package defpackage;

import android.util.Base64;
import com.google.gson.Gson;
import com.google.gson.annotations.SerializedName;
import com.microsoft.aad.adal.AuthenticationException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;

/* loaded from: classes2.dex */
public class wz5 implements rz5 {

    /* loaded from: classes2.dex */
    public class a {
        public a(wz5 wz5Var) {
        }
    }

    /* loaded from: classes2.dex */
    public class b {

        @SerializedName("x5c")
        public String[] a;

        public b(wz5 wz5Var) {
        }
    }

    public static String b(RSAPrivateKey rSAPrivateKey, byte[] bArr) throws AuthenticationException {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(rSAPrivateKey);
            signature.update(bArr);
            return g06.e(signature.sign());
        } catch (UnsupportedEncodingException unused) {
            throw new AuthenticationException(sy5.ENCODING_IS_NOT_SUPPORTED);
        } catch (InvalidKeyException e) {
            throw new AuthenticationException(sy5.KEY_CHAIN_PRIVATE_KEY_EXCEPTION, "Invalid private RSA key: " + e.getMessage(), e);
        } catch (NoSuchAlgorithmException e2) {
            throw new AuthenticationException(sy5.DEVICE_NO_SUCH_ALGORITHM, "Unsupported RSA algorithm: " + e2.getMessage(), e2);
        } catch (SignatureException e3) {
            throw new AuthenticationException(sy5.SIGNATURE_EXCEPTION, "RSA signature exception: " + e3.getMessage(), e3);
        }
    }

    @Override // defpackage.rz5
    public String a(String str, String str2, RSAPrivateKey rSAPrivateKey, RSAPublicKey rSAPublicKey, X509Certificate x509Certificate) throws AuthenticationException {
        if (g06.a(str)) {
            throw new IllegalArgumentException("nonce");
        }
        if (g06.a(str2)) {
            throw new IllegalArgumentException("audience");
        }
        if (rSAPrivateKey == null) {
            throw new IllegalArgumentException("privateKey");
        }
        if (rSAPublicKey == null) {
            throw new IllegalArgumentException("pubKey");
        }
        Gson gson = new Gson();
        a aVar = new a(this);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        b bVar = new b(this);
        try {
            bVar.a = r2;
            String[] strArr = {new String(Base64.encode(x509Certificate.getEncoded(), 2), "UTF_8")};
            String json = gson.toJson(bVar);
            String json2 = gson.toJson(aVar);
            xz5.q("JWSBuilder", "Client certificate challenge response JWS Header:" + json);
            String str3 = g06.e(json.getBytes("UTF_8")) + "." + g06.e(json2.getBytes("UTF_8"));
            return str3 + "." + b(rSAPrivateKey, str3.getBytes("UTF_8"));
        } catch (UnsupportedEncodingException unused) {
            throw new AuthenticationException(sy5.ENCODING_IS_NOT_SUPPORTED);
        } catch (CertificateEncodingException unused2) {
            throw new AuthenticationException(sy5.CERTIFICATE_ENCODING_ERROR);
        }
    }
}
