package com.amazonaws.services.s3.internal.crypto;

import com.amazonaws.AmazonClientException;
import com.amazonaws.services.s3.Headers;
import com.amazonaws.services.s3.internal.InputSubstream;
import com.amazonaws.services.s3.internal.RepeatableCipherInputStream;
import com.amazonaws.services.s3.internal.RepeatableFileInputStream;
import com.amazonaws.services.s3.model.DeleteObjectRequest;
import com.amazonaws.services.s3.model.EncryptionMaterials;
import com.amazonaws.services.s3.model.EncryptionMaterialsAccessor;
import com.amazonaws.services.s3.model.EncryptionMaterialsProvider;
import com.amazonaws.services.s3.model.GetObjectRequest;
import com.amazonaws.services.s3.model.InitiateMultipartUploadRequest;
import com.amazonaws.services.s3.model.ObjectMetadata;
import com.amazonaws.services.s3.model.PutObjectRequest;
import com.amazonaws.services.s3.model.S3Object;
import com.amazonaws.services.s3.model.S3ObjectInputStream;
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider;
import com.amazonaws.services.s3.model.UploadPartRequest;
import com.amazonaws.services.s3.util.Mimetypes;
import com.amazonaws.util.Base64;
import com.amazonaws.util.LengthCheckInputStream;
import com.amazonaws.util.StringUtils;
import com.amazonaws.util.json.JsonUtils;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public class EncryptionUtils {

    /* renamed from: a, reason: collision with root package name */
    static final String f31390a = ".instruction";

    private static long A(long j10) {
        long j11 = JceEncryptionConstants.f31404d;
        return j10 + (j11 - (j10 % j11)) + j11;
    }

    private static byte[] B(String str, ObjectMetadata objectMetadata) throws NullPointerException {
        Map<String, String> H = objectMetadata.H();
        if (H == null || !H.containsKey(str)) {
            return null;
        }
        return Base64.b(H.get(str));
    }

    private static SecretKey C(byte[] bArr, EncryptionMaterials encryptionMaterials, Provider provider) {
        Key key = encryptionMaterials.b() != null ? encryptionMaterials.b().getPrivate() : encryptionMaterials.d();
        try {
            Cipher cipher = provider != null ? Cipher.getInstance(key.getAlgorithm(), provider) : Cipher.getInstance(key.getAlgorithm());
            cipher.init(2, key);
            return new SecretKeySpec(cipher.doFinal(bArr), JceEncryptionConstants.f31401a);
        } catch (Exception e10) {
            throw new AmazonClientException("Unable to decrypt symmetric key from object metadata : " + e10.getMessage(), e10);
        }
    }

    public static ByteRangeCapturingInputStream D(UploadPartRequest uploadPartRequest, CipherFactory cipherFactory) {
        try {
            InputStream n10 = uploadPartRequest.n();
            if (uploadPartRequest.j() != null) {
                n10 = new InputSubstream(new RepeatableFileInputStream(uploadPartRequest.j()), uploadPartRequest.k(), uploadPartRequest.s(), uploadPartRequest.w());
            }
            FilterInputStream repeatableCipherInputStream = new RepeatableCipherInputStream(n10, cipherFactory);
            FilterInputStream inputSubstream = !uploadPartRequest.w() ? new InputSubstream(repeatableCipherInputStream, 0L, uploadPartRequest.s(), false) : repeatableCipherInputStream;
            long s10 = uploadPartRequest.s();
            return new ByteRangeCapturingInputStream(inputSubstream, s10 - cipherFactory.a().getBlockSize(), s10);
        } catch (Exception e10) {
            throw new AmazonClientException("Unable to create cipher input stream: " + e10.getMessage(), e10);
        }
    }

    private static InputStream E(PutObjectRequest putObjectRequest, CipherFactory cipherFactory, long j10) {
        try {
            InputStream o10 = putObjectRequest.o();
            if (putObjectRequest.m() != null) {
                o10 = new RepeatableFileInputStream(putObjectRequest.m());
            }
            if (j10 > -1) {
                o10 = new LengthCheckInputStream(o10, j10, false);
            }
            return new RepeatableCipherInputStream(o10, cipherFactory);
        } catch (Exception e10) {
            throw new AmazonClientException("Unable to create cipher input stream: " + e10.getMessage(), e10);
        }
    }

