package mu;

import ht.l;
import ht.s;
import java.math.BigInteger;
import java.net.InetAddress;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;
import javax.security.auth.x500.X500Principal;
import kotlin.collections.p;
import kotlin.jvm.internal.h;
import kotlin.jvm.internal.q;
import kotlin.text.j;
import okhttp3.tls.internal.der.d;
import okhttp3.tls.internal.der.e;
import okhttp3.tls.internal.der.f;
import okhttp3.tls.internal.der.g;
import okhttp3.tls.internal.der.i;
import okhttp3.tls.internal.der.n;
import okhttp3.tls.internal.der.r;
import okio.h;

/* compiled from: HeldCertificate.kt */
/* loaded from: classes4.dex */
public final class b {

    /* renamed from: a, reason: collision with root package name */
    private final KeyPair f41731a;

    /* renamed from: b, reason: collision with root package name */
    private final X509Certificate f41732b;

    /* renamed from: d, reason: collision with root package name */
    public static final C0512b f41730d = new C0512b(null);

    /* renamed from: c, reason: collision with root package name */
    private static final j f41729c = new j("-----BEGIN ([!-,.-~ ]*)-----([^-]*)-----END \\1-----");

    /* compiled from: HeldCertificate.kt */
    /* loaded from: classes4.dex */
    public static final class a {

        /* renamed from: l, reason: collision with root package name */
        public static final C0511a f41733l = new C0511a(null);

        /* renamed from: c, reason: collision with root package name */
        private String f41736c;

        /* renamed from: d, reason: collision with root package name */
        private String f41737d;

        /* renamed from: f, reason: collision with root package name */
        private BigInteger f41739f;

        /* renamed from: g, reason: collision with root package name */
        private KeyPair f41740g;

        /* renamed from: h, reason: collision with root package name */
        private b f41741h;

        /* renamed from: j, reason: collision with root package name */
        private String f41743j;

        /* renamed from: k, reason: collision with root package name */
        private int f41744k;

        /* renamed from: a, reason: collision with root package name */
        private long f41734a = -1;

        /* renamed from: b, reason: collision with root package name */
        private long f41735b = -1;

        /* renamed from: e, reason: collision with root package name */
        private final List<String> f41738e = new ArrayList();

        /* renamed from: i, reason: collision with root package name */
        private int f41742i = -1;

        /* compiled from: HeldCertificate.kt */
        /* renamed from: mu.b$a$a, reason: collision with other inner class name */
        /* loaded from: classes4.dex */
        public static final class C0511a {
            private C0511a() {
            }

            public /* synthetic */ C0511a(h hVar) {
                this();
            }
        }

        public a() {
            d();
        }

        private final List<n> e() {
            int q11;
            l a11;
            ArrayList arrayList = new ArrayList();
            int i11 = this.f41742i;
            if (i11 != -1) {
                arrayList.add(new n("2.5.29.19", true, new e(true, Long.valueOf(i11))));
            }
            if (!this.f41738e.isEmpty()) {
                List<String> list = this.f41738e;
                q11 = p.q(list, 10);
                ArrayList arrayList2 = new ArrayList(q11);
                for (String str : list) {
                    if (cu.b.f(str)) {
                        f<okio.h> e11 = i.f43193s.e();
                        h.a aVar = okio.h.f43337e;
                        InetAddress byName = InetAddress.getByName(str);
                        q.f(byName, "InetAddress.getByName(it)");
                        byte[] address = byName.getAddress();
                        q.f(address, "InetAddress.getByName(it).address");
                        a11 = s.a(e11, h.a.f(aVar, address, 0, 0, 3, null));
                    } else {
                        a11 = s.a(i.f43193s.d(), str);
                    }
                    arrayList2.add(a11);
                }
                arrayList.add(new n("2.5.29.17", true, arrayList2));
            }
            return arrayList;
        }

        private final KeyPair f() {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.f41743j);
            keyPairGenerator.initialize(this.f41744k, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            q.f(generateKeyPair, "KeyPairGenerator.getInst…generateKeyPair()\n      }");
            return generateKeyPair;
        }

        private final okhttp3.tls.internal.der.b g(KeyPair keyPair) {
            return keyPair.getPrivate() instanceof RSAPrivateKey ? new okhttp3.tls.internal.der.b("1.2.840.113549.1.1.11", null) : new okhttp3.tls.internal.der.b("1.2.840.10045.4.3.2", okio.h.f43336d);
        }

