package defpackage;

import android.annotation.SuppressLint;
import android.content.Context;
import android.net.Uri;
import android.os.Bundle;
import android.text.TextUtils;
import android.util.Base64;
import defpackage.pz;
import defpackage.vs;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Locale;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class ql extends qa implements pv {
    static final String f = ql.class.getName();
    private static final long g = yj.b(2, TimeUnit.MILLISECONDS);
    private static final byte[] h = "\n".getBytes();
    private final qy i;
    private final String j;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ql(Context context, String str, String str2, qc qcVar) {
        super(context, str, qcVar);
        this.i = (qy) this.b.getSystemService("dcp_token_mangement");
        this.j = str2;
    }

    private PrivateKey a() throws vs.a {
        try {
            return zk.a(this.i.a(this.c, wt.a(this.j, "com.amazon.dcp.sso.token.device.privatekey"), c(), g));
        } catch (InterruptedException e) {
            zn.c(f, "Getting private key failed because of InterruptedException: " + e.getMessage());
            return null;
        } catch (InvalidKeySpecException e2) {
            zn.c(f, "Could not sign request because there was an invalid key", e2);
            return null;
        } catch (ExecutionException e3) {
            zn.c(f, "Getting private key failed because of ExecutionException: " + e3.getMessage());
            return null;
        } catch (TimeoutException e4) {
            zn.c(f, "Getting private key failed because of TimeoutException: " + e4.getMessage());
            return null;
        } catch (qr e5) {
            Bundle a = e5.a();
            Bundle bundle = a.getBundle("com.amazon.identity.mobi.account.recover.context");
            if (bundle != null) {
                zn.c(f, "Getting private key failed because of BackwardsCompatibleDataStorageException");
                throw new vs.a(vo.a(bundle));
            }
            zn.c(f, "Getting private key failed because of callback error. Error Bundle: " + yx.c(a));
            return null;
        }
    }

    private byte[] a(Uri uri, String str, byte[] bArr, String str2, String str3) {
        String encodedPath;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            if (str == null) {
                zn.c(f, "No verb specified. Cannot create corpus");
                return null;
            }
            if (uri == null) {
                encodedPath = null;
            } else if ("BustedIdentityADPAuthenticator".equals(this.d)) {
                encodedPath = uri.toString();
            } else {
                encodedPath = uri.getEncodedPath();
                if (encodedPath == null) {
                    encodedPath = "";
                }
                if (!encodedPath.startsWith("/")) {
                    encodedPath = "/" + encodedPath;
                }
                String encodedQuery = uri.getEncodedQuery();
                if (!TextUtils.isEmpty(encodedQuery)) {
                    encodedPath = encodedPath + "?" + encodedQuery;
                }
            }
            if (encodedPath == null) {
                zn.c(f, "No path specified. Cannot create corpus");
                return null;
            }
            if ("BustedIdentityADPAuthenticator".equals(this.d)) {
                bArr = new byte[0];
            } else if (bArr == null) {
                bArr = new byte[0];
            }
            if (str3 == null) {
                zn.c(f, "Unable to retrieve ADP token for given account. Cannot generate corpus.");
                return null;
            }
            byteArrayOutputStream.write(str.getBytes());
            byteArrayOutputStream.write(h);
            byteArrayOutputStream.write(encodedPath.getBytes());
            byteArrayOutputStream.write(h);
            byteArrayOutputStream.write(str2.getBytes());
            byteArrayOutputStream.write(h);
            byteArrayOutputStream.write(bArr);
            byteArrayOutputStream.write(h);
            byteArrayOutputStream.write(str3.getBytes());
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            zn.c(f, "Could not construct a corpus because an IOException occured", e);
            return null;
        }
    }

    @SuppressLint({"GetInstance"})
    private static byte[] a(byte[] bArr, PrivateKey privateKey) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, privateKey);
            cipher.update(digest);
            return cipher.doFinal();
        } catch (InvalidKeyException e) {
            zn.c(f, "Signing request with old auth failed because of InvalidKeyException: " + e.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e2) {
            zn.c(f, "Signing request with old auth failed because of NoSuchAlgorithmException: " + e2.getMessage());
            return null;
        } catch (BadPaddingException e3) {
            zn.c(f, "Signing request with old auth failed because of BadPaddingException: " + e3.getMessage());
            return null;
        } catch (IllegalBlockSizeException e4) {
            zn.c(f, "Signing request with old auth failed because of IllegalBlockSizeException: " + e4.getMessage());
            return null;
        } catch (NoSuchPaddingException e5) {
            zn.c(f, "Signing request with old auth failed because of NoSuchPaddingException: " + e5.getMessage());
            return null;
        }
    }

    private boolean b() {
        return qc.DeviceAuthenticator.e.equals(this.d);
    }

    private static byte[] b(byte[] bArr, PrivateKey privateKey) {
        try {
            Signature signature = Signature.getInstance("SHA256WithRSA");
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            zn.c(f, "Request signing failed because it was given an invalid key", e);
            return null;
        } catch (NoSuchAlgorithmException e2) {
            zn.c(f, "Request signing failed because of No such algorithm found.", e2);
            return null;
        } catch (SignatureException e3) {
            zn.c(f, "Request signing failed because there was a problem with the signature", e3);
            return null;
        }
    }

    private static Bundle c() {
        Bundle bundle = new Bundle();
        bundle.putBoolean("ignore.platform.restrictions", true);
        return bundle;
    }

    final String a(byte[] bArr) throws vs.a {
        PrivateKey a = a();
        if (a == null) {
            return null;
        }
        byte[] a2 = b() ? a(bArr, a) : b(bArr, a);
        if (a2 != null) {
            return new String(Base64.encode(a2, 2));
        }
        return null;
    }

