package com.amazon.identity.auth.device.token;

import android.content.Context;
import android.os.Build;
import android.os.Bundle;
import android.security.keystore.KeyProtection;
import android.util.Base64;
import com.amazon.identity.auth.device.api.MAPError;
import com.amazon.identity.auth.device.e;
import com.amazon.identity.auth.device.f8;
import com.amazon.identity.auth.device.ga;
import com.amazon.identity.auth.device.h7;
import com.amazon.identity.auth.device.storage.KeystoreProvider;
import com.amazon.identity.auth.device.t5;
import com.amazon.identity.auth.device.w5;
import com.amazon.identity.auth.device.wa;
import com.amazon.identity.auth.device.y5;
import com.amazon.identity.auth.device.yd;
import com.amazon.mosaic.common.lib.utils.CryptoUtils;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: DCP */
/* loaded from: classes.dex */
public class MobileAuthEncryptionKeyManager {
    public static final long c;
    public static final long d;
    public static final String e;
    public final t5 a;
    public final w5 b;

    /* compiled from: DCP */
    /* loaded from: classes.dex */
    public static final class MobileAuthEncryptionKeyManagerException extends Exception {
        public final MAPError mError;
        public final String mErrorMessage;

        public MobileAuthEncryptionKeyManagerException(MAPError mAPError, String str) {
            super(str);
            this.mError = mAPError;
            this.mErrorMessage = str;
        }

        public MobileAuthEncryptionKeyManagerException(MAPError mAPError, String str, Throwable th) {
            super(th.getMessage(), th);
            this.mError = mAPError;
            this.mErrorMessage = str;
        }
    }

    /* compiled from: DCP */
    /* loaded from: classes.dex */
    public static final class a {
        public final String a;
        public final String b;
        public final long c;
        public final long d;

        public a(String str, String str2, long j, long j2) {
            this.a = str;
            this.b = str2;
            this.c = j;
            this.d = j2;
        }
    }

    static {
        TimeUnit timeUnit = TimeUnit.MILLISECONDS;
        c = wa.a(180L, timeUnit);
        d = wa.b(1L, timeUnit);
        e = MobileAuthEncryptionKeyManager.class.getName();
    }

    public MobileAuthEncryptionKeyManager(Context context) {
        t5 a2 = t5.a(context);
        this.a = a2;
        this.b = (w5) a2.getSystemService("dcp_system");
    }

    public Bundle a(String str, y5 y5Var) throws MobileAuthEncryptionKeyManagerException {
        int i = Build.VERSION.SDK_INT;
        if (i < 26) {
            String format = String.format("Currently GetMobileAuthEncryptionKey operation is not supported in %d version of Android.", Integer.valueOf(i));
            ga.a(e);
            yd.b("MOBILE_AUTH_GET_ENCRYPTION_KEY:UnsupportedOperation", new String[0]);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.UNSUPPORTED_OPERATION, format);
        }
        try {
            KeystoreProvider keystoreProvider = new KeystoreProvider(a("mobile_auth_storage", str, "_"));
            f8 a2 = f8.a(this.a, "mobile_auth_storage");
            SecretKey a3 = keystoreProvider.a();
            String string = a2.a.getString(a("com.amazon.mobile.auth.encryption_key.identifier", str, "."), null);
            if (a3 == null || e.g(string)) {
                a(str);
                throw null;
            }
            y5Var.b("MOBILE_AUTH_GET_ENCRYPTION_KEY");
            Bundle bundle = new Bundle();
            bundle.putSerializable("value_key", a3);
            bundle.putString("com.amazon.identity.auth.device.api.TokenKeys.Options.MobileAuthEncryptionKeyId", string);
            return bundle;
        } catch (KeystoreProvider.KeystoreProviderException e2) {
            String format2 = String.format("KeystoreProviderException encountered while fetching encryption key. %s", e2.mErrorMessage);
            ga.a(e);
            yd.b("MOBILE_AUTH_GET_ENCRYPTION_KEY:KeystoreProviderException", new String[0]);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, format2, e2);
        } catch (MobileAuthEncryptionKeyManagerException e3) {
            throw e3;
        } catch (Exception e4) {
            String format3 = String.format("Exception encountered while fetching encryption key. %s", e4.getMessage());
            ga.a(e);
            yd.b("MOBILE_AUTH_GET_ENCRYPTION_KEY:Exception", new String[0]);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, format3, e4);
        }
    }

