package com.amazon.identity.kcpsdk.auth;

import android.util.Base64;
import com.amazon.identity.auth.device.utils.aq;
import com.goodreads.kindle.ui.activity.SignedOutWebviewActivity;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes.dex */
public class ar {

    /* renamed from: f, reason: collision with root package name */
    private static final String f5127f = "com.amazon.identity.kcpsdk.auth.ar";

    /* renamed from: g, reason: collision with root package name */
    private static final byte[] f5128g = new byte[0];

    /* renamed from: b, reason: collision with root package name */
    private final x f5130b;

    /* renamed from: c, reason: collision with root package name */
    private String f5131c;

    /* renamed from: a, reason: collision with root package name */
    private String f5129a = null;

    /* renamed from: d, reason: collision with root package name */
    private boolean f5132d = false;

    /* renamed from: e, reason: collision with root package name */
    private boolean f5133e = false;

    public ar(x xVar) {
        this.f5130b = xVar;
    }

    private static byte[] c(byte[] bArr, PrivateKey privateKey) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, privateKey);
            cipher.update(digest);
            return cipher.doFinal();
        } catch (InvalidKeyException e10) {
            com.amazon.identity.auth.device.utils.y.o(f5127f, "signWithOldAuth: failed because of InvalidKeyException: " + e10.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e11) {
            com.amazon.identity.auth.device.utils.y.o(f5127f, "signWithOldAuth: failed because of NoSuchAlgorithmException: " + e11.getMessage());
            return null;
        } catch (BadPaddingException e12) {
            com.amazon.identity.auth.device.utils.y.o(f5127f, "signWithOldAuth: failed because of BadPaddingException: " + e12.getMessage());
            return null;
        } catch (IllegalBlockSizeException e13) {
            com.amazon.identity.auth.device.utils.y.o(f5127f, "signWithOldAuth: failed because of IllegalBlockSizeException: " + e13.getMessage());
            return null;
        } catch (NoSuchPaddingException e14) {
            com.amazon.identity.auth.device.utils.y.o(f5127f, "signWithOldAuth: failed because of NoSuchPaddingException: " + e14.getMessage());
            return null;
        }
    }

    private byte[] e(byte[] bArr, PrivateKey privateKey) {
        try {
            g();
            Signature signature = Signature.getInstance(this.f5129a);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e10) {
            com.amazon.identity.auth.device.utils.y.o(f5127f, "signWithNewAuth: failed because of InvalidKeyException: " + e10.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e11) {
            com.amazon.identity.auth.device.utils.y.o(f5127f, "signWithNewAuth: failed because of NoSuchAlgorithmException: " + e11.getMessage());
            return null;
        } catch (SignatureException e12) {
            com.amazon.identity.auth.device.utils.y.o(f5127f, "signWithNewAuth: failed because of SignatureException: " + e12.getMessage());
            return null;
        }
    }

    private void g() {
        if (this.f5129a == null) {
            this.f5129a = this.f5130b.b();
        }
    }

    public String a(String str, com.amazon.identity.kcpsdk.common.l lVar) {
        String j10;
        byte[] bArr;
        String b10;
        String m10 = lVar.m();
        if (this.f5133e) {
            j10 = lVar.i();
        } else {
            j10 = lVar.j();
            if (j10 != null && !j10.startsWith(SignedOutWebviewActivity.PATH_ROOT)) {
                j10 = SignedOutWebviewActivity.PATH_ROOT.concat(j10);
            }
        }
        byte[] o10 = this.f5133e ? f5128g : lVar.o();
        String str2 = this.f5131c;
        if (str2 == null) {
            str2 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'", Locale.US).format(new Date());
        }
        if (str == null || m10 == null || j10 == null || str2 == null) {
            bArr = null;
        } else {
            byte[] d10 = aq.d(m10);
            byte[] d11 = aq.d(j10);
            byte[] d12 = aq.d(str2);
            int length = o10 != null ? o10.length : 0;
            byte[] d13 = aq.d(str);
            bArr = new byte[d10.length + 1 + d11.length + 1 + d12.length + 1 + length + 1 + d13.length];
            System.arraycopy(d10, 0, bArr, 0, d10.length);
            int length2 = d10.length;
            bArr[length2] = 10;
            int i10 = length2 + 1;
            System.arraycopy(d11, 0, bArr, i10, d11.length);
            int length3 = i10 + d11.length;
            bArr[length3] = 10;
            int i11 = length3 + 1;
            System.arraycopy(d12, 0, bArr, i11, d12.length);
            int length4 = i11 + d12.length;
            bArr[length4] = 10;
            int i12 = length4 + 1;
            if (o10 != null) {
                System.arraycopy(o10, 0, bArr, i12, o10.length);
                i12 += o10.length;
            }
            bArr[i12] = 10;
            System.arraycopy(d13, 0, bArr, i12 + 1, d13.length);
        }
        if (bArr == null || (b10 = b(bArr)) == null) {
            return null;
        }
        return String.format("%s:%s", b10, str2);
    }

    public String b(byte[] bArr) {
        byte[] e10;
        PrivateKey a10 = this.f5130b.a();
        if (a10 == null) {
            return null;
        }
        if (this.f5132d) {
            g();
            if (!this.f5129a.equals("SHA256WithRSA")) {
                com.amazon.identity.auth.device.utils.y.o(f5127f, "Try to use legacy auth when the algorithm is " + this.f5129a);
            }
            e10 = c(bArr, a10);
        } else {
            e10 = e(bArr, a10);
        }
        if (e10 != null) {
            return Base64.encodeToString(e10, 2);
        }
        return null;
    }

    public boolean d(com.amazon.identity.kcpsdk.common.l lVar) {
        x xVar = this.f5130b;
        if (xVar != null && lVar != null) {
            String b10 = xVar.c().b();
            try {
                String a10 = a(b10, lVar);
                if (a10 == null) {
                    return false;
                }
                lVar.w(j(), a10);
                lVar.w(i(), b10);
                if (k() == null) {
                    return true;
                }
                lVar.w(k(), f());
                return true;
            } catch (Exception e10) {
                com.amazon.identity.auth.device.utils.y.p(f5127f, "Exception in getting ADP signature.", e10);
            }
        }
        return false;
    }

    public String f() {
        if (this.f5132d) {
            return null;
        }
        g();
        return this.f5129a + ":1.0";
    }

    public boolean h() {
        return this.f5132d;
    }

    public String i() {
        return this.f5132d ? "X-ADP-Authentication-Token" : "x-adp-token";
    }

    public String j() {
        return this.f5132d ? "X-ADP-Request-Digest" : "x-adp-signature";
    }

    public String k() {
        if (this.f5132d) {
            return null;
        }
        return "x-adp-alg";
    }

    public void l(boolean z10) {
        this.f5132d = z10;
        if (z10) {
            com.amazon.identity.auth.device.utils.y.u(f5127f, "Try to set useLegacyAuthentication to be true when algorithm is: " + this.f5129a);
            if (this.f5130b != null) {
                g();
                if (this.f5129a.equalsIgnoreCase("SHA256WithRSA")) {
                    return;
                }
                throw new IllegalStateException("LegacyAuthentication is not compatible with algorithm:" + this.f5129a);
            }
        }
    }
}
