package e.c.i.d.a.a;

import com.amazonaws.AmazonClientException;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.services.s3.AmazonS3EncryptionClient;
import com.amazonaws.services.s3.internal.InputSubstream;
import com.amazonaws.services.s3.internal.RepeatableFileInputStream;
import com.amazonaws.services.s3.internal.S3Direct;
import com.amazonaws.services.s3.internal.crypto.AdjustedRangeInputStream;
import com.amazonaws.services.s3.internal.crypto.CipherLiteInputStream;
import com.amazonaws.services.s3.internal.crypto.CryptoRuntime;
import com.amazonaws.services.s3.internal.crypto.EncryptionUtils;
import com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase;
import com.amazonaws.services.s3.model.CompleteMultipartUploadRequest;
import com.amazonaws.services.s3.model.CompleteMultipartUploadResult;
import com.amazonaws.services.s3.model.CopyPartRequest;
import com.amazonaws.services.s3.model.CopyPartResult;
import com.amazonaws.services.s3.model.CryptoConfiguration;
import com.amazonaws.services.s3.model.CryptoStorageMode;
import com.amazonaws.services.s3.model.EncryptionMaterialsProvider;
import com.amazonaws.services.s3.model.GetObjectRequest;
import com.amazonaws.services.s3.model.InitiateMultipartUploadRequest;
import com.amazonaws.services.s3.model.InitiateMultipartUploadResult;
import com.amazonaws.services.s3.model.ObjectMetadata;
import com.amazonaws.services.s3.model.PutObjectRequest;
import com.amazonaws.services.s3.model.PutObjectResult;
import com.amazonaws.services.s3.model.S3Object;
import com.amazonaws.services.s3.model.S3ObjectInputStream;
import com.amazonaws.services.s3.model.UploadPartRequest;
import com.amazonaws.services.s3.model.UploadPartResult;
import com.amazonaws.util.json.JsonUtils;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Map;

/* loaded from: classes.dex */
public class i extends S3CryptoModuleBase<h> {
    static {
        CryptoRuntime.enableBouncyCastle();
    }

    public i(S3Direct s3Direct, AWSCredentialsProvider aWSCredentialsProvider, EncryptionMaterialsProvider encryptionMaterialsProvider, ClientConfiguration clientConfiguration, CryptoConfiguration cryptoConfiguration) {
        super(s3Direct, aWSCredentialsProvider, encryptionMaterialsProvider, clientConfiguration, cryptoConfiguration, new l(f.f30524b));
    }

    @Override // com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase
    public final long ciphertextLength(long j2) {
        return j2 + (this.contentCryptoScheme.l() / 8);
    }

    @Override // com.amazonaws.services.s3.internal.crypto.S3CryptoModule
    public CompleteMultipartUploadResult completeMultipartUploadSecurely(CompleteMultipartUploadRequest completeMultipartUploadRequest) {
        a(completeMultipartUploadRequest, AmazonS3EncryptionClient.USER_AGENT);
        String uploadId = completeMultipartUploadRequest.getUploadId();
        h hVar = (h) this.multipartUploadContexts.get(uploadId);
        if (!hVar.hasFinalPartBeenSeen()) {
            throw new AmazonClientException("Unable to complete an encrypted multipart upload without being told which part was the last.  Without knowing which part was the last, the encrypted data in Amazon S3 is incomplete and corrupt.");
        }
        CompleteMultipartUploadResult completeMultipartUpload = this.s3.completeMultipartUpload(completeMultipartUploadRequest);
        if (this.cryptoConfig.getStorageMode() == CryptoStorageMode.InstructionFile) {
            this.s3.putObject(createInstructionPutRequest(hVar.getBucketName(), hVar.getKey(), hVar.b()));
        }
        this.multipartUploadContexts.remove(uploadId);
        return completeMultipartUpload;
    }

