestorage/impl/RealSecureStorageKeyProvider;", "Lcom/duckduckgo/securestorage/impl/SecureStorageKeyProvider;", "randomBytesGenerator", "Lcom/duckduckgo/securestorage/impl/encryption/RandomBytesGenerator;", "secureStorageKeyRepository", "Lcom/duckduckgo/securestorage/store/SecureStorageKeyRepository;", "encryptionHelper", "Lcom/duckduckgo/securestorage/impl/encryption/EncryptionHelper;", "secureStorageKeyGenerator", "Lcom/duckduckgo/securestorage/impl/SecureStorageKeyGenerator;", "(Lcom/duckduckgo/securestorage/impl/encryption/RandomBytesGenerator;Lcom/duckduckgo/securestorage/store/SecureStorageKeyRepository;Lcom/duckduckgo/securestorage/impl/encryption/EncryptionHelper;Lcom/duckduckgo/securestorage/impl/SecureStorageKeyGenerator;)V", "canAccessKeyStore", "", "deriveKeyFromPassword", "Ljava/security/Key;", "password", "", "encryptAndStoreL2Key", "", "keyBytes", "getPasswordSalt", "getl1Key", "getl2Key", "Companion", "secure-storage-impl_release"}, k = 1, mv = {1, 9, 0}, xi = 48)
/* loaded from: classes3.dex */
public final class RealSecureStorageKeyProvider implements SecureStorageKeyProvider {
    private static final int L1_PASSPHRASE_SIZE = 32;
    private static final int PASSWORD_KEY_SALT_SIZE = 32;
    private static final int PASSWORD_SIZE = 32;
    private final EncryptionHelper encryptionHelper;
    private final RandomBytesGenerator randomBytesGenerator;
    private final SecureStorageKeyGenerator secureStorageKeyGenerator;
    private final SecureStorageKeyRepository secureStorageKeyRepository;

    @Inject
    public RealSecureStorageKeyProvider(RandomBytesGenerator randomBytesGenerator, SecureStorageKeyRepository secureStorageKeyRepository, EncryptionHelper encryptionHelper, SecureStorageKeyGenerator secureStorageKeyGenerator) {
        Intrinsics.checkNotNullParameter(randomBytesGenerator, "randomBytesGenerator");
        Intrinsics.checkNotNullParameter(secureStorageKeyRepository, "secureStorageKeyRepository");
        Intrinsics.checkNotNullParameter(encryptionHelper, "encryptionHelper");
        Intrinsics.checkNotNullParameter(secureStorageKeyGenerator, "secureStorageKeyGenerator");
        this.randomBytesGenerator = randomBytesGenerator;
        this.secureStorageKeyRepository = secureStorageKeyRepository;
        this.encryptionHelper = encryptionHelper;
        this.secureStorageKeyGenerator = secureStorageKeyGenerator;
    }

    private final Key deriveKeyFromPassword(String password) {
        return this.secureStorageKeyGenerator.generateKeyFromPassword(password, getPasswordSalt());
    }

    private final byte[] encryptAndStoreL2Key(byte[] keyBytes, String password) {
        EncryptionHelper.EncryptedBytes encrypt = this.encryptionHelper.encrypt(keyBytes, deriveKeyFromPassword(password));
        this.secureStorageKeyRepository.setEncryptedL2Key(encrypt.getData());
        this.secureStorageKeyRepository.setEncryptedL2KeyIV(encrypt.getIv());
        return encrypt.getData();
    }

    private final byte[] getPasswordSalt() {
        if (this.secureStorageKeyRepository.getPasswordSalt() == null) {
            byte[] generateBytes = this.randomBytesGenerator.generateBytes(32);
            this.secureStorageKeyRepository.setPasswordSalt(generateBytes);
            return generateBytes;
        }
        byte[] passwordSalt = this.secureStorageKeyRepository.getPasswordSalt();
        Intrinsics.checkNotNull(passwordSalt);
        return passwordSalt;
    }

    private final Key getl2Key(String password) {
        byte[] decrypt;
        if (this.secureStorageKeyRepository.getEncryptedL2Key() == null) {
            decrypt = this.secureStorageKeyGenerator.generateKey().getEncoded();
            Intrinsics.checkNotNull(decrypt);
            encryptAndStoreL2Key(decrypt, password);
        } else {
            EncryptionHelper encryptionHelper = this.encryptionHelper;
            byte[] encryptedL2Key = this.secureStorageKeyRepository.getEncryptedL2Key();
            Intrinsics.checkNotNull(encryptedL2Key);
            byte[] encryptedL2KeyIV = this.secureStorageKeyRepository.getEncryptedL2KeyIV();
            Intrinsics.checkNotNull(encryptedL2KeyIV);
            decrypt = encryptionHelper.decrypt(new EncryptionHelper.EncryptedBytes(encryptedL2Key, encryptedL2KeyIV), deriveKeyFromPassword(password));
        }
        SecureStorageKeyGenerator secureStorageKeyGenerator = this.secureStorageKeyGenerator;
        Intrinsics.checkNotNull(decrypt);
        return secureStorageKeyGenerator.generateKeyFromKeyMaterial(decrypt);
    }

    @Override // com.duckduckgo.securestorage.impl.SecureStorageKeyProvider
    public boolean canAccessKeyStore() {
        return this.secureStorageKeyRepository.canUseEncryption();
    }

    @Override // com.duckduckgo.securestorage.impl.SecureStorageKeyProvider
    public synchronized byte[] getl1Key() {
        byte[] l1Key;
        if (this.secureStorageKeyRepository.getL1Key() == null) {
            l1Key = this.randomBytesGenerator.generateBytes(32);
            this.secureStorageKeyRepository.setL1Key(l1Key);
        } else {
            l1Key = this.secureStorageKeyRepository.getL1Key();
            Intrinsics.checkNotNull(l1Key);
        }
        return l1Key;
    }

    @Override // com.duckduckgo.securestorage.impl.SecureStorageKeyProvider
    public synchronized Key getl2Key() {
        byte[] password;
        byte[] bArr;
        ByteString.Companion companion;
        if (this.secureStorageKeyRepository.getPassword() == null) {
            password = this.randomBytesGenerator.generateBytes(32);
            this.secureStorageKeyRepository.setPassword(password);
        } else {
            password = this.secureStorageKeyRepository.getPassword();
        }
        bArr = password;
        companion = ByteString.INSTANCE;
        Intrinsics.checkNotNull(bArr);
        return getl2Key(ByteString.Companion.of$default(companion, bArr, 0, 0, 3, null).base64());
    }
}
