package org.forgerock.android.auth;

import android.security.keystore.KeyGenParameterSpec;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class AndroidMEncryptor extends AbstractSymmetricEncryptor {
    final KeyUpdatedListener listener;
    final KeyGenParameterSpec.Builder specBuilder;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AndroidMEncryptor(String str, KeyUpdatedListener keyUpdatedListener) {
        super(str);
        if (str == null) {
            throw new NullPointerException("keyAlias is marked non-null but is null");
        }
        this.specBuilder = new KeyGenParameterSpec.Builder(str, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(true).setUserAuthenticationRequired(false).setKeySize(256);
        this.listener = keyUpdatedListener;
    }

    private KeyStore getKeyStore() throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(Encryptor.ANDROID_KEYSTORE);
        keyStore.load(null);
        return keyStore;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.forgerock.android.auth.AbstractSymmetricEncryptor
    public SecretKey getSecretKey() throws GeneralSecurityException, IOException {
        KeyStore keyStore = getKeyStore();
        if (!keyStore.containsAlias(this.keyAlias)) {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", Encryptor.ANDROID_KEYSTORE);
            keyGenerator.init(this.specBuilder.build());
            return keyGenerator.generateKey();
        }
        if (!(keyStore.getEntry(this.keyAlias, null) instanceof KeyStore.PrivateKeyEntry)) {
            return ((KeyStore.SecretKeyEntry) keyStore.getEntry(this.keyAlias, null)).getSecretKey();
        }
        keyStore.deleteEntry(this.keyAlias);
        KeyUpdatedListener keyUpdatedListener = this.listener;
        if (keyUpdatedListener != null) {
            keyUpdatedListener.onKeyUpdated();
        }
        return getSecretKey();
    }

    @Override // org.forgerock.android.auth.AbstractSymmetricEncryptor
    byte[] init(Cipher cipher) throws GeneralSecurityException, IOException {
        cipher.init(1, getSecretKey());
        return cipher.getIV();
    }

    @Override // org.forgerock.android.auth.Encryptor
    public void reset() throws GeneralSecurityException, IOException {
        getKeyStore().deleteEntry(this.keyAlias);
    }
}