    @Override // com.amazonaws.services.s3.internal.crypto.S3CryptoModule
    public CopyPartResult copyPartSecurely(CopyPartRequest copyPartRequest) {
        h hVar = (h) this.multipartUploadContexts.get(copyPartRequest.getUploadId());
        if (!hVar.hasFinalPartBeenSeen()) {
            hVar.setHasFinalPartBeenSeen(true);
        }
        return this.s3.copyPart(copyPartRequest);
    }

    public final n f(n nVar, long[] jArr, Map<String, String> map) {
        if (jArr == null) {
            return nVar;
        }
        long instanceLength = (nVar.f().getInstanceLength() - (nVar.a(map).l() / 8)) - 1;
        if (jArr[1] > instanceLength) {
            jArr[1] = instanceLength;
            if (jArr[0] > jArr[1]) {
                try {
                    nVar.e().close();
                } catch (IOException e2) {
                    this.log.trace("", e2);
                }
                nVar.k(new ByteArrayInputStream(new byte[0]));
                return nVar;
            }
        }
        if (jArr[0] > jArr[1]) {
            return nVar;
        }
        try {
            S3ObjectInputStream e3 = nVar.e();
            nVar.j(new S3ObjectInputStream(new AdjustedRangeInputStream(e3, jArr[0], jArr[1]), e3.getHttpRequest()));
            return nVar;
        } catch (IOException e4) {
            throw new AmazonClientException("Error adjusting output to desired byte range: " + e4.getMessage());
        }
    }

    public final void g(Object obj, String str) {
        if (obj == null) {
            throw new IllegalArgumentException(str);
        }
    }

    @Override // com.amazonaws.services.s3.internal.crypto.S3CryptoModule
    public ObjectMetadata getObjectSecurely(GetObjectRequest getObjectRequest, File file) {
        BufferedOutputStream bufferedOutputStream;
        g(file, "The destination file parameter must be specified when downloading an object directly to a file");
        S3Object objectSecurely = getObjectSecurely(getObjectRequest);
        BufferedOutputStream bufferedOutputStream2 = null;
        if (objectSecurely == null) {
            return null;
        }
        try {
            try {
                bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file));
            } catch (IOException e2) {
                e = e2;
            }
        } catch (Throwable th) {
            th = th;
        }
        try {
            byte[] bArr = new byte[10240];
            while (true) {
                int read = objectSecurely.getObjectContent().read(bArr);
                if (read > -1) {
                    bufferedOutputStream.write(bArr, 0, read);
                } else {
                    try {
                        break;
                    } catch (Exception e3) {
                        this.log.debug(e3.getMessage());
                    }
                }
            }
            bufferedOutputStream.close();
            try {
                objectSecurely.getObjectContent().close();
            } catch (Exception e4) {
                this.log.debug(e4.getMessage());
            }
            return objectSecurely.getObjectMetadata();
        } catch (IOException e5) {
            e = e5;
            bufferedOutputStream2 = bufferedOutputStream;
            throw new AmazonClientException("Unable to store object contents to disk: " + e.getMessage(), e);
        } catch (Throwable th2) {
            th = th2;
            bufferedOutputStream2 = bufferedOutputStream;
            try {
                bufferedOutputStream2.close();
            } catch (Exception e6) {
                this.log.debug(e6.getMessage());
            }
            try {
                objectSecurely.getObjectContent().close();
                throw th;
            } catch (Exception e7) {
                this.log.debug(e7.getMessage());
                throw th;
            }
        }
    }

    @Override // com.amazonaws.services.s3.internal.crypto.S3CryptoModule
    public S3Object getObjectSecurely(GetObjectRequest getObjectRequest) {
        a(getObjectRequest, AmazonS3EncryptionClient.USER_AGENT);
        long[] range = getObjectRequest.getRange();
        if (m() && range != null) {
            throw new SecurityException("Range get is not allowed in strict crypto mode");
        }
        long[] adjustedCryptoRange = EncryptionUtils.getAdjustedCryptoRange(range);
        if (adjustedCryptoRange != null) {
            getObjectRequest.setRange(adjustedCryptoRange[0], adjustedCryptoRange[1]);
        }
        S3Object object = this.s3.getObject(getObjectRequest);
        if (object == null) {
            return null;
        }
        try {
            return h(getObjectRequest, range, adjustedCryptoRange, object);
        } catch (AmazonClientException e2) {
            try {
                object.getObjectContent().close();
            } catch (Exception e3) {
                this.log.debug("Safely ignoring", e3);
            }
            throw e2;
        }
    }

