package dl;

import bj.l;
import cj.s;
import com.tencent.cos.xml.crypto.COSCryptoScheme;
import fl.d;
import fl.e;
import fl.f;
import fl.g;
import fl.n;
import fl.q;
import fl.r;
import gl.f;
import java.math.BigInteger;
import java.net.InetAddress;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import javax.security.auth.x500.X500Principal;
import oj.h;
import oj.p;
import xj.i;

/* compiled from: HeldCertificate.kt */
/* loaded from: classes3.dex */
public final class c {

    /* renamed from: a, reason: collision with root package name */
    public final KeyPair f30102a;

    /* renamed from: b, reason: collision with root package name */
    public final X509Certificate f30103b;

    /* renamed from: d, reason: collision with root package name */
    public static final b f30101d = new b(null);

    /* renamed from: c, reason: collision with root package name */
    public static final i f30100c = new i("-----BEGIN ([!-,.-~ ]*)-----([^-]*)-----END \\1-----");

    /* compiled from: HeldCertificate.kt */
    /* loaded from: classes3.dex */
    public static final class a {

        /* renamed from: l, reason: collision with root package name */
        public static final C0812a f30104l = new C0812a(null);

        /* renamed from: c, reason: collision with root package name */
        public String f30107c;

        /* renamed from: d, reason: collision with root package name */
        public String f30108d;

        /* renamed from: f, reason: collision with root package name */
        public BigInteger f30110f;

        /* renamed from: g, reason: collision with root package name */
        public KeyPair f30111g;

        /* renamed from: h, reason: collision with root package name */
        public c f30112h;

        /* renamed from: j, reason: collision with root package name */
        public String f30114j;

        /* renamed from: k, reason: collision with root package name */
        public int f30115k;

        /* renamed from: a, reason: collision with root package name */
        public long f30105a = -1;

        /* renamed from: b, reason: collision with root package name */
        public long f30106b = -1;

        /* renamed from: e, reason: collision with root package name */
        public final List<String> f30109e = new ArrayList();

        /* renamed from: i, reason: collision with root package name */
        public int f30113i = -1;

        /* compiled from: HeldCertificate.kt */
        /* renamed from: dl.c$a$a, reason: collision with other inner class name */
        /* loaded from: classes3.dex */
        public static final class C0812a {
            public C0812a() {
            }

            public /* synthetic */ C0812a(h hVar) {
                this();
            }
        }

        public a() {
            d();
        }

        public final a a(String str) {
            p.i(str, "altName");
            this.f30109e.add(str);
            return this;
        }

        public final c b() {
            KeyPair keyPair;
            List<List<d>> list;
            KeyPair keyPair2 = this.f30111g;
            if (keyPair2 == null) {
                keyPair2 = f();
            }
            fl.i iVar = fl.i.f32056s;
            f<fl.p> g10 = iVar.g();
            f.a aVar = gl.f.f33025e;
            PublicKey publicKey = keyPair2.getPublic();
            p.h(publicKey, "subjectKeyPair.public");
            byte[] encoded = publicKey.getEncoded();
            p.h(encoded, "subjectKeyPair.public.encoded");
            fl.p k10 = g10.k(f.a.f(aVar, encoded, 0, 0, 3, null));
            List<List<d>> h10 = h();
            c cVar = this.f30112h;
            if (cVar != null) {
                p.f(cVar);
                keyPair = cVar.c();
                fl.f<List<List<d>>> f10 = iVar.f();
                c cVar2 = this.f30112h;
                p.f(cVar2);
                X500Principal subjectX500Principal = cVar2.b().getSubjectX500Principal();
                p.h(subjectX500Principal, "signedBy!!.certificate.subjectX500Principal");
                byte[] encoded2 = subjectX500Principal.getEncoded();
                p.h(encoded2, "signedBy!!.certificate.s…jectX500Principal.encoded");
                list = f10.k(f.a.f(aVar, encoded2, 0, 0, 3, null));
            } else {
                keyPair = keyPair2;
                list = h10;
            }
            fl.b g11 = g(keyPair);
            BigInteger bigInteger = this.f30110f;
            if (bigInteger == null) {
                bigInteger = BigInteger.ONE;
            }
            BigInteger bigInteger2 = bigInteger;
            p.h(bigInteger2, "serialNumber ?: BigInteger.ONE");
            q qVar = new q(2L, bigInteger2, g11, list, i(), h10, k10, null, null, e());
            Signature signature = Signature.getInstance(qVar.f());
            signature.initSign(keyPair.getPrivate());
            signature.update(iVar.h().p(qVar).G());
            byte[] sign = signature.sign();
            p.h(sign, "sign()");
            return new c(keyPair2, new fl.h(qVar, g11, new g(f.a.f(aVar, sign, 0, 0, 3, null), 0)).d());
        }

        public final a c(String str) {
            p.i(str, "cn");
            this.f30107c = str;
            return this;
        }

        public final a d() {
            this.f30114j = "EC";
            this.f30115k = 256;
            return this;
        }

