package com.amazonaws.services.s3.internal.crypto;

import com.amazonaws.services.s3.internal.InputSubstream;
import com.amazonaws.services.s3.internal.Mimetypes;
import com.amazonaws.services.s3.internal.RepeatableCipherInputStream;
import com.amazonaws.services.s3.internal.RepeatableFileInputStream;
import com.fasterxml.jackson.annotation.JsonProperty;
import defpackage.oxa;
import defpackage.pnh;
import defpackage.pni;
import defpackage.pnj;
import defpackage.pnk;
import defpackage.pnl;
import defpackage.pno;
import defpackage.pnp;
import defpackage.pnu;
import defpackage.pnw;
import defpackage.pnx;
import defpackage.pny;
import defpackage.pnz;
import defpackage.pox;
import defpackage.poy;
import defpackage.qlt;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes11.dex */
public class EncryptionUtils {
    private static final String INSTRUCTION_SUFFIX = ".instruction";

    public static pnw adjustOutputToDesiredRange(pnw pnwVar, long[] jArr) {
        if (jArr != null && jArr[0] <= jArr[1]) {
            try {
                pnx dWf = pnwVar.dWf();
                pnwVar.a(new pnx(new AdjustedRangeInputStream(dWf, jArr[0], jArr[1]), dWf.dWg()));
            } catch (IOException e) {
                throw new oxa("Error adjusting output to desired byte range: " + e.getMessage());
            }
        }
        return pnwVar;
    }

    @Deprecated
    public static EncryptionInstruction buildInstructionFromInstructionFile(pnw pnwVar, pni pniVar, Provider provider) {
        return buildInstructionFromInstructionFile(pnwVar, new pny(pniVar), provider);
    }

    public static EncryptionInstruction buildInstructionFromInstructionFile(pnw pnwVar, pnk pnkVar, Provider provider) {
        poy parseJSONInstruction = parseJSONInstruction(pnwVar);
        try {
            byte[] bytes = parseJSONInstruction.getString("x-amz-key").getBytes();
            byte[] bytes2 = parseJSONInstruction.getString("x-amz-iv").getBytes();
            Map<String, String> convertJSONToMap = convertJSONToMap(parseJSONInstruction.getString("x-amz-matdesc"));
            byte[] ah = qlt.ah(bytes);
            byte[] ah2 = qlt.ah(bytes2);
            if (ah == null || ah2 == null || convertJSONToMap == null) {
                throw new oxa(String.format("Necessary encryption info not found in the instruction file '%s' in bucket '%s'", pnwVar.getKey(), pnwVar.getBucketName()));
            }
            pni retrieveOriginalMaterials = retrieveOriginalMaterials(convertJSONToMap, pnkVar);
            if (retrieveOriginalMaterials == null) {
                throw new oxa(String.format("Unable to retrieve the encryption materials that originally encrypted object corresponding to instruction file '%s' in bucket '%s'.", pnwVar.getKey(), pnwVar.getBucketName()));
            }
            SecretKey decryptedSymmetricKey = getDecryptedSymmetricKey(ah, retrieveOriginalMaterials, provider);
            return new EncryptionInstruction(convertJSONToMap, ah, decryptedSymmetricKey, new CipherFactory(decryptedSymmetricKey, 2, ah2, provider));
        } catch (pox e) {
            throw new oxa("Unable to parse retrieved instruction file : " + e.getMessage());
        }
    }

    @Deprecated
    public static EncryptionInstruction buildInstructionFromObjectMetadata(pnw pnwVar, pni pniVar, Provider provider) {
        return buildInstructionFromObjectMetadata(pnwVar, new pny(pniVar), provider);
    }