    public final S3Object h(GetObjectRequest getObjectRequest, long[] jArr, long[] jArr2, S3Object s3Object) {
        n nVar = new n(s3Object);
        if (nVar.h()) {
            return j(jArr, jArr2, nVar);
        }
        n l2 = l(getObjectRequest);
        if (l2 != null) {
            try {
                if (l2.i()) {
                    return i(jArr, jArr2, nVar, l2);
                }
                try {
                    l2.e().close();
                } catch (Exception unused) {
                }
            } finally {
                try {
                    l2.e().close();
                } catch (Exception unused2) {
                }
            }
        }
        if (!m()) {
            this.log.warn(String.format("Unable to detect encryption information for object '%s' in bucket '%s'. Returning object without decryption.", s3Object.getKey(), s3Object.getBucketName()));
            f(nVar, jArr, null);
            return nVar.g();
        }
        try {
            nVar.close();
        } catch (IOException unused3) {
        }
        throw new SecurityException("S3 object with bucket name: " + s3Object.getBucketName() + ", key: " + s3Object.getKey() + " is not encrypted");
    }

    public final S3Object i(long[] jArr, long[] jArr2, n nVar, n nVar2) {
        Map<String, String> jsonToMap = JsonUtils.jsonToMap(nVar2.l());
        e b2 = e.b(jsonToMap, this.kekMaterialsProvider, this.cryptoConfig.getCryptoProvider(), jArr2);
        q(b2, nVar);
        k(nVar, b2, jArr2);
        f(nVar, jArr, jsonToMap);
        return nVar.g();
    }

    @Override // com.amazonaws.services.s3.internal.crypto.S3CryptoModule
    public InitiateMultipartUploadResult initiateMultipartUploadSecurely(InitiateMultipartUploadRequest initiateMultipartUploadRequest) {
        a(initiateMultipartUploadRequest, AmazonS3EncryptionClient.USER_AGENT);
        e createContentCryptoMaterial = createContentCryptoMaterial(initiateMultipartUploadRequest);
        if (this.cryptoConfig.getStorageMode() == CryptoStorageMode.ObjectMetadata) {
            ObjectMetadata objectMetadata = initiateMultipartUploadRequest.getObjectMetadata();
            if (objectMetadata == null) {
                objectMetadata = new ObjectMetadata();
            }
            initiateMultipartUploadRequest.setObjectMetadata(updateMetadataWithContentCryptoMaterial(objectMetadata, null, createContentCryptoMaterial));
        }
        InitiateMultipartUploadResult initiateMultipartUpload = this.s3.initiateMultipartUpload(initiateMultipartUploadRequest);
        this.multipartUploadContexts.put(initiateMultipartUpload.getUploadId(), new h(initiateMultipartUploadRequest.getBucketName(), initiateMultipartUploadRequest.getKey(), createContentCryptoMaterial));
        return initiateMultipartUpload;
    }

    public final S3Object j(long[] jArr, long[] jArr2, n nVar) {
        e d2 = e.d(nVar.f(), this.kekMaterialsProvider, this.cryptoConfig.getCryptoProvider(), jArr2);
        q(d2, nVar);
        k(nVar, d2, jArr2);
        f(nVar, jArr, null);
        return nVar.g();
    }

    public final n k(n nVar, e eVar, long[] jArr) {
        S3ObjectInputStream e2 = nVar.e();
        nVar.j(new S3ObjectInputStream(new CipherLiteInputStream(e2, eVar.e(), 2048), e2.getHttpRequest()));
        return nVar;
    }

    public final n l(GetObjectRequest getObjectRequest) {
        try {
            S3Object object = this.s3.getObject(EncryptionUtils.createInstructionGetRequest(getObjectRequest));
            if (object == null) {
                return null;
            }
            return new n(object);
        } catch (AmazonServiceException e2) {
            this.log.debug("Unable to retrieve instruction file : " + e2.getMessage());
            return null;
        }
    }

