package com.axis.lib.security;

import android.security.keystore.KeyGenParameterSpec;
import com.axis.lib.log.AxisLog;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: KeyStoreHelper.kt */
@Metadata(d1 = {"\u0000B\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010\b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\u0018\u0000 \u00162\u00020\u0001:\u0001\u0016B!\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\b\b\u0002\u0010\u0004\u001a\u00020\u0003\u0012\b\b\u0002\u0010\u0005\u001a\u00020\u0006¢\u0006\u0002\u0010\u0007J\b\u0010\f\u001a\u00020\rH\u0002J\n\u0010\u000e\u001a\u0004\u0018\u00010\u000fH\u0002J\n\u0010\u0010\u001a\u0004\u0018\u00010\u0011H\u0002J\b\u0010\u0012\u001a\u0004\u0018\u00010\u000bJ\n\u0010\u0013\u001a\u0004\u0018\u00010\u0014H\u0002J\n\u0010\u0015\u001a\u0004\u0018\u00010\u000fH\u0002R\u000e\u0010\u0004\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u0010\u0010\n\u001a\u0004\u0018\u00010\u000bX\u0082\u000e¢\u0006\u0002\n\u0000¨\u0006\u0017"}, d2 = {"Lcom/axis/lib/security/KeyStoreHelper;", "", "keyStoreAlias", "", "keyAlgorithm", "keyLength", "", "(Ljava/lang/String;Ljava/lang/String;I)V", "keyGenParameterBuilder", "Landroid/security/keystore/KeyGenParameterSpec$Builder;", "secretKey", "Ljavax/crypto/SecretKey;", "createKey", "", "getKeyGeneratorInstance", "Ljavax/crypto/KeyGenerator;", "getKeyStore", "Ljava/security/KeyStore;", "getSecretKey", "getSecretKeyEntry", "Ljava/security/KeyStore$SecretKeyEntry;", "setupKeyGenerator", "Companion", "android-security-release_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes2.dex */
public final class KeyStoreHelper {
    private static final String ANDROID_KEYSTORE_PROVIDER = "AndroidKeyStore";
    private static final String DEFAULT_ALGORITHM = "AES";
    private static final int DEFAULT_KEY_LENGTH = 256;
    private final String keyAlgorithm;
    private final KeyGenParameterSpec.Builder keyGenParameterBuilder;
    private final int keyLength;
    private final String keyStoreAlias;
    private SecretKey secretKey;

    public KeyStoreHelper(String keyStoreAlias, String keyAlgorithm, int i) {
        Intrinsics.checkNotNullParameter(keyStoreAlias, "keyStoreAlias");
        Intrinsics.checkNotNullParameter(keyAlgorithm, "keyAlgorithm");
        this.keyStoreAlias = keyStoreAlias;
        this.keyAlgorithm = keyAlgorithm;
        this.keyLength = i;
        this.keyGenParameterBuilder = new KeyGenParameterSpec.Builder(keyStoreAlias, 3);
    }

    public /* synthetic */ KeyStoreHelper(String str, String str2, int i, int i2, DefaultConstructorMarker defaultConstructorMarker) {
        this(str, (i2 & 2) != 0 ? DEFAULT_ALGORITHM : str2, (i2 & 4) != 0 ? 256 : i);
    }

    private final boolean createKey() {
        KeyGenerator keyGenerator = setupKeyGenerator();
        if (keyGenerator == null) {
            return false;
        }
        keyGenerator.generateKey();
        return true;
    }

    private final KeyGenerator getKeyGeneratorInstance() {
        try {
            return KeyGenerator.getInstance(this.keyAlgorithm, ANDROID_KEYSTORE_PROVIDER);
        } catch (GeneralSecurityException e) {
            if (!(e instanceof NoSuchAlgorithmException ? true : e instanceof NoSuchProviderException)) {
                throw e;
            }
            AxisLog.e("Could not initialize Key: " + e.getMessage());
            return null;
        }
    }

    private final KeyStore getKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE_PROVIDER);
            keyStore.load(null);
            return keyStore;
        } catch (Exception e) {
            if (!(e instanceof IOException ? true : e instanceof KeyStoreException ? true : e instanceof NoSuchAlgorithmException ? true : e instanceof CertificateException)) {
                throw e;
            }
            AxisLog.e("KeyStore could not be loaded: " + e.getMessage());
            return null;
        }
    }

    private final KeyStore.SecretKeyEntry getSecretKeyEntry() {
        KeyStore.Entry entry;
        try {
            KeyStore keyStore = getKeyStore();
            if (keyStore == null || (entry = keyStore.getEntry(this.keyStoreAlias, null)) == null) {
                return null;
            }
            return (KeyStore.SecretKeyEntry) entry;
        } catch (GeneralSecurityException e) {
            if (!(e instanceof NoSuchAlgorithmException ? true : e instanceof KeyStoreException ? true : e instanceof UnrecoverableEntryException)) {
                throw e;
            }
            AxisLog.e("Failed to retrieve secret key entry from keyStore: " + e.getMessage());
            return null;
        }
    }

    private final KeyGenerator setupKeyGenerator() {
        KeyGenerator keyGeneratorInstance = getKeyGeneratorInstance();
        if (keyGeneratorInstance == null) {
            return null;
        }
        KeyGenParameterSpec build = this.keyGenParameterBuilder.setKeySize(this.keyLength).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setRandomizedEncryptionRequired(true).build();
        Intrinsics.checkNotNullExpressionValue(build, "keyGenParameterBuilder.s…ed(true)\n        .build()");
        try {
            keyGeneratorInstance.init(build);
            return keyGeneratorInstance;
        } catch (InvalidAlgorithmParameterException e) {
            AxisLog.e("Invalid algorithm parameter supplied: " + e.getMessage());
            return null;
        }
    }

    public final SecretKey getSecretKey() {
        SecretKey secretKey = this.secretKey;
        if (secretKey != null) {
            return secretKey;
        }
        KeyStore.SecretKeyEntry secretKeyEntry = getSecretKeyEntry();
        if (secretKeyEntry == null) {
            createKey();
            secretKeyEntry = getSecretKeyEntry();
        }
        SecretKey secretKey2 = secretKeyEntry != null ? secretKeyEntry.getSecretKey() : null;
        this.secretKey = secretKey2;
        return secretKey2;
    }
}
