package com.amazonaws.services.s3.internal.crypto;

import com.amazonaws.AmazonClientException;
import com.amazonaws.services.s3.internal.InputSubstream;
import com.amazonaws.services.s3.internal.RepeatableCipherInputStream;
import com.amazonaws.services.s3.internal.RepeatableFileInputStream;
import com.amazonaws.services.s3.model.EncryptionMaterials;
import com.amazonaws.services.s3.model.EncryptionMaterialsProvider;
import com.amazonaws.services.s3.model.GetObjectRequest;
import com.amazonaws.services.s3.model.InitiateMultipartUploadRequest;
import com.amazonaws.services.s3.model.ObjectMetadata;
import com.amazonaws.services.s3.model.PutObjectRequest;
import com.amazonaws.services.s3.model.UploadPartRequest;
import com.amazonaws.services.s3.util.Mimetypes;
import com.amazonaws.util.Base64;
import com.amazonaws.util.LengthCheckInputStream;
import com.amazonaws.util.StringUtils;
import com.amazonaws.util.json.JsonUtils;
import com.google.common.net.HttpHeaders;
import java.io.ByteArrayInputStream;
import java.io.FilterInputStream;
import java.io.InputStream;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes3.dex */
public class EncryptionUtils {
    private static EncryptionInstruction a(EncryptionMaterials encryptionMaterials, Provider provider) {
        SecretKey l = l();
        CipherFactory cipherFactory = new CipherFactory(l, 1, null, provider);
        return new EncryptionInstruction(encryptionMaterials.b(), r(l, encryptionMaterials, provider), l, cipherFactory);
    }

    private static long b(Cipher cipher, PutObjectRequest putObjectRequest, ObjectMetadata objectMetadata) {
        long s = s(putObjectRequest, objectMetadata);
        if (s < 0) {
            return -1L;
        }
        long blockSize = cipher.getBlockSize();
        return s + (blockSize - (s % blockSize));
    }

    public static long c(Cipher cipher, UploadPartRequest uploadPartRequest) {
        long k;
        if (uploadPartRequest.c() != null) {
            k = uploadPartRequest.k() > 0 ? uploadPartRequest.k() : uploadPartRequest.c().length();
        } else {
            if (uploadPartRequest.g() == null) {
                return -1L;
            }
            k = uploadPartRequest.k();
        }
        long blockSize = cipher.getBlockSize();
        return k + (blockSize - (k % blockSize));
    }

    private static Map<String, String> d(EncryptionInstruction encryptionInstruction) {
        HashMap hashMap = new HashMap();
        hashMap.put("x-amz-matdesc", JsonUtils.e(encryptionInstruction.c()));
        hashMap.put("x-amz-key", Base64.encodeAsString(encryptionInstruction.b()));
        hashMap.put("x-amz-iv", Base64.encodeAsString(encryptionInstruction.d().getIV()));
        return hashMap;
    }

    public static GetObjectRequest e(GetObjectRequest getObjectRequest) {
        return new GetObjectRequest(getObjectRequest.b(), getObjectRequest.d() + ".instruction", getObjectRequest.l());
    }

    public static PutObjectRequest f(PutObjectRequest putObjectRequest, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(JsonUtils.e(d(encryptionInstruction)).getBytes(StringUtils.f960a));
        ObjectMetadata j = putObjectRequest.j();
        j.H(r5.length);
        j.m("x-amz-crypto-instr-file", "");
        putObjectRequest.s(putObjectRequest.i() + ".instruction");
        putObjectRequest.t(j);
        putObjectRequest.r(byteArrayInputStream);
        return putObjectRequest;
    }

    public static PutObjectRequest g(String str, String str2, EncryptionInstruction encryptionInstruction) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(JsonUtils.e(d(encryptionInstruction)).getBytes(StringUtils.f960a));
        ObjectMetadata objectMetadata = new ObjectMetadata();
        objectMetadata.H(r6.length);
        objectMetadata.m("x-amz-crypto-instr-file", "");
        return new PutObjectRequest(str, str2 + ".instruction", byteArrayInputStream, objectMetadata);
    }

    public static Cipher h(SecretKey secretKey, int i, Provider provider, byte[] bArr) {
        try {
            Cipher cipher = provider != null ? Cipher.getInstance(JceEncryptionConstants.b, provider) : Cipher.getInstance(JceEncryptionConstants.b);
            if (bArr != null) {
                cipher.init(i, secretKey, new IvParameterSpec(bArr));
            } else {
                cipher.init(i, secretKey);
            }
            return cipher;
        } catch (Exception e) {
            throw new AmazonClientException("Unable to build cipher: " + e.getMessage() + "\nMake sure you have the JCE unlimited strength policy files installed and configured for your JVM: http://www.ngs.ac.uk/tools/jcepolicyfiles", e);
        }
    }

    public static PutObjectRequest i(PutObjectRequest putObjectRequest, EncryptionInstruction encryptionInstruction) {
        ObjectMetadata j = putObjectRequest.j();
        if (j == null) {
            j = new ObjectMetadata();
        }
        if (j.s() != null) {
            j.m("x-amz-unencrypted-content-md5", j.s());
        }
        j.I(null);
        long s = s(putObjectRequest, j);
        if (s >= 0) {
            j.m("x-amz-unencrypted-content-length", Long.toString(s));
        }
        long b = b(encryptionInstruction.d(), putObjectRequest, j);
        if (b >= 0) {
            j.H(b);
        }
        putObjectRequest.t(j);
        putObjectRequest.r(q(putObjectRequest, encryptionInstruction.a(), s));
        putObjectRequest.p(null);
        return putObjectRequest;
    }

