package com.amazon.identity.auth.device.token;

import android.content.Context;
import android.os.Build;
import android.os.Bundle;
import android.util.Base64;
import com.amazon.identity.auth.device.api.MAPError;
import com.amazon.identity.auth.device.api.TokenKeys;
import com.amazon.identity.auth.device.g6;
import com.amazon.identity.auth.device.jb;
import com.amazon.identity.auth.device.oa;
import com.amazon.identity.auth.device.ob;
import com.amazon.identity.auth.device.storage.KeystoreProvider;
import com.amazon.identity.auth.device.utils.AccountConstants;
import com.amazon.identity.auth.device.v6;
import com.amazon.identity.auth.device.y7;
import com.amazon.identity.mobi.common.utils.SystemWrapper;
import java.security.KeyStoreException;
import java.util.Locale;
import java.util.concurrent.TimeUnit;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: DCP */
/* loaded from: classes7.dex */
public final class MobileAuthEncryptionKeyManager {

    /* renamed from: c, reason: collision with root package name */
    private static final long f2237c;

    /* renamed from: d, reason: collision with root package name */
    private static final long f2238d;

    /* renamed from: a, reason: collision with root package name */
    private final oa f2239a;

    /* renamed from: b, reason: collision with root package name */
    private final SystemWrapper f2240b;

    /* compiled from: DCP */
    /* loaded from: classes7.dex */
    public static final class MobileAuthEncryptionKeyManagerException extends Exception {
        private static final long serialVersionUID = -7354549861193710767L;
        private final MAPError mError;
        private final String mErrorMessage;

        public MobileAuthEncryptionKeyManagerException(MAPError.CommonError commonError, String str, Exception exc) {
            super(exc.getMessage(), exc);
            this.mError = commonError;
            this.mErrorMessage = str;
        }

        public MobileAuthEncryptionKeyManagerException(MAPError mAPError, String str) {
            super(str);
            this.mError = mAPError;
            this.mErrorMessage = str;
        }

        public final MAPError a() {
            return this.mError;
        }

        public final String b() {
            return this.mErrorMessage;
        }
    }

    /* compiled from: DCP */
    /* loaded from: classes7.dex */
    public static final class a {

        /* renamed from: a, reason: collision with root package name */
        private final String f2241a;

        /* renamed from: b, reason: collision with root package name */
        private final String f2242b;

        /* renamed from: c, reason: collision with root package name */
        private final long f2243c;

        /* renamed from: d, reason: collision with root package name */
        private final long f2244d;

        public a(String str, String str2, long j2, long j3) {
            this.f2241a = str;
            this.f2242b = str2;
            this.f2243c = j2;
            this.f2244d = j3;
        }
    }

    static {
        TimeUnit timeUnit = TimeUnit.MILLISECONDS;
        f2237c = jb.a(259200L, timeUnit);
        f2238d = jb.a(60L, timeUnit);
    }

    public MobileAuthEncryptionKeyManager(Context context) {
        oa a2 = oa.a(context);
        this.f2239a = a2;
        this.f2240b = (SystemWrapper) a2.getSystemService("dcp_system");
    }

    private a a(ob obVar, String str, String str2, String str3) throws JSONException {
        JSONObject jSONObject = new y7(this.f2239a, str3, str, str2).c(obVar).f1907a;
        return new a(jSONObject.getString("encryptionKey"), jSONObject.getString("keyIdentifier"), Long.parseLong(jSONObject.getJSONObject("keyMetadata").getString("keyVersion")), Long.parseLong(jSONObject.getJSONObject("keyMetadata").getString("creationTime")));
    }

    private static String a(String str, String str2, String str3) {
        return String.format("%s%s%s", str, str3, str2);
    }

    private static void a(KeystoreProvider keystoreProvider, g6 g6Var, a aVar, String str) throws KeyStoreException {
        byte[] decode = Base64.decode(aVar.f2241a, 0);
        keystoreProvider.a(new SecretKeySpec(decode, 0, decode.length, "AES"));
        g6Var.a(a(AccountConstants.TOKEN_TYPE_AMAZON_MOBILE_AUTH_ENCRYPTION_KEY_IDENTIFIER, str, "."), aVar.f2242b);
        g6Var.a(a(AccountConstants.TOKEN_TYPE_AMAZON_MOBILE_AUTH_ENCRYPTION_KEY_VERSION, str, "."), aVar.f2243c);
        g6Var.a(a(AccountConstants.TOKEN_TYPE_AMAZON_MOBILE_AUTH_ENCRYPTION_KEY_CREATION_TIME, str, "."), aVar.f2244d);
    }

    private boolean a(g6 g6Var, String str) {
        return (g6Var.c(String.format("%s.%s", AccountConstants.TOKEN_TYPE_AMAZON_MOBILE_AUTH_ENCRYPTION_KEY_CREATION_TIME, str)) + f2237c) + f2238d <= this.f2240b.currentTimeMillis();
    }

