package net.theblackchamber.crypto.util;

import com.google.crypto.tink.JsonKeysetReader;
import com.google.crypto.tink.JsonKeysetWriter;
import com.google.crypto.tink.KeysetHandle;
import com.google.crypto.tink.aead.AesGcmKeyManager;
import com.google.crypto.tink.config.TinkConfig;
import com.google.crypto.tink.subtle.AesGcmJce;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStoreException;
import net.theblackchamber.crypto.model.KeyConfig2;
import net.theblackchamber.crypto.providers.digest.SHA256DigestProvider;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:net/theblackchamber/crypto/util/KeystoreUtils2.class */
public class KeystoreUtils2 {
    private static SHA256DigestProvider digest = new SHA256DigestProvider(SHA256DigestProvider.TYPE.SHA1);

    public static void generateSecretKey(KeyConfig2 keyConfig2) throws IOException, GeneralSecurityException {
        if (keyConfig2 == null || keyConfig2.getKeyStoreFile() == null || StringUtils.isBlank(keyConfig2.getKeyPass())) {
            throw new KeyStoreException("Missing parameters, unable to create keystore.");
        }
        TinkConfig.register();
        KeysetHandle generateNew = KeysetHandle.generateNew(AesGcmKeyManager.aes256GcmTemplate());
        AesGcmJce aesGcmJce = new AesGcmJce(digest.digest(keyConfig2.getKeyPass()).substring(0, 32).getBytes());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        generateNew.write(JsonKeysetWriter.withOutputStream(byteArrayOutputStream), aesGcmJce);
        FileUtils.writeByteArrayToFile(keyConfig2.getKeyStoreFile(), byteArrayOutputStream.toByteArray());
    }

    public static KeysetHandle getSecretKey(KeyConfig2 keyConfig2) throws IOException, GeneralSecurityException {
        if (keyConfig2 == null || keyConfig2.getKeyStoreFile() == null || StringUtils.isBlank(keyConfig2.getKeyPass())) {
            throw new KeyStoreException("Missing parameters, unable to create keystore.");
        }
        TinkConfig.register();
        return KeysetHandle.read(JsonKeysetReader.withBytes(FileUtils.readFileToByteArray(keyConfig2.getKeyStoreFile())), new AesGcmJce(digest.digest(keyConfig2.getKeyPass()).substring(0, 32).getBytes()));
    }
}
