package com.tomtom.sdk.common.securityframework;

import android.security.keystore.KeyGenParameterSpec;
import com.google.android.gms.stats.CodePackage;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: AESEncryption.kt */
@Metadata(d1 = {"\u0000*\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\u0006\b\u0000\u0018\u0000 \u00112\u00020\u0001:\u0001\u0011B\u0005¢\u0006\u0002\u0010\u0002J\u0010\u0010\b\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\tH\u0016J\b\u0010\u000b\u001a\u00020\fH\u0016J\u0010\u0010\r\u001a\u00020\t2\u0006\u0010\u000e\u001a\u00020\tH\u0016J\b\u0010\u000f\u001a\u00020\u0004H\u0016J\b\u0010\u0010\u001a\u00020\u0004H\u0016R\u0014\u0010\u0003\u001a\u00020\u00048VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u0003\u0010\u0005R\u0010\u0010\u0006\u001a\u0004\u0018\u00010\u0007X\u0082\u000e¢\u0006\u0002\n\u0000¨\u0006\u0012"}, d2 = {"Lcom/tomtom/sdk/common/securityframework/AESEncryption;", "Lcom/tomtom/sdk/common/securityframework/Encryption;", "()V", "isValid", "", "()Z", "mKey", "Ljavax/crypto/SecretKey;", "decrypt", "", "encrypted", "deleteKey", "", "encrypt", "secret", "generateAndStoreNewKey", "loadKey", "Companion", "security-framework_release"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes4.dex */
public final class AESEncryption implements Encryption {
    public static final String AES_KEY_ALIAS = "keystore-aes-key";
    public static final String AES_MODE = "AES/GCM/NoPadding";

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    private static final int IV_LENGTH = 12;
    public static final String KEY_GENERATOR_PROVIDER = "AndroidKeyStore";
    private static final int TAG_LENGTH = 128;
    private SecretKey mKey;

    /* compiled from: AESEncryption.kt */
    @Metadata(d1 = {"\u00002\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010\b\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0012\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0000\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u001a\u0010\u000e\u001a\u00020\u000f2\u0006\u0010\u0010\u001a\u00020\u000f2\b\u0010\u0011\u001a\u0004\u0018\u00010\u000bH\u0002J\u001a\u0010\u0012\u001a\u00020\u000f2\u0006\u0010\u0013\u001a\u00020\u000f2\b\u0010\u0011\u001a\u0004\u0018\u00010\u000bH\u0002J\n\u0010\u0014\u001a\u0004\u0018\u00010\u000bH\u0002J\n\u0010\u0015\u001a\u0004\u0018\u00010\u0016H\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\t\u001a\u00020\u0007X\u0082T¢\u0006\u0002\n\u0000R\u0016\u0010\n\u001a\u0004\u0018\u00010\u000b8BX\u0082\u0004¢\u0006\u0006\u001a\u0004\b\f\u0010\r¨\u0006\u0017"}, d2 = {"Lcom/tomtom/sdk/common/securityframework/AESEncryption$Companion;", "", "()V", "AES_KEY_ALIAS", "", "AES_MODE", "IV_LENGTH", "", "KEY_GENERATOR_PROVIDER", "TAG_LENGTH", "key", "Ljavax/crypto/SecretKey;", "getKey", "()Ljavax/crypto/SecretKey;", "decrypt", "", "encrypted", "secretKey", "encrypt", "secret", "generateKey", "initKeySpec", "Ljava/security/spec/AlgorithmParameterSpec;", "security-framework_release"}, k = 1, mv = {1, 8, 0}, xi = 48)
    /* loaded from: classes4.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final byte[] decrypt(byte[] encrypted, SecretKey secretKey) throws GeneralSecurityException {
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(encrypted);
                byte[] bArr = new byte[12];
                if (byteArrayInputStream.read(bArr) != 12) {
                    throw new GeneralSecurityException("Cannot decrypt provided data. Missing IV.");
                }
                Cipher cipher = Cipher.getInstance(AESEncryption.AES_MODE);
                cipher.init(2, secretKey, new GCMParameterSpec(128, bArr));
                CipherInputStream cipherInputStream = new CipherInputStream(byteArrayInputStream, cipher);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byte[] bArr2 = new byte[256];
                while (true) {
                    int read = cipherInputStream.read(bArr2);
                    if (read == -1) {
                        byte[] byteArray = byteArrayOutputStream.toByteArray();
                        Intrinsics.checkNotNullExpressionValue(byteArray, "{\n                val in…ByteArray()\n            }");
                        return byteArray;
                    }
                    byteArrayOutputStream.write(bArr2, 0, read);
                }
            } catch (IOException e) {
                throw new GeneralSecurityException("Cannot decrypt provided data. An IOException was thrown with message: " + e.getMessage());
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final byte[] encrypt(byte[] secret, SecretKey secretKey) throws GeneralSecurityException {
            Cipher cipher = Cipher.getInstance(AESEncryption.AES_MODE);
            cipher.init(1, secretKey);
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byteArrayOutputStream.write(cipher.getIV());
                CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
                cipherOutputStream.write(secret);
                cipherOutputStream.close();
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                Intrinsics.checkNotNullExpressionValue(byteArray, "{\n                val ou…ByteArray()\n            }");
                return byteArray;
            } catch (IOException e) {
                throw new GeneralSecurityException("Cannot encrypt provided data. An IOException was thrown with message: " + e.getMessage());
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final SecretKey generateKey() throws GeneralSecurityException {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            Intrinsics.checkNotNullExpressionValue(keyGenerator, "getInstance(\n           …ROVIDER\n                )");
            keyGenerator.init(initKeySpec());
            return keyGenerator.generateKey();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final SecretKey getKey() throws GeneralSecurityException {
            KeyStore loadKeyStore$security_framework_release = Encryption.INSTANCE.loadKeyStore$security_framework_release("AndroidKeyStore");
            if (loadKeyStore$security_framework_release.containsAlias(AESEncryption.AES_KEY_ALIAS)) {
                KeyStore.Entry entry = loadKeyStore$security_framework_release.getEntry(AESEncryption.AES_KEY_ALIAS, null);
                r3 = entry instanceof KeyStore.SecretKeyEntry ? ((KeyStore.SecretKeyEntry) entry).getSecretKey() : null;
                if (r3 == null) {
                    loadKeyStore$security_framework_release.deleteEntry(AESEncryption.AES_KEY_ALIAS);
                }
            }
            return r3;
        }

