package com.mttnow.android.encryption.internal;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.RequiresApi;
import com.google.android.gms.stats.CodePackage;
import com.mttnow.android.encryption.AndroidEncryption;
import com.mttnow.android.encryption.EncryptionException;
import com.mttnow.android.encryption.SigningException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.spec.ECGenParameterSpec;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

@RequiresApi(api = 23)
/* loaded from: classes2.dex */
public final class KeyLoaderApi23 implements KeyLoader {

    /* renamed from: a, reason: collision with root package name */
    private final Context f6891a;

    /* renamed from: b, reason: collision with root package name */
    private final KeyStore f6892b;

    public KeyLoaderApi23(Context context, KeyStore keyStore) {
        this.f6891a = context;
        this.f6892b = keyStore;
    }

    public static KeyLoader create(Context context) throws EncryptionException {
        try {
            KeyStore keyStore = KeyStore.getInstance(AndroidEncryption.ANDROID_KEY_STORE);
            keyStore.load(null, null);
            return new KeyLoaderApi23(context, keyStore);
        } catch (Exception e2) {
            throw EncryptionException.from("Error getting keystore", e2);
        }
    }

    @Override // com.mttnow.android.encryption.internal.KeyLoader
    public KeyPair loadKeyPair(String str) throws EncryptionException {
        try {
            if (this.f6892b.containsAlias(str)) {
                return new KeyPair(this.f6892b.getCertificate(str).getPublicKey(), (PrivateKey) this.f6892b.getKey(str, null));
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", AndroidEncryption.ANDROID_KEY_STORE);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests("SHA-256", "SHA-384", "SHA-512").setUserAuthenticationRequired(false).build());
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            Functions.deleteAliasQuietly(this.f6892b, str);
            throw SigningException.from("Cant get PURPOSE_ENCRYPT keypair from keystore", e2);
        }
    }

    @Override // com.mttnow.android.encryption.internal.KeyLoader
    public SecretKey loadSecret(String str) throws EncryptionException {
        try {
            if (this.f6892b.containsAlias(str)) {
                return ((KeyStore.SecretKeyEntry) this.f6892b.getEntry(str, null)).getSecretKey();
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", AndroidEncryption.ANDROID_KEY_STORE);
            keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
            return keyGenerator.generateKey();
        } catch (Exception e2) {
            Functions.deleteAliasQuietly(this.f6892b, str);
            throw EncryptionException.from("Error generating AES Key", e2);
        }
    }

    @Override // com.mttnow.android.encryption.internal.KeyLoader
    public KeyPair loadSigningKeyPair(String str) throws EncryptionException {
        try {
            if (this.f6892b.containsAlias(str)) {
                return new KeyPair(this.f6892b.getCertificate(str).getPublicKey(), (PrivateKey) this.f6892b.getKey(str, null));
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", AndroidEncryption.ANDROID_KEY_STORE);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 12).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests("SHA-256", "SHA-384", "SHA-512").setUserAuthenticationRequired(false).build());
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            Functions.deleteAliasQuietly(this.f6892b, str);
            throw SigningException.from("Cant get Signing key from keystore", e2);
        }
    }
}