    public static byte[] F(SecretKey secretKey, EncryptionMaterials encryptionMaterials, Provider provider) {
        Key key = encryptionMaterials.b() != null ? encryptionMaterials.b().getPublic() : encryptionMaterials.d();
        try {
            byte[] encoded = secretKey.getEncoded();
            Cipher cipher = provider != null ? Cipher.getInstance(key.getAlgorithm(), provider) : Cipher.getInstance(key.getAlgorithm());
            cipher.init(1, key);
            return cipher.doFinal(encoded);
        } catch (Exception e10) {
            throw new AmazonClientException("Unable to encrypt symmetric key: " + e10.getMessage(), e10);
        }
    }

    private static String G(String str, ObjectMetadata objectMetadata) throws NullPointerException {
        Map<String, String> H = objectMetadata.H();
        if (H == null || !H.containsKey(str)) {
            return null;
        }
        return H.get(str);
    }

    private static long H(PutObjectRequest putObjectRequest, ObjectMetadata objectMetadata) {
        if (putObjectRequest.m() != null) {
            return putObjectRequest.m().length();
        }
        if (putObjectRequest.o() == null || objectMetadata.E("Content-Length") == null) {
            return -1L;
        }
        return objectMetadata.w();
    }

    public static boolean I(S3Object s3Object) {
        Map<String, String> H;
        if (s3Object == null || (H = s3Object.d().H()) == null) {
            return false;
        }
        return H.containsKey(Headers.V);
    }

    public static boolean J(S3Object s3Object) {
        Map<String, String> H = s3Object.d().H();
        return H != null && H.containsKey(Headers.T) && H.containsKey(Headers.R);
    }

    private static Map<String, String> K(S3Object s3Object) {
        try {
            return JsonUtils.e(k(s3Object.c()));
        } catch (Exception e10) {
            throw new AmazonClientException("Error parsing JSON instruction file: " + e10.getMessage());
        }
    }

    private static EncryptionMaterials L(Map<String, String> map, EncryptionMaterialsAccessor encryptionMaterialsAccessor) {
        if (encryptionMaterialsAccessor == null) {
            return null;
        }
        return encryptionMaterialsAccessor.b(map);
    }

    private static void M(ObjectMetadata objectMetadata, byte[] bArr, Cipher cipher, Map<String, String> map) {
        if (bArr != null) {
            objectMetadata.r(Headers.R, Base64.f(bArr));
        }
        objectMetadata.r(Headers.T, Base64.f(cipher.getIV()));
        objectMetadata.r(Headers.U, JsonUtils.f(map));
    }

    public static ObjectMetadata N(InitiateMultipartUploadRequest initiateMultipartUploadRequest, byte[] bArr, Cipher cipher, Map<String, String> map) {
        ObjectMetadata m10 = initiateMultipartUploadRequest.m();
        if (m10 == null) {
            m10 = new ObjectMetadata();
        }
        M(m10, bArr, cipher, map);
        return m10;
    }

    public static void O(PutObjectRequest putObjectRequest, EncryptionInstruction encryptionInstruction) {
        byte[] b10 = encryptionInstruction.b();
        Cipher d10 = encryptionInstruction.d();
        Map<String, String> c10 = encryptionInstruction.c();
        ObjectMetadata q10 = putObjectRequest.q();
        if (q10 == null) {
            q10 = new ObjectMetadata();
        }
        if (putObjectRequest.m() != null) {
            q10.O(Mimetypes.a().b(putObjectRequest.m()));
        }
        M(q10, b10, d10, c10);
        putObjectRequest.C(q10);
    }

    public static S3Object a(S3Object s3Object, long[] jArr) {
        if (jArr == null || jArr[0] > jArr[1]) {
            return s3Object;
        }
        try {
            S3ObjectInputStream c10 = s3Object.c();
            s3Object.k(new S3ObjectInputStream(new AdjustedRangeInputStream(c10, jArr[0], jArr[1]), c10.d()));
            return s3Object;
        } catch (IOException e10) {
            throw new AmazonClientException("Error adjusting output to desired byte range: " + e10.getMessage());
        }
    }

    private static EncryptionInstruction b(EncryptionMaterials encryptionMaterials, Provider provider) {
        SecretKey x10 = x();
        CipherFactory cipherFactory = new CipherFactory(x10, 1, null, provider);
        return new EncryptionInstruction(encryptionMaterials.c(), F(x10, encryptionMaterials, provider), x10, cipherFactory);
    }