    @Override // defpackage.qa
    protected final qs<Bundle> a(Uri uri, String str, Map map, byte[] bArr, rm rmVar) throws IOException {
        String str2;
        try {
            String a = this.i.a(this.c, wt.a(this.j, "com.amazon.dcp.sso.token.device.adptoken"), c(), g);
            if (a == null) {
                qa.a(rmVar, 2, "Unable to sign request. Could not retrieve ADP token for account", null);
                zn.c(f, "Unable to sign request. Could not retrieve ADP token for account");
            } else {
                String format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'", Locale.US).format(new Date());
                byte[] a2 = a(uri, str, bArr, format, a);
                if (a2 == null || format == null) {
                    zn.c(f, "Could not sign request because we were unable to create a corpus");
                    str2 = null;
                } else {
                    String a3 = a(a2);
                    str2 = a3 == null ? null : String.format("%s:%s", a3, format);
                }
                if (str2 == null) {
                    qa.a(rmVar, 3, "Unable to sign request. Could not generate ADP signature. Please check provided parameters.", null);
                    zn.c(f, "Unable to sign request. Could not generate ADP signature.");
                } else {
                    Bundle bundle = new Bundle();
                    zp.a(bundle, b() ? "X-ADP-Request-Digest" : "x-adp-signature", str2);
                    zp.a(bundle, b() ? "X-ADP-Authentication-Token" : "x-adp-token", a);
                    String str3 = b() ? null : "x-adp-alg";
                    if (str3 != null) {
                        zp.a(bundle, str3, b() ? null : "SHA256WithRSA:1.0");
                    }
                    rmVar.a(bundle);
                }
            }
        } catch (InterruptedException e) {
            Thread.currentThread().interrupt();
            qa.a(rmVar, 6, "Getting ADP Token failed because of InterruptedException. This can happen if the caller kills the thread or asnc task that is calling MAP's api. Exception message: " + e.getMessage(), null);
            zn.c(f, "Getting ADP Token failed because of InterruptedException. This can happen if the caller kills the thread or asnc task that is calling MAP's api. Exception message: " + e.getMessage(), e);
        } catch (ExecutionException e2) {
            qa.a(rmVar, 6, "Getting ADP Token failed because of ExecutionException. This can happen when the thread or task was aborted. Exception message: " + e2.getMessage(), null);
            zn.c(f, "Getting ADP Token failed because of ExecutionException. This can happen when the thread or task was aborted. Exception message: " + e2.getMessage(), e2);
        } catch (TimeoutException e3) {
            qa.a(rmVar, 6, "Getting ADP Token failed because of TimeoutException. This happens when the timeout passed into the future object occurs. Exception message: " + e3.getMessage(), null);
            zn.c(f, "Getting ADP Token failed because of TimeoutException. This happens when the timeout passed into the future object occurs. Exception message: " + e3.getMessage(), e3);
        } catch (qr e4) {
            Bundle a4 = e4.a();
            vo a5 = vo.a(e4);
            if (a5 != null) {
                zn.c(f, "Getting ADP token failed and return recover bundle");
                qa.a(rmVar, 6, "Getting ADP Token failed because of callback error. Error Bundle: " + yx.c(a4), a5.c());
                throw new pz.a("Database is corrupted", a5.b());
            }
            qa.a(rmVar, 6, "Getting ADP Token failed because of callback error. Error Bundle: " + yx.c(a4), null);
            zn.c(f, "Getting ADP Token failed because of callback error. Error Bundle: " + yx.c(a4));
        } catch (vs.a e5) {
            vo voVar = e5.a;
            if (voVar != null) {
                zn.c(f, "Getting ADP token failed. Return recover bundle");
                qa.a(rmVar, 6, "Getting ADP Token failed bacause of BackwardsCompatibleDataStorageException", voVar.c());
            }
            zn.c(f, "Getting ADP Token failed because of BackwardsCompatibleDataStorageException.");
        }
        return rmVar;
    }

    @Override // defpackage.pv
    public final qs<Bundle> a(final byte[] bArr, Bundle bundle) {
        final rm rmVar = new rm(null);
        if (bArr == null) {
            xq.a(rmVar, f);
        } else if (TextUtils.isEmpty(this.c) || !this.a.a(this.c)) {
            xq.a(rmVar, 2, "The account is not valid or no longer registered.");
        } else {
            this.i.a(this.c, wt.a(this.j, "com.amazon.dcp.sso.token.device.adptoken"), c(), new qd() { // from class: ql.1
                @Override // defpackage.qd
                public final void a(Bundle bundle2) {
                    String str;
                    String string = bundle2.getString("value_key");
                    try {
                        str = ql.this.a(bArr);
                    } catch (vs.a e) {
                        vo voVar = e.a;
                        if (voVar != null) {
                            xq.a(rmVar, "The account db is corrupted", voVar.c());
                            return;
                        }
                        str = null;
                    }
                    if (string == null || str == null) {
                        xq.a(rmVar, 2, "The account is not valid or no longer registered.");
                        return;
                    }
                    Bundle bundle3 = new Bundle();
                    bundle3.putString("adp_signature", str);
                    bundle3.putString("adp_token", string);
                    rmVar.a(bundle3);
                }

                @Override // defpackage.qd
                public final void b(Bundle bundle2) {
                    zn.c(ql.f, "Unknown error during signCorpus execution.");
                    xq.a(rmVar, "Unknown error during signCorpus execution.", bundle2);
                }
            });
        }
        return rmVar;
    }
}
