package com.dreamsecurity.jcaos.x509;

import com.dreamsecurity.jcaos.Environment;
import com.dreamsecurity.jcaos.asn1.ASN1EncodableVector;
import com.dreamsecurity.jcaos.asn1.ASN1InputStream;
import com.dreamsecurity.jcaos.asn1.DERBitString;
import com.dreamsecurity.jcaos.asn1.DERObjectIdentifier;
import com.dreamsecurity.jcaos.asn1.DEROctetString;
import com.dreamsecurity.jcaos.asn1.DERSequence;
import com.dreamsecurity.jcaos.asn1.F;
import com.dreamsecurity.jcaos.asn1.H;
import com.dreamsecurity.jcaos.asn1.oid.VIDObjectIdentifiers;
import com.dreamsecurity.jcaos.asn1.oid.X509ObjectIdentifiers;
import com.dreamsecurity.jcaos.asn1.x509.AlgorithmIdentifier;
import com.dreamsecurity.jcaos.asn1.x509.C;
import com.dreamsecurity.jcaos.asn1.x509.C0672b;
import com.dreamsecurity.jcaos.asn1.x509.C0677g;
import com.dreamsecurity.jcaos.asn1.x509.C0678h;
import com.dreamsecurity.jcaos.asn1.x509.C0680j;
import com.dreamsecurity.jcaos.asn1.x509.C0681k;
import com.dreamsecurity.jcaos.asn1.x509.Certificate;
import com.dreamsecurity.jcaos.asn1.x509.GeneralName;
import com.dreamsecurity.jcaos.asn1.x509.K;
import com.dreamsecurity.jcaos.asn1.x509.Name;
import com.dreamsecurity.jcaos.asn1.x509.RDNSequence;
import com.dreamsecurity.jcaos.asn1.x509.SubjectPublicKeyInfo;
import com.dreamsecurity.jcaos.asn1.x509.TBSCertificate;
import com.dreamsecurity.jcaos.asn1.x509.n;
import com.dreamsecurity.jcaos.asn1.x509.q;
import com.dreamsecurity.jcaos.asn1.x509.r;
import com.dreamsecurity.jcaos.asn1.x509.s;
import com.dreamsecurity.jcaos.asn1.x509.v;
import com.dreamsecurity.jcaos.exception.ParsingException;
import com.dreamsecurity.jcaos.exception.UseOrderException;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.util.Calendar;
import java.util.Date;

/* loaded from: classes.dex */
public class X509CertificateGenerator {
    public static final int AKI_AUTH_CERT_ISSUER_AND_SERIAL_NUM = 2;
    public static final int AKI_KEY_ID = 1;
    public static final int GENERAL_NAME_DNSNAME = 2;
    public static final int GENERAL_NAME_OTHERNAME = 0;
    public static final int KEY_USAGE_CRL_SIGN = 2;
    public static final int KEY_USAGE_DATA_ENCIPHERMENT = 16;
    public static final int KEY_USAGE_DECIPHER_ONLY = 32768;
    public static final int KEY_USAGE_DIGITAL_SIGNATURE = 128;
    public static final int KEY_USAGE_ENCIPHER_ONLY = 1;
    public static final int KEY_USAGE_KEY_AGREEMENT = 8;
    public static final int KEY_USAGE_KEY_CERT_SIGN = 4;
    public static final int KEY_USAGE_KEY_ENCIPHERMENT = 32;
    public static final int KEY_USAGE_NONT_REPUDIATION = 64;

    /* renamed from: r, reason: collision with root package name */
    static final int f12564r = 0;

    /* renamed from: s, reason: collision with root package name */
    static final int f12565s = 1;

    /* renamed from: t, reason: collision with root package name */
    static final int f12566t = 2;

    /* renamed from: u, reason: collision with root package name */
    static final int f12567u = 3;

    /* renamed from: v, reason: collision with root package name */
    static final int f12568v = 4;

    /* renamed from: w, reason: collision with root package name */
    static final int f12569w = 5;

    /* renamed from: x, reason: collision with root package name */
    static final int f12570x = 6;

    /* renamed from: y, reason: collision with root package name */
    static final int f12571y = 7;

    /* renamed from: a, reason: collision with root package name */
    TBSCertificate f12572a;

    /* renamed from: b, reason: collision with root package name */
    X509Certificate f12573b;

    /* renamed from: c, reason: collision with root package name */
    PrivateKey f12574c;

    /* renamed from: d, reason: collision with root package name */
    String f12575d;

    /* renamed from: e, reason: collision with root package name */
    String f12576e;

    /* renamed from: f, reason: collision with root package name */
    AlgorithmIdentifier f12577f;

    /* renamed from: g, reason: collision with root package name */
    boolean f12578g;