    @Deprecated
    public static EncryptionInstruction c(S3Object s3Object, EncryptionMaterials encryptionMaterials, Provider provider) {
        return d(s3Object, new StaticEncryptionMaterialsProvider(encryptionMaterials), provider);
    }

    public static EncryptionInstruction d(S3Object s3Object, EncryptionMaterialsProvider encryptionMaterialsProvider, Provider provider) {
        Map<String, String> K = K(s3Object);
        String str = K.get(Headers.R);
        String str2 = K.get(Headers.T);
        Map<String, String> j10 = j(K.get(Headers.U));
        byte[] b10 = Base64.b(str);
        byte[] b11 = Base64.b(str2);
        if (b10 == null || b11 == null) {
            throw new AmazonClientException(String.format("Necessary encryption info not found in the instruction file '%s' in bucket '%s'", s3Object.b(), s3Object.a()));
        }
        EncryptionMaterials L = L(j10, encryptionMaterialsProvider);
        if (L == null) {
            throw new AmazonClientException(String.format("Unable to retrieve the encryption materials that originally encrypted object corresponding to instruction file '%s' in bucket '%s'.", s3Object.b(), s3Object.a()));
        }
        SecretKey C = C(b10, L, provider);
        return new EncryptionInstruction(j10, b10, C, new CipherFactory(C, 2, b11, provider));
    }

    @Deprecated
    public static EncryptionInstruction e(S3Object s3Object, EncryptionMaterials encryptionMaterials, Provider provider) {
        return f(s3Object, new StaticEncryptionMaterialsProvider(encryptionMaterials), provider);
    }

    public static EncryptionInstruction f(S3Object s3Object, EncryptionMaterialsProvider encryptionMaterialsProvider, Provider provider) {
        ObjectMetadata d10 = s3Object.d();
        byte[] B = B(Headers.R, d10);
        byte[] B2 = B(Headers.T, d10);
        Map<String, String> j10 = j(G(Headers.U, d10));
        if (B == null || B2 == null) {
            throw new AmazonClientException(String.format("Necessary encryption info not found in the headers of file '%s' in bucket '%s'", s3Object.b(), s3Object.a()));
        }
        EncryptionMaterials L = L(j10, encryptionMaterialsProvider);
        if (L == null) {
            throw new AmazonClientException(String.format("Unable to retrieve the encryption materials that originally encrypted file '%s' in bucket '%s'.", s3Object.b(), s3Object.a()));
        }
        SecretKey C = C(B, L, provider);
        return new EncryptionInstruction(j10, B, C, new CipherFactory(C, 2, B2, provider));
    }

    private static long g(Cipher cipher, PutObjectRequest putObjectRequest, ObjectMetadata objectMetadata) {
        long H = H(putObjectRequest, objectMetadata);
        if (H < 0) {
            return -1L;
        }
        long blockSize = cipher.getBlockSize();
        return H + (blockSize - (H % blockSize));
    }

    public static long h(Cipher cipher, UploadPartRequest uploadPartRequest) {
        long s10;
        if (uploadPartRequest.j() != null) {
            s10 = uploadPartRequest.s() > 0 ? uploadPartRequest.s() : uploadPartRequest.j().length();
        } else {
            if (uploadPartRequest.n() == null) {
                return -1L;
            }
            s10 = uploadPartRequest.s();
        }
        long blockSize = cipher.getBlockSize();
        return s10 + (blockSize - (s10 % blockSize));
    }

    private static Map<String, String> i(EncryptionInstruction encryptionInstruction) {
        HashMap hashMap = new HashMap();
        hashMap.put(Headers.U, JsonUtils.f(encryptionInstruction.c()));
        hashMap.put(Headers.R, Base64.f(encryptionInstruction.b()));
        hashMap.put(Headers.T, Base64.f(encryptionInstruction.d().getIV()));
        return hashMap;
    }

    private static Map<String, String> j(String str) {
        if (str == null) {
            return null;
        }
        try {
            return JsonUtils.e(str);
        } catch (AmazonClientException e10) {
            throw new AmazonClientException("Unable to parse encryption materials description from metadata :" + e10.getMessage());
        }
    }

    private static String k(InputStream inputStream) throws IOException {
        if (inputStream == null) {
            return "";
        }
        StringBuilder sb2 = new StringBuilder();
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, StringUtils.f32063b));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    inputStream.close();
                    return sb2.toString();
                }
                sb2.append(readLine);
            }
        } catch (Throwable th) {
            inputStream.close();
            throw th;
        }
    }

    public static DeleteObjectRequest l(DeleteObjectRequest deleteObjectRequest) {
        return new DeleteObjectRequest(deleteObjectRequest.i(), deleteObjectRequest.j() + f31390a);
    }

    public static GetObjectRequest m(GetObjectRequest getObjectRequest) {
        return new GetObjectRequest(getObjectRequest.i(), getObjectRequest.k() + f31390a, getObjectRequest.t());
    }