    public static EncryptionInstruction buildInstructionFromObjectMetadata(pnw pnwVar, pnk pnkVar, Provider provider) {
        pnp dWe = pnwVar.dWe();
        byte[] cryptoBytesFromMetadata = getCryptoBytesFromMetadata("x-amz-key", dWe);
        byte[] cryptoBytesFromMetadata2 = getCryptoBytesFromMetadata("x-amz-iv", dWe);
        Map<String, String> convertJSONToMap = convertJSONToMap(getStringFromMetadata("x-amz-matdesc", dWe));
        if (cryptoBytesFromMetadata == null || cryptoBytesFromMetadata2 == null || convertJSONToMap == null) {
            throw new oxa(String.format("Necessary encryption info not found in the headers of file '%s' in bucket '%s'", pnwVar.getKey(), pnwVar.getBucketName()));
        }
        pni retrieveOriginalMaterials = retrieveOriginalMaterials(convertJSONToMap, pnkVar);
        if (retrieveOriginalMaterials == null) {
            throw new oxa(String.format("Unable to retrieve the encryption materials that originally encrypted file '%s' in bucket '%s'.", pnwVar.getKey(), pnwVar.getBucketName()));
        }
        SecretKey decryptedSymmetricKey = getDecryptedSymmetricKey(cryptoBytesFromMetadata, retrieveOriginalMaterials, provider);
        return new EncryptionInstruction(convertJSONToMap, cryptoBytesFromMetadata, decryptedSymmetricKey, new CipherFactory(decryptedSymmetricKey, 2, cryptoBytesFromMetadata2, provider));
    }

    private static long calculateCryptoContentLength(Cipher cipher, pnu pnuVar, pnp pnpVar) {
        long unencryptedContentLength = getUnencryptedContentLength(pnuVar, pnpVar);
        if (unencryptedContentLength == 0) {
            return 0L;
        }
        if (unencryptedContentLength < 0) {
            return -1L;
        }
        long blockSize = cipher.getBlockSize();
        return (blockSize - (unencryptedContentLength % blockSize)) + unencryptedContentLength;
    }

    public static long calculateCryptoContentLength(Cipher cipher, pnz pnzVar) {
        long j;
        if (pnzVar.file != null) {
            j = pnzVar.pAW > 0 ? pnzVar.pAW : pnzVar.file.length();
        } else {
            if (pnzVar.fuw == null) {
                return -1L;
            }
            j = pnzVar.pAW;
        }
        long blockSize = cipher.getBlockSize();
        return j + (blockSize - (j % blockSize));
    }

    private static poy convertInstructionToJSONObject(EncryptionInstruction encryptionInstruction) {
        poy poyVar = new poy();
        try {
            poy poyVar2 = new poy((Map) encryptionInstruction.getMaterialsDescription());
            byte[] ag = qlt.ag(encryptionInstruction.getSymmetricCipher().getIV());
            byte[] ag2 = qlt.ag(encryptionInstruction.getEncryptedSymmetricKey());
            poyVar.j("x-amz-matdesc", poyVar2.toString());
            poyVar.j("x-amz-key", new String(ag2));
            poyVar.j("x-amz-iv", new String(ag));
        } catch (pox e) {
        }
        return poyVar;
    }

    private static Map<String, String> convertJSONToMap(String str) {
        if (str == null) {
            return null;
        }
        try {
            poy poyVar = new poy(str);
            Iterator keys = poyVar.keys();
            HashMap hashMap = new HashMap();
            while (keys.hasNext()) {
                String str2 = (String) keys.next();
                hashMap.put(str2, poyVar.getString(str2));
            }
            return hashMap;
        } catch (pox e) {
            throw new oxa("Unable to parse encryption materials description from metadata :" + e.getMessage());
        }
    }

    private static String convertStreamToString(InputStream inputStream) throws IOException {
        if (inputStream == null) {
            return JsonProperty.USE_DEFAULT_NAME;
        }
        StringBuilder sb = new StringBuilder();
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    inputStream.close();
                    return sb.toString();
                }
                sb.append(readLine);
            }
        } catch (Throwable th) {
            inputStream.close();
            throw th;
        }
    }

    public static pnh createInstructionDeleteObjectRequest(pnh pnhVar) {
        return new pnh(pnhVar.bucketName, pnhVar.key + INSTRUCTION_SUFFIX);
    }

    public static pnl createInstructionGetRequest(pnl pnlVar) {
        return new pnl(pnlVar.bucketName, pnlVar.key + INSTRUCTION_SUFFIX, pnlVar.versionId);
    }

