package com.microsoft.mmx.agents.ypp.authclient.crypto;

import Microsoft.Windows.MobilityExperience.Health.Agents.NonceJwtGenerationActivity;
import com.microsoft.mmx.agents.AgentsLogger;
import com.microsoft.mmx.agents.logging.TraceContext;
import com.microsoft.mmx.agents.util.TelemetryUtils;
import com.microsoft.mmx.agents.ypp.authclient.utils.AuthTelemetryUtils;
import com.microsoft.mmx.agents.ypp.configuration.PlatformConfiguration;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JOSEObjectType;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.ECDSASigner;
import com.nimbusds.jose.jwk.Curve;
import java.security.KeyStore;
import javax.inject.Inject;
import net.minidev.json.JSONObject;
import org.joda.time.DateTime;

/* loaded from: classes2.dex */
public class JwtHelper {
    public final PlatformConfiguration platformConfiguration;
    public final AgentsLogger telemetry;

    @Inject
    public JwtHelper(PlatformConfiguration platformConfiguration, AgentsLogger agentsLogger) {
        this.platformConfiguration = platformConfiguration;
        this.telemetry = agentsLogger;
    }

    private String getNonceJwtInternal(KeyStore.PrivateKeyEntry privateKeyEntry, String str) throws JOSEException {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("Nonce", str);
        jSONObject.put("Certificate", CertificateUtils.a(privateKeyEntry));
        jSONObject.put("exp", Long.valueOf(DateTime.now().plus(this.platformConfiguration.getNonceJwtExpirationTime()).getMillis() / 1000));
        jSONObject.put("nbf", Long.valueOf(DateTime.now().minus(this.platformConfiguration.getNonceJwtNotBefore()).getMillis() / 1000));
        ECDSASigner eCDSASigner = new ECDSASigner(privateKeyEntry.getPrivateKey(), Curve.P_384);
        JWSObject jWSObject = new JWSObject(new JWSHeader.Builder(JWSAlgorithm.ES384).type(JOSEObjectType.JWT).build(), new Payload(jSONObject));
        jWSObject.sign(eCDSASigner);
        return jWSObject.serialize();
    }

    public String a(KeyStore.PrivateKeyEntry privateKeyEntry, String str, TraceContext traceContext) {
        NonceJwtGenerationActivity nonceJwtGenerationActivity = new NonceJwtGenerationActivity();
        TelemetryUtils.populateBaseActivityWithTraceContext(nonceJwtGenerationActivity, traceContext);
        nonceJwtGenerationActivity.setDim1("ECDSA384");
        this.telemetry.logActivityStart(nonceJwtGenerationActivity);
        try {
            String nonceJwtInternal = getNonceJwtInternal(privateKeyEntry, str);
            this.telemetry.logActivityEnd(nonceJwtGenerationActivity);
            return nonceJwtInternal;
        } catch (JOSEException e2) {
            CryptoException cryptoException = new CryptoException(e2);
            AuthTelemetryUtils.populateActivityExceptionDetails(nonceJwtGenerationActivity, cryptoException);
            this.telemetry.logActivityEndExceptional("JwtHelper", "getNonceJwt", nonceJwtGenerationActivity, cryptoException);
            throw cryptoException;
        }
    }
}
