package com.amazon.identity.kcpsdk.auth;

import android.annotation.SuppressLint;
import android.util.Base64;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes.dex */
public class ar {
    private static final String TAG = "com.amazon.identity.kcpsdk.auth.ar";
    private static final byte[] uD = new byte[0];
    private final x uF;
    private String uG;
    private String uE = null;
    private boolean uH = false;
    private boolean uI = false;

    public ar(x xVar) {
        this.uF = xVar;
    }

    @SuppressLint({"GetInstance"})
    private static byte[] a(byte[] bArr, PrivateKey privateKey) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, privateKey);
            cipher.update(digest);
            return cipher.doFinal();
        } catch (InvalidKeyException e) {
            com.amazon.identity.auth.device.utils.y.e(TAG, "signWithOldAuth: failed because of InvalidKeyException: " + e.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e2) {
            com.amazon.identity.auth.device.utils.y.e(TAG, "signWithOldAuth: failed because of NoSuchAlgorithmException: " + e2.getMessage());
            return null;
        } catch (BadPaddingException e3) {
            com.amazon.identity.auth.device.utils.y.e(TAG, "signWithOldAuth: failed because of BadPaddingException: " + e3.getMessage());
            return null;
        } catch (IllegalBlockSizeException e4) {
            com.amazon.identity.auth.device.utils.y.e(TAG, "signWithOldAuth: failed because of IllegalBlockSizeException: " + e4.getMessage());
            return null;
        } catch (NoSuchPaddingException e5) {
            com.amazon.identity.auth.device.utils.y.e(TAG, "signWithOldAuth: failed because of NoSuchPaddingException: " + e5.getMessage());
            return null;
        }
    }

    private byte[] b(byte[] bArr, PrivateKey privateKey) {
        try {
            ij();
            Signature signature = Signature.getInstance(this.uE);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            com.amazon.identity.auth.device.utils.y.e(TAG, "signWithNewAuth: failed because of InvalidKeyException: " + e.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e2) {
            com.amazon.identity.auth.device.utils.y.e(TAG, "signWithNewAuth: failed because of NoSuchAlgorithmException: " + e2.getMessage());
            return null;
        } catch (SignatureException e3) {
            com.amazon.identity.auth.device.utils.y.e(TAG, "signWithNewAuth: failed because of SignatureException: " + e3.getMessage());
            return null;
        }
    }

    private void ij() {
        if (this.uE == null) {
            this.uE = this.uF.hu();
        }
    }

    public String a(String str, com.amazon.identity.kcpsdk.common.l lVar) {
        String iC;
        byte[] bArr;
        String a;
        String iF = lVar.iF();
        if (this.uI) {
            iC = lVar.getUrl();
        } else {
            iC = lVar.iC();
            if (iC != null && !iC.startsWith("/")) {
                iC = "/".concat(iC);
            }
        }
        byte[] iH = this.uI ? uD : lVar.iH();
        String str2 = this.uG;
        if (str2 == null) {
            str2 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'", Locale.US).format(new Date());
        }
        if (str == null || iF == null || iC == null || str2 == null) {
            bArr = null;
        } else {
            byte[] dK = com.amazon.identity.auth.device.utils.aq.dK(iF);
            byte[] dK2 = com.amazon.identity.auth.device.utils.aq.dK(iC);
            byte[] dK3 = com.amazon.identity.auth.device.utils.aq.dK(str2);
            int length = iH != null ? iH.length : 0;
            byte[] dK4 = com.amazon.identity.auth.device.utils.aq.dK(str);
            bArr = new byte[dK.length + 1 + dK2.length + 1 + dK3.length + 1 + length + 1 + dK4.length];
            System.arraycopy(dK, 0, bArr, 0, dK.length);
            int length2 = dK.length;
            bArr[length2] = 10;
            int i = length2 + 1;
            System.arraycopy(dK2, 0, bArr, i, dK2.length);
            int length3 = i + dK2.length;
            bArr[length3] = 10;
            int i2 = length3 + 1;
            System.arraycopy(dK3, 0, bArr, i2, dK3.length);
            int length4 = i2 + dK3.length;
            bArr[length4] = 10;
            int i3 = length4 + 1;
            if (iH != null) {
                System.arraycopy(iH, 0, bArr, i3, iH.length);
                i3 += iH.length;
            }
            bArr[i3] = 10;
            System.arraycopy(dK4, 0, bArr, i3 + 1, dK4.length);
        }
        if (bArr == null || (a = a(bArr)) == null) {
            return null;
        }
        return String.format("%s:%s", a, str2);
    }

    public String a(byte[] bArr) {
        byte[] b;
        PrivateKey hv = this.uF.hv();
        if (hv == null) {
            return null;
        }
        if (this.uH) {
            ij();
            if (!this.uE.equals("SHA256WithRSA")) {
                com.amazon.identity.auth.device.utils.y.e(TAG, "Try to use legacy auth when the algorithm is " + this.uE);
            }
            b = a(bArr, hv);
        } else {
            b = b(bArr, hv);
        }
        if (b != null) {
            return Base64.encodeToString(b, 2);
        }
        return null;
    }

    public boolean b(com.amazon.identity.kcpsdk.common.l lVar) {
        x xVar = this.uF;
        if (xVar != null && lVar != null) {
            String token = xVar.y().getToken();
            try {
                String a = a(token, lVar);
                if (a == null) {
                    return false;
                }
                lVar.setHeader(im(), a);
                lVar.setHeader(il(), token);
                if (in() == null) {
                    return true;
                }
                lVar.setHeader(in(), ii());
                return true;
            } catch (Exception e) {
                com.amazon.identity.auth.device.utils.y.e(TAG, "Exception in getting ADP signature.", e);
            }
        }
        return false;
    }

    public String ii() {
        if (this.uH) {
            return null;
        }
        ij();
        return this.uE + ":1.0";
    }

    public boolean ik() {
        return this.uH;
    }

    public String il() {
        return this.uH ? "X-ADP-Authentication-Token" : "x-adp-token";
    }

    public String im() {
        return this.uH ? "X-ADP-Request-Digest" : "x-adp-signature";
    }

    public String in() {
        if (this.uH) {
            return null;
        }
        return "x-adp-alg";
    }

    public void m(boolean z) {
        this.uH = z;
        if (z) {
            com.amazon.identity.auth.device.utils.y.i(TAG, "Try to set useLegacyAuthentication to be true when algorithm is: " + this.uE);
            if (this.uF != null) {
                ij();
                if (this.uE.equalsIgnoreCase("SHA256WithRSA")) {
                    return;
                }
                throw new IllegalStateException("LegacyAuthentication is not compatible with algorithm:" + this.uE);
            }
        }
    }
}
