package com.amazonaws.services.s3.internal.crypto;

import com.amazonaws.services.s3.internal.InputSubstream;
import com.amazonaws.services.s3.internal.Mimetypes;
import com.amazonaws.services.s3.internal.RepeatableCipherInputStream;
import com.amazonaws.services.s3.internal.RepeatableFileInputStream;
import com.fasterxml.jackson.annotation.JsonProperty;
import defpackage.nwt;
import defpackage.ona;
import defpackage.onb;
import defpackage.onc;
import defpackage.ond;
import defpackage.one;
import defpackage.onh;
import defpackage.oni;
import defpackage.onn;
import defpackage.onp;
import defpackage.onq;
import defpackage.onr;
import defpackage.ons;
import defpackage.ooq;
import defpackage.oor;
import defpackage.pvi;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes11.dex */
public class EncryptionUtils {
    private static final String INSTRUCTION_SUFFIX = ".instruction";

    public static onp adjustOutputToDesiredRange(onp onpVar, long[] jArr) {
        if (jArr != null && jArr[0] <= jArr[1]) {
            try {
                onq emh = onpVar.emh();
                onpVar.a(new onq(new AdjustedRangeInputStream(emh, jArr[0], jArr[1]), emh.emi()));
            } catch (IOException e) {
                throw new nwt("Error adjusting output to desired byte range: " + e.getMessage());
            }
        }
        return onpVar;
    }

    @Deprecated
    public static EncryptionInstruction buildInstructionFromInstructionFile(onp onpVar, onb onbVar, Provider provider) {
        return buildInstructionFromInstructionFile(onpVar, new onr(onbVar), provider);
    }

    public static EncryptionInstruction buildInstructionFromInstructionFile(onp onpVar, ond ondVar, Provider provider) {
        oor parseJSONInstruction = parseJSONInstruction(onpVar);
        try {
            byte[] bytes = parseJSONInstruction.getString("x-amz-key").getBytes();
            byte[] bytes2 = parseJSONInstruction.getString("x-amz-iv").getBytes();
            Map<String, String> convertJSONToMap = convertJSONToMap(parseJSONInstruction.getString("x-amz-matdesc"));
            byte[] X = pvi.X(bytes);
            byte[] X2 = pvi.X(bytes2);
            if (X == null || X2 == null || convertJSONToMap == null) {
                throw new nwt(String.format("Necessary encryption info not found in the instruction file '%s' in bucket '%s'", onpVar.getKey(), onpVar.getBucketName()));
            }
            onb retrieveOriginalMaterials = retrieveOriginalMaterials(convertJSONToMap, ondVar);
            if (retrieveOriginalMaterials == null) {
                throw new nwt(String.format("Unable to retrieve the encryption materials that originally encrypted object corresponding to instruction file '%s' in bucket '%s'.", onpVar.getKey(), onpVar.getBucketName()));
            }
            SecretKey decryptedSymmetricKey = getDecryptedSymmetricKey(X, retrieveOriginalMaterials, provider);
            return new EncryptionInstruction(convertJSONToMap, X, decryptedSymmetricKey, new CipherFactory(decryptedSymmetricKey, 2, X2, provider));
        } catch (ooq e) {
            throw new nwt("Unable to parse retrieved instruction file : " + e.getMessage());
        }
    }

    @Deprecated
    public static EncryptionInstruction buildInstructionFromObjectMetadata(onp onpVar, onb onbVar, Provider provider) {
        return buildInstructionFromObjectMetadata(onpVar, new onr(onbVar), provider);
    }

