package com.amazon.corretto.crypto.provider;

import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Optional;
import java.util.Set;
import java.util.function.Supplier;
import javax.crypto.Cipher;
import javax.crypto.KeyGeneratorSpi;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/amazon/corretto/crypto/provider/SecretKeyGenerator.class */
class SecretKeyGenerator extends KeyGeneratorSpi {
    private final Supplier<SecureRandom> defaultSecureRandomSupplier;
    private final SecretKeyProperties secretKeyProperties;
    private Optional<SecureRandom> secureRandom = Optional.empty();
    private int keySize;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/amazon/corretto/crypto/provider/SecretKeyGenerator$AesSecretKeyProperties.class */
    public static final class AesSecretKeyProperties implements SecretKeyProperties {
        private static final String NAME = "AES";
        public static final AesSecretKeyProperties INSTANCE = new AesSecretKeyProperties();
        private static final Set<Integer> AES_VALID_KEY_SIZES = aesValidKeySizes();

        private AesSecretKeyProperties() {
        }

        private static Set<Integer> aesValidKeySizes() {
            HashSet hashSet = new HashSet();
            hashSet.add(128);
            hashSet.add(192);
            hashSet.add(256);
            return hashSet;
        }

        @Override // com.amazon.corretto.crypto.provider.SecretKeyGenerator.SecretKeyProperties
        public String getName() {
            return NAME;
        }

        @Override // com.amazon.corretto.crypto.provider.SecretKeyGenerator.SecretKeyProperties
        public int defaultKeySize() {
            try {
                return Math.min(256, Cipher.getMaxAllowedKeyLength(NAME));
            } catch (NoSuchAlgorithmException e) {
                throw new AssertionError("This is an impossible case.", e);
            }
        }

        @Override // com.amazon.corretto.crypto.provider.SecretKeyGenerator.SecretKeyProperties
        public void checkKeySizeIsValid(int i) {
            if (!AES_VALID_KEY_SIZES.contains(Integer.valueOf(i))) {
                throw new InvalidParameterException("Wrong keysize: must be equal to 128, 192 or 256");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/amazon/corretto/crypto/provider/SecretKeyGenerator$DefaultSecureRandomSupplier.class */
    public static final class DefaultSecureRandomSupplier implements Supplier<SecureRandom> {
        public static final DefaultSecureRandomSupplier INSTANCE = new DefaultSecureRandomSupplier();

        private DefaultSecureRandomSupplier() {
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.function.Supplier
        public SecureRandom get() {
            return new LibCryptoRng();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/amazon/corretto/crypto/provider/SecretKeyGenerator$SecretKeyProperties.class */
    public interface SecretKeyProperties {
        String getName();

        int defaultKeySize();

        void checkKeySizeIsValid(int i);
    }

    SecretKeyGenerator(Supplier<SecureRandom> supplier, SecretKeyProperties secretKeyProperties) {
        this.defaultSecureRandomSupplier = supplier;
        this.secretKeyProperties = secretKeyProperties;
        this.keySize = secretKeyProperties.defaultKeySize();
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(SecureRandom secureRandom) {
        this.secureRandom = Optional.ofNullable(secureRandom);
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        throw new InvalidAlgorithmParameterException("SecretKeyGenerator does not support initialization with AlgorithmParameterSpec.");
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(int i, SecureRandom secureRandom) {
        this.secretKeyProperties.checkKeySizeIsValid(i);
        this.keySize = i;
        this.secureRandom = Optional.ofNullable(secureRandom);
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected SecretKey engineGenerateKey() {
        byte[] bArr = new byte[this.keySize / 8];
        this.secureRandom.orElseGet(this.defaultSecureRandomSupplier).nextBytes(bArr);
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, this.secretKeyProperties.getName());
        Arrays.fill(bArr, (byte) 0);
        return secretKeySpec;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyGeneratorSpi createAesKeyGeneratorSpi() {
        return new SecretKeyGenerator(DefaultSecureRandomSupplier.INSTANCE, AesSecretKeyProperties.INSTANCE);
    }
}