    public boolean m() {
        return false;
    }

    public final CipherLiteInputStream n(UploadPartRequest uploadPartRequest, d dVar) {
        try {
            InputStream inputStream = uploadPartRequest.getInputStream();
            if (uploadPartRequest.getFile() != null) {
                inputStream = new InputSubstream(new RepeatableFileInputStream(uploadPartRequest.getFile()), uploadPartRequest.getFileOffset(), uploadPartRequest.getPartSize(), uploadPartRequest.isLastPart());
            }
            return new CipherLiteInputStream(inputStream, dVar, 2048, true, uploadPartRequest.isLastPart());
        } catch (Exception e2) {
            throw new AmazonClientException("Unable to create cipher input stream: " + e2.getMessage(), e2);
        }
    }

    public final PutObjectResult o(PutObjectRequest putObjectRequest) {
        PutObjectRequest mo7clone = putObjectRequest.mo7clone();
        e createContentCryptoMaterial = createContentCryptoMaterial(putObjectRequest);
        PutObjectResult putObject = this.s3.putObject(wrapWithCipher(putObjectRequest, createContentCryptoMaterial));
        this.s3.putObject(upateInstructionPutRequest(mo7clone, createContentCryptoMaterial));
        return putObject;
    }

    public final PutObjectResult p(PutObjectRequest putObjectRequest) {
        e createContentCryptoMaterial = createContentCryptoMaterial(putObjectRequest);
        PutObjectRequest wrapWithCipher = wrapWithCipher(putObjectRequest, createContentCryptoMaterial);
        putObjectRequest.setMetadata(updateMetadataWithContentCryptoMaterial(putObjectRequest.getMetadata(), putObjectRequest.getFile(), createContentCryptoMaterial));
        return this.s3.putObject(wrapWithCipher);
    }

    @Override // com.amazonaws.services.s3.internal.crypto.S3CryptoModule
    public PutObjectResult putObjectSecurely(PutObjectRequest putObjectRequest) {
        a(putObjectRequest, AmazonS3EncryptionClient.USER_AGENT);
        return this.cryptoConfig.getStorageMode() == CryptoStorageMode.InstructionFile ? o(putObjectRequest) : p(putObjectRequest);
    }

    public void q(e eVar, n nVar) {
    }

    @Override // com.amazonaws.services.s3.internal.crypto.S3CryptoModule
    public UploadPartResult uploadPartSecurely(UploadPartRequest uploadPartRequest) {
        a(uploadPartRequest, AmazonS3EncryptionClient.USER_AGENT);
        int f2 = this.contentCryptoScheme.f();
        boolean isLastPart = uploadPartRequest.isLastPart();
        String uploadId = uploadPartRequest.getUploadId();
        long partSize = uploadPartRequest.getPartSize();
        boolean z = 0 == partSize % ((long) f2);
        if (!isLastPart && !z) {
            throw new AmazonClientException("Invalid part size: part sizes for encrypted multipart uploads must be multiples of the cipher block size (" + f2 + ") with the exception of the last part.");
        }
        h hVar = (h) this.multipartUploadContexts.get(uploadId);
        if (hVar == null) {
            throw new AmazonClientException("No client-side information available on upload ID " + uploadId);
        }
        uploadPartRequest.setInputStream(n(uploadPartRequest, hVar.a()));
        uploadPartRequest.setFile(null);
        uploadPartRequest.setFileOffset(0L);
        if (uploadPartRequest.isLastPart()) {
            uploadPartRequest.setPartSize(partSize + (this.contentCryptoScheme.l() / 8));
            if (hVar.hasFinalPartBeenSeen()) {
                throw new AmazonClientException("This part was specified as the last part in a multipart upload, but a previous part was already marked as the last part.  Only the last part of the upload should be marked as the last part.");
            }
            hVar.setHasFinalPartBeenSeen(true);
        }
        return this.s3.uploadPart(uploadPartRequest);
    }
}
