package com.amazon.identity.auth.device.api;

import android.annotation.SuppressLint;
import android.content.Context;
import android.net.Uri;
import android.os.Bundle;
import android.text.TextUtils;
import android.util.Base64;
import com.amazon.identity.auth.device.api.AuthenticatedURLConnection;
import com.amazon.identity.auth.device.bl;
import com.amazon.identity.auth.device.fl;
import com.amazon.identity.auth.device.hu;
import com.amazon.identity.auth.device.ij;
import com.amazon.identity.auth.device.im;
import com.amazon.identity.auth.device.jh;
import com.amazon.identity.auth.device.jn;
import com.amazon.identity.auth.device.storage.BackwardsCompatiableDataStorage;
import com.facebook.react.views.textinput.ReactEditTextInputConnectionWrapper;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Locale;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: DCP */
/* loaded from: classes.dex */
public class InProcessAdpAuthenticationMethod extends AuthenticationMethod {
    static final String TAG = InProcessAdpAuthenticationMethod.class.getName();
    private static final long aq = jh.d(2, TimeUnit.MILLISECONDS);
    private static final byte[] go = ReactEditTextInputConnectionWrapper.NEWLINE_RAW_VALUE.getBytes();
    private final TokenManagement as;
    private final String mPackageName;

    /* JADX INFO: Access modifiers changed from: package-private */
    public InProcessAdpAuthenticationMethod(Context context, String str, String str2, AuthenticationType authenticationType) {
        super(context, str, authenticationType);
        this.as = (TokenManagement) this.o.getSystemService("dcp_token_mangement");
        this.mPackageName = str2;
    }

    private byte[] a(Uri uri, String str, byte[] bArr, String str2, String str3) {
        String encodedPath;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            if (str == null) {
                im.e(TAG, "No verb specified. Cannot create corpus");
                return null;
            }
            if (uri == null) {
                encodedPath = null;
            } else if ("BustedIdentityADPAuthenticator".equals(this.fV)) {
                encodedPath = uri.toString();
            } else {
                encodedPath = uri.getEncodedPath();
                if (encodedPath == null) {
                    encodedPath = "";
                }
                if (!encodedPath.startsWith("/")) {
                    encodedPath = "/".concat(String.valueOf(encodedPath));
                }
                String encodedQuery = uri.getEncodedQuery();
                if (!TextUtils.isEmpty(encodedQuery)) {
                    encodedPath = encodedPath + "?" + encodedQuery;
                }
            }
            if (encodedPath == null) {
                im.e(TAG, "No path specified. Cannot create corpus");
                return null;
            }
            if ("BustedIdentityADPAuthenticator".equals(this.fV)) {
                bArr = new byte[0];
            } else if (bArr == null) {
                bArr = new byte[0];
            }
            if (str3 == null) {
                im.e(TAG, "Unable to retrieve ADP token for given account. Cannot generate corpus.");
                return null;
            }
            byteArrayOutputStream.write(str.getBytes());
            byteArrayOutputStream.write(go);
            byteArrayOutputStream.write(encodedPath.getBytes());
            byteArrayOutputStream.write(go);
            byteArrayOutputStream.write(str2.getBytes());
            byteArrayOutputStream.write(go);
            byteArrayOutputStream.write(bArr);
            byteArrayOutputStream.write(go);
            byteArrayOutputStream.write(str3.getBytes());
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            im.c(TAG, "Could not construct a corpus because an IOException occured", e);
            return null;
        }
    }