    public final a a(String str, String str2, String str3, y5 y5Var) throws JSONException {
        JSONObject jSONObject = new h7(this.a, str3, str, str2).c(y5Var).a;
        return new a(jSONObject.getString("encryptionKey"), jSONObject.getString("keyIdentifier"), Long.parseLong(jSONObject.getJSONObject("keyMetadata").getString("keyVersion")), Long.parseLong(jSONObject.getJSONObject("keyMetadata").getString("creationTime")));
    }

    public final String a(String str, String str2, String str3) {
        return String.format("%s%s%s", str, str3, str2);
    }

    public final void a(KeystoreProvider keystoreProvider, f8 f8Var, a aVar, String str) throws KeyStoreException {
        byte[] decode = Base64.decode(aVar.a, 0);
        keystoreProvider.a.setEntry(keystoreProvider.b, new KeyStore.SecretKeyEntry(new SecretKeySpec(decode, 0, decode.length, CryptoUtils.AES)), new KeyProtection.Builder(3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        f8Var.a(a("com.amazon.mobile.auth.encryption_key.identifier", str, "."), aVar.b);
        f8Var.a(a("com.amazon.mobile.auth.encryption_key.version", str, "."), aVar.c);
        f8Var.a(a("com.amazon.mobile.auth.encryption_key.creation_time", str, "."), aVar.d);
    }

    public final void a(String str) throws MobileAuthEncryptionKeyManagerException {
        if (this.a.a() == null) {
            ga.a(e);
            yd.b("MOBILE_AUTH_GET_ENCRYPTION_KEY:InvalidMAPDataStorage", new String[0]);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, "MAP data storage is null/invalid.");
        }
        if (this.a.a().a(str)) {
            ga.a(e);
            yd.b("MOBILE_AUTH_GET_ENCRYPTION_KEY:KeyNotFoundException", new String[0]);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.AccountError.ACCOUNT_ENCRYPTION_KEY_NOT_FOUND, "Null/Invalid encryption key or key identifier received.");
        }
        ga.a(e);
        yd.b("MOBILE_AUTH_GET_ENCRYPTION_KEY:AccountDeregistered", new String[0]);
        throw new MobileAuthEncryptionKeyManagerException(MAPError.AccountError.ACCOUNT_ALREADY_DEREGISTERED, "Account already deregistered. So, no encryption key or key identifier received.");
    }

    public final boolean a(f8 f8Var, String str) {
        long j = f8Var.a.getLong(String.format("%s.%s", "com.amazon.mobile.auth.encryption_key.creation_time", str), 0L) + c + d;
        Objects.requireNonNull(this.b);
        return j <= System.currentTimeMillis();
    }

    public boolean a(String str, String str2, y5 y5Var) throws MobileAuthEncryptionKeyManagerException {
        int i = Build.VERSION.SDK_INT;
        if (i < 26) {
            String format = String.format("Currently UpsertMobileAuthEncryptionKey operation is not supported in %d version of Android.", Integer.valueOf(i));
            ga.a(e);
            yd.b("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY:UnsupportedOperation", new String[0]);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.UNSUPPORTED_OPERATION, format);
        }
        try {
            KeystoreProvider keystoreProvider = new KeystoreProvider(a("mobile_auth_storage", str, "_"));
            f8 a2 = f8.a(this.a, "mobile_auth_storage");
            SecretKey a3 = keystoreProvider.a();
            String string = a2.a.getString(a("com.amazon.mobile.auth.encryption_key.identifier", str, "."), null);
            if (a3 != null && !e.g(string) && !a(a2, str)) {
                return false;
            }
            a(keystoreProvider, a2, a(str2, string, str, y5Var), str);
            y5Var.b("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY");
            return true;
        } catch (KeystoreProvider.KeystoreProviderException e2) {
            String format2 = String.format("KeystoreProviderException encountered while creating or updating encryption key. %s", e2.mErrorMessage);
            ga.a(e);
            yd.b("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY:KeystoreProviderException", new String[0]);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, format2, e2);
        } catch (JSONException e3) {
            String format3 = String.format("JSONException encountered while parsing MobileAuthEncryptionKey response. %s", e3.getMessage());
            ga.a(e);
            yd.b("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY:JSONException", new String[0]);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INVALID_RESPONSE, format3, e3);
        } catch (Exception e4) {
            String format4 = String.format("Exception encountered while creating or updating encryption key. %s", e4.getMessage());
            ga.a(e);
            yd.b("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY:Exception", new String[0]);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, format4, e4);
        }
    }
}
