package org.totschnig.sqlcrypt;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.Keep;
import b0.m;
import ch.qos.logback.core.CoreConstants;
import com.google.android.gms.measurement.internal.z;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.SecureRandom;
import javax.crypto.KeyGenerator;
import kotlin.Metadata;
import lj.p;
import mt.y;
import net.sqlcipher.DatabaseErrorHandler;
import net.sqlcipher.database.SQLiteDatabase;
import net.sqlcipher.database.SQLiteDatabaseHook;
import net.sqlcipher.database.SQLiteStatement;
import net.sqlcipher.database.SupportFactory;
import y4.a;
import y4.c;
import y4.h;
import y4.i;
import y4.r;
import yj.k;

/* compiled from: SQLiteOpenHelperFactory.kt */
@Keep
@Metadata(d1 = {"\u0000*\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0007\b\u0007\u0018\u00002\u00020\u0001B\u0007¢\u0006\u0004\b\u0010\u0010\u0011J\u0010\u0010\u0005\u001a\u00020\u00042\u0006\u0010\u0003\u001a\u00020\u0002H\u0002J\u0010\u0010\u0007\u001a\u00020\u00062\u0006\u0010\u0003\u001a\u00020\u0002H\u0016J \u0010\f\u001a\u00020\u000b2\u0006\u0010\u0003\u001a\u00020\u00022\u0006\u0010\t\u001a\u00020\b2\u0006\u0010\n\u001a\u00020\bH\u0016J \u0010\u000f\u001a\u00020\u000b2\u0006\u0010\u0003\u001a\u00020\u00022\u0006\u0010\r\u001a\u00020\b2\u0006\u0010\u000e\u001a\u00020\bH\u0016¨\u0006\u0012"}, d2 = {"Lorg/totschnig/sqlcrypt/SQLiteOpenHelperFactory;", "Lmt/y;", "Landroid/content/Context;", CoreConstants.CONTEXT_SCOPE_VALUE, "", "passPhrase", "Lnet/sqlcipher/database/SupportFactory;", "provideEncryptedDatabase", "Ljava/io/File;", "encrypted", "backupDb", "Llj/p;", "decrypt", "backupFile", "currentDb", "encrypt", "<init>", "()V", "sqlcrypt_playRelease"}, k = 1, mv = {1, 8, 0})
/* loaded from: classes3.dex */
public final class SQLiteOpenHelperFactory implements y {
    private final byte[] passPhrase(Context context) {
        c cVar;
        KeyGenParameterSpec.Builder blockModes;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyGenParameterSpec.Builder keySize;
        KeyGenParameterSpec build;
        String keystoreAlias;
        String keystoreAlias2;
        k.f(context, CoreConstants.CONTEXT_SCOPE_VALUE);
        File file = new File(context.getFilesDir(), "passphrase.bin");
        context.getApplicationContext();
        c.b bVar = c.b.AES256_GCM;
        if (c.a.f51980a[bVar.ordinal()] != 1) {
            throw new IllegalArgumentException("Unsupported scheme: " + bVar);
        }
        int i10 = Build.VERSION.SDK_INT;
        if (i10 >= 23) {
            i.a();
            blockModes = h.a("_androidx_security_master_key_").setBlockModes("GCM");
            encryptionPaddings = blockModes.setEncryptionPaddings("NoPadding");
            keySize = encryptionPaddings.setKeySize(256);
            build = keySize.build();
            if (build == null) {
                throw new NullPointerException("KeyGenParameterSpec was null after build() check");
            }
            r.validate(build);
            synchronized (r.f51981a) {
                keystoreAlias = build.getKeystoreAlias();
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                if (!keyStore.containsAlias(keystoreAlias)) {
                    try {
                        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                        keyGenerator.init(build);
                        keyGenerator.generateKey();
                    } catch (ProviderException e10) {
                        throw new GeneralSecurityException(e10.getMessage(), e10);
                    }
                }
            }
            keystoreAlias2 = build.getKeystoreAlias();
            cVar = new c(keystoreAlias2, build);
        } else {
            cVar = new c("_androidx_security_master_key_", null);
        }
        a a10 = new a.C0972a(context, file, cVar, a.d.AES256_GCM_HKDF_4KB).a();
        if (file.exists()) {
            File file2 = a10.f51969a;
            if (!file2.exists()) {
                throw new FileNotFoundException("file doesn't exist: " + file2.getName());
            }
            FileInputStream fileInputStream = new FileInputStream(file2);
            a.b bVar2 = new a.b(fileInputStream.getFD(), a10.f51970b.a(fileInputStream, file2.getName().getBytes(StandardCharsets.UTF_8)));
            try {
                byte[] v10 = z.v(bVar2);
                m.e(bVar2, null);
                return v10;
            } catch (Throwable th2) {
                try {
                    throw th2;
                } catch (Throwable th3) {
                    m.e(bVar2, th2);
                    throw th3;
                }
            }
        }
        SecureRandom instanceStrong = i10 >= 26 ? SecureRandom.getInstanceStrong() : new SecureRandom();
        byte[] bArr = new byte[32];
        instanceStrong.nextBytes(bArr);
        while (true) {
            int i11 = 0;
            while (true) {
                if (i11 >= 32) {
                    i11 = -1;
                    break;
                }
                if (bArr[i11] == 0) {
                    break;
                }
                i11++;
            }
            if (!(i11 >= 0)) {
                break;
            }
            instanceStrong.nextBytes(bArr);
        }
        File file3 = a10.f51969a;
        if (file3.exists()) {
            throw new IOException("output file already exists, please use a new file: " + file3.getName());
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file3);
        a.c cVar2 = new a.c(fileOutputStream.getFD(), a10.f51970b.b(file3.getName().getBytes(StandardCharsets.UTF_8), fileOutputStream));
        try {
            cVar2.write(bArr);
            p pVar = p.f36232a;
            m.e(cVar2, null);
            return bArr;
        } catch (Throwable th4) {
            try {
                throw th4;
            } catch (Throwable th5) {
                m.e(cVar2, th4);
                throw th5;
            }
        }
    }

