package com.avaya.clientservices.provider.certificate.internal;

import android.security.keystore.KeyGenParameterSpec;
import com.avaya.clientservices.client.Log;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.security.auth.DestroyFailedException;

/* loaded from: classes.dex */
public class HardwareBackedAESCryptoHelper extends AbstractAESCryptoHelper implements AESCryptoHelper {
    private static final String AES_SECRET_KEY_ALIAS = "AvayaClientServicesEncryptionKey";
    private static final int AES_SECRET_KEY_LENGTH = 256;
    private static final String KEYSTORE_TYPE = "AndroidKeyStore";
    private final SecretKey secretKey;

    public HardwareBackedAESCryptoHelper() {
        super(null);
        this.secretKey = retrieveSecretKey();
    }

    private static KeyStore getKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
            keyStore.load(null);
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new AssertionError(e);
        }
    }

    private SecretKey getSecretKey() {
        return this.secretKey;
    }

    private static SecretKey retrieveSecretKey() throws AssertionError {
        try {
            KeyStore keyStore = getKeyStore();
            if (keyStore.containsAlias(AES_SECRET_KEY_ALIAS) && keyStore.entryInstanceOf(AES_SECRET_KEY_ALIAS, KeyStore.SecretKeyEntry.class)) {
                Log.d("Retrieving SecretKey from KeyStore");
                return ((KeyStore.SecretKeyEntry) keyStore.getEntry(AES_SECRET_KEY_ALIAS, null)).getSecretKey();
            }
            Log.d("Generating new SecretKey");
            SecureRandom secureRandom = new SecureRandom();
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(AES_SECRET_KEY_ALIAS, 3).setKeySize(256).setBlockModes("ECB").setEncryptionPaddings("PKCS7Padding").setRandomizedEncryptionRequired(false).build();
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", KEYSTORE_TYPE);
            keyGenerator.init(build, secureRandom);
            return keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException e) {
            throw new AssertionError(e);
        }
    }

    @Override // com.avaya.clientservices.provider.certificate.internal.AESCryptoHelper
    public void destroyKeys() throws DestroyFailedException {
        Log.d("Destroying SecretKey");
        this.secretKey.destroy();
    }

    @Override // com.avaya.clientservices.provider.certificate.internal.AESCryptoHelper
    public Cipher getCipher(int i) throws AssertionError {
        return getCipher(i, getSecretKey());
    }
}
