package androidx.security.crypto;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import com.microsoft.identity.common.java.crypto.key.AES256KeyLoader;
import g.e;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import javax.crypto.KeyGenerator;
import org.xbill.DNS.KEYRecord;

/* loaded from: classes.dex */
public final class MasterKey {

    /* renamed from: a, reason: collision with root package name */
    public final String f8514a;

    /* JADX WARN: Failed to restore enum class, 'enum' modifier and super class removed */
    /* JADX WARN: Unknown enum class pattern. Please report as an issue! */
    /* loaded from: classes.dex */
    public static final class KeyScheme {
        private static final /* synthetic */ KeyScheme[] $VALUES;
        public static final KeyScheme AES256_GCM;

        /* JADX WARN: Type inference failed for: r0v0, types: [androidx.security.crypto.MasterKey$KeyScheme, java.lang.Enum] */
        static {
            ?? r02 = new Enum("AES256_GCM", 0);
            AES256_GCM = r02;
            $VALUES = new KeyScheme[]{r02};
        }

        public KeyScheme() {
            throw null;
        }

        public static KeyScheme valueOf(String str) {
            return (KeyScheme) Enum.valueOf(KeyScheme.class, str);
        }

        public static KeyScheme[] values() {
            return (KeyScheme[]) $VALUES.clone();
        }
    }

    /* loaded from: classes.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        public static final /* synthetic */ int[] f8515a;

        static {
            int[] iArr = new int[KeyScheme.values().length];
            f8515a = iArr;
            try {
                iArr[KeyScheme.AES256_GCM.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
        }
    }

    /* loaded from: classes.dex */
    public static final class b {

        /* renamed from: a, reason: collision with root package name */
        public final String f8516a;

        /* renamed from: b, reason: collision with root package name */
        public KeyGenParameterSpec f8517b;

        /* renamed from: c, reason: collision with root package name */
        public KeyScheme f8518c;

        /* loaded from: classes.dex */
        public static class a {
            public static String a(KeyGenParameterSpec keyGenParameterSpec) {
                return keyGenParameterSpec.getKeystoreAlias();
            }
        }

        public b(Context context) {
            context.getApplicationContext();
            this.f8516a = "_androidx_security_master_key_";
        }

        public final MasterKey a() throws GeneralSecurityException, IOException {
            KeyScheme keyScheme = this.f8518c;
            if (keyScheme == null && this.f8517b == null) {
                throw new IllegalArgumentException("build() called before setKeyGenParameterSpec or setKeyScheme.");
            }
            if (keyScheme == KeyScheme.AES256_GCM) {
                this.f8517b = new KeyGenParameterSpec.Builder(this.f8516a, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(KEYRecord.OWNER_ZONE).build();
            }
            KeyGenParameterSpec keyGenParameterSpec = this.f8517b;
            if (keyGenParameterSpec == null) {
                throw new NullPointerException("KeyGenParameterSpec was null after build() check");
            }
            Object obj = androidx.security.crypto.a.f8519a;
            if (keyGenParameterSpec.getKeySize() != 256) {
                throw new IllegalArgumentException("invalid key size, want 256 bits got " + keyGenParameterSpec.getKeySize() + " bits");
            }
            if (!Arrays.equals(keyGenParameterSpec.getBlockModes(), new String[]{"GCM"})) {
                throw new IllegalArgumentException("invalid block mode, want GCM got " + Arrays.toString(keyGenParameterSpec.getBlockModes()));
            }
            if (keyGenParameterSpec.getPurposes() != 3) {
                throw new IllegalArgumentException("invalid purposes mode, want PURPOSE_ENCRYPT | PURPOSE_DECRYPT got " + keyGenParameterSpec.getPurposes());
            }
            if (!Arrays.equals(keyGenParameterSpec.getEncryptionPaddings(), new String[]{"NoPadding"})) {
                throw new IllegalArgumentException("invalid padding mode, want NoPadding got " + Arrays.toString(keyGenParameterSpec.getEncryptionPaddings()));
            }
            if (keyGenParameterSpec.isUserAuthenticationRequired() && keyGenParameterSpec.getUserAuthenticationValidityDurationSeconds() < 1) {
                throw new IllegalArgumentException("per-operation authentication is not supported (UserAuthenticationValidityDurationSeconds must be >0)");
            }
            synchronized (androidx.security.crypto.a.f8519a) {
                String keystoreAlias = keyGenParameterSpec.getKeystoreAlias();
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                if (!keyStore.containsAlias(keystoreAlias)) {
                    try {
                        KeyGenerator keyGenerator = KeyGenerator.getInstance(AES256KeyLoader.AES_ALGORITHM, "AndroidKeyStore");
                        keyGenerator.init(keyGenParameterSpec);
                        keyGenerator.generateKey();
                    } catch (ProviderException e10) {
                        throw new GeneralSecurityException(e10.getMessage(), e10);
                    }
                }
            }
            return new MasterKey(keyGenParameterSpec.getKeystoreAlias(), this.f8517b);
        }
    }

    public MasterKey(String str, Object obj) {
        this.f8514a = str;
    }

    public final String toString() {
        boolean z6;
        StringBuilder sb2 = new StringBuilder("MasterKey{keyAlias=");
        String str = this.f8514a;
        sb2.append(str);
        sb2.append(", isKeyStoreBacked=");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            z6 = keyStore.containsAlias(str);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException unused) {
            z6 = false;
        }
        return e.a(sb2, z6, "}");
    }
}
