package com.microsoft.identity.common.a.a;

import android.util.Base64;
import com.facebook.stetho.common.Utf8Charset;
import com.microsoft.identity.common.c.e.g;
import e.d.d.q;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;

/* loaded from: classes2.dex */
public class d {

    /* loaded from: classes2.dex */
    final class a {

        /* renamed from: a, reason: collision with root package name */
        @e.d.d.a.c("aud")
        private String f11615a;

        /* renamed from: b, reason: collision with root package name */
        @e.d.d.a.c("iat")
        private long f11616b;

        /* renamed from: c, reason: collision with root package name */
        @e.d.d.a.c("nonce")
        private String f11617c;

        private a() {
        }
    }

    /* loaded from: classes2.dex */
    final class b {

        /* renamed from: a, reason: collision with root package name */
        @e.d.d.a.c("alg")
        private String f11620a;

        /* renamed from: b, reason: collision with root package name */
        @e.d.d.a.c("typ")
        private String f11621b;

        /* renamed from: c, reason: collision with root package name */
        @e.d.d.a.c("x5c")
        private String[] f11622c;

        private b() {
        }
    }

    private static String a(RSAPrivateKey rSAPrivateKey, byte[] bArr) throws com.microsoft.identity.common.b.c {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(rSAPrivateKey);
            signature.update(bArr);
            return com.microsoft.identity.common.a.a.d.c.a(signature.sign());
        } catch (UnsupportedEncodingException e2) {
            throw new com.microsoft.identity.common.b.c("unsupported_encoding", "Unsupported encoding", e2);
        } catch (InvalidKeyException e3) {
            throw new com.microsoft.identity.common.b.c("Key Chain private key exception", "Invalid private RSA key: " + e3.getMessage(), e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new com.microsoft.identity.common.b.c("no_such_algorithm", "Unsupported RSA algorithm: " + e4.getMessage(), e4);
        } catch (SignatureException e5) {
            throw new com.microsoft.identity.common.b.c("Signature exception", "RSA signature exception: " + e5.getMessage(), e5);
        }
    }

    public String a(String str, String str2, RSAPrivateKey rSAPrivateKey, RSAPublicKey rSAPublicKey, X509Certificate x509Certificate) throws com.microsoft.identity.common.b.c {
        if (com.microsoft.identity.common.a.a.d.c.c(str)) {
            throw new IllegalArgumentException("nonce");
        }
        if (com.microsoft.identity.common.a.a.d.c.c(str2)) {
            throw new IllegalArgumentException("audience");
        }
        if (rSAPrivateKey == null) {
            throw new IllegalArgumentException("privateKey");
        }
        if (rSAPublicKey == null) {
            throw new IllegalArgumentException("pubKey");
        }
        q qVar = new q();
        a aVar = new a();
        aVar.f11617c = str;
        aVar.f11615a = str2;
        aVar.f11616b = System.currentTimeMillis() / 1000;
        b bVar = new b();
        bVar.f11620a = "RS256";
        bVar.f11621b = "JWT";
        try {
            bVar.f11622c = new String[1];
            bVar.f11622c[0] = new String(Base64.encode(x509Certificate.getEncoded(), 2), Utf8Charset.NAME);
            String a2 = qVar.a(bVar);
            String a3 = qVar.a(aVar);
            g.c("JWSBuilder:generateSignedJWT", "Generate client certificate challenge response JWS Header. ");
            String str3 = com.microsoft.identity.common.a.a.d.c.a(a2.getBytes(Utf8Charset.NAME)) + "." + com.microsoft.identity.common.a.a.d.c.a(a3.getBytes(Utf8Charset.NAME));
            return str3 + "." + a(rSAPrivateKey, str3.getBytes(Utf8Charset.NAME));
        } catch (UnsupportedEncodingException e2) {
            throw new com.microsoft.identity.common.b.c("unsupported_encoding", "Unsupported encoding", e2);
        } catch (CertificateEncodingException e3) {
            throw new com.microsoft.identity.common.b.c("Certificate encoding is not generated", "Certificate encoding error", e3);
        }
    }
}
