package com.dreamsecurity.jcaos.ocsp;

import com.dreamsecurity.jcaos.Environment;
import com.dreamsecurity.jcaos.asn1.ASN1Encodable;
import com.dreamsecurity.jcaos.asn1.ASN1EncodableVector;
import com.dreamsecurity.jcaos.asn1.ASN1InputStream;
import com.dreamsecurity.jcaos.asn1.DEREncodable;
import com.dreamsecurity.jcaos.asn1.g.g;
import com.dreamsecurity.jcaos.asn1.g.o;
import com.dreamsecurity.jcaos.asn1.g.q;
import com.dreamsecurity.jcaos.asn1.oid.X509ObjectIdentifiers;
import com.dreamsecurity.jcaos.asn1.x509.AlgorithmIdentifier;
import com.dreamsecurity.jcaos.asn1.x509.GeneralName;
import com.dreamsecurity.jcaos.asn1.x509.Name;
import com.dreamsecurity.jcaos.asn1.x509.RDNSequence;
import com.dreamsecurity.jcaos.asn1.x509.SubjectPublicKeyInfo;
import com.dreamsecurity.jcaos.asn1.x509.t;
import com.dreamsecurity.jcaos.asn1.x509.u;
import com.dreamsecurity.jcaos.exception.ParsingException;
import com.dreamsecurity.jcaos.i;
import com.dreamsecurity.jcaos.pkcs.PKCS8PrivateKeyInfo;
import com.dreamsecurity.jcaos.x509.X509Certificate;
import e0.e;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;

/* loaded from: classes.dex */
public class OCSPRequestGenerator {

    /* renamed from: a, reason: collision with root package name */
    String f12322a;

    /* renamed from: b, reason: collision with root package name */
    ASN1EncodableVector f12323b;

    /* renamed from: c, reason: collision with root package name */
    com.dreamsecurity.jcaos.asn1.g.b f12324c;

    /* renamed from: d, reason: collision with root package name */
    int f12325d;

    /* renamed from: e, reason: collision with root package name */
    byte[] f12326e;

    /* renamed from: f, reason: collision with root package name */
    boolean f12327f;

    public OCSPRequestGenerator() {
        this.f12325d = 1;
        this.f12326e = null;
        this.f12327f = false;
        this.f12322a = "SHA1";
        this.f12327f = i.a();
        this.f12325d = 1;
    }

    public OCSPRequestGenerator(String str) {
        this.f12325d = 1;
        this.f12326e = null;
        this.f12327f = false;
        this.f12322a = str;
        this.f12327f = i.a();
        this.f12325d = 1;
    }

    private q a(X509Certificate x509Certificate) throws IOException, ParsingException, NoSuchAlgorithmException {
        SecureRandom secureRandom;
        GeneralName generalName = x509Certificate != null ? new GeneralName(new Name(RDNSequence.getInstance(new ASN1InputStream(x509Certificate.getSubjectDN().getEncoded()).readObject()))) : null;
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (this.f12325d != 0) {
            byte[] bArr = this.f12326e;
            if (bArr == null) {
                bArr = new byte[8];
                try {
                    secureRandom = SecureRandom.getInstance("SHA1PRNG", Environment.getJCEProvider("SHA1PRNG"));
                } catch (NoSuchProviderException unused) {
                    secureRandom = SecureRandom.getInstance("SHA1PRNG");
                }
                secureRandom.nextBytes(bArr);
            }
            aSN1EncodableVector.add(new t(X509ObjectIdentifiers.id_pkix_ocsp_nonce, false, bArr));
        }
        if (this.f12324c == null) {
            com.dreamsecurity.jcaos.asn1.g.b bVar = new com.dreamsecurity.jcaos.asn1.g.b();
            this.f12324c = bVar;
            bVar.a(X509ObjectIdentifiers.id_pkix_ocsp_basic);
        }
        aSN1EncodableVector.add(new t(X509ObjectIdentifiers.id_pkix_ocsp_response, false, (DEREncodable) this.f12324c));
        return new q(0, generalName, this.f12323b, new u(aSN1EncodableVector));
    }

    public void a(String str) {
        if (this.f12324c == null) {
            this.f12324c = new com.dreamsecurity.jcaos.asn1.g.b();
        }
        this.f12324c.b(str);
    }

    public void addRequestCert(X509Certificate x509Certificate) throws NoSuchAlgorithmException, NoSuchProviderException, ParsingException, IOException, InvalidKeySpecException {
        addRequestCert(null, x509Certificate);
    }

