package org.wildfly.security.encryption;

import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.wildfly.common.Assert;
import org.wildfly.common.codec.DecodeException;
import org.wildfly.common.iteration.ByteIterator;
import org.wildfly.common.iteration.CodePointIterator;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/wildfly-elytron-1.15.3.Final.jar:org/wildfly/security/encryption/SecretKeyUtil.class
 */
/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-encryption-1.15.3.Final.jar:org/wildfly/security/encryption/SecretKeyUtil.class */
public class SecretKeyUtil {
    private static final String SECRET_KEY_ALGORITHM = "AES";

    public static SecretKey generateSecretKey(int i) throws GeneralSecurityException {
        checkKeySize(i);
        byte[] bArr = new byte[i / 8];
        new SecureRandom().nextBytes(bArr);
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        Arrays.fill(bArr, (byte) 0);
        return secretKeySpec;
    }

    public static String exportSecretKey(SecretKey secretKey) throws GeneralSecurityException {
        Assert.checkNotNullParam("secretKey", secretKey);
        byte[] encoded = secretKey.getEncoded();
        checkKeySize(encoded.length * 8);
        byte[] bArr = new byte[encoded.length + 5];
        bArr[0] = 69;
        bArr[1] = 76;
        bArr[2] = 89;
        bArr[3] = 1;
        bArr[4] = 75;
        System.arraycopy(encoded, 0, bArr, 5, encoded.length);
        return ByteIterator.ofBytes(bArr).base64Encode().drainToString();
    }

    public static SecretKey importSecretKey(char[] cArr, int i, int i2) throws GeneralSecurityException {
        return importSecretKey(CodePointIterator.ofChars((char[]) Assert.checkNotNullParam("rawData", cArr), i, i2));
    }

    public static SecretKey importSecretKey(String str) throws GeneralSecurityException {
        return importSecretKey(CodePointIterator.ofString((String) Assert.checkNotNullParam("secretKey", str)));
    }

    private static SecretKey importSecretKey(CodePointIterator codePointIterator) throws GeneralSecurityException {
        try {
            ByteIterator base64Decode = codePointIterator.base64Decode();
            byte[] drain = base64Decode.drain(5);
            if (drain.length < 4 || drain[0] != 69 || drain[1] != 76 || drain[2] != 89) {
                throw ElytronMessages.log.badKeyPrefix();
            }
            if (drain[3] != 1) {
                throw ElytronMessages.log.unsupportedVersion(drain[3], 1);
            }
            if (drain[4] != 75) {
                throw ElytronMessages.log.unexpectedTokenType(Common.toName((char) drain[4]), "SecretKey");
            }
            byte[] drain2 = base64Decode.drain();
            checkKeySize(drain2.length * 8);
            return new SecretKeySpec(drain2, "AES");
        } catch (DecodeException e) {
            throw ElytronMessages.log.unableToDecodeBase64Token(e);
        }
    }

    private static void checkKeySize(int i) throws GeneralSecurityException {
        if (i != 128 && i != 192 && i != 256) {
            throw ElytronMessages.log.badKeySize();
        }
    }
}
