package com.amazon.identity.auth.device.datastore;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import com.amazon.identity.auth.device.StoredPreferences;
import com.amazon.identity.auth.map.device.utils.MAPLog;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class AESEncryptor {

    /* renamed from: e, reason: collision with root package name */
    public static AESEncryptor f15325e = null;

    /* renamed from: f, reason: collision with root package name */
    public static final String f15326f = "AESEncryptor";

    /* renamed from: a, reason: collision with root package name */
    public final Context f15327a;

    /* renamed from: b, reason: collision with root package name */
    public final byte[] f15328b;

    /* renamed from: c, reason: collision with root package name */
    public final SecretKeySpec f15329c;

    /* renamed from: d, reason: collision with root package name */
    public KeyStore f15330d;

    public AESEncryptor(Context context) {
        if (context == null) {
            throw new IllegalArgumentException("Context can not be null");
        }
        this.f15327a = context;
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        this.f15330d = keyStore;
        keyStore.load(null);
        h(context);
        this.f15328b = j();
        this.f15329c = l();
    }

    public AESEncryptor(Context context, byte[] bArr, SecretKeySpec secretKeySpec, KeyStore keyStore) {
        this.f15327a = context;
        this.f15328b = bArr;
        this.f15329c = secretKeySpec;
        this.f15330d = keyStore;
    }

    public static byte[] g() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    public static synchronized AESEncryptor k(Context context) {
        AESEncryptor aESEncryptor;
        synchronized (AESEncryptor.class) {
            try {
                if (f15325e == null) {
                    MAPLog.c(f15326f, "Creating AESEncryptor for encrypting data");
                    f15325e = new AESEncryptor(context);
                }
                aESEncryptor = f15325e;
            } catch (Throwable th2) {
                throw th2;
            }
        }
        return aESEncryptor;
    }

    public static byte[] m(Cipher cipher, byte[] bArr, int i10, int i11) {
        if (cipher == null) {
            return null;
        }
        return cipher.doFinal(bArr, i10, i11);
    }

    public static byte[] n(Cipher cipher, byte[] bArr) {
        if (cipher == null) {
            return null;
        }
        return cipher.doFinal(bArr);
    }

    public String a(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return "AES_00|" + DataEncryptionUpgradeHelper.a(bArr3);
    }

    public final Cipher b(int i10, String str, AlgorithmParameterSpec algorithmParameterSpec) {
        Cipher cipher = Cipher.getInstance(str);
        cipher.init(i10, this.f15329c, algorithmParameterSpec);
        return cipher;
    }

    public final Cipher c(int i10, String str, Key key) {
        Cipher cipher = Cipher.getInstance(str);
        cipher.init(i10, key);
        return cipher;
    }

    public String d(String str) {
        MAPLog.c(f15326f, "Decrypting data with AES key");
        if (str == null) {
            throw new IllegalArgumentException("cipherText is null!");
        }
        byte[] c10 = DataEncryptionUpgradeHelper.c(str.substring(7));
        return DataEncryptionUpgradeHelper.b(m(b(2, "AES/CBC/PKCS5Padding", new IvParameterSpec(c10, 0, 16)), c10, 16, c10.length - 16));
    }

    public String e(byte[] bArr) {
        MAPLog.c(f15326f, "Encrypting AES encryption key with RSA public key");
        return DataEncryptionUpgradeHelper.a(n(c(1, "RSA/ECB/PKCS1Padding", this.f15330d.getCertificate("LWA_KEYSTORE_ALIAS").getPublicKey()), bArr));
    }

    public String f(String str) {
        MAPLog.c(f15326f, "Encrypting data with AES key");
        if (str == null) {
            throw new IllegalArgumentException("The data to be encrypted is null!");
        }
        byte[] g10 = g();
        byte[] e10 = DataEncryptionUpgradeHelper.e(str);
        return a(g10, m(b(1, "AES/CBC/PKCS5Padding", new IvParameterSpec(g10)), e10, 0, e10.length));
    }

    public void h(Context context) {
        KeyStore keyStore = this.f15330d;
        if (keyStore == null) {
            throw new IllegalArgumentException("Keystore is null!");
        }
        if (keyStore.containsAlias("LWA_KEYSTORE_ALIAS")) {
            MAPLog.g(f15326f, "RSA keypair is already generated, returning");
            return;
        }
        MAPLog.g(f15326f, "Generating RSA keypair...");
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias("LWA_KEYSTORE_ALIAS").setSubject(new X500Principal("CN=LWA_KEYSTORE_ALIAS")).setSerialNumber(BigInteger.TEN).setKeySize(2048).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    public byte[] i(String str) {
        MAPLog.c(f15326f, "Decrypting AES key with RSA private key");
        return n(c(2, "RSA/ECB/PKCS1Padding", (PrivateKey) this.f15330d.getKey("LWA_KEYSTORE_ALIAS", null)), DataEncryptionUpgradeHelper.c(str));
    }

    public byte[] j() {
        String a10 = StoredPreferences.a(this.f15327a);
        if (a10 != null) {
            return i(a10);
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        byte[] encoded = keyGenerator.generateKey().getEncoded();
        StoredPreferences.g(this.f15327a, e(encoded));
        return encoded;
    }

    public SecretKeySpec l() {
        if (this.f15328b == null) {
            throw new IllegalArgumentException("Encryption key is null!");
        }
        MAPLog.c(f15326f, "Generate keyspec with given encryption key");
        return new SecretKeySpec(this.f15328b, "AES");
    }

    public void o() {
        f15325e = null;
    }
}