        private final List<List<d>> h() {
            List b11;
            List b12;
            ArrayList arrayList = new ArrayList();
            String str = this.f41737d;
            if (str != null) {
                b12 = kotlin.collections.n.b(new d("2.5.4.11", str));
                arrayList.add(b12);
            }
            String str2 = this.f41736c;
            if (str2 == null) {
                str2 = UUID.randomUUID().toString();
                q.f(str2, "UUID.randomUUID().toString()");
            }
            b11 = kotlin.collections.n.b(new d("2.5.4.3", str2));
            arrayList.add(b11);
            return arrayList;
        }

        private final r i() {
            long j11 = this.f41734a;
            if (j11 == -1) {
                j11 = System.currentTimeMillis();
            }
            long j12 = this.f41735b;
            if (j12 == -1) {
                j12 = j11 + 86400000;
            }
            return new r(j11, j12);
        }

        public final a a(String altName) {
            q.g(altName, "altName");
            this.f41738e.add(altName);
            return this;
        }

        public final b b() {
            KeyPair keyPair;
            List<List<d>> list;
            KeyPair keyPair2 = this.f41740g;
            if (keyPair2 == null) {
                keyPair2 = f();
            }
            i iVar = i.f43193s;
            f<okhttp3.tls.internal.der.p> g11 = iVar.g();
            h.a aVar = okio.h.f43337e;
            PublicKey publicKey = keyPair2.getPublic();
            q.f(publicKey, "subjectKeyPair.public");
            byte[] encoded = publicKey.getEncoded();
            q.f(encoded, "subjectKeyPair.public.encoded");
            okhttp3.tls.internal.der.p k11 = g11.k(h.a.f(aVar, encoded, 0, 0, 3, null));
            List<List<d>> h11 = h();
            b bVar = this.f41741h;
            if (bVar != null) {
                q.d(bVar);
                keyPair = bVar.b();
                f<List<List<d>>> f11 = iVar.f();
                b bVar2 = this.f41741h;
                q.d(bVar2);
                X500Principal subjectX500Principal = bVar2.a().getSubjectX500Principal();
                q.f(subjectX500Principal, "signedBy!!.certificate.subjectX500Principal");
                byte[] encoded2 = subjectX500Principal.getEncoded();
                q.f(encoded2, "signedBy!!.certificate.s…jectX500Principal.encoded");
                list = f11.k(h.a.f(aVar, encoded2, 0, 0, 3, null));
            } else {
                keyPair = keyPair2;
                list = h11;
            }
            okhttp3.tls.internal.der.b g12 = g(keyPair);
            BigInteger bigInteger = this.f41739f;
            if (bigInteger == null) {
                bigInteger = BigInteger.ONE;
            }
            BigInteger bigInteger2 = bigInteger;
            q.f(bigInteger2, "serialNumber ?: BigInteger.ONE");
            okhttp3.tls.internal.der.q qVar = new okhttp3.tls.internal.der.q(2L, bigInteger2, g12, list, i(), h11, k11, null, null, e());
            Signature signature = Signature.getInstance(qVar.f());
            signature.initSign(keyPair.getPrivate());
            signature.update(iVar.h().p(qVar).M());
            byte[] sign = signature.sign();
            q.f(sign, "sign()");
            return new b(keyPair2, new okhttp3.tls.internal.der.h(qVar, g12, new g(h.a.f(aVar, sign, 0, 0, 3, null), 0)).d());
        }

        public final a c(String cn2) {
            q.g(cn2, "cn");
            this.f41736c = cn2;
            return this;
        }

        public final a d() {
            this.f41743j = "EC";
            this.f41744k = 256;
            return this;
        }
    }

    /* compiled from: HeldCertificate.kt */
    /* renamed from: mu.b$b, reason: collision with other inner class name */
    /* loaded from: classes4.dex */
    public static final class C0512b {
        private C0512b() {
        }

        public /* synthetic */ C0512b(kotlin.jvm.internal.h hVar) {
            this();
        }
    }

    public b(KeyPair keyPair, X509Certificate certificate) {
        q.g(keyPair, "keyPair");
        q.g(certificate, "certificate");
        this.f41731a = keyPair;
        this.f41732b = certificate;
    }

    public final X509Certificate a() {
        return this.f41732b;
    }

    public final KeyPair b() {
        return this.f41731a;
    }
}
