package com.amazon.identity.kcpsdk.auth;

import android.util.Base64;
import com.amazon.identity.auth.device.framework.AmazonKeyStoreCaller;
import com.amazon.identity.auth.device.framework.Tracer;
import com.amazon.identity.auth.device.utils.KeyFactoryUtils;
import com.amazon.identity.auth.device.utils.MAPLog;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.X509EncodedKeySpec;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public final class AmazonJwtSigner extends JwtSigner {

    /* renamed from: f, reason: collision with root package name */
    private static final String f4106f = "com.amazon.identity.kcpsdk.auth.AmazonJwtSigner";
    private final Object b;

    /* renamed from: c, reason: collision with root package name */
    private final String f4107c;

    /* renamed from: d, reason: collision with root package name */
    private final String f4108d;

    /* renamed from: e, reason: collision with root package name */
    private final String f4109e;

    public AmazonJwtSigner(Object obj) {
        this.b = obj;
        try {
            byte[] bArr = (byte[]) obj.getClass().getMethod("getPubkey", new Class[0]).invoke(obj, new Object[0]);
            if (bArr == null) {
                AmazonJWTHelper.e("NoKeyAvailable");
                throw new UnsupportedOperationException("AmazonKeyStore returned null public key");
            }
            try {
                RSAPublicKey rSAPublicKey = (RSAPublicKey) KeyFactoryUtils.a("RSA").generatePublic(new X509EncodedKeySpec(bArr));
                byte[] byteArray = rSAPublicKey.getModulus().toByteArray();
                int length = byteArray.length;
                if (length != 256) {
                    byte[] bArr2 = new byte[256];
                    if (byteArray[0] == 0) {
                        System.arraycopy(byteArray, 1, bArr2, (256 - length) + 1, length - 1);
                    } else {
                        System.arraycopy(byteArray, 0, bArr2, 256 - length, length);
                    }
                    byteArray = bArr2;
                }
                byte[] bArr3 = new byte[32];
                System.arraycopy(bArr, bArr.length - 32, bArr3, 0, 32);
                this.f4108d = Base64.encodeToString(bArr3, 10);
                this.f4109e = Base64.encodeToString(byteArray, 10);
                this.f4107c = rSAPublicKey.getPublicExponent().toString();
            } catch (Exception e2) {
                AmazonJWTHelper.e(e2.getClass().getSimpleName());
                throw new UnsupportedOperationException(e2);
            }
        } catch (Exception e3) {
            AmazonJWTHelper.e(e3.getClass().getSimpleName());
            throw new UnsupportedOperationException(e3);
        }
    }

    public static AmazonJwtSigner f(Tracer tracer) {
        Object d2 = AmazonKeyStoreCaller.d(tracer);
        if (d2 == null) {
            AmazonJWTHelper.e("NoKeyStore");
            return null;
        }
        try {
            return new AmazonJwtSigner(d2);
        } catch (Exception e2) {
            MAPLog.o(f4106f, "Failed to construct AmazonJwtSigner", e2);
            return null;
        }
    }

    @Override // com.amazon.identity.kcpsdk.auth.JwtSigner
    void a(JSONObject jSONObject) throws JSONException {
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("kty", "RSA");
        jSONObject2.put("n", this.f4109e);
        jSONObject2.put("e", this.f4107c);
        jSONObject2.put("mac", this.f4108d);
        jSONObject.put("alg", "PS256");
        jSONObject.put("jwk", jSONObject2);
    }

    @Override // com.amazon.identity.kcpsdk.auth.JwtSigner
    byte[] d(byte[] bArr) {
        try {
            try {
                byte[] bArr2 = (byte[]) this.b.getClass().getMethod("sign", byte[].class).invoke(this.b, MessageDigest.getInstance("SHA-256").digest(bArr));
                if (bArr2 != null) {
                    return bArr2;
                }
                AmazonJWTHelper.e("NullSignature");
                throw new UnsupportedOperationException("AmazonKeyStore returned null signature");
            } catch (Exception e2) {
                AmazonJWTHelper.e(e2.getClass().getSimpleName());
                throw new UnsupportedOperationException(e2);
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new UnsupportedOperationException(e3);
        }
    }
}
