package com.amazon.identity.auth.device.datastore;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import android.util.Log;
import com.amazon.identity.auth.map.device.utils.MAPLog;
import com.amazon.ion.impl.IonTokenConstsX;
import com.amazonaws.event.ProgressEvent;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Calendar;
import java.util.HashSet;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* compiled from: chromium-Slate.apk-stable-1325000310 */
/* loaded from: classes.dex */
public final class AESEncryptor {
    public static AESEncryptor INSTANCE;
    public final SecretKeySpec mKeySpec;

    public AESEncryptor(Context context) {
        byte[] bArr;
        if (context == null) {
            throw new IllegalArgumentException("Context can not be null");
        }
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (keyStore.containsAlias("LWA_KEYSTORE_ALIAS")) {
            boolean z = MAPLog.IS_FIRST_PARTY_DEBUG_BUILD;
            Log.i("AESEncryptor", "RSA keypair is already generated, returning");
        } else {
            boolean z2 = MAPLog.IS_FIRST_PARTY_DEBUG_BUILD;
            Log.i("AESEncryptor", "Generating RSA keypair...");
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 30);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias("LWA_KEYSTORE_ALIAS").setSubject(new X500Principal("CN=LWA_KEYSTORE_ALIAS")).setSerialNumber(BigInteger.TEN).setKeySize(ProgressEvent.PART_COMPLETED_EVENT_CODE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        }
        String string = context.getSharedPreferences("com.amazon.lwa.LWASharedPreferences", 0).getString("com.amazon.lwa.encryption.key", null);
        if (string != null) {
            PrivateKey privateKey = (PrivateKey) keyStore.getKey("LWA_KEYSTORE_ALIAS", null);
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, privateKey);
            HashSet hashSet = AESEncryptionHelper.EXISTED_VERSIONS;
            bArr = cipher.doFinal(Base64.decode(string, 2));
        } else {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(IonTokenConstsX.ESCAPE_LITTLE_U_MINIMUM);
            byte[] encoded = keyGenerator.generateKey().getEncoded();
            PublicKey publicKey = keyStore.getCertificate("LWA_KEYSTORE_ALIAS").getPublicKey();
            Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher2.init(1, publicKey);
            byte[] doFinal = cipher2.doFinal(encoded);
            HashSet hashSet2 = AESEncryptionHelper.EXISTED_VERSIONS;
            context.getSharedPreferences("com.amazon.lwa.LWASharedPreferences", 0).edit().putString("com.amazon.lwa.encryption.key", doFinal != null ? Base64.encodeToString(doFinal, 2) : null).commit();
            bArr = encoded;
        }
        if (bArr == null) {
            throw new IllegalArgumentException("Encryption key is null!");
        }
        this.mKeySpec = new SecretKeySpec(bArr, "AES");
    }

    public static synchronized AESEncryptor getInstance(Context context) {
        AESEncryptor aESEncryptor;
        synchronized (AESEncryptor.class) {
            try {
                if (INSTANCE == null) {
                    boolean z = MAPLog.IS_FIRST_PARTY_DEBUG_BUILD;
                    INSTANCE = new AESEncryptor(context);
                }
                aESEncryptor = INSTANCE;
            } catch (Throwable th) {
                throw th;
            }
        }
        return aESEncryptor;
    }

    public final String decryptData(String str) {
        boolean z = MAPLog.IS_FIRST_PARTY_DEBUG_BUILD;
        if (str == null) {
            throw new IllegalArgumentException("cipherText is null!");
        }
        String substring = str.substring(7);
        HashSet hashSet = AESEncryptionHelper.EXISTED_VERSIONS;
        byte[] decode = substring == null ? null : Base64.decode(substring, 2);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(decode, 0, 16);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(2, this.mKeySpec, ivParameterSpec);
        byte[] doFinal = cipher.doFinal(decode, 16, decode.length - 16);
        if (doFinal == null) {
            return null;
        }
        try {
            return new String(doFinal, "utf-8");
        } catch (UnsupportedEncodingException e) {
            boolean z2 = MAPLog.IS_FIRST_PARTY_DEBUG_BUILD;
            Log.e("DatabaseHelper", "UTF-8 unsupported from byte to String! Just return null", e);
            return null;
        }
    }

    public final String encryptData(String str) {
        byte[] bArr;
        boolean z = MAPLog.IS_FIRST_PARTY_DEBUG_BUILD;
        if (str == null) {
            throw new IllegalArgumentException("The data to be encrypted is null!");
        }
        byte[] bArr2 = new byte[16];
        new SecureRandom().nextBytes(bArr2);
        HashSet hashSet = AESEncryptionHelper.EXISTED_VERSIONS;
        try {
            bArr = str.getBytes("utf-8");
        } catch (UnsupportedEncodingException e) {
            boolean z2 = MAPLog.IS_FIRST_PARTY_DEBUG_BUILD;
            Log.i("DatabaseHelper", "UTF-8 unsupported from string to byte! Just return null", e);
            bArr = null;
        }
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(1, this.mKeySpec, ivParameterSpec);
        byte[] doFinal = cipher.doFinal(bArr, 0, bArr.length);
        byte[] bArr3 = new byte[doFinal.length + 16];
        System.arraycopy(bArr2, 0, bArr3, 0, 16);
        System.arraycopy(doFinal, 0, bArr3, 16, doFinal.length);
        StringBuilder sb = new StringBuilder("AES_00|");
        HashSet hashSet2 = AESEncryptionHelper.EXISTED_VERSIONS;
        sb.append(Base64.encodeToString(bArr3, 2));
        return sb.toString();
    }
}
