package com.amazonaws.encryptionsdk;

import com.amazonaws.encryptionsdk.exception.BadCiphertextException;
import com.amazonaws.encryptionsdk.internal.DecryptionHandler;
import com.amazonaws.encryptionsdk.internal.EncryptionHandler;
import com.amazonaws.encryptionsdk.internal.ProcessingSummary;
import com.amazonaws.encryptionsdk.internal.Utils;
import com.amazonaws.util.Base64;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.util.Collections;
import java.util.Map;

/* loaded from: input_file:com/amazonaws/encryptionsdk/AwsCrypto.class */
public class AwsCrypto {
    private static final Map<String, String> EMPTY_MAP = Collections.emptyMap();
    private CryptoAlgorithm encryptionAlgorithm_ = getDefaultCryptoAlgorithm();
    private int encryptionFrameSize_ = getDefaultFrameSize();

    public static CryptoAlgorithm getDefaultCryptoAlgorithm() {
        return CryptoAlgorithm.ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384;
    }

    public static int getDefaultFrameSize() {
        return 4096;
    }

    public void setEncryptionAlgorithm(CryptoAlgorithm cryptoAlgorithm) {
        this.encryptionAlgorithm_ = cryptoAlgorithm;
    }

    public CryptoAlgorithm getEncryptionAlgorithm() {
        return this.encryptionAlgorithm_;
    }

    public void setEncryptionFrameSize(int i) {
        if (i < 0 || i % this.encryptionAlgorithm_.getBlockSize() != 0) {
            throw new IllegalArgumentException("frameSize must be a non-negative multiple of the block size");
        }
        this.encryptionFrameSize_ = i;
    }

    public int getEncryptionFrameSize() {
        return this.encryptionFrameSize_;
    }

    public <K extends MasterKey<K>> long estimateCiphertextSize(MasterKeyProvider<K> masterKeyProvider, int i, Map<String, String> map) {
        return new EncryptionHandler(((MasterKeyProvider) Utils.assertNonNull(masterKeyProvider, "provider")).getMasterKeysForEncryption(MasterKeyRequest.newBuilder().setEncryptionContext(map).setStreaming(true).build()), map, getEncryptionAlgorithm(), getEncryptionFrameSize()).estimateOutputSize(i);
    }

    public <K extends MasterKey<K>> long estimateCiphertextSize(MasterKeyProvider<K> masterKeyProvider, int i) {
        return estimateCiphertextSize(masterKeyProvider, i, EMPTY_MAP);
    }

    public <K extends MasterKey<K>> CryptoResult<byte[], K> encryptData(MasterKeyProvider<K> masterKeyProvider, byte[] bArr, Map<String, String> map) {
        EncryptionHandler encryptionHandler = new EncryptionHandler(((MasterKeyProvider) Utils.assertNonNull(masterKeyProvider, "provider")).getMasterKeysForEncryption(MasterKeyRequest.newBuilder().setEncryptionContext(map).setPlaintext(bArr).build()), map, getEncryptionAlgorithm(), getEncryptionFrameSize());
        byte[] bArr2 = new byte[encryptionHandler.estimateOutputSize(bArr.length)];
        int bytesWritten = encryptionHandler.processBytes(bArr, 0, bArr.length, bArr2, 0).getBytesWritten();
        return new CryptoResult<>(Utils.truncate(bArr2, bytesWritten + encryptionHandler.doFinal(bArr2, bytesWritten)), encryptionHandler.getMasterKeys(), encryptionHandler.getHeaders());
    }

    public <K extends MasterKey<K>> CryptoResult<byte[], K> encryptData(MasterKeyProvider<K> masterKeyProvider, byte[] bArr) {
        return encryptData(masterKeyProvider, bArr, EMPTY_MAP);
    }

    public <K extends MasterKey<K>> CryptoResult<String, K> encryptString(MasterKeyProvider<K> masterKeyProvider, String str, Map<String, String> map) {
        CryptoResult<byte[], K> encryptData = encryptData(masterKeyProvider, str.getBytes(StandardCharsets.UTF_8), map);
        return new CryptoResult<>(Base64.encodeAsString(encryptData.getResult()), encryptData.getMasterKeys(), encryptData.getHeaders());
    }

    public <K extends MasterKey<K>> CryptoResult<String, K> encryptString(MasterKeyProvider<K> masterKeyProvider, String str) {
        return encryptString(masterKeyProvider, str, EMPTY_MAP);
    }