    public void addRequestCert(X509Certificate x509Certificate, X509Certificate x509Certificate2) throws NoSuchAlgorithmException, NoSuchProviderException, ParsingException, IOException, InvalidKeySpecException {
        if (x509Certificate == null && x509Certificate2.getAuthorityKeyIdentifier() == null) {
            throw new ParsingException("The requestCert does not have aki field.");
        }
        String str = this.f12322a;
        MessageDigest messageDigest = MessageDigest.getInstance(str, Environment.getJCEProvider(str));
        addRequestCert(messageDigest.digest(x509Certificate2.getIssuerDN().getEncoded()), x509Certificate != null ? messageDigest.digest(SubjectPublicKeyInfo.getInstance(new ASN1InputStream(x509Certificate.getSubjectPublicKeyInfo().getEncoded()).readObject()).getSubjectPublicKey().getBytes()) : x509Certificate2.getAuthorityKeyIdentifier().getKeyIdentifier(), x509Certificate2.getSerialNumber());
    }

    public void addRequestCert(byte[] bArr, byte[] bArr2, BigInteger bigInteger) throws NoSuchAlgorithmException, NoSuchProviderException, ParsingException, IOException {
        String str = this.f12322a;
        MessageDigest.getInstance(str, Environment.getJCEProvider(str));
        com.dreamsecurity.jcaos.asn1.g.i iVar = new com.dreamsecurity.jcaos.asn1.g.i(new com.dreamsecurity.jcaos.asn1.g.d(AlgorithmIdentifier.getInstance(this.f12322a), bArr, bArr2, bigInteger));
        if (this.f12323b == null) {
            this.f12323b = new ASN1EncodableVector();
        }
        this.f12323b.add(iVar);
    }

    public OCSPRequest generate() throws IOException, ParsingException, NoSuchAlgorithmException {
        if (this.f12327f) {
            i.a((Object) getClass(), "generate");
        }
        g gVar = new g(a((X509Certificate) null));
        if (this.f12327f) {
            i.a(i.f12171g, getClass(), "generate", "(OUT) OCSP ReqMsg", gVar.getEncoded());
            i.b(getClass(), "generate");
        }
        return OCSPRequest.getInstance(gVar);
    }

    public OCSPRequest generate(X509Certificate x509Certificate, PKCS8PrivateKeyInfo pKCS8PrivateKeyInfo, String str) throws IOException, ParsingException, SignatureException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        Signature signature;
        boolean z5 = SingleResponse.f12332b;
        if (this.f12327f) {
            i.a((Object) getClass(), "generate");
            i.a(i.f12171g, getClass(), "generate", "(IN) MyCert", x509Certificate.getEncoded());
            i.a(i.f12171g, getClass(), "generate", "(IN) MyPriKeyInfo", pKCS8PrivateKeyInfo.getEncoded());
            i.a(i.f12171g, getClass(), "generate", "(IN) HashAlg", str);
        }
        q a6 = a(x509Certificate);
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str);
        stringBuffer.append(e.f25866y0);
        stringBuffer.append(pKCS8PrivateKeyInfo.getPrivateKey().getAlgorithm());
        String stringBuffer2 = stringBuffer.toString();
        if (this.f12327f) {
            i.a(i.f12171g, getClass(), "generate", "SignAlg", stringBuffer2);
        }
        PrivateKey privateKey = pKCS8PrivateKeyInfo.getPrivateKey();
        if (privateKey.toString().toLowerCase().indexOf("pkcs11") == -1 && privateKey.toString().toLowerCase().indexOf("androidkeystore") == -1 && privateKey.toString().toLowerCase().indexOf("lunakey") == -1) {
            signature = Signature.getInstance(stringBuffer2, privateKey.toString().toLowerCase().indexOf("magictoken") != -1 ? "MagicToken" : Environment.getJCEProvider(stringBuffer2));
        } else {
            signature = Signature.getInstance(stringBuffer2);
        }
        signature.initSign(privateKey);
        signature.update(a6.getDEREncoded());
        byte[] sign = signature.sign();
        AlgorithmIdentifier algorithmIdentifier = AlgorithmIdentifier.getInstance(stringBuffer2);
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(x509Certificate.a().getDERObject());
        g gVar = new g(a6, new o(algorithmIdentifier, sign, aSN1EncodableVector));
        if (this.f12327f) {
            i.a(i.f12171g, getClass(), "generate", "(OUT) OCSP ReqMsg", gVar.getEncoded());
            i.b(getClass(), "generate");
        }
        OCSPRequest oCSPRequest = OCSPRequest.getInstance(gVar);
        if (ASN1Encodable.f10810c) {
            SingleResponse.f12332b = !z5;
        }
        return oCSPRequest;
    }

    /* JADX WARN: Code restructure failed: missing block: B:3:0x0007, code lost:
    
        if (com.dreamsecurity.jcaos.ocsp.SingleResponse.f12332b != false) goto L5;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void setNonce(byte[] r2) {
        /*
            r1 = this;
            if (r2 == 0) goto L9
            r0 = 2
            r1.f12325d = r0
            boolean r0 = com.dreamsecurity.jcaos.ocsp.SingleResponse.f12332b
            if (r0 == 0) goto Lc
        L9:
            r0 = 0
            r1.f12325d = r0
        Lc:
            r1.f12326e = r2
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.dreamsecurity.jcaos.ocsp.OCSPRequestGenerator.setNonce(byte[]):void");
    }
}