    public static EncryptionInstruction j(EncryptionMaterialsProvider encryptionMaterialsProvider, Provider provider) {
        return a(encryptionMaterialsProvider.b(), provider);
    }

    public static EncryptionInstruction k(EncryptionMaterialsProvider encryptionMaterialsProvider, Map<String, String> map, Provider provider) {
        return a(encryptionMaterialsProvider.a(map), provider);
    }

    public static SecretKey l() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.f908a);
            keyGenerator.init(JceEncryptionConstants.c, new SecureRandom());
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            throw new AmazonClientException("Unable to generate envelope symmetric key:" + e.getMessage(), e);
        }
    }

    public static long[] m(long[] jArr) {
        if (jArr == null || jArr[0] > jArr[1]) {
            return null;
        }
        return new long[]{n(jArr[0]), o(jArr[1])};
    }

    private static long n(long j) {
        long j2 = JceEncryptionConstants.d;
        long j3 = (j - (j % j2)) - j2;
        if (j3 < 0) {
            return 0L;
        }
        return j3;
    }

    private static long o(long j) {
        long j2 = JceEncryptionConstants.d;
        return j + (j2 - (j % j2)) + j2;
    }

    public static ByteRangeCapturingInputStream p(UploadPartRequest uploadPartRequest, CipherFactory cipherFactory) {
        try {
            InputStream g = uploadPartRequest.g();
            if (uploadPartRequest.c() != null) {
                g = new InputSubstream(new RepeatableFileInputStream(uploadPartRequest.c()), uploadPartRequest.d(), uploadPartRequest.k(), uploadPartRequest.n());
            }
            FilterInputStream repeatableCipherInputStream = new RepeatableCipherInputStream(g, cipherFactory);
            FilterInputStream inputSubstream = !uploadPartRequest.n() ? new InputSubstream(repeatableCipherInputStream, 0L, uploadPartRequest.k(), false) : repeatableCipherInputStream;
            long k = uploadPartRequest.k();
            return new ByteRangeCapturingInputStream(inputSubstream, k - cipherFactory.a().getBlockSize(), k);
        } catch (Exception e) {
            throw new AmazonClientException("Unable to create cipher input stream: " + e.getMessage(), e);
        }
    }

    private static InputStream q(PutObjectRequest putObjectRequest, CipherFactory cipherFactory, long j) {
        try {
            InputStream h = putObjectRequest.h();
            if (putObjectRequest.f() != null) {
                h = new RepeatableFileInputStream(putObjectRequest.f());
            }
            if (j > -1) {
                h = new LengthCheckInputStream(h, j, false);
            }
            return new RepeatableCipherInputStream(h, cipherFactory);
        } catch (Exception e) {
            throw new AmazonClientException("Unable to create cipher input stream: " + e.getMessage(), e);
        }
    }

    public static byte[] r(SecretKey secretKey, EncryptionMaterials encryptionMaterials, Provider provider) {
        Key key = encryptionMaterials.a() != null ? encryptionMaterials.a().getPublic() : encryptionMaterials.c();
        try {
            byte[] encoded = secretKey.getEncoded();
            Cipher cipher = provider != null ? Cipher.getInstance(key.getAlgorithm(), provider) : Cipher.getInstance(key.getAlgorithm());
            cipher.init(1, key);
            return cipher.doFinal(encoded);
        } catch (Exception e) {
            throw new AmazonClientException("Unable to encrypt symmetric key: " + e.getMessage(), e);
        }
    }

    private static long s(PutObjectRequest putObjectRequest, ObjectMetadata objectMetadata) {
        if (putObjectRequest.f() != null) {
            return putObjectRequest.f().length();
        }
        if (putObjectRequest.h() == null || objectMetadata.B(HttpHeaders.CONTENT_LENGTH) == null) {
            return -1L;
        }
        return objectMetadata.r();
    }

    private static void t(ObjectMetadata objectMetadata, byte[] bArr, Cipher cipher, Map<String, String> map) {
        if (bArr != null) {
            objectMetadata.m("x-amz-key", Base64.encodeAsString(bArr));
        }
        objectMetadata.m("x-amz-iv", Base64.encodeAsString(cipher.getIV()));
        objectMetadata.m("x-amz-matdesc", JsonUtils.e(map));
    }

    public static ObjectMetadata u(InitiateMultipartUploadRequest initiateMultipartUploadRequest, byte[] bArr, Cipher cipher, Map<String, String> map) {
        ObjectMetadata f = initiateMultipartUploadRequest.f();
        if (f == null) {
            f = new ObjectMetadata();
        }
        t(f, bArr, cipher, map);
        return f;
    }

    public static void v(PutObjectRequest putObjectRequest, EncryptionInstruction encryptionInstruction) {
        byte[] b = encryptionInstruction.b();
        Cipher d = encryptionInstruction.d();
        Map<String, String> c = encryptionInstruction.c();
        ObjectMetadata j = putObjectRequest.j();
        if (j == null) {
            j = new ObjectMetadata();
        }
        if (putObjectRequest.f() != null) {
            j.J(Mimetypes.a().b(putObjectRequest.f()));
        }
        t(j, b, d, c);
        putObjectRequest.t(j);
    }
}
