package com.amazonaws.services.s3.internal.crypto;

import com.amazonaws.services.s3.internal.InputSubstream;
import com.amazonaws.services.s3.internal.Mimetypes;
import com.amazonaws.services.s3.internal.RepeatableCipherInputStream;
import com.amazonaws.services.s3.internal.RepeatableFileInputStream;
import defpackage.psa;
import defpackage.qih;
import defpackage.qii;
import defpackage.qij;
import defpackage.qik;
import defpackage.qil;
import defpackage.qio;
import defpackage.qip;
import defpackage.qiu;
import defpackage.qiw;
import defpackage.qix;
import defpackage.qiy;
import defpackage.qiz;
import defpackage.qjx;
import defpackage.qjy;
import defpackage.swa;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes10.dex */
public class EncryptionUtils {
    private static final String INSTRUCTION_SUFFIX = ".instruction";

    public static qiw adjustOutputToDesiredRange(qiw qiwVar, long[] jArr) {
        if (jArr != null && jArr[0] <= jArr[1]) {
            try {
                qix eQE = qiwVar.eQE();
                qiwVar.a(new qix(new AdjustedRangeInputStream(eQE, jArr[0], jArr[1]), eQE.eQF()));
            } catch (IOException e) {
                throw new psa("Error adjusting output to desired byte range: " + e.getMessage());
            }
        }
        return qiwVar;
    }

    @Deprecated
    public static EncryptionInstruction buildInstructionFromInstructionFile(qiw qiwVar, qii qiiVar, Provider provider) {
        return buildInstructionFromInstructionFile(qiwVar, new qiy(qiiVar), provider);
    }

    public static EncryptionInstruction buildInstructionFromInstructionFile(qiw qiwVar, qik qikVar, Provider provider) {
        qjy parseJSONInstruction = parseJSONInstruction(qiwVar);
        try {
            byte[] bytes = parseJSONInstruction.getString("x-amz-key").getBytes();
            byte[] bytes2 = parseJSONInstruction.getString("x-amz-iv").getBytes();
            Map<String, String> convertJSONToMap = convertJSONToMap(parseJSONInstruction.getString("x-amz-matdesc"));
            byte[] aU = swa.aU(bytes);
            byte[] aU2 = swa.aU(bytes2);
            if (aU == null || aU2 == null || convertJSONToMap == null) {
                throw new psa(String.format("Necessary encryption info not found in the instruction file '%s' in bucket '%s'", qiwVar.getKey(), qiwVar.getBucketName()));
            }
            qii retrieveOriginalMaterials = retrieveOriginalMaterials(convertJSONToMap, qikVar);
            if (retrieveOriginalMaterials == null) {
                throw new psa(String.format("Unable to retrieve the encryption materials that originally encrypted object corresponding to instruction file '%s' in bucket '%s'.", qiwVar.getKey(), qiwVar.getBucketName()));
            }
            SecretKey decryptedSymmetricKey = getDecryptedSymmetricKey(aU, retrieveOriginalMaterials, provider);
            return new EncryptionInstruction(convertJSONToMap, aU, decryptedSymmetricKey, new CipherFactory(decryptedSymmetricKey, 2, aU2, provider));
        } catch (qjx e) {
            throw new psa("Unable to parse retrieved instruction file : " + e.getMessage());
        }
    }

    @Deprecated
    public static EncryptionInstruction buildInstructionFromObjectMetadata(qiw qiwVar, qii qiiVar, Provider provider) {
        return buildInstructionFromObjectMetadata(qiwVar, new qiy(qiiVar), provider);
    }

