package com.amazon.identity.auth.device.framework;

import android.util.Base64;
import com.amazon.identity.auth.device.utils.MAPLog;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class AESCipher {
    private static final String TAG = AESCipher.class.getName();
    private final SecretKeySpec mKeySpec;

    public AESCipher(byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException("encryption key was null");
        }
        this.mKeySpec = new SecretKeySpec(bArr, "AES");
    }

    private Cipher createAESCipher(int i, String str, AlgorithmParameterSpec algorithmParameterSpec) {
        Cipher cipher = null;
        try {
            cipher = Cipher.getInstance(str);
            cipher.init(i, this.mKeySpec, algorithmParameterSpec);
            return cipher;
        } catch (InvalidAlgorithmParameterException e) {
            MAPLog.e(TAG, "Aborting cipher creation due to the occurrence of invalid algorithm parameters.", e);
            return cipher;
        } catch (InvalidKeyException e2) {
            MAPLog.e(TAG, "Aborting cipher creation because the key was invalid", e2);
            return cipher;
        } catch (NoSuchAlgorithmException e3) {
            MAPLog.e(TAG, "Aborting cipher creation", e3);
            return cipher;
        } catch (NoSuchPaddingException e4) {
            MAPLog.e(TAG, "Aborting cipher creation", e4);
            return cipher;
        }
    }

    public static String generateAesSecureStorageKey() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(128);
            return Base64.encodeToString(keyGenerator.generateKey().getEncoded(), 0);
        } catch (NoSuchAlgorithmException e) {
            MAPLog.e(TAG, "Could not generate a symmetric key for algorithm AES");
            return null;
        }
    }

    public static String generateAesSecureStorageKeyForDevice(SSODeviceInfo sSODeviceInfo) {
        String deviceSerialNumber;
        String deviceSecret = sSODeviceInfo.getDeviceSecret();
        if (deviceSecret != null && (deviceSerialNumber = sSODeviceInfo.getDeviceSerialNumber()) != null) {
            try {
                return Base64.encodeToString(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(deviceSecret.toCharArray(), deviceSerialNumber.getBytes(), 1000, 128)).getEncoded(), 0);
            } catch (GeneralSecurityException e) {
                MAPLog.e(TAG, "Could not generate a symmetric key with PBKDF2");
            }
        }
        return generateAesSecureStorageKey();
    }

    protected static byte[] performCipherOperation(Cipher cipher, byte[] bArr, int i, int i2) {
        if (cipher == null) {
            return null;
        }
        try {
            return cipher.doFinal(bArr, i, i2);
        } catch (Exception e) {
            MAPLog.e(TAG, "Encrypting / Decrypting failed with the given key. Aborting!", e);
            return null;
        }
    }

    public byte[] concat(byte[] bArr, byte[] bArr2) {
        try {
            byte[] bArr3 = new byte[bArr2.length + 16];
            System.arraycopy(bArr, 0, bArr3, 0, 16);
            System.arraycopy(bArr2, 0, bArr3, 16, bArr2.length);
            return bArr3;
        } catch (Exception e) {
            MAPLog.e(TAG, "Exception happended during concatenating the initialization vectors and the cipher text", e);
            return null;
        }
    }

    public byte[] decryptCBCMode(byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException("dataToDecrypt is null");
        }
        return performCipherOperation(createAESCipher(2, "AES/CBC/PKCS7Padding", new IvParameterSpec(bArr, 0, 16)), bArr, 16, bArr.length - 16);
    }

    @Deprecated
    public byte[] decryptECBMode(byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException("dataToDecrypt is null");
        }
        return performCipherOperation(createAESCipher(2, "AES", null), bArr, 0, bArr.length);
    }

    public byte[] encryptCBCMode(byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException("dataToEncrypt is null");
        }
        byte[] bArr2 = new byte[16];
        new SecureRandom().nextBytes(bArr2);
        return concat(bArr2, performCipherOperation(createAESCipher(1, "AES/CBC/PKCS7Padding", new IvParameterSpec(bArr2)), bArr, 0, bArr.length));
    }

    @Deprecated
    public byte[] encryptECBMode(byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException("dataToEncrypt is null");
        }
        return performCipherOperation(createAESCipher(1, "AES", null), bArr, 0, bArr.length);
    }
}
