package org.cryptomator.cryptolib.api;

import com.google.common.base.Preconditions;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.cryptomator.cryptolib.common.Destroyables;

/* loaded from: input_file:org/cryptomator/cryptolib/api/Masterkey.class */
public class Masterkey implements AutoCloseable, SecretKey {
    public static final String ENC_ALG = "AES";
    public static final String MAC_ALG = "HmacSHA256";
    public static final int KEY_LEN_BYTES = 32;
    private final SecretKey encKey;
    private final SecretKey macKey;

    public Masterkey(SecretKey secretKey, SecretKey secretKey2) {
        this.encKey = secretKey;
        this.macKey = secretKey2;
    }

    public static Masterkey createNew(SecureRandom secureRandom) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(ENC_ALG);
            keyGenerator.init(256, secureRandom);
            SecretKey generateKey = keyGenerator.generateKey();
            KeyGenerator keyGenerator2 = KeyGenerator.getInstance(MAC_ALG);
            keyGenerator2.init(256, secureRandom);
            return new Masterkey(generateKey, keyGenerator2.generateKey());
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException("Hard-coded algorithm doesn't exist.", e);
        }
    }

    public static Masterkey createFromRaw(byte[] bArr) {
        Preconditions.checkArgument(bArr.length == 64, "Invalid raw key length %s", bArr.length);
        return new Masterkey(new SecretKeySpec(bArr, 0, 32, ENC_ALG), new SecretKeySpec(bArr, 32, 32, MAC_ALG));
    }

    public SecretKey getEncKey() {
        return this.encKey;
    }

    public SecretKey getMacKey() {
        return this.macKey;
    }

    @Override // java.security.Key
    public String getAlgorithm() {
        return "private";
    }

    @Override // java.security.Key
    public String getFormat() {
        return "RAW";
    }

    @Override // java.security.Key
    public byte[] getEncoded() {
        byte[] encoded = this.encKey.getEncoded();
        byte[] encoded2 = this.macKey.getEncoded();
        try {
            byte[] bArr = new byte[encoded.length + encoded2.length];
            System.arraycopy(encoded, 0, bArr, 0, encoded.length);
            System.arraycopy(encoded2, 0, bArr, encoded.length, encoded2.length);
            Arrays.fill(encoded, (byte) 0);
            Arrays.fill(encoded2, (byte) 0);
            return bArr;
        } catch (Throwable th) {
            Arrays.fill(encoded, (byte) 0);
            Arrays.fill(encoded2, (byte) 0);
            throw th;
        }
    }

    @Override // java.lang.AutoCloseable
    public void close() {
        destroy();
    }

    @Override // javax.security.auth.Destroyable
    public boolean isDestroyed() {
        return this.encKey.isDestroyed() && this.macKey.isDestroyed();
    }

    @Override // javax.security.auth.Destroyable
    public void destroy() {
        Destroyables.destroySilently(this.encKey);
        Destroyables.destroySilently(this.macKey);
    }
}