    public static EncryptionInstruction buildInstructionFromObjectMetadata(qiw qiwVar, qik qikVar, Provider provider) {
        qip eQD = qiwVar.eQD();
        byte[] cryptoBytesFromMetadata = getCryptoBytesFromMetadata("x-amz-key", eQD);
        byte[] cryptoBytesFromMetadata2 = getCryptoBytesFromMetadata("x-amz-iv", eQD);
        Map<String, String> convertJSONToMap = convertJSONToMap(getStringFromMetadata("x-amz-matdesc", eQD));
        if (cryptoBytesFromMetadata == null || cryptoBytesFromMetadata2 == null || convertJSONToMap == null) {
            throw new psa(String.format("Necessary encryption info not found in the headers of file '%s' in bucket '%s'", qiwVar.getKey(), qiwVar.getBucketName()));
        }
        qii retrieveOriginalMaterials = retrieveOriginalMaterials(convertJSONToMap, qikVar);
        if (retrieveOriginalMaterials == null) {
            throw new psa(String.format("Unable to retrieve the encryption materials that originally encrypted file '%s' in bucket '%s'.", qiwVar.getKey(), qiwVar.getBucketName()));
        }
        SecretKey decryptedSymmetricKey = getDecryptedSymmetricKey(cryptoBytesFromMetadata, retrieveOriginalMaterials, provider);
        return new EncryptionInstruction(convertJSONToMap, cryptoBytesFromMetadata, decryptedSymmetricKey, new CipherFactory(decryptedSymmetricKey, 2, cryptoBytesFromMetadata2, provider));
    }

    private static long calculateCryptoContentLength(Cipher cipher, qiu qiuVar, qip qipVar) {
        long unencryptedContentLength = getUnencryptedContentLength(qiuVar, qipVar);
        if (unencryptedContentLength == 0) {
            return 0L;
        }
        if (unencryptedContentLength < 0) {
            return -1L;
        }
        long blockSize = cipher.getBlockSize();
        return (blockSize - (unencryptedContentLength % blockSize)) + unencryptedContentLength;
    }

    public static long calculateCryptoContentLength(Cipher cipher, qiz qizVar) {
        long j;
        if (qizVar.file != null) {
            j = qizVar.pXw > 0 ? qizVar.pXw : qizVar.file.length();
        } else {
            if (qizVar.pNI == null) {
                return -1L;
            }
            j = qizVar.pXw;
        }
        long blockSize = cipher.getBlockSize();
        return j + (blockSize - (j % blockSize));
    }

    private static qjy convertInstructionToJSONObject(EncryptionInstruction encryptionInstruction) {
        qjy qjyVar = new qjy();
        try {
            qjy qjyVar2 = new qjy((Map) encryptionInstruction.getMaterialsDescription());
            byte[] aT = swa.aT(encryptionInstruction.getSymmetricCipher().getIV());
            byte[] aT2 = swa.aT(encryptionInstruction.getEncryptedSymmetricKey());
            qjyVar.l("x-amz-matdesc", qjyVar2.toString());
            qjyVar.l("x-amz-key", new String(aT2));
            qjyVar.l("x-amz-iv", new String(aT));
        } catch (qjx e) {
        }
        return qjyVar;
    }

    private static Map<String, String> convertJSONToMap(String str) {
        if (str == null) {
            return null;
        }
        try {
            qjy qjyVar = new qjy(str);
            Iterator keys = qjyVar.keys();
            HashMap hashMap = new HashMap();
            while (keys.hasNext()) {
                String str2 = (String) keys.next();
                hashMap.put(str2, qjyVar.getString(str2));
            }
            return hashMap;
        } catch (qjx e) {
            throw new psa("Unable to parse encryption materials description from metadata :" + e.getMessage());
        }
    }

    private static String convertStreamToString(InputStream inputStream) throws IOException {
        if (inputStream == null) {
            return "";
        }
        StringBuilder sb = new StringBuilder();
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    inputStream.close();
                    return sb.toString();
                }
                sb.append(readLine);
            }
        } catch (Throwable th) {
            inputStream.close();
            throw th;
        }
    }

    public static qih createInstructionDeleteObjectRequest(qih qihVar) {
        return new qih(qihVar.bucketName, qihVar.key + INSTRUCTION_SUFFIX);
    }

    public static qil createInstructionGetRequest(qil qilVar) {
        return new qil(qilVar.bucketName, qilVar.key + INSTRUCTION_SUFFIX, qilVar.versionId);
    }

