package com.amazon.identity.auth.device;

import android.annotation.SuppressLint;
import android.util.Base64;
import com.amazonaws.util.DateUtils;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* compiled from: DCP */
/* loaded from: classes4.dex */
public class kb {
    private static final String TAG = kb.class.getName();
    private static final byte[] rp = new byte[0];
    private final jh rr;
    private String rs;
    private String rq = null;
    private boolean rt = false;
    private boolean ru = false;

    public kb(jh jhVar) {
        this.rr = jhVar;
    }

    @SuppressLint({"GetInstance"})
    private static byte[] a(byte[] bArr, PrivateKey privateKey) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, privateKey);
            cipher.update(digest);
            return cipher.doFinal();
        } catch (InvalidKeyException e) {
            hh.e(TAG, "signWithOldAuth: failed because of InvalidKeyException: " + e.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e2) {
            hh.e(TAG, "signWithOldAuth: failed because of NoSuchAlgorithmException: " + e2.getMessage());
            return null;
        } catch (BadPaddingException e3) {
            hh.e(TAG, "signWithOldAuth: failed because of BadPaddingException: " + e3.getMessage());
            return null;
        } catch (IllegalBlockSizeException e4) {
            hh.e(TAG, "signWithOldAuth: failed because of IllegalBlockSizeException: " + e4.getMessage());
            return null;
        } catch (NoSuchPaddingException e5) {
            hh.e(TAG, "signWithOldAuth: failed because of NoSuchPaddingException: " + e5.getMessage());
            return null;
        }
    }

    private byte[] b(byte[] bArr, PrivateKey privateKey) {
        try {
            gQ();
            Signature signature = Signature.getInstance(this.rq);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            hh.e(TAG, "signWithNewAuth: failed because of InvalidKeyException: " + e.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e2) {
            hh.e(TAG, "signWithNewAuth: failed because of NoSuchAlgorithmException: " + e2.getMessage());
            return null;
        } catch (SignatureException e3) {
            hh.e(TAG, "signWithNewAuth: failed because of SignatureException: " + e3.getMessage());
            return null;
        }
    }

    private void gQ() {
        if (this.rq == null) {
            this.rq = this.rr.gd();
        }
    }

    public String a(String str, ku kuVar) {
        String hi;
        byte[] bArr;
        String a;
        String hl = kuVar.hl();
        if (this.ru) {
            hi = kuVar.getUrl();
        } else {
            hi = kuVar.hi();
            if (hi != null && !hi.startsWith("/")) {
                hi = "/" + hi;
            }
        }
        byte[] hn = this.ru ? rp : kuVar.hn();
        String format = this.rs != null ? this.rs : new SimpleDateFormat(DateUtils.ALTERNATE_ISO8601_DATE_PATTERN, Locale.US).format(new Date());
        if (str == null || hl == null || hi == null || format == null) {
            bArr = null;
        } else {
            byte[] cY = hy.cY(hl);
            byte[] cY2 = hy.cY(hi);
            byte[] cY3 = hy.cY(format);
            int length = hn != null ? hn.length : 0;
            byte[] cY4 = hy.cY(str);
            byte[] bArr2 = new byte[length + cY.length + 1 + cY2.length + 1 + cY3.length + 1 + 1 + cY4.length];
            System.arraycopy(cY, 0, bArr2, 0, cY.length);
            int length2 = cY.length + 0;
            bArr2[length2] = 10;
            int i = length2 + 1;
            System.arraycopy(cY2, 0, bArr2, i, cY2.length);
            int length3 = i + cY2.length;
            bArr2[length3] = 10;
            int i2 = length3 + 1;
            System.arraycopy(cY3, 0, bArr2, i2, cY3.length);
            int length4 = i2 + cY3.length;
            bArr2[length4] = 10;
            int i3 = length4 + 1;
            if (hn != null) {
                System.arraycopy(hn, 0, bArr2, i3, hn.length);
                i3 += hn.length;
            }
            bArr2[i3] = 10;
            System.arraycopy(cY4, 0, bArr2, i3 + 1, cY4.length);
            bArr = bArr2;
        }
        if (bArr != null && (a = a(bArr)) != null) {
            return String.format("%s:%s", a, format);
        }
        return null;
    }

    public String a(byte[] bArr) {
        byte[] b;
        PrivateKey ge = this.rr.ge();
        if (ge == null) {
            return null;
        }
        if (this.rt) {
            gQ();
            if (!this.rq.equals("SHA256WithRSA")) {
                hh.e(TAG, "Try to use legacy auth when the algorithm is " + this.rq);
            }
            b = a(bArr, ge);
        } else {
            b = b(bArr, ge);
        }
        if (b != null) {
            return Base64.encodeToString(b, 2);
        }
        return null;
    }

    public boolean b(ku kuVar) {
        if (this.rr == null || kuVar == null) {
            return false;
        }
        String token = this.rr.getToken();
        try {
            String a = a(token, kuVar);
            if (a == null) {
                return false;
            }
            kuVar.setHeader(gT(), a);
            kuVar.setHeader(gS(), token);
            if (gU() != null) {
                kuVar.setHeader(gU(), gP());
            }
            return true;
        } catch (Exception e) {
            hh.c(TAG, "Exception in getting ADP signature.", e);
            return false;
        }
    }

    public String gP() {
        if (this.rt) {
            return null;
        }
        gQ();
        return this.rq + ":1.0";
    }

    public boolean gR() {
        return this.rt;
    }

    public String gS() {
        return this.rt ? "X-ADP-Authentication-Token" : "x-adp-token";
    }

    public String gT() {
        return this.rt ? "X-ADP-Request-Digest" : "x-adp-signature";
    }

    public String gU() {
        if (this.rt) {
            return null;
        }
        return "x-adp-alg";
    }

    public void k(boolean z) {
        this.rt = z;
        if (this.rt) {
            hh.W(TAG, "Try to set useLegacyAuthentication to be true when algorithm is: " + this.rq);
            if (this.rr != null) {
                gQ();
                if (!this.rq.equalsIgnoreCase("SHA256WithRSA")) {
                    throw new IllegalStateException("LegacyAuthentication is not compatible with algorithm:" + this.rq);
                }
            }
        }
    }
}