    @SuppressLint({"GetInstance"})
    private static byte[] a(byte[] bArr, PrivateKey privateKey) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, privateKey);
            cipher.update(digest);
            return cipher.doFinal();
        } catch (InvalidKeyException e) {
            im.e(TAG, "Signing request with old auth failed because of InvalidKeyException: " + e.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e2) {
            im.e(TAG, "Signing request with old auth failed because of NoSuchAlgorithmException: " + e2.getMessage());
            return null;
        } catch (BadPaddingException e3) {
            im.e(TAG, "Signing request with old auth failed because of BadPaddingException: " + e3.getMessage());
            return null;
        } catch (IllegalBlockSizeException e4) {
            im.e(TAG, "Signing request with old auth failed because of IllegalBlockSizeException: " + e4.getMessage());
            return null;
        } catch (NoSuchPaddingException e5) {
            im.e(TAG, "Signing request with old auth failed because of NoSuchPaddingException: " + e5.getMessage());
            return null;
        }
    }

    private byte[] b(byte[] bArr, PrivateKey privateKey) {
        try {
            Signature signature = Signature.getInstance("SHA256WithRSA");
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            im.c(TAG, "Request signing failed because it was given an invalid key", e);
            return null;
        } catch (NoSuchAlgorithmException e2) {
            im.c(TAG, "Request signing failed because of No such algorithm found.", e2);
            return null;
        } catch (SignatureException e3) {
            im.c(TAG, "Request signing failed because there was a problem with the signature", e3);
            return null;
        }
    }

    private boolean bf() {
        return AuthenticationType.DeviceAuthenticator.getValue().equals(this.fV);
    }

    private Bundle getOptions() {
        Bundle bundle = new Bundle();
        bundle.putBoolean("ignore.platform.restrictions", true);
        return bundle;
    }

    private PrivateKey getPrivateKey() throws BackwardsCompatiableDataStorage.BackwardsCompatibleDataStorageException {
        try {
            return ij.getPrivateKey(this.as.getValue(this.bM, TokenKeys.getPrivateKeyKeyForPackage(this.mPackageName), getOptions(), aq));
        } catch (MAPCallbackErrorException e) {
            Bundle errorBundle = e.getErrorBundle();
            Bundle bundle = errorBundle.getBundle("com.amazon.identity.mobi.account.recover.context");
            if (bundle != null) {
                im.e(TAG, "Getting private key failed because of BackwardsCompatibleDataStorageException");
                throw new BackwardsCompatiableDataStorage.BackwardsCompatibleDataStorageException(fl.B(bundle));
            }
            im.e(TAG, "Getting private key failed because of callback error. Error Bundle: " + hu.J(errorBundle));
            return null;
        } catch (InterruptedException e2) {
            im.e(TAG, "Getting private key failed because of InterruptedException: " + e2.getMessage());
            return null;
        } catch (InvalidKeySpecException e3) {
            im.c(TAG, "Could not sign request because there was an invalid key", e3);
            return null;
        } catch (ExecutionException e4) {
            im.e(TAG, "Getting private key failed because of ExecutionException: " + e4.getMessage());
            return null;
        } catch (TimeoutException e5) {
            im.e(TAG, "Getting private key failed because of TimeoutException: " + e5.getMessage());
            return null;
        }
    }

    String a(byte[] bArr) throws BackwardsCompatiableDataStorage.BackwardsCompatibleDataStorageException {
        PrivateKey privateKey = getPrivateKey();
        if (privateKey == null) {
            return null;
        }
        byte[] a = bf() ? a(bArr, privateKey) : b(bArr, privateKey);
        if (a != null) {
            return new String(Base64.encode(a, 2));
        }
        return null;
    }