    private void b(String str, ob obVar) throws MobileAuthEncryptionKeyManagerException {
        if (this.f2239a.a() == null) {
            v6.a("MobileAuthEncryptionKeyManager", "MAP data storage is null/invalid.");
            obVar.a("MOBILE_AUTH_GET_ENCRYPTION_KEY:InvalidMAPDataStorage", 1.0d);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, "MAP data storage is null/invalid.");
        }
        if (this.f2239a.a().a(str)) {
            v6.a("MobileAuthEncryptionKeyManager", "Null/Invalid encryption key or key identifier received.");
            obVar.a("MOBILE_AUTH_GET_ENCRYPTION_KEY:KeyNotFoundException", 1.0d);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.AccountError.ACCOUNT_ENCRYPTION_KEY_NOT_FOUND, "Null/Invalid encryption key or key identifier received.");
        }
        v6.a("MobileAuthEncryptionKeyManager", "Account already deregistered. So, no encryption key or key identifier received.");
        obVar.a("MOBILE_AUTH_GET_ENCRYPTION_KEY:AccountDeregistered", 1.0d);
        throw new MobileAuthEncryptionKeyManagerException(MAPError.AccountError.ACCOUNT_ALREADY_DEREGISTERED, "Account already deregistered. So, no encryption key or key identifier received.");
    }

    public final Bundle a(String str, ob obVar) throws MobileAuthEncryptionKeyManagerException {
        int i2 = Build.VERSION.SDK_INT;
        if (i2 < 26) {
            String format = String.format(Locale.US, "Currently GetMobileAuthEncryptionKey operation is not supported in %d version of Android.", Integer.valueOf(i2));
            v6.a("MobileAuthEncryptionKeyManager", format);
            obVar.a("MOBILE_AUTH_GET_ENCRYPTION_KEY:UnsupportedOperation", 1.0d);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.UNSUPPORTED_OPERATION, format);
        }
        try {
            KeystoreProvider keystoreProvider = new KeystoreProvider(a("mobile_auth_storage", str, "_"));
            g6 a2 = g6.a(this.f2239a, "mobile_auth_storage");
            SecretKey b2 = keystoreProvider.b();
            String d2 = a2.d(a(AccountConstants.TOKEN_TYPE_AMAZON_MOBILE_AUTH_ENCRYPTION_KEY_IDENTIFIER, str, "."));
            if (b2 == null || d2 == null || d2.trim().length() == 0) {
                b(str, obVar);
                throw null;
            }
            obVar.a("MOBILE_AUTH_GET_ENCRYPTION_KEY", 1.0d);
            Bundle bundle = new Bundle();
            bundle.putSerializable("value_key", b2);
            bundle.putString(TokenKeys.Options.KEY_MOBILE_AUTH_ENCRYPTION_KEY_ID, d2);
            return bundle;
        } catch (KeystoreProvider.KeystoreProviderException e2) {
            String format2 = String.format("KeystoreProviderException encountered while fetching encryption key. %s", e2.a());
            v6.a("MobileAuthEncryptionKeyManager", format2, e2);
            obVar.a("MOBILE_AUTH_GET_ENCRYPTION_KEY:KeystoreProviderException", 1.0d);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, format2, e2);
        } catch (MobileAuthEncryptionKeyManagerException e3) {
            throw e3;
        } catch (Exception e4) {
            String format3 = String.format("Exception encountered while fetching encryption key. %s", e4.getMessage());
            v6.a("MobileAuthEncryptionKeyManager", format3, e4);
            obVar.a("MOBILE_AUTH_GET_ENCRYPTION_KEY:Exception", 1.0d);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, format3, e4);
        }
    }

    public final boolean a(String str, String str2, ob obVar) throws MobileAuthEncryptionKeyManagerException {
        int i2 = Build.VERSION.SDK_INT;
        if (i2 < 26) {
            String format = String.format(Locale.US, "Currently UpsertMobileAuthEncryptionKey operation is not supported in %d version of Android.", Integer.valueOf(i2));
            v6.a("MobileAuthEncryptionKeyManager", format);
            obVar.a("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY:UnsupportedOperation", 1.0d);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.UNSUPPORTED_OPERATION, format);
        }
        try {
            KeystoreProvider keystoreProvider = new KeystoreProvider(a("mobile_auth_storage", str, "_"));
            g6 a2 = g6.a(this.f2239a, "mobile_auth_storage");
            SecretKey b2 = keystoreProvider.b();
            String d2 = a2.d(a(AccountConstants.TOKEN_TYPE_AMAZON_MOBILE_AUTH_ENCRYPTION_KEY_IDENTIFIER, str, "."));
            if (b2 != null && d2 != null && d2.trim().length() != 0 && !a(a2, str)) {
                return false;
            }
            a(keystoreProvider, a2, a(obVar, str2, d2, str), str);
            obVar.a("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY", 1.0d);
            return true;
        } catch (KeystoreProvider.KeystoreProviderException e2) {
            String format2 = String.format("KeystoreProviderException encountered while creating or updating encryption key. %s", e2.a());
            v6.a("MobileAuthEncryptionKeyManager", format2, e2);
            obVar.a("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY:KeystoreProviderException", 1.0d);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, format2, e2);
        } catch (JSONException e3) {
            String format3 = String.format("JSONException encountered while parsing MobileAuthEncryptionKey response. %s", e3.getMessage());
            v6.a("MobileAuthEncryptionKeyManager", format3, e3);
            obVar.a("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY:JSONException", 1.0d);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INVALID_RESPONSE, format3, e3);
        } catch (Exception e4) {
            String format4 = String.format("Exception encountered while creating or updating encryption key. %s", e4.getMessage());
            v6.a("MobileAuthEncryptionKeyManager", format4, e4);
            obVar.a("MOBILE_AUTH_UPSERT_ENCRYPTION_KEY:Exception", 1.0d);
            throw new MobileAuthEncryptionKeyManagerException(MAPError.CommonError.INTERNAL_ERROR, format4, e4);
        }
    }
}
