package defpackage;

import android.content.Context;
import android.text.TextUtils;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.TBSCertificate;
import org.bouncycastle.asn1.x509.Time;
import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.asn1.x509.X509ExtensionsGenerator;

/* compiled from: PG */
/* loaded from: classes3.dex */
public final class borc {

    /* renamed from: a, reason: collision with root package name */
    public static final char[] f20631a = {'J', 'I', 'B', 'E'};
    private static final char[] b = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};

    public static String a(Certificate certificate, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(certificate.getEncoded());
            byte[] digest = messageDigest.digest();
            int length = digest.length;
            StringBuffer stringBuffer = new StringBuffer(length + length);
            for (int i = 0; i < digest.length; i++) {
                if (i > 0) {
                    stringBuffer.append(':');
                }
                char[] cArr = b;
                stringBuffer.append(cArr[(digest[i] & 240) >> 4]);
                stringBuffer.append(cArr[digest[i] & 15]);
            }
            return stringBuffer.toString();
        } catch (Exception e) {
            bcuk.i(e, "Error while creating fingerprint: %s", e.getMessage());
            return null;
        }
    }

    public static X509Certificate b(KeyStore keyStore) throws KeyStoreException {
        return (X509Certificate) keyStore.getCertificate("private");
    }

    public static boolean c(String str) {
        return "SHA-1".equalsIgnoreCase(str) || "SHA-256".equalsIgnoreCase(str);
    }

    public static void d(Context context, String str) throws NoSuchAlgorithmException, InvalidKeyException, IllegalStateException, SignatureException, KeyStoreException, CertificateException, IOException {
        bcuk.c("Generating keypair of length %d", 2048);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048, new SecureRandom());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        bcuk.c("Generating certificate for issuer %s", "C=US, ST=California, L=California, O=Jibe, OU=Jibe, CN=Jibe");
        Certificate f = f(generateKeyPair, str);
        bcuk.c("Generating key store", new Object[0]);
        Certificate[] certificateArr = {f};
        PrivateKey privateKey = generateKeyPair.getPrivate();
        KeyStore keyStore = KeyStore.getInstance("BKS");
        FileOutputStream fileOutputStream = null;
        keyStore.load(null, null);
        char[] cArr = f20631a;
        keyStore.setKeyEntry("private", privateKey, cArr, certificateArr);
        bcuk.c("Saving key store to file %s", "msrp.bks");
        if (TextUtils.isEmpty("msrp.bks")) {
            throw new IllegalArgumentException("Filename must not be empty");
        }
        try {
            fileOutputStream = context.getApplicationContext().openFileOutput("msrp.bks", 0);
            try {
                if (fileOutputStream != null) {
                    keyStore.store(fileOutputStream, cArr);
                    bcut.a(fileOutputStream);
                } else {
                    throw new IOException("Unable to open file for writing: msrp.bks");
                }
            } catch (Throwable th) {
                th = th;
                bcut.a(fileOutputStream);
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public static KeyStore e(Context context) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException {
        if (TextUtils.isEmpty("msrp.bks")) {
            throw new IllegalArgumentException("Filename must not be empty");
        }
        bcuk.c("Loading key store %s", "msrp.bks");
        FileInputStream openFileInput = context.getApplicationContext().openFileInput("msrp.bks");
        if (openFileInput == null) {
            throw new FileNotFoundException("Keystore file not found: msrp.bks");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("BKS");
            keyStore.load(openFileInput, f20631a);
            return keyStore;
        } finally {
            bcut.a(openFileInput);
        }
    }