    public static qiu createInstructionPutRequest(String str, String str2, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(convertInstructionToJSONObject(encryptionInstruction).toString().getBytes());
        qip qipVar = new qip();
        qipVar.setContentLength(r0.length);
        qipVar.m21do("x-amz-crypto-instr-file", "");
        return new qiu(str, str2 + INSTRUCTION_SUFFIX, byteArrayInputStream, qipVar);
    }

    public static qiu createInstructionPutRequest(qiu qiuVar, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(convertInstructionToJSONObject(encryptionInstruction).toString().getBytes());
        qip qipVar = qiuVar.pXl;
        qipVar.setContentLength(r0.length);
        qipVar.m21do("x-amz-crypto-instr-file", "");
        qiuVar.key += INSTRUCTION_SUFFIX;
        qiuVar.pXl = qipVar;
        qiuVar.pNI = byteArrayInputStream;
        return qiuVar;
    }

    public static Cipher createSymmetricCipher(SecretKey secretKey, int i, Provider provider, byte[] bArr) {
        try {
            Cipher cipher = provider != null ? Cipher.getInstance(JceEncryptionConstants.SYMMETRIC_CIPHER_METHOD, provider) : Cipher.getInstance(JceEncryptionConstants.SYMMETRIC_CIPHER_METHOD);
            if (bArr != null) {
                cipher.init(i, secretKey, new IvParameterSpec(bArr));
            } else {
                cipher.init(i, secretKey);
            }
            return cipher;
        } catch (Exception e) {
            throw new psa("Unable to build cipher: " + e.getMessage() + "\nMake sure you have the JCE unlimited strength policy files installed and configured for your JVM: http://www.ngs.ac.uk/tools/jcepolicyfiles", e);
        }
    }

    public static qiw decryptObjectUsingInstruction(qiw qiwVar, EncryptionInstruction encryptionInstruction) {
        qix eQE = qiwVar.eQE();
        qiwVar.a(new qix(new RepeatableCipherInputStream(eQE, encryptionInstruction.getCipherFactory()), eQE.eQF()));
        return qiwVar;
    }

    @Deprecated
    public static qiw decryptObjectUsingMetadata(qiw qiwVar, qii qiiVar, Provider provider) {
        return decryptObjectUsingInstruction(qiwVar, buildInstructionFromObjectMetadata(qiwVar, qiiVar, provider));
    }

    public static qiu encryptRequestUsingInstruction(qiu qiuVar, EncryptionInstruction encryptionInstruction) {
        qip qipVar = qiuVar.pXl;
        if (qipVar == null) {
            qipVar = new qip();
        }
        if (qipVar.eQz() != null) {
            qipVar.m21do("x-amz-unencrypted-content-md5", qipVar.eQz());
        }
        qipVar.Jv(null);
        long unencryptedContentLength = getUnencryptedContentLength(qiuVar, qipVar);
        if (unencryptedContentLength >= 0) {
            qipVar.m21do("x-amz-unencrypted-content-length", Long.toString(unencryptedContentLength));
        }
        long calculateCryptoContentLength = calculateCryptoContentLength(encryptionInstruction.getSymmetricCipher(), qiuVar, qipVar);
        if (calculateCryptoContentLength >= 0) {
            qipVar.setContentLength(calculateCryptoContentLength);
        }
        qiuVar.pXl = qipVar;
        qiuVar.pNI = getEncryptedInputStream(qiuVar, encryptionInstruction.getCipherFactory());
        qiuVar.file = null;
        return qiuVar;
    }

    @Deprecated
    public static qiu encryptRequestUsingMetadata(qiu qiuVar, qii qiiVar, Provider provider) {
        EncryptionInstruction generateInstruction = generateInstruction(qiiVar, provider);
        qiu encryptRequestUsingInstruction = encryptRequestUsingInstruction(qiuVar, generateInstruction);
        updateMetadataWithEncryptionInstruction(qiuVar, generateInstruction);
        return encryptRequestUsingInstruction;
    }

