package ue;

import java.math.BigInteger;
import java.net.InetAddress;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;
import javax.security.auth.x500.X500Principal;
import kotlin.collections.p;
import kotlin.collections.r;
import kotlin.jvm.internal.j;
import okhttp3.tls.internal.der.d;
import okhttp3.tls.internal.der.e;
import okhttp3.tls.internal.der.f;
import okhttp3.tls.internal.der.g;
import okhttp3.tls.internal.der.h;
import okhttp3.tls.internal.der.n;
import okhttp3.tls.internal.der.q;
import qd.t;
import qd.z;
import ve.i;

/* compiled from: HeldCertificate.kt */
/* loaded from: classes7.dex */
public final class c {

    /* renamed from: a, reason: collision with root package name */
    private final KeyPair f21479a;

    /* renamed from: b, reason: collision with root package name */
    private final X509Certificate f21480b;

    /* compiled from: HeldCertificate.kt */
    /* loaded from: classes7.dex */
    public static final class a {

        /* renamed from: c, reason: collision with root package name */
        private String f21483c;

        /* renamed from: d, reason: collision with root package name */
        private String f21484d;

        /* renamed from: f, reason: collision with root package name */
        private BigInteger f21486f;

        /* renamed from: g, reason: collision with root package name */
        private KeyPair f21487g;

        /* renamed from: h, reason: collision with root package name */
        private c f21488h;

        /* renamed from: j, reason: collision with root package name */
        private String f21490j;

        /* renamed from: k, reason: collision with root package name */
        private int f21491k;

        /* renamed from: a, reason: collision with root package name */
        private long f21481a = -1;

        /* renamed from: b, reason: collision with root package name */
        private long f21482b = -1;

        /* renamed from: e, reason: collision with root package name */
        private final List<String> f21485e = new ArrayList();

        /* renamed from: i, reason: collision with root package name */
        private int f21489i = -1;

        /* compiled from: HeldCertificate.kt */
        /* renamed from: ue.c$a$a, reason: collision with other inner class name */
        /* loaded from: classes7.dex */
        public static final class C0944a {
            private C0944a() {
            }

            public /* synthetic */ C0944a(j jVar) {
                this();
            }
        }

        static {
            new C0944a(null);
        }

        public a() {
            d();
        }

        private final List<n> e() {
            int s10;
            t a10;
            ArrayList arrayList = new ArrayList();
            int i10 = this.f21489i;
            if (i10 != -1) {
                arrayList.add(new n("2.5.29.19", true, new e(true, Long.valueOf(i10))));
            }
            if (!this.f21485e.isEmpty()) {
                List<String> list = this.f21485e;
                s10 = r.s(list, 10);
                ArrayList arrayList2 = new ArrayList(s10);
                for (String str : list) {
                    if (ie.b.f(str)) {
                        f<i> e10 = okhttp3.tls.internal.der.i.f19722r.e();
                        i.a aVar = i.Companion;
                        InetAddress byName = InetAddress.getByName(str);
                        kotlin.jvm.internal.r.e(byName, "InetAddress.getByName(it)");
                        byte[] address = byName.getAddress();
                        kotlin.jvm.internal.r.e(address, "InetAddress.getByName(it).address");
                        a10 = z.a(e10, i.a.h(aVar, address, 0, 0, 3, null));
                    } else {
                        a10 = z.a(okhttp3.tls.internal.der.i.f19722r.d(), str);
                    }
                    arrayList2.add(a10);
                }
                arrayList.add(new n("2.5.29.17", true, arrayList2));
            }
            return arrayList;
        }

        private final KeyPair f() {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.f21490j);
            keyPairGenerator.initialize(this.f21491k, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            kotlin.jvm.internal.r.e(generateKeyPair, "KeyPairGenerator.getInst…generateKeyPair()\n      }");
            return generateKeyPair;
        }

        private final okhttp3.tls.internal.der.b g(KeyPair keyPair) {
            return keyPair.getPrivate() instanceof RSAPrivateKey ? new okhttp3.tls.internal.der.b("1.2.840.113549.1.1.11", null) : new okhttp3.tls.internal.der.b("1.2.840.10045.4.3.2", i.EMPTY);
        }

