package org.mozilla.gecko.sync.net;

import ch.boye.httpclientandroidlib.Header;
import ch.boye.httpclientandroidlib.HttpEntity;
import ch.boye.httpclientandroidlib.HttpEntityEnclosingRequest;
import ch.boye.httpclientandroidlib.client.methods.HttpRequestBase;
import ch.boye.httpclientandroidlib.message.BasicHeader;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Locale;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.mozilla.apache.commons.codec.binary.Base64;
import org.mozilla.gecko.background.common.log.Logger;
import org.mozilla.gecko.sync.Utils;

/* loaded from: classes.dex */
public class HawkAuthHeaderProvider implements AuthHeaderProvider {
    private static String LOG_TAG = HawkAuthHeaderProvider.class.getSimpleName();
    private String id;
    private boolean includePayloadHash;
    private byte[] key;
    private long skewSeconds;

    public HawkAuthHeaderProvider(String str, byte[] bArr, boolean z, long j) {
        if (str == null) {
            throw new IllegalArgumentException("id must not be null");
        }
        if (bArr == null) {
            throw new IllegalArgumentException("key must not be null");
        }
        this.id = str;
        this.key = bArr;
        this.includePayloadHash = z;
        this.skewSeconds = j;
    }

    private static byte[] getPayloadHash(HttpEntity httpEntity) throws UnsupportedEncodingException, IOException, NoSuchAlgorithmException {
        if (!httpEntity.isRepeatable()) {
            throw new IllegalArgumentException("entity must be repeatable");
        }
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update("hawk.1.payload\n".getBytes("UTF-8"));
        Header contentType = httpEntity.getContentType();
        if (contentType == null) {
            throw new IllegalArgumentException("contentTypeHeader must not be null.");
        }
        String value = contentType.getValue();
        if (value == null) {
            throw new IllegalArgumentException("contentTypeHeader value must not be null.");
        }
        int indexOf = value.indexOf(";");
        messageDigest.update((indexOf < 0 ? value.trim() : value.substring(0, indexOf).trim()).getBytes("UTF-8"));
        messageDigest.update("\n".getBytes("UTF-8"));
        InputStream content = httpEntity.getContent();
        try {
            byte[] bArr = new byte[4096];
            while (true) {
                int read = content.read(bArr);
                if (-1 == read) {
                    messageDigest.update("\n".getBytes("UTF-8"));
                    return messageDigest.digest();
                }
                if (read > 0) {
                    messageDigest.update(bArr, 0, read);
                }
            }
        } finally {
            content.close();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.mozilla.gecko.sync.net.AuthHeaderProvider
    public final Header getAuthHeader$60bc51a8(HttpRequestBase httpRequestBase) throws GeneralSecurityException {
        String str;
        String str2;
        String str3 = null;
        long currentTimeMillis = this.skewSeconds + (System.currentTimeMillis() / 1000);
        String encodeBase64String = Base64.encodeBase64String(Utils.generateRandomBytes(8));
        try {
            boolean z = this.includePayloadHash;
            if (currentTimeMillis < 0) {
                throw new IllegalArgumentException("timestamp must contain only [0-9].");
            }
            if (encodeBase64String == null) {
                throw new IllegalArgumentException("nonce must not be null.");
            }
            if (encodeBase64String.length() == 0) {
                throw new IllegalArgumentException("nonce must not be empty.");
            }
            if (z) {
                if (!(httpRequestBase instanceof HttpEntityEnclosingRequest)) {
                    Logger.debug(LOG_TAG, "Not computing payload verification hash for non-enclosing request.");
                } else {
                    if (!(httpRequestBase instanceof HttpEntityEnclosingRequest)) {
                        throw new IllegalArgumentException("Cannot compute payload verification hash for enclosing request without an entity");
                    }
                    HttpEntity entity = ((HttpEntityEnclosingRequest) httpRequestBase).getEntity();
                    if (entity == null) {
                        throw new IllegalArgumentException("Cannot compute payload verification hash for enclosing request with a null entity");
                    }
                    str3 = Base64.encodeBase64String(getPayloadHash(entity));
                }
                str = str3;
            } else {
                Logger.debug(LOG_TAG, "Configured to not include payload hash for this request.");
                str = null;
            }
            String upperCase = httpRequestBase.getMethod().toUpperCase(Locale.US);
            URI uri = httpRequestBase.getURI();
            String host = uri.getHost();
            String rawPath = uri.getRawPath();
            if (uri.getRawQuery() != null) {
                rawPath = (rawPath + "?") + uri.getRawQuery();
            }
            if (uri.getRawFragment() != null) {
                str2 = (rawPath + "#") + uri.getRawFragment();
            } else {
                str2 = rawPath;
            }
            int port = uri.getPort();
            String scheme = uri.getScheme();
            if (port == -1) {
                if ("http".equalsIgnoreCase(scheme)) {
                    port = 80;
                } else {
                    if (!"https".equalsIgnoreCase(scheme)) {
                        throw new IllegalArgumentException("Unsupported URI scheme: " + scheme + ".");
                    }
                    port = 443;
                }
            }
            StringBuilder sb = new StringBuilder();
            sb.append("hawk.");
            sb.append(1);
            sb.append('.');
            sb.append("header");
            sb.append('\n');
            sb.append(currentTimeMillis);
            sb.append('\n');
            sb.append(encodeBase64String);
            sb.append('\n');
            sb.append(upperCase);
            sb.append('\n');
            sb.append(str2);
            sb.append('\n');
            sb.append(host);
            sb.append('\n');
            sb.append(port);
            sb.append('\n');
            if (str != null) {
                sb.append(str);
            }
            sb.append("\n");
            if ("".length() > 0) {
                sb.append("".replaceAll("\\\\", "\\\\").replaceAll("\n", "\\n"));
            }
            sb.append("\n");
            byte[] bytes = sb.toString().getBytes("UTF-8");
            SecretKeySpec secretKeySpec = new SecretKeySpec(this.key, "hmacSHA256");
            Mac mac = Mac.getInstance("hmacSHA256");
            mac.init(secretKeySpec);
            mac.update(bytes);
            String encodeBase64String2 = Base64.encodeBase64String(mac.doFinal());
            StringBuilder sb2 = new StringBuilder();
            sb2.append("Hawk id=\"");
            sb2.append(this.id);
            sb2.append("\", ");
            sb2.append("ts=\"");
            sb2.append(currentTimeMillis);
            sb2.append("\", ");
            sb2.append("nonce=\"");
            sb2.append(encodeBase64String);
            sb2.append("\", ");
            if (str != null) {
                sb2.append("hash=\"");
                sb2.append(str);
                sb2.append("\", ");
            }
            if ("".length() > 0) {
                sb2.append("ext=\"");
                sb2.append("".replaceAll("\\\\", "\\\\").replaceAll("\"", "\\\""));
                sb2.append("\", ");
            }
            sb2.append("mac=\"");
            sb2.append(encodeBase64String2);
            sb2.append("\"");
            return new BasicHeader("Authorization", sb2.toString());
        } catch (Exception e) {
            throw new GeneralSecurityException(e);
        }
    }
}
