package com.amazon.rabbit.android.data.dao;

import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.SharedPreferences;
import android.database.Cursor;
import android.text.TextUtils;
import android.util.Base64;
import com.amazon.rabbit.android.data.dao.DaoEncryptionManager;
import com.amazon.rabbit.android.data.sync.SntpClient;
import com.amazon.rabbit.android.log.LogUploadHelper;
import com.amazon.rabbit.android.log.RLog;
import com.amazon.rabbit.offlinesupportservice.EncryptionKeyAPI;
import com.google.common.base.Charsets;
import java.lang.ref.WeakReference;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import lombok.NonNull;
import org.joda.time.DateTime;
import org.joda.time.Days;

/* loaded from: classes3.dex */
public class DaoEncryptionManagerImpl implements DaoEncryptionManager {
    protected static final int DEFAULT_KEY_TIME_OUT_IN_DAYS = 30;
    private static final IntentFilter ROTATE_KEY_FILTER = new IntentFilter("com.amazon.rabbit.android.data.dao.encryption.ROTATE_KEY");
    private static final String TAG = "DaoEncryptionManagerImpl";
    private static final String TIME_STAMP_SHARED_PREF_FILE_NAME = "encryption_key_refresh_timestamp_shared_pref";
    private static final String TIME_STAMP_TAG = "encryption_key_refresh_timestamp";

    @NonNull
    final Context mContext;
    final EncryptionKeyAPI mEncryptionKeyApi;
    private byte[] mKey;
    private final List<DaoEncryptionManager.KeyLifecycleCallback> mKeyLifecycleListener;
    final LogUploadHelper mLogUploadHelper;
    private BroadcastReceiver mRotateKeyBroadcastReceiver;

    @NonNull
    final SecureRandom mSecureRandom;

    @NonNull
    final SntpClient mSntpClient;

    /* loaded from: classes3.dex */
    static class RotateKeyBroadcastReceiver extends BroadcastReceiver {
        private WeakReference<DaoEncryptionManagerImpl> mDaoEncryptionManagerRef;

        RotateKeyBroadcastReceiver(DaoEncryptionManagerImpl daoEncryptionManagerImpl) {
            this.mDaoEncryptionManagerRef = new WeakReference<>(daoEncryptionManagerImpl);
        }

        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            DaoEncryptionManagerImpl daoEncryptionManagerImpl = this.mDaoEncryptionManagerRef.get();
            if (daoEncryptionManagerImpl != null) {
                daoEncryptionManagerImpl.updateKey();
            } else {
                context.unregisterReceiver(this);
            }
        }
    }

    public DaoEncryptionManagerImpl(Context context, EncryptionKeyAPI encryptionKeyAPI, SntpClient sntpClient) {
        this(context, encryptionKeyAPI, sntpClient, null);
    }

    public DaoEncryptionManagerImpl(Context context, EncryptionKeyAPI encryptionKeyAPI, SntpClient sntpClient, LogUploadHelper logUploadHelper) {
        this.mKeyLifecycleListener = new ArrayList();
        this.mSecureRandom = new SecureRandom();
        this.mContext = context;
        this.mSntpClient = sntpClient;
        this.mEncryptionKeyApi = encryptionKeyAPI;
        this.mLogUploadHelper = logUploadHelper == null ? LogUploadHelper.NOOP : logUploadHelper;
    }

    private synchronized byte[] getBinaryKey() {
        if (this.mKey == null || this.mKey.length == 0) {
            this.mKey = Base64.decode(getKey(), 0);
        }
        return this.mKey;
    }

    private void refreshKey() {
        SharedPreferences.Editor edit = this.mContext.getSharedPreferences(TIME_STAMP_SHARED_PREF_FILE_NAME, 0).edit();
        edit.putLong(TIME_STAMP_TAG, this.mSntpClient.now().getMillis());
        edit.commit();
        String key = getKey();
        if (!this.mEncryptionKeyApi.refreshKey()) {
            RLog.e(TAG, "Cannot refresh key");
            return;
        }
        String key2 = getKey();
        Iterator<DaoEncryptionManager.KeyLifecycleCallback> it = this.mKeyLifecycleListener.iterator();
        while (it.hasNext()) {
            it.next().onRefreshKey(key, key2);
        }
    }