    public static PutObjectRequest n(PutObjectRequest putObjectRequest, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(JsonUtils.f(i(encryptionInstruction)).getBytes(StringUtils.f32063b));
        ObjectMetadata q10 = putObjectRequest.q();
        q10.M(r5.length);
        q10.r(Headers.V, "");
        putObjectRequest.B(putObjectRequest.p() + f31390a);
        putObjectRequest.C(q10);
        putObjectRequest.A(byteArrayInputStream);
        return putObjectRequest;
    }

    public static PutObjectRequest o(String str, String str2, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(JsonUtils.f(i(encryptionInstruction)).getBytes(StringUtils.f32063b));
        ObjectMetadata objectMetadata = new ObjectMetadata();
        objectMetadata.M(r6.length);
        objectMetadata.r(Headers.V, "");
        return new PutObjectRequest(str, str2 + f31390a, byteArrayInputStream, objectMetadata);
    }

    public static Cipher p(SecretKey secretKey, int i10, Provider provider, byte[] bArr) {
        try {
            Cipher cipher = provider != null ? Cipher.getInstance(JceEncryptionConstants.f31402b, provider) : Cipher.getInstance(JceEncryptionConstants.f31402b);
            if (bArr != null) {
                cipher.init(i10, secretKey, new IvParameterSpec(bArr));
            } else {
                cipher.init(i10, secretKey);
            }
            return cipher;
        } catch (Exception e10) {
            throw new AmazonClientException("Unable to build cipher: " + e10.getMessage() + "\nMake sure you have the JCE unlimited strength policy files installed and configured for your JVM: http://www.ngs.ac.uk/tools/jcepolicyfiles", e10);
        }
    }

    public static S3Object q(S3Object s3Object, EncryptionInstruction encryptionInstruction) {
        S3ObjectInputStream c10 = s3Object.c();
        s3Object.k(new S3ObjectInputStream(new RepeatableCipherInputStream(c10, encryptionInstruction.a()), c10.d()));
        return s3Object;
    }

    @Deprecated
    public static S3Object r(S3Object s3Object, EncryptionMaterials encryptionMaterials, Provider provider) {
        return q(s3Object, e(s3Object, encryptionMaterials, provider));
    }

    public static PutObjectRequest s(PutObjectRequest putObjectRequest, EncryptionInstruction encryptionInstruction) {
        ObjectMetadata q10 = putObjectRequest.q();
        if (q10 == null) {
            q10 = new ObjectMetadata();
        }
        if (q10.x() != null) {
            q10.r(Headers.X, q10.x());
        }
        q10.N(null);
        long H = H(putObjectRequest, q10);
        if (H >= 0) {
            q10.r(Headers.W, Long.toString(H));
        }
        long g10 = g(encryptionInstruction.d(), putObjectRequest, q10);
        if (g10 >= 0) {
            q10.M(g10);
        }
        putObjectRequest.C(q10);
        putObjectRequest.A(E(putObjectRequest, encryptionInstruction.a(), H));
        putObjectRequest.y(null);
        return putObjectRequest;
    }

    @Deprecated
    public static PutObjectRequest t(PutObjectRequest putObjectRequest, EncryptionMaterials encryptionMaterials, Provider provider) {
        EncryptionInstruction u10 = u(encryptionMaterials, provider);
        PutObjectRequest s10 = s(putObjectRequest, u10);
        O(putObjectRequest, u10);
        return s10;
    }

    @Deprecated
    public static EncryptionInstruction u(EncryptionMaterials encryptionMaterials, Provider provider) {
        return v(new StaticEncryptionMaterialsProvider(encryptionMaterials), provider);
    }

    public static EncryptionInstruction v(EncryptionMaterialsProvider encryptionMaterialsProvider, Provider provider) {
        return b(encryptionMaterialsProvider.c(), provider);
    }

    public static EncryptionInstruction w(EncryptionMaterialsProvider encryptionMaterialsProvider, Map<String, String> map, Provider provider) {
        return b(encryptionMaterialsProvider.b(map), provider);
    }

    public static SecretKey x() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.f31401a);
            keyGenerator.init(JceEncryptionConstants.f31403c, new SecureRandom());
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e10) {
            throw new AmazonClientException("Unable to generate envelope symmetric key:" + e10.getMessage(), e10);
        }
    }

    public static long[] y(long[] jArr) {
        if (jArr == null) {
            return null;
        }
        long j10 = jArr[0];
        if (j10 > jArr[1]) {
            return null;
        }
        return new long[]{z(j10), A(jArr[1])};
    }

    private static long z(long j10) {
        long j11 = JceEncryptionConstants.f31404d;
        long j12 = (j10 - (j10 % j11)) - j11;
        if (j12 < 0) {
            return 0L;
        }
        return j12;
    }
}