    public static pnu createInstructionPutRequest(String str, String str2, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(convertInstructionToJSONObject(encryptionInstruction).toString().getBytes());
        pnp pnpVar = new pnp();
        pnpVar.setContentLength(r0.length);
        pnpVar.cs("x-amz-crypto-instr-file", JsonProperty.USE_DEFAULT_NAME);
        return new pnu(str, str2 + INSTRUCTION_SUFFIX, byteArrayInputStream, pnpVar);
    }

    public static pnu createInstructionPutRequest(pnu pnuVar, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(convertInstructionToJSONObject(encryptionInstruction).toString().getBytes());
        pnp pnpVar = pnuVar.pAL;
        pnpVar.setContentLength(r0.length);
        pnpVar.cs("x-amz-crypto-instr-file", JsonProperty.USE_DEFAULT_NAME);
        pnuVar.key += INSTRUCTION_SUFFIX;
        pnuVar.pAL = pnpVar;
        pnuVar.fuw = byteArrayInputStream;
        return pnuVar;
    }

    public static Cipher createSymmetricCipher(SecretKey secretKey, int i, Provider provider, byte[] bArr) {
        try {
            Cipher cipher = provider != null ? Cipher.getInstance(JceEncryptionConstants.SYMMETRIC_CIPHER_METHOD, provider) : Cipher.getInstance(JceEncryptionConstants.SYMMETRIC_CIPHER_METHOD);
            if (bArr != null) {
                cipher.init(i, secretKey, new IvParameterSpec(bArr));
            } else {
                cipher.init(i, secretKey);
            }
            return cipher;
        } catch (Exception e) {
            throw new oxa("Unable to build cipher: " + e.getMessage() + "\nMake sure you have the JCE unlimited strength policy files installed and configured for your JVM: http://www.ngs.ac.uk/tools/jcepolicyfiles", e);
        }
    }

    public static pnw decryptObjectUsingInstruction(pnw pnwVar, EncryptionInstruction encryptionInstruction) {
        pnx dWf = pnwVar.dWf();
        pnwVar.a(new pnx(new RepeatableCipherInputStream(dWf, encryptionInstruction.getCipherFactory()), dWf.dWg()));
        return pnwVar;
    }

    @Deprecated
    public static pnw decryptObjectUsingMetadata(pnw pnwVar, pni pniVar, Provider provider) {
        return decryptObjectUsingInstruction(pnwVar, buildInstructionFromObjectMetadata(pnwVar, pniVar, provider));
    }

    public static pnu encryptRequestUsingInstruction(pnu pnuVar, EncryptionInstruction encryptionInstruction) {
        pnp pnpVar = pnuVar.pAL;
        if (pnpVar == null) {
            pnpVar = new pnp();
        }
        if (pnpVar.dWa() != null) {
            pnpVar.cs("x-amz-unencrypted-content-md5", pnpVar.dWa());
        }
        pnpVar.Ed(null);
        long unencryptedContentLength = getUnencryptedContentLength(pnuVar, pnpVar);
        if (unencryptedContentLength >= 0) {
            pnpVar.cs("x-amz-unencrypted-content-length", Long.toString(unencryptedContentLength));
        }
        long calculateCryptoContentLength = calculateCryptoContentLength(encryptionInstruction.getSymmetricCipher(), pnuVar, pnpVar);
        if (calculateCryptoContentLength >= 0) {
            pnpVar.setContentLength(calculateCryptoContentLength);
        }
        pnuVar.pAL = pnpVar;
        pnuVar.fuw = getEncryptedInputStream(pnuVar, encryptionInstruction.getCipherFactory());
        pnuVar.file = null;
        return pnuVar;
    }

    @Deprecated
    public static pnu encryptRequestUsingMetadata(pnu pnuVar, pni pniVar, Provider provider) {
        EncryptionInstruction generateInstruction = generateInstruction(pniVar, provider);
        pnu encryptRequestUsingInstruction = encryptRequestUsingInstruction(pnuVar, generateInstruction);
        updateMetadataWithEncryptionInstruction(pnuVar, generateInstruction);
        return encryptRequestUsingInstruction;
    }