    @Override // com.amazon.identity.auth.device.api.AuthenticationMethod
    protected MAPFuture<Bundle> getAuthenticationBundle(Uri uri, String str, Map map, byte[] bArr, bl blVar) throws IOException {
        String str2;
        try {
            String value = this.as.getValue(this.bM, TokenKeys.getAdpTokenKeyForPackage(this.mPackageName), getOptions(), aq);
            if (value == null) {
                AuthenticationMethod.a(blVar, 2, "Unable to sign request. Could not retrieve ADP token for account", null);
                im.e(TAG, "Unable to sign request. Could not retrieve ADP token for account");
            } else {
                String currentTimestamp = getCurrentTimestamp();
                byte[] a = a(uri, str, bArr, currentTimestamp, value);
                if (a == null || currentTimestamp == null) {
                    im.e(TAG, "Could not sign request because we were unable to create a corpus");
                    str2 = null;
                } else {
                    String a2 = a(a);
                    str2 = a2 == null ? null : String.format("%s:%s", a2, currentTimestamp);
                }
                if (str2 == null) {
                    AuthenticationMethod.a(blVar, 3, "Unable to sign request. Could not generate ADP signature. Please check provided parameters.", null);
                    im.e(TAG, "Unable to sign request. Could not generate ADP signature.");
                } else {
                    Bundle bundle = new Bundle();
                    jn.b(bundle, bf() ? "X-ADP-Request-Digest" : "x-adp-signature", str2);
                    jn.b(bundle, bf() ? "X-ADP-Authentication-Token" : "x-adp-token", value);
                    String str3 = bf() ? null : "x-adp-alg";
                    if (str3 != null) {
                        jn.b(bundle, str3, bf() ? null : "SHA256WithRSA:1.0");
                    }
                    if (blVar != null) {
                        blVar.onSuccess(bundle);
                    }
                }
            }
        } catch (MAPCallbackErrorException e) {
            Bundle errorBundle = e.getErrorBundle();
            fl a3 = fl.a(e);
            if (a3 != null) {
                im.e(TAG, "Getting ADP token failed and return recover bundle");
                AuthenticationMethod.a(blVar, 6, "Getting ADP Token failed because of callback error. Error Bundle: " + hu.J(errorBundle), a3.eB());
                throw new AuthenticatedURLConnection.AccountNeedsRecoveryException("Database is corrupted", a3.toBundle());
            }
            AuthenticationMethod.a(blVar, 6, "Getting ADP Token failed because of callback error. Error Bundle: " + hu.J(errorBundle), null);
            im.e(TAG, "Getting ADP Token failed because of callback error. Error Bundle: " + hu.J(errorBundle));
        } catch (BackwardsCompatiableDataStorage.BackwardsCompatibleDataStorageException e2) {
            fl eD = e2.eD();
            if (eD != null) {
                im.e(TAG, "Getting ADP token failed. Return recover bundle");
                AuthenticationMethod.a(blVar, 6, "Getting ADP Token failed bacause of BackwardsCompatibleDataStorageException", eD.eB());
            }
            im.e(TAG, "Getting ADP Token failed because of BackwardsCompatibleDataStorageException.");
        } catch (InterruptedException e3) {
            Thread.currentThread().interrupt();
            AuthenticationMethod.a(blVar, 6, "Getting ADP Token failed because of InterruptedException. This can happen if the caller kills the thread or asnc task that is calling MAP's api. Exception message: " + e3.getMessage(), null);
            im.c(TAG, "Getting ADP Token failed because of InterruptedException. This can happen if the caller kills the thread or asnc task that is calling MAP's api. Exception message: " + e3.getMessage(), e3);
        } catch (ExecutionException e4) {
            AuthenticationMethod.a(blVar, 6, "Getting ADP Token failed because of ExecutionException. This can happen when the thread or task was aborted. Exception message: " + e4.getMessage(), null);
            im.c(TAG, "Getting ADP Token failed because of ExecutionException. This can happen when the thread or task was aborted. Exception message: " + e4.getMessage(), e4);
        } catch (TimeoutException e5) {
            AuthenticationMethod.a(blVar, 6, "Getting ADP Token failed because of TimeoutException. This happens when the timeout passed into the future object occurs. Exception message: " + e5.getMessage(), null);
            im.c(TAG, "Getting ADP Token failed because of TimeoutException. This happens when the timeout passed into the future object occurs. Exception message: " + e5.getMessage(), e5);
        }
        return blVar;
    }

    protected String getCurrentTimestamp() {
        return new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'", Locale.US).format(new Date());
    }
}
