package com.amazon.mShop.wormhole.utility;

import com.amazon.crypto.AmazonSecureRandom;
import com.amazon.mShop.util.DebugUtil;
import com.amazon.mShop.wormhole.constants.ErrorCode;
import com.amazon.mShop.wormhole.constants.WormholeConstants;
import com.amazon.mShop.wormhole.model.exception.WormholeNonRetryableException;
import com.google.common.base.Preconditions;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.inject.Inject;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes13.dex */
public class AesGcmCryptoUtility {
    private static final String AES_ALGORITHM = "AES";
    private static final String AES_GCM_ALGORITHM = "AES/GCM/NoPadding";
    private static final int IV_BYTE_LENGTH = 12;
    private static final String TAG = "AesGcmCryptoUtility";
    private static final int TAG_BIT_LENGTH = 128;
    private String KEY_IDENTIFIER_PERSONALIZATION_STRING = "WormholeService";

    @Inject
    public AesGcmCryptoUtility() {
    }

    private byte[] generateIV(int i) {
        return generateRandomBytes(this.KEY_IDENTIFIER_PERSONALIZATION_STRING, i);
    }

    private static byte[] generateRandomBytes(String str, int i) {
        Preconditions.checkArgument(StringUtils.isNotBlank(str), String.format(WormholeConstants.DATA_UNDEFINED_FORMAT, "Personalization string"));
        byte[] bArr = new byte[i];
        getSecureRandomGeneratorAlgorithm(str).nextBytes(bArr);
        return bArr;
    }

    private static SecureRandom getSecureRandomGeneratorAlgorithm(String str) {
        try {
            return new AmazonSecureRandom(str);
        } catch (NoSuchAlgorithmException e) {
            DebugUtil.Log.e(TAG, "AmazonSecureRandom algorithm is not available. Reverting to default random number algorithm.", e);
            return new SecureRandom();
        }
    }

    private byte[] pack(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + 12];
        System.arraycopy(bArr2, 0, bArr3, 0, 12);
        System.arraycopy(bArr, 0, bArr3, 12, bArr.length);
        return bArr3;
    }

    private byte[] unpackCipherText(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length - 12];
        System.arraycopy(bArr, 12, bArr2, 0, bArr.length - 12);
        return bArr2;
    }

    private byte[] unpackIV(byte[] bArr) {
        byte[] bArr2 = new byte[12];
        System.arraycopy(bArr, 0, bArr2, 0, 12);
        return bArr2;
    }

    public String convertSecretKeyToString(SecretKey secretKey) {
        Preconditions.checkArgument(Objects.nonNull(secretKey), String.format(WormholeConstants.DATA_NULL_FORMAT, "secretKey"));
        return Base64.getEncoder().encodeToString(secretKey.getEncoded());
    }

    public String decrypt(SecretKey secretKey, String str, String str2) throws WormholeNonRetryableException {
        Preconditions.checkArgument(Objects.nonNull(secretKey), String.format(WormholeConstants.DATA_UNDEFINED_FORMAT, "Secret Key"));
        Preconditions.checkArgument(StringUtils.isNotBlank(str), String.format(WormholeConstants.DATA_UNDEFINED_FORMAT, "CipherText"));
        Preconditions.checkArgument(StringUtils.isNotBlank(str2), String.format(WormholeConstants.DATA_UNDEFINED_FORMAT, "Additional Authenticated Data"));
        try {
            Cipher cipher = Cipher.getInstance(AES_GCM_ALGORITHM);
            byte[] decode = Base64.getDecoder().decode(str);
            byte[] unpackCipherText = unpackCipherText(decode);
            cipher.init(2, secretKey, new GCMParameterSpec(128, unpackIV(decode)));
            cipher.updateAAD(str2.getBytes(StandardCharsets.UTF_8));
            return new String(cipher.doFinal(unpackCipherText), StandardCharsets.UTF_8);
        } catch (IllegalArgumentException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new WormholeNonRetryableException(String.format("Exception encountered while encrypting request with mac tag: %s, exception: %s", str2, e.getMessage()), ErrorCode.DECRYPTION_FAILURE);
        }
    }

    public BigInteger encrypt(SecretKey secretKey, String str, String str2) throws WormholeNonRetryableException {
        Preconditions.checkArgument(Objects.nonNull(secretKey), String.format(WormholeConstants.DATA_UNDEFINED_FORMAT, "Secret Key"));
        Preconditions.checkArgument(StringUtils.isNotBlank(str), String.format(WormholeConstants.DATA_UNDEFINED_FORMAT, "PlainText"));
        Preconditions.checkArgument(StringUtils.isNotBlank(str2), String.format(WormholeConstants.DATA_UNDEFINED_FORMAT, "Additional Authenticated Data"));
        try {
            Cipher cipher = Cipher.getInstance(AES_GCM_ALGORITHM);
            byte[] generateIV = generateIV(12);
            cipher.init(1, secretKey, new GCMParameterSpec(128, generateIV));
            cipher.updateAAD(str2.getBytes(StandardCharsets.UTF_8));
            return new BigInteger(pack(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)), generateIV));
        } catch (IllegalArgumentException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new WormholeNonRetryableException(String.format("Exception encountered while encrypting request with mac tag: %s, exception: %s", str2, e.getMessage()), ErrorCode.DECRYPTION_FAILURE);
        }
    }
}
