package com.amazon.identity.auth.device.utils;

import android.content.Context;
import android.os.Build;
import android.os.Bundle;
import android.text.TextUtils;
import android.util.Base64;
import com.amazon.identity.auth.device.api.MAPAccountManager;
import com.amazon.identity.auth.device.api.MAPCallbackErrorException;
import com.amazon.identity.auth.device.attribute.DeviceAttribute;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.concurrent.ExecutionException;

/* compiled from: DCP */
/* loaded from: classes.dex */
public final class w {
    private static final String[] oi = {"-----BEGIN RSA PRIVATE KEY-----", "-----END RSA PRIVATE KEY-----", "-----BEGIN EC PRIVATE KEY-----", "-----END EC PRIVATE KEY-----", "-----BEGIN PRIVATE KEY-----", "-----END PRIVATE KEY-----"};
    private static final String TAG = w.class.getName();

    /* compiled from: DCP */
    /* loaded from: classes.dex */
    public static class a {
        protected KeyFactory getInstance(String str) throws NoSuchAlgorithmException {
            return KeyFactory.getInstance(str);
        }

        protected KeyFactory getInstance(String str, String str2) throws NoSuchProviderException, NoSuchAlgorithmException {
            return KeyFactory.getInstance(str, str2);
        }
    }

    private w() {
    }

    static KeyFactory a(String str, a aVar) {
        if (TextUtils.isEmpty(str)) {
            z.U(TAG, "The algorithm cannot be null");
            throw new IllegalArgumentException("The algorithm cannot be null");
        }
        if (Build.VERSION.SDK_INT >= 28) {
            z.S(TAG, "KeyFactory at Android version " + Build.VERSION.SDK_INT);
            try {
                return aVar.getInstance(str);
            } catch (Exception e) {
                z.c(TAG, "getKeyFactory: Could not get private key because there was no " + str + " algorithm", e);
                com.amazon.identity.platform.metric.b.a("MAPKeyFactoryGenerationError:DefaultProviderNotSupportAlgorithm:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
            }
        } else {
            try {
                return aVar.getInstance(str, "BC");
            } catch (NoSuchAlgorithmException e2) {
                z.c(TAG, "getKeyFactory: Could not get private key because there was no " + str + " algorithm", e2);
                com.amazon.identity.platform.metric.b.a("MAPKeyFactoryGenerationError:BouncyCastleMissing:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
                try {
                    return aVar.getInstance(str);
                } catch (NoSuchAlgorithmException e3) {
                    z.c(TAG, "getKeyFactory: Could not get private key because there was no RSA algorithm", e3);
                    com.amazon.identity.platform.metric.b.a("MAPKeyFactoryGenerationError:DefaultProviderNotSupportAlgorithm:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
                }
            } catch (NoSuchProviderException e4) {
                z.c(TAG, "The device doesn't contain BouncyCastle Provider, try using the default.", e4);
                com.amazon.identity.platform.metric.b.a("MAPKeyFactoryGenerationError:MissingBouncyCastle:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
                try {
                    return aVar.getInstance(str);
                } catch (NoSuchAlgorithmException e5) {
                    z.c(TAG, "getKeyFactory: Could not get private key because there was no RSA algorithm", e5);
                    com.amazon.identity.platform.metric.b.a("MAPKeyFactoryGenerationError:DefaultProviderNotSupportAlgorithm:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
                }
            }
        }
        return null;
    }

    public static KeyFactory cJ(String str) {
        return a(str, new a());
    }

    public static String cK(String str) {
        if (str == null) {
            return null;
        }
        for (String str2 : oi) {
            str = str.replace(str2, "");
        }
        return str.trim();
    }

    public static PrivateKey getPrivateKey(String str) throws InvalidKeySpecException {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        KeyFactory cJ = cJ("RSA");
        if (cJ == null) {
            z.T(TAG, "Failed to create keyFactory for the input key");
            return null;
        }
        String str2 = TAG;
        new StringBuilder("Key Factory created using the algorithm as ").append(cJ.getAlgorithm());
        z.cM(str2);
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decode(cK(str).getBytes(), 0));
        try {
            return cJ.generatePrivate(pKCS8EncodedKeySpec);
        } catch (InvalidKeySpecException e) {
            z.cM(TAG);
            try {
                return cJ("EC").generatePrivate(pKCS8EncodedKeySpec);
            } catch (InvalidKeySpecException e2) {
                z.c(TAG, "Failed to create private key using the original algo: " + cJ.getAlgorithm(), e);
                z.c(TAG, "Failed to create private key when retried using algo: EC", e2);
                throw e;
            }
        }
    }

    public static void t(Context context, String str) {
        if (!(TextUtils.equals(str, "SSO Currently does not have credentials")) || com.amazon.identity.platform.util.a.aM(context)) {
            return;
        }
        String c = ah.c(context, DeviceAttribute.CentralDeviceType);
        z.U(TAG, "Central DMS token or DMS private key get corrupted, MAP is going to deregister device to clean the state");
        com.amazon.identity.platform.metric.b.a("DMSCredentialCorrupted:DeviceType:" + c + ":SYSTEM_VERSION:" + Build.VERSION.SDK_INT, new String[0]);
        try {
            new MAPAccountManager(context).deregisterDevice(null).get();
        } catch (MAPCallbackErrorException e) {
            Bundle errorBundle = e.getErrorBundle();
            z.U(TAG, "Error deregister the device when DMS private-key/DMS token got corrupted or missing. Error code:" + errorBundle.getInt("com.amazon.dcp.sso.ErrorCode") + " Error message is:" + errorBundle.getString("com.amazon.dcp.sso.ErrorMessage"));
        } catch (InterruptedException e2) {
            z.c(TAG, "InterruptedException! Error deregister the device when DMS private-key/DMS token got corrupted or missing. ", e2);
        } catch (ExecutionException e3) {
            z.c(TAG, "ExecutionException! Error deregister the device when DMS private-key/DMS token got corrupted or missing.", e3);
        }
        z.S(TAG, "Successfully deregister the device when DMS private-key/DMS token got corrupted or missing.");
    }
}
