package com.amazon.frank.provisioning.impl;

import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.util.Base64;
import com.amazon.oobe.transport.thrift_generated.DeviceDetails;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.operator.OutputEncryptor;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public abstract class DataEncrypt {
    private static final String TAG = "PL_DataEncrypt";

    @NonNull
    private final DeviceDetails mDeviceDetails;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DataEncrypt(@NonNull DeviceDetails deviceDetails) {
        this.mDeviceDetails = deviceDetails;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public String encryptData(@Nullable String str) {
        String str2 = null;
        if (str == null) {
            PLog.i(TAG, "data is null, no need to encrypt");
        } else if (this.mDeviceDetails.getDeviceCertificate() == null || this.mDeviceDetails.getDeviceCertificate().getPem_text() == null) {
            PLog.w(TAG, "Device certificate not available");
        } else {
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(this.mDeviceDetails.getDeviceCertificate().getPem_text().getBytes("UTF-8")));
                CMSEnvelopedDataGenerator cMSEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
                cMSEnvelopedDataGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(x509Certificate));
                CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(str.getBytes("UTF-8"));
                OutputEncryptor encryptor = getEncryptor();
                if (encryptor == null) {
                    PLog.e(TAG, "Unable to create bouncy castle encryption class");
                } else {
                    String encodeToString = Base64.encodeToString(cMSEnvelopedDataGenerator.generate(cMSProcessableByteArray, encryptor).getEncoded(), 0);
                    PLog.i(TAG, "data encryption successful");
                    str2 = "-----BEGIN PKCS7-----\n" + encodeToString + "-----END PKCS7-----\n";
                }
            } catch (UnsupportedEncodingException e) {
                PLog.e(TAG, "Unable to convert perm text to bytes", e);
            } catch (IOException e2) {
                PLog.e(TAG, "Unable to encode password using bouncy castle", e2);
            } catch (CertificateEncodingException e3) {
                PLog.e(TAG, "Unable to encode certificate", e3);
            } catch (CertificateException e4) {
                PLog.e(TAG, "Unable to create certificate", e4);
            } catch (CMSException e5) {
                PLog.e(TAG, "Unable to create bouncy castle encryption class", e5);
            }
        }
        return str2;
    }

    @NonNull
    protected abstract OutputEncryptor getEncryptor();
}
