package com.microsoft.azure.sdk.iot.device.auth;

import com.microsoft.azure.sdk.iot.deps.util.Base64;
import com.microsoft.azure.sdk.iot.provisioning.security.SecurityProvider;
import com.microsoft.azure.sdk.iot.provisioning.security.SecurityProviderTpm;
import com.microsoft.azure.sdk.iot.provisioning.security.exceptions.SecurityProviderException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import javax.net.ssl.SSLContext;

/* loaded from: input_file:com/microsoft/azure/sdk/iot/device/auth/IotHubSasTokenHardwareAuthenticationProvider.class */
public class IotHubSasTokenHardwareAuthenticationProvider extends IotHubSasTokenAuthenticationProvider {
    private static final String TOKEN_SCOPE_FORMAT = "%s/devices/%s";
    private static final String SASTOKEN_FORMAT = "SharedAccessSignature sr=%s&sig=%s&se=%s";
    protected SecurityProviderTpm securityProvider;

    public IotHubSasTokenHardwareAuthenticationProvider(String str, String str2, SecurityProvider securityProvider) throws IOException {
        try {
            if (!(securityProvider instanceof SecurityProviderTpm)) {
                throw new IllegalArgumentException("The provided security provided must be an instance of SecurityProviderTpm");
            }
            this.securityProvider = (SecurityProviderTpm) securityProvider;
            this.hostname = str;
            this.deviceId = str2;
            this.sasToken = new IotHubSasToken(str, str2, null, generateSasTokenSignatureFromSecurityProvider(this.tokenValidSecs), 0L);
            this.iotHubSSLContext = new IotHubSSLContext(securityProvider.getSSLContext());
            this.sslContextNeedsUpdate = false;
        } catch (SecurityProviderException e) {
            throw new IOException((Throwable) e);
        }
    }

    @Override // com.microsoft.azure.sdk.iot.device.auth.IotHubSasTokenAuthenticationProvider
    public String getRenewedSasToken() throws IOException {
        if (this.sasToken.isExpired()) {
            this.sasToken = new IotHubSasToken(this.hostname, this.deviceId, null, generateSasTokenSignatureFromSecurityProvider(this.tokenValidSecs), 0L);
        }
        return this.sasToken.toString();
    }

    @Override // com.microsoft.azure.sdk.iot.device.auth.IotHubSasTokenAuthenticationProvider
    public SSLContext getSSLContext() throws IOException {
        return this.iotHubSSLContext.getSSLContext();
    }

    @Override // com.microsoft.azure.sdk.iot.device.auth.IotHubSasTokenAuthenticationProvider
    public void setPathToIotHubTrustedCert(String str) {
        throw new UnsupportedOperationException("Cannot change the trusted certificate when using security provider for authentication.");
    }

    @Override // com.microsoft.azure.sdk.iot.device.auth.IotHubSasTokenAuthenticationProvider
    public void setIotHubTrustedCert(String str) {
        throw new UnsupportedOperationException("Cannot change the trusted certificate when using security provider for authentication.");
    }

    private String generateSasTokenSignatureFromSecurityProvider(long j) throws IOException {
        try {
            String encode = URLEncoder.encode(String.format(TOKEN_SCOPE_FORMAT, this.hostname, this.deviceId), ENCODING_FORMAT_NAME);
            if (encode == null || encode.isEmpty()) {
                throw new IOException("Could not construct token scope");
            }
            Long valueOf = Long.valueOf((System.currentTimeMillis() / 1000) + j);
            byte[] signWithIdentity = this.securityProvider.signWithIdentity(encode.concat("\n" + String.valueOf(valueOf)).getBytes());
            if (signWithIdentity == null || signWithIdentity.length == 0) {
                throw new IOException("Security provider could not sign data successfully");
            }
            return String.format(SASTOKEN_FORMAT, encode, URLEncoder.encode(new String(Base64.encodeBase64Local(signWithIdentity)), ENCODING_FORMAT_NAME), valueOf);
        } catch (UnsupportedEncodingException | SecurityProviderException e) {
            throw new IOException(e);
        }
    }
}