    @Deprecated
    public static EncryptionInstruction generateInstruction(qii qiiVar, Provider provider) {
        return generateInstruction(new qiy(qiiVar), provider);
    }

    public static EncryptionInstruction generateInstruction(qik qikVar, Provider provider) {
        SecretKey generateOneTimeUseSymmetricKey = generateOneTimeUseSymmetricKey();
        CipherFactory cipherFactory = new CipherFactory(generateOneTimeUseSymmetricKey, 1, null, provider);
        return new EncryptionInstruction(new HashMap(), getEncryptedSymmetricKey(generateOneTimeUseSymmetricKey, qikVar.eQu(), provider), generateOneTimeUseSymmetricKey, cipherFactory);
    }

    public static SecretKey generateOneTimeUseSymmetricKey() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
            keyGenerator.init(JceEncryptionConstants.SYMMETRIC_KEY_LENGTH, new SecureRandom());
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            throw new psa("Unable to generate envelope symmetric key:" + e.getMessage(), e);
        }
    }

    public static long[] getAdjustedCryptoRange(long[] jArr) {
        if (jArr == null || jArr[0] > jArr[1]) {
            return null;
        }
        return new long[]{getCipherBlockLowerBound(jArr[0]), getCipherBlockUpperBound(jArr[1])};
    }

    private static long getCipherBlockLowerBound(long j) {
        long j2 = JceEncryptionConstants.SYMMETRIC_CIPHER_BLOCK_SIZE;
        long j3 = (j - (j % j2)) - j2;
        if (j3 < 0) {
            return 0L;
        }
        return j3;
    }

    private static long getCipherBlockUpperBound(long j) {
        long j2 = JceEncryptionConstants.SYMMETRIC_CIPHER_BLOCK_SIZE;
        return j2 + (j2 - (j % j2)) + j;
    }

    private static byte[] getCryptoBytesFromMetadata(String str, qip qipVar) throws NullPointerException {
        Map<String, String> eQx = qipVar.eQx();
        if (eQx == null || !eQx.containsKey(str)) {
            return null;
        }
        return swa.aU(eQx.get(str).getBytes());
    }

    private static SecretKey getDecryptedSymmetricKey(byte[] bArr, qii qiiVar, Provider provider) {
        Key key = qiiVar.pWS != null ? qiiVar.pWS.getPrivate() : qiiVar.symmetricKey;
        try {
            Cipher cipher = provider != null ? Cipher.getInstance(key.getAlgorithm(), provider) : Cipher.getInstance(key.getAlgorithm());
            cipher.init(2, key);
            return new SecretKeySpec(cipher.doFinal(bArr), JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
        } catch (Exception e) {
            throw new psa("Unable to decrypt symmetric key from object metadata : " + e.getMessage(), e);
        }
    }

    private static InputStream getEncryptedInputStream(qiu qiuVar, CipherFactory cipherFactory) {
        try {
            InputStream inputStream = qiuVar.pNI;
            if (qiuVar.file != null) {
                inputStream = new RepeatableFileInputStream(qiuVar.file);
            }
            return new RepeatableCipherInputStream(inputStream, cipherFactory);
        } catch (Exception e) {
            throw new psa("Unable to create cipher input stream: " + e.getMessage(), e);
        }
    }

    public static InputStream getEncryptedInputStream(qiz qizVar, CipherFactory cipherFactory) {
        try {
            InputStream inputStream = qizVar.pNI;
            if (qizVar.file != null) {
                inputStream = new InputSubstream(new RepeatableFileInputStream(qizVar.file), qizVar.nUu, qizVar.pXw, qizVar.pXx);
            }
            FilterInputStream repeatableCipherInputStream = new RepeatableCipherInputStream(inputStream, cipherFactory);
            if (!qizVar.pXx) {
                repeatableCipherInputStream = new InputSubstream(repeatableCipherInputStream, 0L, qizVar.pXw, false);
            }
            long j = qizVar.pXw;
            return new ByteRangeCapturingInputStream(repeatableCipherInputStream, j - cipherFactory.createCipher().getBlockSize(), j);
        } catch (Exception e) {
            throw new psa("Unable to create cipher input stream: " + e.getMessage(), e);
        }
    }