    public static EncryptionInstruction buildInstructionFromObjectMetadata(onp onpVar, ond ondVar, Provider provider) {
        oni emg = onpVar.emg();
        byte[] cryptoBytesFromMetadata = getCryptoBytesFromMetadata("x-amz-key", emg);
        byte[] cryptoBytesFromMetadata2 = getCryptoBytesFromMetadata("x-amz-iv", emg);
        Map<String, String> convertJSONToMap = convertJSONToMap(getStringFromMetadata("x-amz-matdesc", emg));
        if (cryptoBytesFromMetadata == null || cryptoBytesFromMetadata2 == null || convertJSONToMap == null) {
            throw new nwt(String.format("Necessary encryption info not found in the headers of file '%s' in bucket '%s'", onpVar.getKey(), onpVar.getBucketName()));
        }
        onb retrieveOriginalMaterials = retrieveOriginalMaterials(convertJSONToMap, ondVar);
        if (retrieveOriginalMaterials == null) {
            throw new nwt(String.format("Unable to retrieve the encryption materials that originally encrypted file '%s' in bucket '%s'.", onpVar.getKey(), onpVar.getBucketName()));
        }
        SecretKey decryptedSymmetricKey = getDecryptedSymmetricKey(cryptoBytesFromMetadata, retrieveOriginalMaterials, provider);
        return new EncryptionInstruction(convertJSONToMap, cryptoBytesFromMetadata, decryptedSymmetricKey, new CipherFactory(decryptedSymmetricKey, 2, cryptoBytesFromMetadata2, provider));
    }

    private static long calculateCryptoContentLength(Cipher cipher, onn onnVar, oni oniVar) {
        long unencryptedContentLength = getUnencryptedContentLength(onnVar, oniVar);
        if (unencryptedContentLength == 0) {
            return 0L;
        }
        if (unencryptedContentLength < 0) {
            return -1L;
        }
        long blockSize = cipher.getBlockSize();
        return (blockSize - (unencryptedContentLength % blockSize)) + unencryptedContentLength;
    }

    public static long calculateCryptoContentLength(Cipher cipher, ons onsVar) {
        long j;
        if (onsVar.file != null) {
            j = onsVar.nUx > 0 ? onsVar.nUx : onsVar.file.length();
        } else {
            if (onsVar.nKG == null) {
                return -1L;
            }
            j = onsVar.nUx;
        }
        long blockSize = cipher.getBlockSize();
        return j + (blockSize - (j % blockSize));
    }

    private static oor convertInstructionToJSONObject(EncryptionInstruction encryptionInstruction) {
        oor oorVar = new oor();
        try {
            oor oorVar2 = new oor((Map) encryptionInstruction.getMaterialsDescription());
            byte[] W = pvi.W(encryptionInstruction.getSymmetricCipher().getIV());
            byte[] W2 = pvi.W(encryptionInstruction.getEncryptedSymmetricKey());
            oorVar.k("x-amz-matdesc", oorVar2.toString());
            oorVar.k("x-amz-key", new String(W2));
            oorVar.k("x-amz-iv", new String(W));
        } catch (ooq e) {
        }
        return oorVar;
    }

    private static Map<String, String> convertJSONToMap(String str) {
        if (str == null) {
            return null;
        }
        try {
            oor oorVar = new oor(str);
            Iterator keys = oorVar.keys();
            HashMap hashMap = new HashMap();
            while (keys.hasNext()) {
                String str2 = (String) keys.next();
                hashMap.put(str2, oorVar.getString(str2));
            }
            return hashMap;
        } catch (ooq e) {
            throw new nwt("Unable to parse encryption materials description from metadata :" + e.getMessage());
        }
    }

    private static String convertStreamToString(InputStream inputStream) throws IOException {
        if (inputStream == null) {
            return JsonProperty.USE_DEFAULT_NAME;
        }
        StringBuilder sb = new StringBuilder();
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    inputStream.close();
                    return sb.toString();
                }
                sb.append(readLine);
            }
        } catch (Throwable th) {
            inputStream.close();
            throw th;
        }
    }

    public static ona createInstructionDeleteObjectRequest(ona onaVar) {
        return new ona(onaVar.bucketName, onaVar.key + INSTRUCTION_SUFFIX);
    }

    public static one createInstructionGetRequest(one oneVar) {
        return new one(oneVar.bucketName, oneVar.key + INSTRUCTION_SUFFIX, oneVar.versionId);
    }