    private static Certificate f(KeyPair keyPair, String str) throws CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException {
        AlgorithmIdentifier algorithmIdentifier;
        Extension b2;
        Date date = new Date(bcwa.a().longValue() - 86400000);
        Date date2 = new Date(bcwa.a().longValue() + 31536000000L);
        X500Principal x500Principal = new X500Principal("C=US, ST=California, L=California, O=Jibe, OU=Jibe, CN=Jibe");
        X500Principal x500Principal2 = new X500Principal("C=US, ST=California, L=California, O=Jibe, OU=Jibe, CN=Jibe");
        try {
            cllp cllpVar = new cllp();
            try {
                cllpVar.b.d = X500Name.a(new clez(x500Principal.getEncoded()));
                BigInteger bigInteger = BigInteger.ONE;
                if (bigInteger.compareTo(BigInteger.ZERO) <= 0) {
                    throw new IllegalArgumentException("serial number must be a positive integer");
                }
                cllpVar.b.b = new ASN1Integer(bigInteger);
                cllpVar.b.e = new Time(date);
                cllpVar.b.f = new Time(date2);
                try {
                    cllpVar.b.g = X500Name.a(new clez(x500Principal2.getEncoded()).l());
                    try {
                        cllpVar.b.h = SubjectPublicKeyInfo.b(new ASN1InputStream(keyPair.getPublic().getEncoded()).d());
                        cllpVar.e = str;
                        try {
                            cllpVar.c = cllo.a(str);
                            ASN1ObjectIdentifier aSN1ObjectIdentifier = cllpVar.c;
                            if (cllo.b.contains(aSN1ObjectIdentifier)) {
                                algorithmIdentifier = new AlgorithmIdentifier(aSN1ObjectIdentifier);
                            } else {
                                String d = clla.d(str);
                                algorithmIdentifier = cllo.f30285a.containsKey(d) ? new AlgorithmIdentifier(aSN1ObjectIdentifier, (ASN1Encodable) cllo.f30285a.get(d)) : new AlgorithmIdentifier(aSN1ObjectIdentifier, DERNull.f38295a);
                            }
                            cllpVar.d = algorithmIdentifier;
                            cllpVar.b.c = cllpVar.d;
                            PrivateKey privateKey = keyPair.getPrivate();
                            if (!cllpVar.f.b.isEmpty()) {
                                V3TBSCertificateGenerator v3TBSCertificateGenerator = cllpVar.b;
                                X509ExtensionsGenerator x509ExtensionsGenerator = cllpVar.f;
                                Extensions c = Extensions.c(new X509Extensions(x509ExtensionsGenerator.b, x509ExtensionsGenerator.f38396a));
                                v3TBSCertificateGenerator.i = c;
                                if (c != null && (b2 = c.b(Extension.b)) != null && b2.s) {
                                    v3TBSCertificateGenerator.j = true;
                                }
                            }
                            V3TBSCertificateGenerator v3TBSCertificateGenerator2 = cllpVar.b;
                            if (v3TBSCertificateGenerator2.b == null || v3TBSCertificateGenerator2.c == null || v3TBSCertificateGenerator2.d == null || v3TBSCertificateGenerator2.e == null || v3TBSCertificateGenerator2.f == null || ((v3TBSCertificateGenerator2.g == null && !v3TBSCertificateGenerator2.j) || v3TBSCertificateGenerator2.h == null)) {
                                throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
                            }
                            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector(10);
                            aSN1EncodableVector.b(v3TBSCertificateGenerator2.f38393a);
                            aSN1EncodableVector.b(v3TBSCertificateGenerator2.b);
                            aSN1EncodableVector.b(v3TBSCertificateGenerator2.c);
                            aSN1EncodableVector.b(v3TBSCertificateGenerator2.d);
                            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector(2);
                            aSN1EncodableVector2.b(v3TBSCertificateGenerator2.e);
                            aSN1EncodableVector2.b(v3TBSCertificateGenerator2.f);
                            aSN1EncodableVector.b(new DERSequence(aSN1EncodableVector2));
                            X500Name x500Name = v3TBSCertificateGenerator2.g;
                            if (x500Name != null) {
                                aSN1EncodableVector.b(x500Name);
                            } else {
                                aSN1EncodableVector.b(new DERSequence());
                            }
                            aSN1EncodableVector.b(v3TBSCertificateGenerator2.h);
                            Extensions extensions = v3TBSCertificateGenerator2.i;
                            if (extensions != null) {
                                aSN1EncodableVector.b(new DERTaggedObject(true, 3, extensions));
                            }
                            TBSCertificate a2 = TBSCertificate.a(new DERSequence(aSN1EncodableVector));
                            try {
                                byte[] b3 = cllo.b(cllpVar.c, cllpVar.e, privateKey, a2);
                                try {
                                    ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
                                    aSN1EncodableVector3.b(a2);
                                    aSN1EncodableVector3.b(cllpVar.d);
                                    aSN1EncodableVector3.b(new DERBitString(b3));
                                    return cllpVar.f30286a.engineGenerateCertificate(new ByteArrayInputStream(new DERSequence(aSN1EncodableVector3).u("DER")));
                                } catch (Exception e) {
                                    throw new clln("exception producing certificate object", e);
                                }
                            } catch (IOException e2) {
                                throw new clln("exception encoding TBS cert", e2);
                            }
                        } catch (Exception e3) {
                            throw new IllegalArgumentException("Unknown signature type requested: ".concat(str));
                        }
                    } catch (Exception e4) {
                        throw new IllegalArgumentException("unable to process key - ".concat(String.valueOf(e4.toString())));
                    }
                } catch (IOException e5) {
                    throw new IllegalArgumentException("can't process principal: ".concat(e5.toString()));
                }
            } catch (IOException e6) {
                throw new IllegalArgumentException("can't process principal: ".concat(e6.toString()));
            }
        } catch (NoSuchMethodError e7) {
            bcuk.i(e7, "Platform does not have API to use X509V3CertificateGenerator.", new Object[0]);
            throw new IllegalStateException(e7.toString());
        }
    }
}