        private final List<List<d>> h() {
            List d7;
            List d10;
            ArrayList arrayList = new ArrayList();
            String str = this.f21484d;
            if (str != null) {
                d10 = p.d(new d("2.5.4.11", str));
                arrayList.add(d10);
            }
            String str2 = this.f21483c;
            if (str2 == null) {
                str2 = UUID.randomUUID().toString();
                kotlin.jvm.internal.r.e(str2, "UUID.randomUUID().toString()");
            }
            d7 = p.d(new d("2.5.4.3", str2));
            arrayList.add(d7);
            return arrayList;
        }

        private final okhttp3.tls.internal.der.r i() {
            long j10 = this.f21481a;
            if (j10 == -1) {
                j10 = System.currentTimeMillis();
            }
            long j11 = this.f21482b;
            if (j11 == -1) {
                j11 = j10 + 86400000;
            }
            return new okhttp3.tls.internal.der.r(j10, j11);
        }

        public final a a(String altName) {
            kotlin.jvm.internal.r.f(altName, "altName");
            this.f21485e.add(altName);
            return this;
        }

        public final c b() {
            KeyPair keyPair;
            List<List<d>> list;
            KeyPair keyPair2 = this.f21487g;
            if (keyPair2 == null) {
                keyPair2 = f();
            }
            okhttp3.tls.internal.der.i iVar = okhttp3.tls.internal.der.i.f19722r;
            f<okhttp3.tls.internal.der.p> g10 = iVar.g();
            i.a aVar = i.Companion;
            PublicKey publicKey = keyPair2.getPublic();
            kotlin.jvm.internal.r.e(publicKey, "subjectKeyPair.public");
            byte[] encoded = publicKey.getEncoded();
            kotlin.jvm.internal.r.e(encoded, "subjectKeyPair.public.encoded");
            okhttp3.tls.internal.der.p k7 = g10.k(i.a.h(aVar, encoded, 0, 0, 3, null));
            List<List<d>> h10 = h();
            c cVar = this.f21488h;
            if (cVar != null) {
                kotlin.jvm.internal.r.d(cVar);
                keyPair = cVar.b();
                f<List<List<d>>> f7 = iVar.f();
                c cVar2 = this.f21488h;
                kotlin.jvm.internal.r.d(cVar2);
                X500Principal subjectX500Principal = cVar2.a().getSubjectX500Principal();
                kotlin.jvm.internal.r.e(subjectX500Principal, "signedBy!!.certificate.subjectX500Principal");
                byte[] encoded2 = subjectX500Principal.getEncoded();
                kotlin.jvm.internal.r.e(encoded2, "signedBy!!.certificate.s…jectX500Principal.encoded");
                list = f7.k(i.a.h(aVar, encoded2, 0, 0, 3, null));
            } else {
                keyPair = keyPair2;
                list = h10;
            }
            okhttp3.tls.internal.der.b g11 = g(keyPair);
            BigInteger bigInteger = this.f21486f;
            if (bigInteger == null) {
                bigInteger = BigInteger.ONE;
            }
            BigInteger bigInteger2 = bigInteger;
            kotlin.jvm.internal.r.e(bigInteger2, "serialNumber ?: BigInteger.ONE");
            q qVar = new q(2L, bigInteger2, g11, list, i(), h10, k7, null, null, e());
            Signature signature = Signature.getInstance(qVar.f());
            signature.initSign(keyPair.getPrivate());
            signature.update(iVar.h().p(qVar).toByteArray());
            byte[] sign = signature.sign();
            kotlin.jvm.internal.r.e(sign, "sign()");
            return new c(keyPair2, new h(qVar, g11, new g(i.a.h(aVar, sign, 0, 0, 3, null), 0)).d());
        }

        public final a c(String cn2) {
            kotlin.jvm.internal.r.f(cn2, "cn");
            this.f21483c = cn2;
            return this;
        }

        public final a d() {
            this.f21490j = "EC";
            this.f21491k = 256;
            return this;
        }
    }

    /* compiled from: HeldCertificate.kt */
    /* loaded from: classes7.dex */
    public static final class b {
        private b() {
        }

        public /* synthetic */ b(j jVar) {
            this();
        }
    }

    static {
        new b(null);
        new kotlin.text.j("-----BEGIN ([!-,.-~ ]*)-----([^-]*)-----END \\1-----");
    }

    public c(KeyPair keyPair, X509Certificate certificate) {
        kotlin.jvm.internal.r.f(keyPair, "keyPair");
        kotlin.jvm.internal.r.f(certificate, "certificate");
        this.f21479a = keyPair;
        this.f21480b = certificate;
    }

    public final X509Certificate a() {
        return this.f21480b;
    }

    public final KeyPair b() {
        return this.f21479a;
    }
}
