package com.amazon.identity.auth.device.datastore;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import com.amazon.identity.auth.device.StoredPreferences;
import com.amazon.identity.auth.map.device.utils.MAPLog;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class AESEncryptor {

    /* renamed from: a, reason: collision with root package name */
    public static AESEncryptor f4313a = null;

    /* renamed from: b, reason: collision with root package name */
    public static final String f4314b = "AESEncryptor";

    /* renamed from: c, reason: collision with root package name */
    public final Context f4315c;

    /* renamed from: d, reason: collision with root package name */
    public final byte[] f4316d;

    /* renamed from: e, reason: collision with root package name */
    public final SecretKeySpec f4317e;

    /* renamed from: f, reason: collision with root package name */
    public KeyStore f4318f;

    public AESEncryptor(Context context) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnrecoverableEntryException {
        if (context == null) {
            throw new IllegalArgumentException("Context can not be null");
        }
        this.f4315c = context;
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        this.f4318f = keyStore;
        keyStore.load(null);
        h(context);
        this.f4316d = j();
        this.f4317e = l();
    }

    public static byte[] g() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    public static synchronized AESEncryptor k(Context context) throws KeyStoreException, NoSuchAlgorithmException, IOException, CertificateException, InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnrecoverableEntryException {
        AESEncryptor aESEncryptor;
        synchronized (AESEncryptor.class) {
            if (f4313a == null) {
                MAPLog.c(f4314b, "Creating AESEncryptor for encrypting data");
                f4313a = new AESEncryptor(context);
            }
            aESEncryptor = f4313a;
        }
        return aESEncryptor;
    }

    public static byte[] m(Cipher cipher, byte[] bArr, int i2, int i3) throws IllegalBlockSizeException, BadPaddingException {
        if (cipher == null) {
            return null;
        }
        return cipher.doFinal(bArr, i2, i3);
    }

    public static byte[] n(Cipher cipher, byte[] bArr) throws IllegalBlockSizeException, BadPaddingException {
        if (cipher == null) {
            return null;
        }
        return cipher.doFinal(bArr);
    }

    public String a(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return "AES_00|" + DataEncryptionUpgradeHelper.a(bArr3);
    }

    public final Cipher b(int i2, String str, AlgorithmParameterSpec algorithmParameterSpec) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
        Cipher cipher = Cipher.getInstance(str);
        cipher.init(i2, this.f4317e, algorithmParameterSpec);
        return cipher;
    }

    public final Cipher c(int i2, String str, Key key) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
        Cipher cipher = Cipher.getInstance(str);
        cipher.init(i2, key);
        return cipher;
    }

    public String d(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        MAPLog.c(f4314b, "Decrypting data with AES key");
        if (str == null) {
            throw new IllegalArgumentException("cipherText is null!");
        }
        byte[] c2 = DataEncryptionUpgradeHelper.c(str.substring(7));
        return DataEncryptionUpgradeHelper.b(m(b(2, "AES/CBC/PKCS5Padding", new IvParameterSpec(c2, 0, 16)), c2, 16, c2.length - 16));
    }

    public String e(byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, KeyStoreException, IllegalBlockSizeException, BadPaddingException {
        MAPLog.c(f4314b, "Encrypting AES encryption key with RSA public key");
        return DataEncryptionUpgradeHelper.a(n(c(1, "RSA/ECB/PKCS1Padding", this.f4318f.getCertificate("LWA_KEYSTORE_ALIAS").getPublicKey()), bArr));
    }

    public String f(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        MAPLog.c(f4314b, "Encrypting data with AES key");
        if (str == null) {
            throw new IllegalArgumentException("The data to be encrypted is null!");
        }
        byte[] g2 = g();
        byte[] e2 = DataEncryptionUpgradeHelper.e(str);
        return a(g2, m(b(1, "AES/CBC/PKCS5Padding", new IvParameterSpec(g2)), e2, 0, e2.length));
    }

    @TargetApi(18)
    public void h(Context context) throws KeyStoreException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException {
        KeyStore keyStore = this.f4318f;
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore is null!");
        }
        if (keyStore.containsAlias("LWA_KEYSTORE_ALIAS")) {
            MAPLog.g(f4314b, "RSA keypair is already generated, returning");
            return;
        }
        MAPLog.g(f4314b, "Generating RSA keypair...");
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = Build.VERSION.SDK_INT >= 19 ? new KeyPairGeneratorSpec.Builder(context).setAlias("LWA_KEYSTORE_ALIAS").setSubject(new X500Principal("CN=LWA_KEYSTORE_ALIAS")).setSerialNumber(BigInteger.TEN).setKeySize(2048).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build() : new KeyPairGeneratorSpec.Builder(context).setAlias("LWA_KEYSTORE_ALIAS").setSubject(new X500Principal("CN=LWA_KEYSTORE_ALIAS")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    public byte[] i(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, KeyStoreException, UnrecoverableEntryException {
        MAPLog.c(f4314b, "Decrypting AES key with RSA private key");
        return n(c(2, "RSA/ECB/PKCS1Padding", (PrivateKey) this.f4318f.getKey("LWA_KEYSTORE_ALIAS", null)), DataEncryptionUpgradeHelper.c(str));
    }

    public byte[] j() throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, KeyStoreException, IllegalBlockSizeException, BadPaddingException, UnrecoverableEntryException {
        String a2 = StoredPreferences.a(this.f4315c);
        if (a2 != null) {
            return i(a2);
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        byte[] encoded = keyGenerator.generateKey().getEncoded();
        StoredPreferences.g(this.f4315c, e(encoded));
        return encoded;
    }

    public SecretKeySpec l() {
        if (this.f4316d == null) {
            throw new IllegalArgumentException("Encryption key is null!");
        }
        MAPLog.c(f4314b, "Generate keyspec with given encryption key");
        return new SecretKeySpec(this.f4316d, "AES");
    }
}