    public static onn createInstructionPutRequest(String str, String str2, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(convertInstructionToJSONObject(encryptionInstruction).toString().getBytes());
        oni oniVar = new oni();
        oniVar.setContentLength(r0.length);
        oniVar.cv("x-amz-crypto-instr-file", JsonProperty.USE_DEFAULT_NAME);
        return new onn(str, str2 + INSTRUCTION_SUFFIX, byteArrayInputStream, oniVar);
    }

    public static onn createInstructionPutRequest(onn onnVar, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(convertInstructionToJSONObject(encryptionInstruction).toString().getBytes());
        oni oniVar = onnVar.nUm;
        oniVar.setContentLength(r0.length);
        oniVar.cv("x-amz-crypto-instr-file", JsonProperty.USE_DEFAULT_NAME);
        onnVar.key += INSTRUCTION_SUFFIX;
        onnVar.nUm = oniVar;
        onnVar.nKG = byteArrayInputStream;
        return onnVar;
    }

    public static Cipher createSymmetricCipher(SecretKey secretKey, int i, Provider provider, byte[] bArr) {
        try {
            Cipher cipher = provider != null ? Cipher.getInstance(JceEncryptionConstants.SYMMETRIC_CIPHER_METHOD, provider) : Cipher.getInstance(JceEncryptionConstants.SYMMETRIC_CIPHER_METHOD);
            if (bArr != null) {
                cipher.init(i, secretKey, new IvParameterSpec(bArr));
            } else {
                cipher.init(i, secretKey);
            }
            return cipher;
        } catch (Exception e) {
            throw new nwt("Unable to build cipher: " + e.getMessage() + "\nMake sure you have the JCE unlimited strength policy files installed and configured for your JVM: http://www.ngs.ac.uk/tools/jcepolicyfiles", e);
        }
    }

    public static onp decryptObjectUsingInstruction(onp onpVar, EncryptionInstruction encryptionInstruction) {
        onq emh = onpVar.emh();
        onpVar.a(new onq(new RepeatableCipherInputStream(emh, encryptionInstruction.getCipherFactory()), emh.emi()));
        return onpVar;
    }

    @Deprecated
    public static onp decryptObjectUsingMetadata(onp onpVar, onb onbVar, Provider provider) {
        return decryptObjectUsingInstruction(onpVar, buildInstructionFromObjectMetadata(onpVar, onbVar, provider));
    }

    public static onn encryptRequestUsingInstruction(onn onnVar, EncryptionInstruction encryptionInstruction) {
        oni oniVar = onnVar.nUm;
        if (oniVar == null) {
            oniVar = new oni();
        }
        if (oniVar.emc() != null) {
            oniVar.cv("x-amz-unencrypted-content-md5", oniVar.emc());
        }
        oniVar.BT(null);
        long unencryptedContentLength = getUnencryptedContentLength(onnVar, oniVar);
        if (unencryptedContentLength >= 0) {
            oniVar.cv("x-amz-unencrypted-content-length", Long.toString(unencryptedContentLength));
        }
        long calculateCryptoContentLength = calculateCryptoContentLength(encryptionInstruction.getSymmetricCipher(), onnVar, oniVar);
        if (calculateCryptoContentLength >= 0) {
            oniVar.setContentLength(calculateCryptoContentLength);
        }
        onnVar.nUm = oniVar;
        onnVar.nKG = getEncryptedInputStream(onnVar, encryptionInstruction.getCipherFactory());
        onnVar.file = null;
        return onnVar;
    }

    @Deprecated
    public static onn encryptRequestUsingMetadata(onn onnVar, onb onbVar, Provider provider) {
        EncryptionInstruction generateInstruction = generateInstruction(onbVar, provider);
        onn encryptRequestUsingInstruction = encryptRequestUsingInstruction(onnVar, generateInstruction);
        updateMetadataWithEncryptionInstruction(onnVar, generateInstruction);
        return encryptRequestUsingInstruction;
    }

