package com.wd.mobile.core.data.di;

import android.annotation.SuppressLint;
import android.content.SharedPreferences;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.wd.mobile.core.data.security.CryptoProviderImpl;
import com.wd.mobile.core.domain.security.CryptoProvider;
import dagger.Module;
import dagger.Provides;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.inject.Singleton;
import kotlin.Metadata;
import kotlin.jvm.internal.o;

@Metadata(d1 = {"\u0000F\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0007\u0018\u00002\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002J\u0010\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u0006H\u0002J\u0010\u0010\u0007\u001a\u00020\b2\u0006\u0010\t\u001a\u00020\nH\u0007J\u0012\u0010\u000b\u001a\u00020\u00042\b\b\u0001\u0010\u0005\u001a\u00020\u0006H\u0007J\u0012\u0010\f\u001a\u00020\r2\b\b\u0001\u0010\u000e\u001a\u00020\u0004H\u0007J\b\u0010\u000f\u001a\u00020\u0010H\u0007J\u0012\u0010\u0011\u001a\u00020\u00042\b\b\u0001\u0010\u0005\u001a\u00020\u0006H\u0007J\u001a\u0010\u0012\u001a\u00020\u00132\b\b\u0001\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0014\u001a\u00020\u0010H\u0007J\u0010\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u0013H\u0007¨\u0006\u0018"}, d2 = {"Lcom/wd/mobile/core/data/di/SecurityModule;", "", "()V", "generateNewPassPhrase", "", "sharedPreferences", "Landroid/content/SharedPreferences;", "provideCryptoProvider", "Lcom/wd/mobile/core/domain/security/CryptoProvider;", "cryptoProviderImpl", "Lcom/wd/mobile/core/data/security/CryptoProviderImpl;", "provideIv", "provideIvParameterSpec", "Ljavax/crypto/spec/IvParameterSpec;", "initialVector", "provideKeyGenerator", "Ljavax/crypto/KeyGenerator;", "providePassPhrase", "provideSecretKey", "Ljavax/crypto/SecretKey;", "keyGenerator", "provideSecretKeySpec", "Ljavax/crypto/spec/SecretKeySpec;", "secretKey", "core_release"}, k = 1, mv = {1, 8, 0}, xi = 48)
@SuppressLint({"ApplySharedPref"})
@Module
/* loaded from: classes3.dex */
public final class SecurityModule {
    private final byte[] generateNewPassPhrase(SharedPreferences sharedPreferences) {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        o.checkNotNullExpressionValue(keyPairGenerator, "getInstance(KEY_ALGORITHM_RSA, ANDROID_KEYSTORE)");
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("databaseEncryptionKey", 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").build();
        o.checkNotNullExpressionValue(build, "Builder(DB_ENCR_KEY, PUR…\n                .build()");
        keyPairGenerator.initialize(build);
        byte[] passPhrase = keyPairGenerator.generateKeyPair().getPublic().getEncoded();
        String encodeToString = Base64.encodeToString(passPhrase, 0);
        o.checkNotNullExpressionValue(encodeToString, "encodeToString(passPhrase, Base64.DEFAULT)");
        sharedPreferences.edit().putString("KEY_PASS_PHRASE", encodeToString).commit();
        o.checkNotNullExpressionValue(passPhrase, "passPhrase");
        return passPhrase;
    }

    @Provides
    @Singleton
    public final CryptoProvider provideCryptoProvider(CryptoProviderImpl cryptoProviderImpl) {
        o.checkNotNullParameter(cryptoProviderImpl, "cryptoProviderImpl");
        return cryptoProviderImpl;
    }

    @Provides
    @Singleton
    @InitialVector
    public final byte[] provideIv(@EncryptedPreferences SharedPreferences sharedPreferences) {
        o.checkNotNullParameter(sharedPreferences, "sharedPreferences");
        String string = sharedPreferences.getString("KEY_INITIAL_VECTOR", null);
        if (string != null) {
            byte[] decode = Base64.decode(string, 0);
            o.checkNotNullExpressionValue(decode, "{\n            Base64.dec…Base64.DEFAULT)\n        }");
            return decode;
        }
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        String encodeToString = Base64.encodeToString(bArr, 0);
        o.checkNotNullExpressionValue(encodeToString, "encodeToString(initialVector, Base64.DEFAULT)");
        sharedPreferences.edit().putString("KEY_INITIAL_VECTOR", encodeToString).commit();
        return bArr;
    }

    @Provides
    @Singleton
    public final IvParameterSpec provideIvParameterSpec(@InitialVector byte[] initialVector) {
        o.checkNotNullParameter(initialVector, "initialVector");
        return new IvParameterSpec(initialVector);
    }

    @Provides
    public final KeyGenerator provideKeyGenerator() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        o.checkNotNullExpressionValue(keyGenerator, "getInstance(KEY_ALGORITHM_AES)");
        return keyGenerator;
    }

    @Provides
    @Singleton
    @DatabaseEncryptionPassPhrase
    public final byte[] providePassPhrase(@EncryptedPreferences SharedPreferences sharedPreferences) {
        PublicKey publicKey;
        o.checkNotNullParameter(sharedPreferences, "sharedPreferences");
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        byte[] bArr = null;
        keyStore.load(null);
        String string = sharedPreferences.getString("KEY_PASS_PHRASE", null);
        if (string != null) {
            byte[] decode = Base64.decode(string, 0);
            o.checkNotNullExpressionValue(decode, "{\n            Base64.dec…Base64.DEFAULT)\n        }");
            return decode;
        }
        try {
            Certificate certificate = keyStore.getCertificate("databaseEncryptionKey");
            if (certificate != null && (publicKey = certificate.getPublicKey()) != null) {
                bArr = publicKey.getEncoded();
            }
            String encodeToString = Base64.encodeToString(bArr, 0);
            o.checkNotNullExpressionValue(encodeToString, "encodeToString(passPhrase, Base64.DEFAULT)");
            sharedPreferences.edit().putString("KEY_PASS_PHRASE", encodeToString).commit();
            if (bArr == null) {
                bArr = generateNewPassPhrase(sharedPreferences);
            }
            return bArr;
        } catch (Throwable unused) {
            return generateNewPassPhrase(sharedPreferences);
        }
    }

    @Provides
    @Singleton
    public final SecretKey provideSecretKey(@EncryptedPreferences SharedPreferences sharedPreferences, KeyGenerator keyGenerator) {
        o.checkNotNullParameter(sharedPreferences, "sharedPreferences");
        o.checkNotNullParameter(keyGenerator, "keyGenerator");
        String string = sharedPreferences.getString("KEY_SECRET", null);
        if (string != null) {
            byte[] decode = Base64.decode(string, 0);
            return new SecretKeySpec(decode, 0, decode.length, SecurityModuleKt.TRANSFORMATION);
        }
        keyGenerator.init(256);
        SecretKey generateKey = keyGenerator.generateKey();
        sharedPreferences.edit().putString("KEY_SECRET", Base64.encodeToString(generateKey.getEncoded(), 0)).commit();
        o.checkNotNullExpressionValue(generateKey, "{\n            keyGenerat…      secretKey\n        }");
        return generateKey;
    }

    @Provides
    @Singleton
    public final SecretKeySpec provideSecretKeySpec(SecretKey secretKey) {
        o.checkNotNullParameter(secretKey, "secretKey");
        return new SecretKeySpec(secretKey.getEncoded(), SecurityModuleKt.TRANSFORMATION);
    }
}
