package org.hzontal.tella.keys.wrapper;

import android.security.keystore.KeyGenParameterSpec;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import org.hzontal.tella.keys.key.WrappedMainKey;

/* loaded from: classes.dex */
public class AndroidKeyStoreHelper {
    private static SecretKey createKey() {
        KeyGenParameterSpec.Builder blockModes;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyGenParameterSpec.Builder userAuthenticationRequired;
        KeyGenParameterSpec.Builder userAuthenticationValidityDurationSeconds;
        KeyGenParameterSpec build;
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            blockModes = new KeyGenParameterSpec.Builder("TellaMainKeyWrapper", 3).setBlockModes("GCM");
            encryptionPaddings = blockModes.setEncryptionPaddings("NoPadding");
            userAuthenticationRequired = encryptionPaddings.setUserAuthenticationRequired(true);
            userAuthenticationValidityDurationSeconds = userAuthenticationRequired.setUserAuthenticationValidityDurationSeconds(10);
            build = userAuthenticationValidityDurationSeconds.build();
            keyGenerator.init(build);
            return keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new AssertionError(e);
        }
    }

    private static SecretKey getKey() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return ((KeyStore.SecretKeyEntry) keyStore.getEntry("TellaMainKeyWrapper", null)).getSecretKey();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            throw new AssertionError(e);
        }
    }

    private static boolean hasKey() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias("TellaMainKeyWrapper")) {
                if (keyStore.entryInstanceOf("TellaMainKeyWrapper", KeyStore.SecretKeyEntry.class)) {
                    return true;
                }
            }
            return false;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new AssertionError(e);
        }
    }

    public static byte[] unwrap(WrappedMainKey wrappedMainKey) {
        SecretKey key = getKey();
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, key, new GCMParameterSpec(128, wrappedMainKey.iv));
            return cipher.doFinal(wrappedMainKey.data);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new AssertionError(e);
        }
    }

    public static WrappedMainKey wrap(byte[] bArr, IMainKeyWrapper iMainKeyWrapper) {
        SecretKey key = hasKey() ? getKey() : createKey();
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, key);
            byte[] iv = cipher.getIV();
            byte[] doFinal = cipher.doFinal(bArr);
            WrappedMainKey wrappedMainKey = new WrappedMainKey(iMainKeyWrapper.getName());
            wrappedMainKey.data = doFinal;
            wrappedMainKey.iv = iv;
            return wrappedMainKey;
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new AssertionError(e);
        }
    }
}
