package com.amazon.identity.kcpsdk.auth;

import android.util.Base64;
import com.amazon.identity.auth.device.framework.AmazonKeyStoreCaller;
import com.amazon.identity.auth.device.framework.Tracer;
import com.amazon.identity.auth.device.utils.KeyFactoryUtils;
import com.amazon.identity.auth.device.utils.MAPLog;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.X509EncodedKeySpec;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public final class AmazonJwtSigner extends JwtSigner {

    /* renamed from: a, reason: collision with root package name */
    private static final String f4136a = AmazonJwtSigner.class.getName();

    /* renamed from: b, reason: collision with root package name */
    private final Object f4137b;

    /* renamed from: c, reason: collision with root package name */
    private final String f4138c;
    private final String d;
    private final String e;

    public AmazonJwtSigner(Object obj) {
        byte[] bArr;
        this.f4137b = obj;
        try {
            byte[] bArr2 = (byte[]) this.f4137b.getClass().getMethod("getPubkey", new Class[0]).invoke(this.f4137b, new Object[0]);
            if (bArr2 == null) {
                AmazonJWTHelper.a("NoKeyAvailable");
                throw new UnsupportedOperationException("AmazonKeyStore returned null public key");
            }
            try {
                RSAPublicKey rSAPublicKey = (RSAPublicKey) KeyFactoryUtils.a("RSA").generatePublic(new X509EncodedKeySpec(bArr2));
                byte[] byteArray = rSAPublicKey.getModulus().toByteArray();
                int length = byteArray.length;
                if (length == 256) {
                    bArr = byteArray;
                } else {
                    bArr = new byte[256];
                    if (byteArray[0] == 0) {
                        System.arraycopy(byteArray, 1, bArr, (256 - length) + 1, length - 1);
                    } else {
                        System.arraycopy(byteArray, 0, bArr, 256 - length, length);
                    }
                }
                byte[] bArr3 = new byte[32];
                System.arraycopy(bArr2, bArr2.length - 32, bArr3, 0, 32);
                this.d = Base64.encodeToString(bArr3, 10);
                this.e = Base64.encodeToString(bArr, 10);
                this.f4138c = rSAPublicKey.getPublicExponent().toString();
            } catch (Exception e) {
                AmazonJWTHelper.a(e.getClass().getSimpleName());
                throw new UnsupportedOperationException(e);
            }
        } catch (Exception e2) {
            AmazonJWTHelper.a(e2.getClass().getSimpleName());
            throw new UnsupportedOperationException(e2);
        }
    }

    public static AmazonJwtSigner a(Tracer tracer) {
        Object b2 = AmazonKeyStoreCaller.b(tracer);
        if (b2 == null) {
            AmazonJWTHelper.a("NoKeyStore");
            return null;
        }
        try {
            return new AmazonJwtSigner(b2);
        } catch (Exception e) {
            MAPLog.c(f4136a, "Failed to construct AmazonJwtSigner", e);
            return null;
        }
    }

    @Override // com.amazon.identity.kcpsdk.auth.JwtSigner
    void a(JSONObject jSONObject) throws JSONException {
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("kty", "RSA");
        jSONObject2.put("n", this.e);
        jSONObject2.put("e", this.f4138c);
        jSONObject2.put("mac", this.d);
        jSONObject.put("alg", "PS256");
        jSONObject.put("jwk", jSONObject2);
    }

    @Override // com.amazon.identity.kcpsdk.auth.JwtSigner
    byte[] a(byte[] bArr) {
        try {
            try {
                byte[] bArr2 = (byte[]) this.f4137b.getClass().getMethod("sign", byte[].class).invoke(this.f4137b, MessageDigest.getInstance("SHA-256").digest(bArr));
                if (bArr2 != null) {
                    return bArr2;
                }
                AmazonJWTHelper.a("NullSignature");
                throw new UnsupportedOperationException("AmazonKeyStore returned null signature");
            } catch (Exception e) {
                AmazonJWTHelper.a(e.getClass().getSimpleName());
                throw new UnsupportedOperationException(e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new UnsupportedOperationException(e2);
        }
    }
}