    @Deprecated
    public static EncryptionInstruction generateInstruction(onb onbVar, Provider provider) {
        return generateInstruction(new onr(onbVar), provider);
    }

    public static EncryptionInstruction generateInstruction(ond ondVar, Provider provider) {
        SecretKey generateOneTimeUseSymmetricKey = generateOneTimeUseSymmetricKey();
        CipherFactory cipherFactory = new CipherFactory(generateOneTimeUseSymmetricKey, 1, null, provider);
        return new EncryptionInstruction(new HashMap(), getEncryptedSymmetricKey(generateOneTimeUseSymmetricKey, ondVar.elX(), provider), generateOneTimeUseSymmetricKey, cipherFactory);
    }

    public static SecretKey generateOneTimeUseSymmetricKey() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
            keyGenerator.init(JceEncryptionConstants.SYMMETRIC_KEY_LENGTH, new SecureRandom());
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            throw new nwt("Unable to generate envelope symmetric key:" + e.getMessage(), e);
        }
    }

    public static long[] getAdjustedCryptoRange(long[] jArr) {
        if (jArr == null || jArr[0] > jArr[1]) {
            return null;
        }
        return new long[]{getCipherBlockLowerBound(jArr[0]), getCipherBlockUpperBound(jArr[1])};
    }

    private static long getCipherBlockLowerBound(long j) {
        long j2 = JceEncryptionConstants.SYMMETRIC_CIPHER_BLOCK_SIZE;
        long j3 = (j - (j % j2)) - j2;
        if (j3 < 0) {
            return 0L;
        }
        return j3;
    }

    private static long getCipherBlockUpperBound(long j) {
        long j2 = JceEncryptionConstants.SYMMETRIC_CIPHER_BLOCK_SIZE;
        return j2 + (j2 - (j % j2)) + j;
    }

    private static byte[] getCryptoBytesFromMetadata(String str, oni oniVar) throws NullPointerException {
        Map<String, String> ema = oniVar.ema();
        if (ema == null || !ema.containsKey(str)) {
            return null;
        }
        return pvi.X(ema.get(str).getBytes());
    }

    private static SecretKey getDecryptedSymmetricKey(byte[] bArr, onb onbVar, Provider provider) {
        Key key = onbVar.nTT != null ? onbVar.nTT.getPrivate() : onbVar.symmetricKey;
        try {
            Cipher cipher = provider != null ? Cipher.getInstance(key.getAlgorithm(), provider) : Cipher.getInstance(key.getAlgorithm());
            cipher.init(2, key);
            return new SecretKeySpec(cipher.doFinal(bArr), JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
        } catch (Exception e) {
            throw new nwt("Unable to decrypt symmetric key from object metadata : " + e.getMessage(), e);
        }
    }

    private static InputStream getEncryptedInputStream(onn onnVar, CipherFactory cipherFactory) {
        try {
            InputStream inputStream = onnVar.nKG;
            if (onnVar.file != null) {
                inputStream = new RepeatableFileInputStream(onnVar.file);
            }
            return new RepeatableCipherInputStream(inputStream, cipherFactory);
        } catch (Exception e) {
            throw new nwt("Unable to create cipher input stream: " + e.getMessage(), e);
        }
    }

    public static InputStream getEncryptedInputStream(ons onsVar, CipherFactory cipherFactory) {
        try {
            InputStream inputStream = onsVar.nKG;
            if (onsVar.file != null) {
                inputStream = new InputSubstream(new RepeatableFileInputStream(onsVar.file), onsVar.nUy, onsVar.nUx, onsVar.nUz);
            }
            FilterInputStream repeatableCipherInputStream = new RepeatableCipherInputStream(inputStream, cipherFactory);
            if (!onsVar.nUz) {
                repeatableCipherInputStream = new InputSubstream(repeatableCipherInputStream, 0L, onsVar.nUx, false);
            }
            long j = onsVar.nUx;
            return new ByteRangeCapturingInputStream(repeatableCipherInputStream, j - cipherFactory.createCipher().getBlockSize(), j);
        } catch (Exception e) {
            throw new nwt("Unable to create cipher input stream: " + e.getMessage(), e);
        }
    }

