package com.amazon.identity.auth.device.utils;

import android.content.Context;
import android.os.Build;
import android.os.Bundle;
import android.text.TextUtils;
import android.util.Base64;
import com.amazon.identity.auth.device.api.MAPAccountManager;
import com.amazon.identity.auth.device.api.MAPCallbackErrorException;
import com.amazon.identity.auth.device.attribute.DeviceAttribute;
import com.amazon.identity.auth.device.bf;
import com.amazon.identity.auth.device.bv;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.concurrent.ExecutionException;

/* loaded from: classes3.dex */
public final class v {
    private static final String TAG = "com.amazon.identity.auth.device.utils.v";
    private static final String[] rK = {"-----BEGIN RSA PRIVATE KEY-----", "-----END RSA PRIVATE KEY-----", "-----BEGIN EC PRIVATE KEY-----", "-----END EC PRIVATE KEY-----", "-----BEGIN PRIVATE KEY-----", "-----END PRIVATE KEY-----"};

    /* loaded from: classes3.dex */
    public static class a {
        protected KeyFactory getInstance(String str) throws NoSuchAlgorithmException {
            return KeyFactory.getInstance(str);
        }

        protected KeyFactory getInstance(String str, String str2) throws NoSuchProviderException, NoSuchAlgorithmException {
            return KeyFactory.getInstance(str, str2);
        }
    }

    private v() {
    }

    static KeyFactory a(String str, a aVar) {
        if (TextUtils.isEmpty(str)) {
            y.e(TAG, "The algorithm cannot be null");
            throw new IllegalArgumentException("The algorithm cannot be null");
        }
        int i = Build.VERSION.SDK_INT;
        if (i >= 28) {
            y.i(TAG, "KeyFactory at Android version " + i);
            try {
                return aVar.getInstance(str);
            } catch (Exception e) {
                y.e(TAG, "getKeyFactory: Could not get private key because there was no " + str + " algorithm", e);
                bf.c("MAPKeyFactoryGenerationError:DefaultProviderNotSupportAlgorithm:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
                return null;
            }
        }
        try {
            return aVar.getInstance(str, "BC");
        } catch (NoSuchAlgorithmException e2) {
            y.e(TAG, "getKeyFactory: Could not get private key because there was no " + str + " algorithm", e2);
            bf.c("MAPKeyFactoryGenerationError:BouncyCastleMissing:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
            try {
                return aVar.getInstance(str);
            } catch (NoSuchAlgorithmException e3) {
                y.e(TAG, "getKeyFactory: Could not get private key because there was no RSA algorithm", e3);
                bf.c("MAPKeyFactoryGenerationError:DefaultProviderNotSupportAlgorithm:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
                return null;
            }
        } catch (NoSuchProviderException e4) {
            y.e(TAG, "The device doesn't contain BouncyCastle Provider, try using the default.", e4);
            bf.c("MAPKeyFactoryGenerationError:MissingBouncyCastle:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
            try {
                return aVar.getInstance(str);
            } catch (NoSuchAlgorithmException e5) {
                y.e(TAG, "getKeyFactory: Could not get private key because there was no RSA algorithm", e5);
                bf.c("MAPKeyFactoryGenerationError:DefaultProviderNotSupportAlgorithm:Algorithm:" + str + ":SystemVersion:" + Build.VERSION.SDK_INT, new String[0]);
                return null;
            }
        }
    }

    /* renamed from: do, reason: not valid java name */
    public static KeyFactory m165do(String str) {
        return a(str, new a());
    }

    public static String dp(String str) {
        if (str == null) {
            return null;
        }
        for (String str2 : rK) {
            str = str.replace(str2, "");
        }
        return str.trim();
    }

    public static PrivateKey getPrivateKey(String str) throws InvalidKeySpecException {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        KeyFactory m165do = m165do("RSA");
        if (m165do == null) {
            y.w(TAG, "Failed to create keyFactory for the input key");
            return null;
        }
        String str2 = TAG;
        new StringBuilder("Key Factory created using the algorithm as ").append(m165do.getAlgorithm());
        y.dr(str2);
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decode(dp(str).getBytes(), 0));
        try {
            return m165do.generatePrivate(pKCS8EncodedKeySpec);
        } catch (InvalidKeySpecException e) {
            y.dr(TAG);
            try {
                return m165do("EC").generatePrivate(pKCS8EncodedKeySpec);
            } catch (InvalidKeySpecException e2) {
                String str3 = TAG;
                y.e(str3, "Failed to create private key using the original algo: " + m165do.getAlgorithm(), e);
                y.e(str3, "Failed to create private key when retried using algo: EC", e2);
                throw e;
            }
        }
    }

    public static void t(Context context, String str) {
        if (!TextUtils.equals(str, "SSO Currently does not have credentials") || bv.bc(context)) {
            return;
        }
        String c = ag.c(context, DeviceAttribute.CentralDeviceType);
        y.e(TAG, "Central DMS token or DMS private key get corrupted, MAP is going to deregister device to clean the state");
        bf.c("DMSCredentialCorrupted:DeviceType:" + c + ":SYSTEM_VERSION:" + Build.VERSION.SDK_INT, new String[0]);
        try {
            new MAPAccountManager(context).deregisterDevice(null).get();
        } catch (MAPCallbackErrorException e) {
            Bundle errorBundle = e.getErrorBundle();
            y.e(TAG, "Error deregister the device when DMS private-key/DMS token got corrupted or missing. Error code:" + errorBundle.getInt("com.amazon.dcp.sso.ErrorCode") + " Error message is:" + errorBundle.getString("com.amazon.dcp.sso.ErrorMessage"));
        } catch (InterruptedException e2) {
            y.e(TAG, "InterruptedException! Error deregister the device when DMS private-key/DMS token got corrupted or missing. ", e2);
        } catch (ExecutionException e3) {
            y.e(TAG, "ExecutionException! Error deregister the device when DMS private-key/DMS token got corrupted or missing.", e3);
        }
        y.i(TAG, "Successfully deregister the device when DMS private-key/DMS token got corrupted or missing.");
    }
}