    @Deprecated
    public static EncryptionInstruction generateInstruction(pni pniVar, Provider provider) {
        return generateInstruction(new pny(pniVar), provider);
    }

    public static EncryptionInstruction generateInstruction(pnk pnkVar, Provider provider) {
        SecretKey generateOneTimeUseSymmetricKey = generateOneTimeUseSymmetricKey();
        CipherFactory cipherFactory = new CipherFactory(generateOneTimeUseSymmetricKey, 1, null, provider);
        return new EncryptionInstruction(new HashMap(), getEncryptedSymmetricKey(generateOneTimeUseSymmetricKey, pnkVar.dVV(), provider), generateOneTimeUseSymmetricKey, cipherFactory);
    }

    public static SecretKey generateOneTimeUseSymmetricKey() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
            keyGenerator.init(JceEncryptionConstants.SYMMETRIC_KEY_LENGTH, new SecureRandom());
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            throw new oxa("Unable to generate envelope symmetric key:" + e.getMessage(), e);
        }
    }

    public static long[] getAdjustedCryptoRange(long[] jArr) {
        if (jArr == null || jArr[0] > jArr[1]) {
            return null;
        }
        return new long[]{getCipherBlockLowerBound(jArr[0]), getCipherBlockUpperBound(jArr[1])};
    }

    private static long getCipherBlockLowerBound(long j) {
        long j2 = JceEncryptionConstants.SYMMETRIC_CIPHER_BLOCK_SIZE;
        long j3 = (j - (j % j2)) - j2;
        if (j3 < 0) {
            return 0L;
        }
        return j3;
    }

    private static long getCipherBlockUpperBound(long j) {
        long j2 = JceEncryptionConstants.SYMMETRIC_CIPHER_BLOCK_SIZE;
        return j2 + (j2 - (j % j2)) + j;
    }

    private static byte[] getCryptoBytesFromMetadata(String str, pnp pnpVar) throws NullPointerException {
        Map<String, String> dVY = pnpVar.dVY();
        if (dVY == null || !dVY.containsKey(str)) {
            return null;
        }
        return qlt.ah(dVY.get(str).getBytes());
    }

    private static SecretKey getDecryptedSymmetricKey(byte[] bArr, pni pniVar, Provider provider) {
        Key key = pniVar.pAs != null ? pniVar.pAs.getPrivate() : pniVar.symmetricKey;
        try {
            Cipher cipher = provider != null ? Cipher.getInstance(key.getAlgorithm(), provider) : Cipher.getInstance(key.getAlgorithm());
            cipher.init(2, key);
            return new SecretKeySpec(cipher.doFinal(bArr), JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
        } catch (Exception e) {
            throw new oxa("Unable to decrypt symmetric key from object metadata : " + e.getMessage(), e);
        }
    }

    private static InputStream getEncryptedInputStream(pnu pnuVar, CipherFactory cipherFactory) {
        try {
            InputStream inputStream = pnuVar.fuw;
            if (pnuVar.file != null) {
                inputStream = new RepeatableFileInputStream(pnuVar.file);
            }
            return new RepeatableCipherInputStream(inputStream, cipherFactory);
        } catch (Exception e) {
            throw new oxa("Unable to create cipher input stream: " + e.getMessage(), e);
        }
    }

    public static InputStream getEncryptedInputStream(pnz pnzVar, CipherFactory cipherFactory) {
        try {
            InputStream inputStream = pnzVar.fuw;
            if (pnzVar.file != null) {
                inputStream = new InputSubstream(new RepeatableFileInputStream(pnzVar.file), pnzVar.pAX, pnzVar.pAW, pnzVar.pAY);
            }
            FilterInputStream repeatableCipherInputStream = new RepeatableCipherInputStream(inputStream, cipherFactory);
            if (!pnzVar.pAY) {
                repeatableCipherInputStream = new InputSubstream(repeatableCipherInputStream, 0L, pnzVar.pAW, false);
            }
            long j = pnzVar.pAW;
            return new ByteRangeCapturingInputStream(repeatableCipherInputStream, j - cipherFactory.createCipher().getBlockSize(), j);
        } catch (Exception e) {
            throw new oxa("Unable to create cipher input stream: " + e.getMessage(), e);
        }
    }