    @Override // mt.y
    public void decrypt(Context context, File file, File file2) {
        k.f(context, CoreConstants.CONTEXT_SCOPE_VALUE);
        k.f(file, "encrypted");
        k.f(file2, "backupDb");
        SQLiteDatabase openDatabase = SQLiteDatabase.openDatabase(file.getAbsolutePath(), passPhrase(context), (SQLiteDatabase.CursorFactory) null, 0, (SQLiteDatabaseHook) null, (DatabaseErrorHandler) null);
        SQLiteDatabase.openOrCreateDatabase(file2.getAbsolutePath(), "", (SQLiteDatabase.CursorFactory) null).close();
        SQLiteStatement compileStatement = openDatabase.compileStatement("ATTACH DATABASE ? AS plaintext KEY ''");
        try {
            compileStatement.bindString(1, file2.getAbsolutePath());
            compileStatement.execute();
            openDatabase.rawExecSQL("SELECT sqlcipher_export('plaintext')");
            openDatabase.rawExecSQL("DETACH DATABASE plaintext");
            int version = openDatabase.getVersion();
            m.e(compileStatement, null);
            SQLiteDatabase openOrCreateDatabase = SQLiteDatabase.openOrCreateDatabase(file2.getAbsolutePath(), "", (SQLiteDatabase.CursorFactory) null);
            try {
                openOrCreateDatabase.setVersion(version);
                p pVar = p.f36232a;
                m.e(openOrCreateDatabase, null);
            } finally {
            }
        } finally {
        }
    }

    @Override // mt.y
    public void encrypt(Context context, File file, File file2) {
        k.f(context, CoreConstants.CONTEXT_SCOPE_VALUE);
        k.f(file, "backupFile");
        k.f(file2, "currentDb");
        SQLiteDatabase.loadLibs(context);
        if (file2.exists() && !file2.delete()) {
            throw new IOException("File " + file2 + " exists and cannot be deleted.");
        }
        SQLiteDatabase openDatabase = SQLiteDatabase.openDatabase(file.getAbsolutePath(), "", (SQLiteDatabase.CursorFactory) null, 0);
        try {
            int version = openDatabase.getVersion();
            m.e(openDatabase, null);
            SQLiteDatabase openOrCreateDatabase = SQLiteDatabase.openOrCreateDatabase(file2.getAbsolutePath(), passPhrase(context), (SQLiteDatabase.CursorFactory) null);
            try {
                SQLiteStatement compileStatement = openOrCreateDatabase.compileStatement("ATTACH DATABASE ? AS plaintext KEY ''");
                try {
                    compileStatement.bindString(1, file.getAbsolutePath());
                    compileStatement.execute();
                    openOrCreateDatabase.rawExecSQL("SELECT sqlcipher_export('main', 'plaintext')");
                    openOrCreateDatabase.rawExecSQL("DETACH DATABASE plaintext");
                    openOrCreateDatabase.setVersion(version);
                    p pVar = p.f36232a;
                    m.e(compileStatement, null);
                    m.e(openOrCreateDatabase, null);
                } finally {
                }
            } finally {
            }
        } finally {
        }
    }

    @Override // mt.y
    public SupportFactory provideEncryptedDatabase(Context context) {
        k.f(context, CoreConstants.CONTEXT_SCOPE_VALUE);
        return new SupportFactory(passPhrase(context));
    }
}