    public void enableDebugKeyRotation(boolean z) {
        if (z) {
            if (this.mRotateKeyBroadcastReceiver == null) {
                this.mRotateKeyBroadcastReceiver = new RotateKeyBroadcastReceiver(this);
            }
            this.mContext.registerReceiver(this.mRotateKeyBroadcastReceiver, ROTATE_KEY_FILTER);
        } else {
            BroadcastReceiver broadcastReceiver = this.mRotateKeyBroadcastReceiver;
            if (broadcastReceiver != null) {
                this.mContext.unregisterReceiver(broadcastReceiver);
            }
        }
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public String getDecryptionResult(String str, String str2) {
        byte[] decryptionResult = getDecryptionResult(Base64.decode(str, 0), Base64.decode(str2, 0));
        if (decryptionResult == null) {
            return null;
        }
        return new String(decryptionResult, Charsets.UTF_8);
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public byte[] getDecryptionResult(byte[] bArr, byte[] bArr2) {
        Object[] objArr = {TAG, "getDecryptionResult"};
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, new SecretKeySpec(getBinaryKey(), "AES"), new IvParameterSpec(bArr2));
            return cipher.doFinal(bArr);
        } catch (IllegalArgumentException e) {
            e = e;
            throw new MissingDBKeyException("Key is null or empty", e);
        } catch (NullPointerException e2) {
            e = e2;
            throw new MissingDBKeyException("Key is null or empty", e);
        } catch (GeneralSecurityException e3) {
            throw new RuntimeException("Could not decrypt data", e3);
        }
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public DaoEncryptionResult<byte[]> getEncryptionResult(double d) {
        ByteBuffer allocate = ByteBuffer.allocate(8);
        allocate.asDoubleBuffer().put(d);
        return getEncryptionResult(allocate);
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public DaoEncryptionResult<String> getEncryptionResult(String str) {
        DaoEncryptionResult<byte[]> encryptionResult = getEncryptionResult(ByteBuffer.wrap(str.getBytes(Charsets.UTF_8)));
        return new DaoEncryptionResult<>(Base64.encodeToString(encryptionResult.getData(), 0), Base64.encodeToString(encryptionResult.getInitializationVector(), 0));
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public DaoEncryptionResult<byte[]> getEncryptionResult(ByteBuffer byteBuffer) {
        Object[] objArr = {TAG, "getEncryptionResult"};
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, new SecretKeySpec(getBinaryKey(), "AES"), this.mSecureRandom);
            return new DaoEncryptionResult<>(cipher.doFinal(byteBuffer.array(), byteBuffer.arrayOffset(), byteBuffer.limit()), cipher.getIV());
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("Could not encrypt data", e);
        }
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public String getKey() {
        return this.mEncryptionKeyApi.getKey();
    }

    public DateTime getLastKeyUpdateTimestamp() {
        return new DateTime(this.mContext.getSharedPreferences(TIME_STAMP_SHARED_PREF_FILE_NAME, 0).getLong(TIME_STAMP_TAG, this.mSntpClient.now().getMillis()));
    }

    public boolean isKeyValid() {
        return !TextUtils.isEmpty(getKey());
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public void registerKeyLifecycleListener(DaoEncryptionManager.KeyLifecycleCallback keyLifecycleCallback) {
        this.mKeyLifecycleListener.add(keyLifecycleCallback);
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public synchronized void rotateEncryptionKeyIfTimeOut() {
        if (Days.daysBetween(getLastKeyUpdateTimestamp(), this.mSntpClient.now()).getDays() < 30) {
            return;
        }
        updateKey();
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public void unregisterKeyLifecycleListener(DaoEncryptionManager.KeyLifecycleCallback keyLifecycleCallback) {
        this.mKeyLifecycleListener.remove(keyLifecycleCallback);
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public final synchronized void updateKey() {
        refreshKey();
        this.mKey = null;
    }

    @Override // com.amazon.rabbit.android.data.dao.DaoEncryptionManager
    public Cursor wrapEncryptedCursor(Cursor cursor, Map<String, String> map) {
        return new CipherCursorWrapper(cursor, map, this);
    }
}