    public static byte[] getEncryptedSymmetricKey(SecretKey secretKey, pni pniVar, Provider provider) {
        Key key = pniVar.pAs != null ? pniVar.pAs.getPublic() : pniVar.symmetricKey;
        try {
            byte[] encoded = secretKey.getEncoded();
            Cipher cipher = provider != null ? Cipher.getInstance(key.getAlgorithm(), provider) : Cipher.getInstance(key.getAlgorithm());
            cipher.init(1, key);
            return cipher.doFinal(encoded);
        } catch (Exception e) {
            throw new oxa("Unable to encrypt symmetric key: " + e.getMessage(), e);
        }
    }

    private static String getStringFromMetadata(String str, pnp pnpVar) throws NullPointerException {
        Map<String, String> dVY = pnpVar.dVY();
        if (dVY == null || !dVY.containsKey(str)) {
            return null;
        }
        return dVY.get(str);
    }

    private static long getUnencryptedContentLength(pnu pnuVar, pnp pnpVar) {
        if (pnuVar.file != null) {
            return pnuVar.file.length();
        }
        if (pnuVar.fuw == null || pnpVar.getContentLength() <= 0) {
            return -1L;
        }
        return pnpVar.getContentLength();
    }

    public static boolean isEncryptionInfoInInstructionFile(pnw pnwVar) {
        Map<String, String> dVY;
        if (pnwVar == null || (dVY = pnwVar.dWe().dVY()) == null) {
            return false;
        }
        return dVY.containsKey("x-amz-crypto-instr-file");
    }

    public static boolean isEncryptionInfoInMetadata(pnw pnwVar) {
        Map<String, String> dVY = pnwVar.dWe().dVY();
        return dVY != null && dVY.containsKey("x-amz-iv") && dVY.containsKey("x-amz-key") && dVY.containsKey("x-amz-matdesc");
    }

    private static poy parseJSONInstruction(pnw pnwVar) {
        try {
            return new poy(convertStreamToString(pnwVar.dWf()));
        } catch (Exception e) {
            throw new oxa("Error parsing JSON instruction file: " + e.getMessage());
        }
    }

    private static pni retrieveOriginalMaterials(Map<String, String> map, pnj pnjVar) {
        if (pnjVar == null) {
            return null;
        }
        return pnjVar.o(map);
    }

    private static void updateMetadata(pnp pnpVar, byte[] bArr, Cipher cipher, Map<String, String> map) {
        if (bArr != null) {
            pnpVar.cs("x-amz-key", new String(qlt.ag(bArr)));
        }
        pnpVar.cs("x-amz-iv", new String(qlt.ag(cipher.getIV())));
        pnpVar.cs("x-amz-matdesc", new poy((Map) map).toString());
    }

    public static pnp updateMetadataWithEncryptionInfo(pno pnoVar, byte[] bArr, Cipher cipher, Map<String, String> map) {
        pnp pnpVar = pnoVar.pAx;
        if (pnpVar == null) {
            pnpVar = new pnp();
        }
        updateMetadata(pnpVar, bArr, cipher, map);
        return pnpVar;
    }

    public static void updateMetadataWithEncryptionInstruction(pnu pnuVar, EncryptionInstruction encryptionInstruction) {
        byte[] encryptedSymmetricKey = encryptionInstruction.getEncryptedSymmetricKey();
        Cipher symmetricCipher = encryptionInstruction.getSymmetricCipher();
        Map<String, String> materialsDescription = encryptionInstruction.getMaterialsDescription();
        pnp pnpVar = pnuVar.pAL;
        if (pnpVar == null) {
            pnpVar = new pnp();
        }
        if (pnuVar.file != null) {
            pnpVar.setContentType(Mimetypes.getInstance().getMimetype(pnuVar.file));
        }
        updateMetadata(pnpVar, encryptedSymmetricKey, symmetricCipher, materialsDescription);
        pnuVar.pAL = pnpVar;
    }
}