        private final AlgorithmParameterSpec initKeySpec() {
            return new KeyGenParameterSpec.Builder(AESEncryption.AES_KEY_ALIAS, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").build();
        }
    }

    @Override // com.tomtom.sdk.common.securityframework.Encryption
    public byte[] decrypt(byte[] encrypted) throws GeneralSecurityException {
        Intrinsics.checkNotNullParameter(encrypted, "encrypted");
        if (isValid()) {
            return INSTANCE.decrypt(encrypted, this.mKey);
        }
        throw new IllegalStateException("Cannot decrypt with an invalid encryption. Load the key before trying to decrypt.".toString());
    }

    @Override // com.tomtom.sdk.common.securityframework.Encryption
    public void deleteKey() throws GeneralSecurityException {
        KeyStore loadKeyStore$security_framework_release = Encryption.INSTANCE.loadKeyStore$security_framework_release("AndroidKeyStore");
        if (loadKeyStore$security_framework_release.containsAlias(AES_KEY_ALIAS)) {
            loadKeyStore$security_framework_release.deleteEntry(AES_KEY_ALIAS);
        }
        this.mKey = null;
    }

    @Override // com.tomtom.sdk.common.securityframework.Encryption
    public byte[] encrypt(byte[] secret) throws GeneralSecurityException {
        Intrinsics.checkNotNullParameter(secret, "secret");
        if (isValid()) {
            return INSTANCE.encrypt(secret, this.mKey);
        }
        throw new IllegalStateException("Cannot encrypt with an invalid encryption. Load or generate a new key before trying to encrypt.".toString());
    }

    @Override // com.tomtom.sdk.common.securityframework.Encryption
    public boolean generateAndStoreNewKey() throws GeneralSecurityException {
        this.mKey = INSTANCE.generateKey();
        return isValid();
    }

    @Override // com.tomtom.sdk.common.securityframework.Encryption
    public boolean isValid() {
        return this.mKey != null;
    }

    @Override // com.tomtom.sdk.common.securityframework.Encryption
    public boolean loadKey() throws GeneralSecurityException {
        this.mKey = INSTANCE.getKey();
        return isValid();
    }
}
