package com.fortanix.sdkms.jce.provider;

import com.fortanix.sdkms.jce.provider.service.SDKMSLogger;
import com.fortanix.sdkms.jce.provider.service.SdkmsAes;
import com.fortanix.sdkms.jce.provider.util.ProviderConstants;
import com.fortanix.sdkms.v1.model.KeyOperations;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.List;
import javax.crypto.KeyGeneratorSpi;
import javax.crypto.SecretKey;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/fortanix/sdkms/jce/provider/AESKeyGenerator.class */
public final class AESKeyGenerator extends KeyGeneratorSpi {
    private List<KeyOperations> allowedKeyOperation;
    private static final SDKMSLogger LOGGER = new SDKMSLogger(LoggerFactory.getLogger(AESKeyGenerator.class));
    private int keySize = 16;
    private boolean isTransientKey = true;

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(SecureRandom secureRandom) {
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(int i, SecureRandom secureRandom) {
        LOGGER.debug("AESKeyGenerator: init with keysize " + i);
        if (i % 8 != 0 || !isKeySizeValid(i / 8)) {
            throw new InvalidParameterException("Wrong key size: must be equal to 128, 192 or 256");
        }
        this.keySize = i;
    }

    private boolean isKeySizeValid(int i) {
        for (int i2 = 0; i2 < ProviderConstants.AES_KEYSIZES.length; i2++) {
            if (i == ProviderConstants.AES_KEYSIZES[i2]) {
                return true;
            }
        }
        return false;
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected SecretKey engineGenerateKey() {
        LOGGER.debug("AESKeyGenerator: generate");
        return new SdkmsAESKey(SdkmsAes.generateKeyForAesOperation(Integer.valueOf(this.keySize), this.allowedKeyOperation, this.isTransientKey));
    }

    @Override // javax.crypto.KeyGeneratorSpi
    protected void engineInit(AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom) throws InvalidAlgorithmParameterException {
        LOGGER.debug("AESKeyGenerator: init with params");
        if (!(algorithmParameterSpec instanceof SecurityObjectParameterSpec)) {
            throw new InvalidAlgorithmParameterException("instance is not type of SecurityObjectParameterSpec");
        }
        this.allowedKeyOperation = ((SecurityObjectParameterSpec) algorithmParameterSpec).getAllowedKeyOperations();
        this.isTransientKey = ((SecurityObjectParameterSpec) algorithmParameterSpec).getIsTransientKey();
    }
}
