package com.microsoft.aad.adal;

import android.util.Base64;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes5.dex */
public class la implements fa {

    /* renamed from: a, reason: collision with root package name */
    private static final long f48148a = 1000;

    /* renamed from: b, reason: collision with root package name */
    private static final String f48149b = "RS256";

    /* renamed from: c, reason: collision with root package name */
    private static final String f48150c = "SHA256withRSA";

    /* renamed from: d, reason: collision with root package name */
    private static final String f48151d = "JWSBuilder";

    /* loaded from: classes5.dex */
    class a {

        /* renamed from: a, reason: collision with root package name */
        @com.google.gson.a.c("aud")
        protected String f48152a;

        /* renamed from: b, reason: collision with root package name */
        @com.google.gson.a.c("iat")
        protected long f48153b;

        /* renamed from: c, reason: collision with root package name */
        @com.google.gson.a.c("nonce")
        protected String f48154c;

        a() {
        }
    }

    /* loaded from: classes5.dex */
    class b {

        /* renamed from: a, reason: collision with root package name */
        @com.google.gson.a.c("alg")
        protected String f48156a;

        /* renamed from: b, reason: collision with root package name */
        @com.google.gson.a.c("typ")
        protected String f48157b;

        /* renamed from: c, reason: collision with root package name */
        @com.google.gson.a.c("x5c")
        protected String[] f48158c;

        b() {
        }
    }

    private static String a(RSAPrivateKey rSAPrivateKey, byte[] bArr) {
        try {
            Signature signature = Signature.getInstance(f48150c);
            signature.initSign(rSAPrivateKey);
            signature.update(bArr);
            return ua.a(signature.sign());
        } catch (UnsupportedEncodingException unused) {
            throw new AuthenticationException(EnumC3709a.ENCODING_IS_NOT_SUPPORTED);
        } catch (InvalidKeyException e2) {
            throw new AuthenticationException(EnumC3709a.KEY_CHAIN_PRIVATE_KEY_EXCEPTION, "Invalid private RSA key: " + e2.getMessage(), e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new AuthenticationException(EnumC3709a.DEVICE_NO_SUCH_ALGORITHM, "Unsupported RSA algorithm: " + e3.getMessage(), e3);
        } catch (SignatureException e4) {
            throw new AuthenticationException(EnumC3709a.SIGNATURE_EXCEPTION, "RSA signature exception: " + e4.getMessage(), e4);
        }
    }

    @Override // com.microsoft.aad.adal.fa
    public String a(String str, String str2, RSAPrivateKey rSAPrivateKey, RSAPublicKey rSAPublicKey, X509Certificate x509Certificate) {
        if (ua.a(str)) {
            throw new IllegalArgumentException("nonce");
        }
        if (ua.a(str2)) {
            throw new IllegalArgumentException("audience");
        }
        if (rSAPrivateKey == null) {
            throw new IllegalArgumentException("privateKey");
        }
        if (rSAPublicKey == null) {
            throw new IllegalArgumentException("pubKey");
        }
        com.google.gson.q qVar = new com.google.gson.q();
        a aVar = new a();
        aVar.f48154c = str;
        aVar.f48152a = str2;
        aVar.f48153b = System.currentTimeMillis() / 1000;
        b bVar = new b();
        bVar.f48156a = f48149b;
        bVar.f48157b = "JWT";
        try {
            bVar.f48158c = new String[1];
            bVar.f48158c[0] = new String(Base64.encode(x509Certificate.getEncoded(), 2), "UTF_8");
            String a2 = qVar.a(bVar);
            String a3 = qVar.a(aVar);
            ma.c(f48151d, "Client certificate challange response JWS Header:" + a2);
            String str3 = ua.a(a2.getBytes("UTF_8")) + "." + ua.a(a3.getBytes("UTF_8"));
            return str3 + "." + a(rSAPrivateKey, str3.getBytes("UTF_8"));
        } catch (UnsupportedEncodingException unused) {
            throw new AuthenticationException(EnumC3709a.ENCODING_IS_NOT_SUPPORTED);
        } catch (CertificateEncodingException unused2) {
            throw new AuthenticationException(EnumC3709a.CERTIFICATE_ENCODING_ERROR);
        }
    }
}