    public <K extends MasterKey<K>> CryptoResult<byte[], K> decryptData(MasterKeyProvider<K> masterKeyProvider, byte[] bArr) {
        return decryptData((MasterKeyProvider) Utils.assertNonNull(masterKeyProvider, "provider"), new ParsedCiphertext(bArr));
    }

    public <K extends MasterKey<K>> CryptoResult<byte[], K> decryptData(MasterKeyProvider<K> masterKeyProvider, ParsedCiphertext parsedCiphertext) {
        DecryptionHandler decryptionHandler = new DecryptionHandler(masterKeyProvider, parsedCiphertext);
        byte[] ciphertext = parsedCiphertext.getCiphertext();
        int length = ciphertext.length - parsedCiphertext.getOffset();
        byte[] bArr = new byte[decryptionHandler.estimateOutputSize(length)];
        ProcessingSummary processBytes = decryptionHandler.processBytes(ciphertext, parsedCiphertext.getOffset(), length, bArr, 0);
        if (processBytes.getBytesProcessed() != length) {
            throw new BadCiphertextException("Unable to process entire ciphertext. May have trailing data.");
        }
        int bytesWritten = processBytes.getBytesWritten();
        return new CryptoResult<>(Utils.truncate(bArr, bytesWritten + decryptionHandler.doFinal(bArr, bytesWritten)), decryptionHandler.getMasterKeys(), decryptionHandler.getHeaders());
    }

    public <K extends MasterKey<K>> CryptoResult<String, K> decryptString(MasterKeyProvider<K> masterKeyProvider, String str) {
        Utils.assertNonNull(masterKeyProvider, "provider");
        try {
            CryptoResult<byte[], K> decryptData = decryptData(masterKeyProvider, Base64.decode((String) Utils.assertNonNull(str, "ciphertext")));
            return new CryptoResult<>(new String(decryptData.getResult(), StandardCharsets.UTF_8), decryptData.getMasterKeys(), decryptData.getHeaders());
        } catch (IllegalArgumentException e) {
            throw new BadCiphertextException("Invalid base 64", e);
        }
    }

    public <K extends MasterKey<K>> CryptoOutputStream<K> createEncryptingStream(MasterKeyProvider<K> masterKeyProvider, OutputStream outputStream, Map<String, String> map) {
        return new CryptoOutputStream<>(outputStream, new EncryptionHandler(((MasterKeyProvider) Utils.assertNonNull(masterKeyProvider, "provider")).getMasterKeysForEncryption(MasterKeyRequest.newBuilder().setEncryptionContext(map).setStreaming(true).build()), map, getEncryptionAlgorithm(), getEncryptionFrameSize()));
    }

    public <K extends MasterKey<K>> CryptoOutputStream<K> createEncryptingStream(MasterKeyProvider<K> masterKeyProvider, OutputStream outputStream) {
        return createEncryptingStream(masterKeyProvider, outputStream, EMPTY_MAP);
    }

    public <K extends MasterKey<K>> CryptoInputStream<K> createEncryptingStream(MasterKeyProvider<K> masterKeyProvider, InputStream inputStream, Map<String, String> map) {
        return new CryptoInputStream<>(inputStream, new EncryptionHandler(((MasterKeyProvider) Utils.assertNonNull(masterKeyProvider, "provider")).getMasterKeysForEncryption(MasterKeyRequest.newBuilder().setEncryptionContext(map).setStreaming(true).build()), map, getEncryptionAlgorithm(), getEncryptionFrameSize()));
    }

    public <K extends MasterKey<K>> CryptoInputStream<K> createEncryptingStream(MasterKeyProvider<K> masterKeyProvider, InputStream inputStream) {
        return createEncryptingStream(masterKeyProvider, inputStream, EMPTY_MAP);
    }

    public <K extends MasterKey<K>> CryptoOutputStream<K> createDecryptingStream(MasterKeyProvider<K> masterKeyProvider, OutputStream outputStream) {
        return new CryptoOutputStream<>(outputStream, new DecryptionHandler(masterKeyProvider));
    }

    public <K extends MasterKey<K>> CryptoInputStream<K> createDecryptingStream(MasterKeyProvider<K> masterKeyProvider, InputStream inputStream) {
        return new CryptoInputStream<>(inputStream, new DecryptionHandler(masterKeyProvider));
    }
}
