package com.amazon.identity.auth.device.datastore;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import com.amazon.identity.auth.device.StoredPreferences;
import com.amazon.identity.auth.map.device.utils.MAPLog;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class AESEncryptor {

    /* renamed from: e, reason: collision with root package name */
    public static AESEncryptor f2809e = null;

    /* renamed from: f, reason: collision with root package name */
    public static final String f2810f = "AESEncryptor";

    /* renamed from: a, reason: collision with root package name */
    public final Context f2811a;

    /* renamed from: b, reason: collision with root package name */
    public final byte[] f2812b;

    /* renamed from: c, reason: collision with root package name */
    public final SecretKeySpec f2813c;

    /* renamed from: d, reason: collision with root package name */
    public KeyStore f2814d;

    public AESEncryptor(Context context) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnrecoverableEntryException {
        if (context == null) {
            throw new IllegalArgumentException("Context can not be null");
        }
        this.f2811a = context;
        this.f2814d = KeyStore.getInstance("AndroidKeyStore");
        this.f2814d.load(null);
        a(context);
        this.f2812b = a();
        this.f2813c = b();
    }

    public static byte[] a(Cipher cipher, byte[] bArr) throws IllegalBlockSizeException, BadPaddingException {
        if (cipher == null) {
            return null;
        }
        return cipher.doFinal(bArr);
    }

    public static byte[] a(Cipher cipher, byte[] bArr, int i2, int i3) throws IllegalBlockSizeException, BadPaddingException {
        if (cipher == null) {
            return null;
        }
        return cipher.doFinal(bArr, i2, i3);
    }

    public static synchronized AESEncryptor b(Context context) throws KeyStoreException, NoSuchAlgorithmException, IOException, CertificateException, InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnrecoverableEntryException {
        AESEncryptor aESEncryptor;
        synchronized (AESEncryptor.class) {
            if (f2809e == null) {
                MAPLog.a(f2810f, "Creating AESEncryptor for encrypting data");
                f2809e = new AESEncryptor(context);
            }
            aESEncryptor = f2809e;
        }
        return aESEncryptor;
    }

    public static byte[] c() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    public String a(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        MAPLog.a(f2810f, "Decrypting data with AES key");
        if (str == null) {
            throw new IllegalArgumentException("cipherText is null!");
        }
        byte[] c2 = DataEncryptionUpgradeHelper.c(str.substring(7));
        return DataEncryptionUpgradeHelper.b(a(a(2, "AES/CBC/PKCS5Padding", new IvParameterSpec(c2, 0, 16)), c2, 16, c2.length - 16));
    }

    public String a(byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, KeyStoreException, IllegalBlockSizeException, BadPaddingException {
        MAPLog.a(f2810f, "Encrypting AES encryption key with RSA public key");
        return DataEncryptionUpgradeHelper.a(a(a(1, "RSA/ECB/PKCS1Padding", this.f2814d.getCertificate("LWA_KEYSTORE_ALIAS").getPublicKey()), bArr));
    }

    public String a(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return "AES_00|" + DataEncryptionUpgradeHelper.a(bArr3);
    }

    public final Cipher a(int i2, String str, Key key) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
        Cipher cipher = Cipher.getInstance(str);
        cipher.init(i2, key);
        return cipher;
    }

    public final Cipher a(int i2, String str, AlgorithmParameterSpec algorithmParameterSpec) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
        Cipher cipher = Cipher.getInstance(str);
        cipher.init(i2, this.f2813c, algorithmParameterSpec);
        return cipher;
    }

    @TargetApi(18)
    public void a(Context context) throws KeyStoreException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException {
        KeyStore keyStore = this.f2814d;
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore is null!");
        }
        if (keyStore.containsAlias("LWA_KEYSTORE_ALIAS")) {
            MAPLog.d(f2810f, "RSA keypair is already generated, returning");
            return;
        }
        MAPLog.d(f2810f, "Generating RSA keypair...");
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = Build.VERSION.SDK_INT >= 19 ? new KeyPairGeneratorSpec.Builder(context).setAlias("LWA_KEYSTORE_ALIAS").setSubject(new X500Principal("CN=LWA_KEYSTORE_ALIAS")).setSerialNumber(BigInteger.TEN).setKeySize(2048).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build() : new KeyPairGeneratorSpec.Builder(context).setAlias("LWA_KEYSTORE_ALIAS").setSubject(new X500Principal("CN=LWA_KEYSTORE_ALIAS")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    public byte[] a() throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, KeyStoreException, IllegalBlockSizeException, BadPaddingException, UnrecoverableEntryException {
        String a2 = StoredPreferences.a(this.f2811a);
        if (a2 != null) {
            return c(a2);
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        byte[] encoded = keyGenerator.generateKey().getEncoded();
        StoredPreferences.b(this.f2811a, a(encoded));
        return encoded;
    }

    public String b(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        MAPLog.a(f2810f, "Encrypting data with AES key");
        if (str == null) {
            throw new IllegalArgumentException("The data to be encrypted is null!");
        }
        byte[] c2 = c();
        byte[] d2 = DataEncryptionUpgradeHelper.d(str);
        return a(c2, a(a(1, "AES/CBC/PKCS5Padding", new IvParameterSpec(c2)), d2, 0, d2.length));
    }

    public SecretKeySpec b() {
        if (this.f2812b == null) {
            throw new IllegalArgumentException("Encryption key is null!");
        }
        MAPLog.a(f2810f, "Generate keyspec with given encryption key");
        return new SecretKeySpec(this.f2812b, "AES");
    }

    public byte[] c(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, KeyStoreException, UnrecoverableEntryException {
        MAPLog.a(f2810f, "Decrypting AES key with RSA private key");
        return a(a(2, "RSA/ECB/PKCS1Padding", (PrivateKey) this.f2814d.getKey("LWA_KEYSTORE_ALIAS", null)), DataEncryptionUpgradeHelper.c(str));
    }
}