        public final List<n> e() {
            l a10;
            ArrayList arrayList = new ArrayList();
            int i10 = this.f30113i;
            if (i10 != -1) {
                arrayList.add(new n("2.5.29.19", true, new e(true, Long.valueOf(i10))));
            }
            if (!this.f30109e.isEmpty()) {
                List<String> list = this.f30109e;
                ArrayList arrayList2 = new ArrayList(s.w(list, 10));
                for (String str : list) {
                    if (pk.d.i(str)) {
                        fl.f<gl.f> e10 = fl.i.f32056s.e();
                        f.a aVar = gl.f.f33025e;
                        InetAddress byName = InetAddress.getByName(str);
                        p.h(byName, "InetAddress.getByName(it)");
                        byte[] address = byName.getAddress();
                        p.h(address, "InetAddress.getByName(it).address");
                        a10 = bj.s.a(e10, f.a.f(aVar, address, 0, 0, 3, null));
                    } else {
                        a10 = bj.s.a(fl.i.f32056s.d(), str);
                    }
                    arrayList2.add(a10);
                }
                arrayList.add(new n("2.5.29.17", true, arrayList2));
            }
            return arrayList;
        }

        public final KeyPair f() {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.f30114j);
            keyPairGenerator.initialize(this.f30115k, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            p.h(generateKeyPair, "KeyPairGenerator.getInst…generateKeyPair()\n      }");
            return generateKeyPair;
        }

        public final fl.b g(KeyPair keyPair) {
            return keyPair.getPrivate() instanceof RSAPrivateKey ? new fl.b("1.2.840.113549.1.1.11", null) : new fl.b("1.2.840.10045.4.3.2", gl.f.f33026f);
        }

        public final List<List<d>> h() {
            ArrayList arrayList = new ArrayList();
            String str = this.f30108d;
            if (str != null) {
                arrayList.add(cj.q.e(new d("2.5.4.11", str)));
            }
            String str2 = this.f30107c;
            if (str2 == null) {
                str2 = UUID.randomUUID().toString();
                p.h(str2, "UUID.randomUUID().toString()");
            }
            arrayList.add(cj.q.e(new d("2.5.4.3", str2)));
            return arrayList;
        }

        public final r i() {
            long j10 = this.f30105a;
            if (j10 == -1) {
                j10 = System.currentTimeMillis();
            }
            long j11 = this.f30106b;
            if (j11 == -1) {
                j11 = j10 + 86400000;
            }
            return new r(j10, j11);
        }
    }

    /* compiled from: HeldCertificate.kt */
    /* loaded from: classes3.dex */
    public static final class b {
        public b() {
        }

        public /* synthetic */ b(h hVar) {
            this();
        }

        public final c a(String str) {
            String a10;
            p.i(str, "certificateAndPrivateKeyPem");
            String str2 = null;
            Iterator it = i.d(c.f30100c, str, 0, 2, null).iterator();
            String str3 = null;
            while (true) {
                if (!it.hasNext()) {
                    if (!(str2 != null)) {
                        throw new IllegalArgumentException("string does not include a certificate".toString());
                    }
                    if (str3 != null) {
                        return b(str2, str3);
                    }
                    throw new IllegalArgumentException("string does not include a private key".toString());
                }
                xj.g gVar = (xj.g) it.next();
                xj.e eVar = gVar.b().get(1);
                p.f(eVar);
                a10 = eVar.a();
                int hashCode = a10.hashCode();
                if (hashCode == -189606537) {
                    if (!a10.equals("CERTIFICATE")) {
                        break;
                    }
                    if (!(str2 == null)) {
                        throw new IllegalArgumentException("string includes multiple certificates".toString());
                    }
                    xj.e eVar2 = gVar.b().get(0);
                    p.f(eVar2);
                    str2 = eVar2.a();
                } else {
                    if (hashCode != -170985982 || !a10.equals("PRIVATE KEY")) {
                        break;
                    }
                    if (!(str3 == null)) {
                        throw new IllegalArgumentException("string includes multiple private keys".toString());
                    }
                    xj.e eVar3 = gVar.b().get(2);
                    p.f(eVar3);
                    str3 = eVar3.a();
                }
            }
            throw new IllegalArgumentException("unexpected type: " + a10);
        }

        public final c b(String str, String str2) {
            String str3;
            X509Certificate a10 = dl.a.a(str);
            gl.f a11 = gl.f.f33025e.a(str2);
            if (a11 == null) {
                throw new IllegalArgumentException("failed to decode private key");
            }
            PublicKey publicKey = a10.getPublicKey();
            if (publicKey instanceof ECPublicKey) {
                str3 = "EC";
            } else {
                if (!(publicKey instanceof RSAPublicKey)) {
                    throw new IllegalArgumentException("unexpected key type: " + a10.getPublicKey());
                }
                str3 = COSCryptoScheme.RSA;
            }
            return new c(new KeyPair(a10.getPublicKey(), c(a11, str3)), a10);
        }

        public final PrivateKey c(gl.f fVar, String str) {
            try {
                PrivateKey generatePrivate = KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(fVar.G()));
                p.h(generatePrivate, "keyFactory.generatePriva…Spec(data.toByteArray()))");
                return generatePrivate;
            } catch (GeneralSecurityException e10) {
                throw new IllegalArgumentException("failed to decode private key", e10);
            }
        }
    }

    public c(KeyPair keyPair, X509Certificate x509Certificate) {
        p.i(keyPair, "keyPair");
        p.i(x509Certificate, "certificate");
        this.f30102a = keyPair;
        this.f30103b = x509Certificate;
    }

    public final X509Certificate b() {
        return this.f30103b;
    }

    public final KeyPair c() {
        return this.f30102a;
    }
}
