package com.oracle.iot.client.impl.device.mqtt;

import com.oracle.iot.client.impl.util.Base64;
import com.oracle.iot.client.trust.TrustException;
import com.oracle.iot.client.trust.TrustedAssetsManager;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;

/* loaded from: classes.dex */
final class MqttCredentials {
    private static final String DEFAULT_MESSAGE_DIGEST_ALGORITHM = "HmacSHA256";
    private static final long EXP_CLAIM_DELTA = 900000;
    private static final Charset UTF_8 = Charset.forName("UTF-8");

    private MqttCredentials() {
    }

    private static String buildClientAssertion(TrustedAssetsManager trustedAssetsManager) throws GeneralSecurityException {
        String endpointId;
        boolean z;
        if (trustedAssetsManager.isActivated()) {
            endpointId = trustedAssetsManager.getEndpointId();
            z = false;
        } else {
            endpointId = trustedAssetsManager.getClientId();
            z = true;
        }
        return buildClientAssertion(trustedAssetsManager, endpointId, z);
    }

    private static String buildClientAssertion(TrustedAssetsManager trustedAssetsManager, String str, boolean z) throws GeneralSecurityException {
        long currentTimeMillis = (System.currentTimeMillis() + EXP_CLAIM_DELTA) / 1000;
        String str2 = "{\"typ\":\"JWT\",\"alg\":\"" + (z ? "HS256" : "RS256") + "\"}";
        StringBuilder sb = new StringBuilder();
        sb.append(Base64.getUrlEncoder().encodeToString(str2.getBytes(UTF_8)));
        sb.append(".");
        sb.append(Base64.getUrlEncoder().encodeToString(("{\"iss\":\"" + str + "\", \"sub\":\"" + str + "\", \"aud\":\"oracle/iot/oauth2/token\", \"exp\":" + currentTimeMillis + "}").getBytes(UTF_8)));
        byte[] bytes = sb.toString().getBytes(UTF_8);
        try {
            String encodeToString = Base64.getUrlEncoder().encodeToString(z ? trustedAssetsManager.signWithSharedSecret(bytes, DEFAULT_MESSAGE_DIGEST_ALGORITHM, null) : trustedAssetsManager.signWithPrivateKey(bytes, "SHA256withRSA"));
            sb.append(".");
            sb.append(encodeToString);
            return sb.toString();
        } catch (TrustException e) {
            throw new GeneralSecurityException(e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static char[] getClientAssertionCredentials(TrustedAssetsManager trustedAssetsManager) throws GeneralSecurityException {
        return buildClientAssertion(trustedAssetsManager).toCharArray();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static char[] getClientAssertionCredentials(TrustedAssetsManager trustedAssetsManager, String str, boolean z) throws GeneralSecurityException {
        return buildClientAssertion(trustedAssetsManager, str, z).toCharArray();
    }
}
