package io.getlime.security.powerauth.crypto.server.vault;

import io.getlime.security.powerauth.crypto.lib.config.PowerAuthConfiguration;
import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthDerivedKey;
import io.getlime.security.powerauth.crypto.lib.generator.KeyGenerator;
import io.getlime.security.powerauth.crypto.lib.model.exception.GenericCryptoException;
import io.getlime.security.powerauth.crypto.lib.util.AESEncryptionUtils;
import io.getlime.security.powerauth.provider.exception.CryptoProviderException;
import java.security.InvalidKeyException;
import java.security.PrivateKey;
import java.security.PublicKey;
import javax.crypto.SecretKey;

/* loaded from: input_file:io/getlime/security/powerauth/crypto/server/vault/PowerAuthServerVault.class */
public class PowerAuthServerVault {
    public byte[] encryptVaultEncryptionKey(PrivateKey privateKey, PublicKey publicKey, byte[] bArr) throws InvalidKeyException, GenericCryptoException, CryptoProviderException {
        KeyGenerator keyGenerator = new KeyGenerator();
        SecretKey computeSharedKey = keyGenerator.computeSharedKey(privateKey, publicKey);
        SecretKey deriveSecretKey = keyGenerator.deriveSecretKey(keyGenerator.deriveSecretKey(computeSharedKey, PowerAuthDerivedKey.TRANSPORT.getIndex()), bArr);
        SecretKey deriveSecretKey2 = keyGenerator.deriveSecretKey(computeSharedKey, PowerAuthDerivedKey.ENCRYPTED_VAULT.getIndex());
        return new AESEncryptionUtils().encrypt(PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertSharedSecretKeyToBytes(deriveSecretKey2), new byte[16], deriveSecretKey);
    }

    public byte[] encryptVaultEncryptionKey(PrivateKey privateKey, PublicKey publicKey) throws InvalidKeyException, GenericCryptoException, CryptoProviderException {
        KeyGenerator keyGenerator = new KeyGenerator();
        SecretKey computeSharedKey = keyGenerator.computeSharedKey(privateKey, publicKey);
        SecretKey deriveSecretKey = keyGenerator.deriveSecretKey(computeSharedKey, PowerAuthDerivedKey.TRANSPORT.getIndex());
        SecretKey deriveSecretKey2 = keyGenerator.deriveSecretKey(computeSharedKey, PowerAuthDerivedKey.ENCRYPTED_VAULT.getIndex());
        return new AESEncryptionUtils().encrypt(PowerAuthConfiguration.INSTANCE.getKeyConvertor().convertSharedSecretKeyToBytes(deriveSecretKey2), new byte[16], deriveSecretKey);
    }
}