    public static byte[] getEncryptedSymmetricKey(SecretKey secretKey, onb onbVar, Provider provider) {
        Key key = onbVar.nTT != null ? onbVar.nTT.getPublic() : onbVar.symmetricKey;
        try {
            byte[] encoded = secretKey.getEncoded();
            Cipher cipher = provider != null ? Cipher.getInstance(key.getAlgorithm(), provider) : Cipher.getInstance(key.getAlgorithm());
            cipher.init(1, key);
            return cipher.doFinal(encoded);
        } catch (Exception e) {
            throw new nwt("Unable to encrypt symmetric key: " + e.getMessage(), e);
        }
    }

    private static String getStringFromMetadata(String str, oni oniVar) throws NullPointerException {
        Map<String, String> ema = oniVar.ema();
        if (ema == null || !ema.containsKey(str)) {
            return null;
        }
        return ema.get(str);
    }

    private static long getUnencryptedContentLength(onn onnVar, oni oniVar) {
        if (onnVar.file != null) {
            return onnVar.file.length();
        }
        if (onnVar.nKG == null || oniVar.getContentLength() <= 0) {
            return -1L;
        }
        return oniVar.getContentLength();
    }

    public static boolean isEncryptionInfoInInstructionFile(onp onpVar) {
        Map<String, String> ema;
        if (onpVar == null || (ema = onpVar.emg().ema()) == null) {
            return false;
        }
        return ema.containsKey("x-amz-crypto-instr-file");
    }

    public static boolean isEncryptionInfoInMetadata(onp onpVar) {
        Map<String, String> ema = onpVar.emg().ema();
        return ema != null && ema.containsKey("x-amz-iv") && ema.containsKey("x-amz-key") && ema.containsKey("x-amz-matdesc");
    }

    private static oor parseJSONInstruction(onp onpVar) {
        try {
            return new oor(convertStreamToString(onpVar.emh()));
        } catch (Exception e) {
            throw new nwt("Error parsing JSON instruction file: " + e.getMessage());
        }
    }

    private static onb retrieveOriginalMaterials(Map<String, String> map, onc oncVar) {
        if (oncVar == null) {
            return null;
        }
        return oncVar.n(map);
    }

    private static void updateMetadata(oni oniVar, byte[] bArr, Cipher cipher, Map<String, String> map) {
        if (bArr != null) {
            oniVar.cv("x-amz-key", new String(pvi.W(bArr)));
        }
        oniVar.cv("x-amz-iv", new String(pvi.W(cipher.getIV())));
        oniVar.cv("x-amz-matdesc", new oor((Map) map).toString());
    }

    public static oni updateMetadataWithEncryptionInfo(onh onhVar, byte[] bArr, Cipher cipher, Map<String, String> map) {
        oni oniVar = onhVar.nTY;
        if (oniVar == null) {
            oniVar = new oni();
        }
        updateMetadata(oniVar, bArr, cipher, map);
        return oniVar;
    }

    public static void updateMetadataWithEncryptionInstruction(onn onnVar, EncryptionInstruction encryptionInstruction) {
        byte[] encryptedSymmetricKey = encryptionInstruction.getEncryptedSymmetricKey();
        Cipher symmetricCipher = encryptionInstruction.getSymmetricCipher();
        Map<String, String> materialsDescription = encryptionInstruction.getMaterialsDescription();
        oni oniVar = onnVar.nUm;
        if (oniVar == null) {
            oniVar = new oni();
        }
        if (onnVar.file != null) {
            oniVar.setContentType(Mimetypes.getInstance().getMimetype(onnVar.file));
        }
        updateMetadata(oniVar, encryptedSymmetricKey, symmetricCipher, materialsDescription);
        onnVar.nUm = oniVar;
    }
}
