package com.huawei.wisesecurity.kfs.crypto.key;

import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.RequiresApi;
import com.adjust.sdk.Constants;
import com.huawei.wisesecurity.kfs.constant.KfsConstant;
import com.huawei.wisesecurity.kfs.crypto.signer.KfsSigner;
import com.huawei.wisesecurity.kfs.crypto.signer.SignAlg;
import com.huawei.wisesecurity.kfs.crypto.signer.ec.ECSigner;
import com.huawei.wisesecurity.kfs.exception.KfsException;
import com.huawei.wisesecurity.kfs.exception.KfsValidationException;
import com.huawei.wisesecurity.kfs.validation.KfsValidator;
import com.huawei.wisesecurity.kfs.validation.constrains.KfsIn;
import com.huawei.wisesecurity.ucs_credential.e;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECGenParameterSpec;

/* loaded from: classes4.dex */
public class ECKeyStoreKeyManager extends KeyStoreKeyManager {

    /* renamed from: b, reason: collision with root package name */
    public static final AlgorithmParameterSpec f12327b = new ECGenParameterSpec("secp256r1");

    /* loaded from: classes4.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        @KfsIn(intArr = {256})
        public final int f12328a;

        /* renamed from: b, reason: collision with root package name */
        @KfsIn(intArr = {12}, message = "bad purpose")
        public final int f12329b;

        public a(KeyGenerateParam keyGenerateParam) {
            this.f12328a = keyGenerateParam.getKeyLen();
            this.f12329b = keyGenerateParam.getPurpose().getValue();
        }
    }

    @Override // com.huawei.wisesecurity.kfs.crypto.key.KeyStoreKeyManager
    @RequiresApi(api = 23)
    public void generateKey() throws KfsException {
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec.Builder algorithmParameterSpec;
        KeyGenParameterSpec.Builder keySize;
        KeyGenParameterSpec build;
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", KfsConstant.PROVIDER_ANDROID_KEYSTORE);
            digests = new KeyGenParameterSpec.Builder(this.param.getAlias(), 15).setDigests(Constants.SHA256, "SHA-384", "SHA-512");
            algorithmParameterSpec = digests.setAlgorithmParameterSpec(f12327b);
            keySize = algorithmParameterSpec.setKeySize(this.param.getKeyLen());
            build = keySize.build();
            keyPairGenerator.initialize(build);
            if (keyPairGenerator.generateKeyPair() != null) {
            } else {
                throw new KfsException("generate ec key pair failed with bad key");
            }
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            StringBuilder a2 = e.a("generate ec key pair failed, ");
            a2.append(e.getMessage());
            throw new KfsException(a2.toString());
        }
    }

    @Override // com.huawei.wisesecurity.kfs.crypto.key.KeyStoreKeyManager
    public void validateKey() throws KfsException {
        validateSign((KfsSigner) new ECSigner.Builder().withAlg(SignAlg.ECDSA).withKeyStoreAlias(this.param.getAlias()).build());
    }

    @Override // com.huawei.wisesecurity.kfs.crypto.key.KeyStoreKeyManager
    public void validateParam(KeyGenerateParam keyGenerateParam) throws KfsValidationException {
        KfsValidator.validate(new a(keyGenerateParam));
    }
}