    public static byte[] getEncryptedSymmetricKey(SecretKey secretKey, qii qiiVar, Provider provider) {
        Key key = qiiVar.pWS != null ? qiiVar.pWS.getPublic() : qiiVar.symmetricKey;
        try {
            byte[] encoded = secretKey.getEncoded();
            Cipher cipher = provider != null ? Cipher.getInstance(key.getAlgorithm(), provider) : Cipher.getInstance(key.getAlgorithm());
            cipher.init(1, key);
            return cipher.doFinal(encoded);
        } catch (Exception e) {
            throw new psa("Unable to encrypt symmetric key: " + e.getMessage(), e);
        }
    }

    private static String getStringFromMetadata(String str, qip qipVar) throws NullPointerException {
        Map<String, String> eQx = qipVar.eQx();
        if (eQx == null || !eQx.containsKey(str)) {
            return null;
        }
        return eQx.get(str);
    }

    private static long getUnencryptedContentLength(qiu qiuVar, qip qipVar) {
        if (qiuVar.file != null) {
            return qiuVar.file.length();
        }
        if (qiuVar.pNI == null || qipVar.getContentLength() <= 0) {
            return -1L;
        }
        return qipVar.getContentLength();
    }

    public static boolean isEncryptionInfoInInstructionFile(qiw qiwVar) {
        Map<String, String> eQx;
        if (qiwVar == null || (eQx = qiwVar.eQD().eQx()) == null) {
            return false;
        }
        return eQx.containsKey("x-amz-crypto-instr-file");
    }

    public static boolean isEncryptionInfoInMetadata(qiw qiwVar) {
        Map<String, String> eQx = qiwVar.eQD().eQx();
        return eQx != null && eQx.containsKey("x-amz-iv") && eQx.containsKey("x-amz-key") && eQx.containsKey("x-amz-matdesc");
    }

    private static qjy parseJSONInstruction(qiw qiwVar) {
        try {
            return new qjy(convertStreamToString(qiwVar.eQE()));
        } catch (Exception e) {
            throw new psa("Error parsing JSON instruction file: " + e.getMessage());
        }
    }

    private static qii retrieveOriginalMaterials(Map<String, String> map, qij qijVar) {
        if (qijVar == null) {
            return null;
        }
        return qijVar.u(map);
    }

    private static void updateMetadata(qip qipVar, byte[] bArr, Cipher cipher, Map<String, String> map) {
        if (bArr != null) {
            qipVar.m21do("x-amz-key", new String(swa.aT(bArr)));
        }
        qipVar.m21do("x-amz-iv", new String(swa.aT(cipher.getIV())));
        qipVar.m21do("x-amz-matdesc", new qjy((Map) map).toString());
    }

    public static qip updateMetadataWithEncryptionInfo(qio qioVar, byte[] bArr, Cipher cipher, Map<String, String> map) {
        qip qipVar = qioVar.pWX;
        if (qipVar == null) {
            qipVar = new qip();
        }
        updateMetadata(qipVar, bArr, cipher, map);
        return qipVar;
    }

    public static void updateMetadataWithEncryptionInstruction(qiu qiuVar, EncryptionInstruction encryptionInstruction) {
        byte[] encryptedSymmetricKey = encryptionInstruction.getEncryptedSymmetricKey();
        Cipher symmetricCipher = encryptionInstruction.getSymmetricCipher();
        Map<String, String> materialsDescription = encryptionInstruction.getMaterialsDescription();
        qip qipVar = qiuVar.pXl;
        if (qipVar == null) {
            qipVar = new qip();
        }
        if (qiuVar.file != null) {
            qipVar.setContentType(Mimetypes.getInstance().getMimetype(qiuVar.file));
        }
        updateMetadata(qipVar, encryptedSymmetricKey, symmetricCipher, materialsDescription);
        qiuVar.pXl = qipVar;
    }
}