    /* renamed from: h, reason: collision with root package name */
    boolean f12579h;

    /* renamed from: i, reason: collision with root package name */
    boolean[] f12580i;

    /* renamed from: j, reason: collision with root package name */
    DEROctetString f12581j;

    /* renamed from: k, reason: collision with root package name */
    C0680j f12582k;

    /* renamed from: l, reason: collision with root package name */
    C0672b f12583l;

    /* renamed from: m, reason: collision with root package name */
    s f12584m;

    /* renamed from: n, reason: collision with root package name */
    ASN1EncodableVector f12585n;

    /* renamed from: o, reason: collision with root package name */
    C0681k f12586o;

    /* renamed from: p, reason: collision with root package name */
    n f12587p;

    /* renamed from: q, reason: collision with root package name */
    com.dreamsecurity.jcaos.asn1.x509.l f12588q;

    X509CertificateGenerator(X509Certificate x509Certificate, PrivateKey privateKey) {
        int i6 = X509Certificate.f12561c;
        this.f12577f = null;
        this.f12578g = false;
        this.f12581j = null;
        this.f12582k = null;
        this.f12583l = null;
        this.f12584m = null;
        this.f12585n = null;
        this.f12586o = null;
        this.f12587p = null;
        this.f12588q = null;
        this.f12573b = x509Certificate;
        this.f12574c = privateKey;
        this.f12572a = new TBSCertificate();
        this.f12579h = false;
        this.f12580i = new boolean[8];
        int i7 = 0;
        do {
            boolean[] zArr = this.f12580i;
            if (i7 >= zArr.length) {
                return;
            }
            zArr[i7] = false;
            i7++;
        } while (i6 == 0);
    }

    public static X509CertificateGenerator getInstance(X509Certificate x509Certificate, PrivateKey privateKey) {
        return new X509CertificateGenerator(x509Certificate, privateKey);
    }

    public void addExtKeyUsage(String str, boolean z5) {
        if (this.f12584m == null) {
            this.f12584m = new s();
        }
        this.f12584m.b(str);
        this.f12579h = true;
        this.f12580i[7] = z5;
    }

    public void addSubjectAltName(int i6, String str, String str2, String str3, byte[] bArr, boolean z5) throws NoSuchAlgorithmException, NoSuchProviderException {
        addSubjectAltName(i6, str, str2, str3.getBytes(), bArr, z5);
    }

    public void addSubjectAltName(int i6, String str, String str2, byte[] bArr, boolean z5) throws NoSuchAlgorithmException, NoSuchProviderException, IOException {
        if (this.f12585n == null) {
            this.f12585n = new ASN1EncodableVector();
        }
        if (i6 == 0) {
            com.dreamsecurity.jcaos.asn1.n.f a6 = com.dreamsecurity.jcaos.asn1.n.a.a(new ASN1InputStream(bArr).readObject()).a();
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new C0678h(VIDObjectIdentifiers.id_VID, a6.toASN1Object()));
            this.f12585n.add(new GeneralName(new C0677g(VIDObjectIdentifiers.id_kisa_identifyData, new com.dreamsecurity.jcaos.asn1.n.d(str2, aSN1EncodableVector))));
            if (X509Certificate.f12561c == 0) {
                this.f12579h = true;
                this.f12580i[3] = z5;
                return;
            }
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("The ");
        stringBuffer.append(i6);
        stringBuffer.append(" is not supported.");
        throw new InvalidParameterException(stringBuffer.toString());
    }

    public void addSubjectAltName(int i6, String str, String str2, byte[] bArr, byte[] bArr2, boolean z5) throws NoSuchAlgorithmException, NoSuchProviderException {
        if (this.f12585n == null) {
            this.f12585n = new ASN1EncodableVector();
        }
        if (i6 == 0) {
            com.dreamsecurity.jcaos.asn1.n.c cVar = new com.dreamsecurity.jcaos.asn1.n.c(bArr, bArr2);
            MessageDigest messageDigest = MessageDigest.getInstance(str, Environment.getJCEProvider(str));
            com.dreamsecurity.jcaos.asn1.n.f fVar = new com.dreamsecurity.jcaos.asn1.n.f(AlgorithmIdentifier.getInstance(str), messageDigest.digest(messageDigest.digest(cVar.getDEREncoded())));
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new C0678h(VIDObjectIdentifiers.id_VID, fVar.toASN1Object()));
            this.f12585n.add(new GeneralName(new C0677g(VIDObjectIdentifiers.id_kisa_identifyData, new com.dreamsecurity.jcaos.asn1.n.d(str2, aSN1EncodableVector))));
            if (X509Certificate.f12561c == 0) {
                this.f12579h = true;
                this.f12580i[3] = z5;
                return;
            }
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("The ");
        stringBuffer.append(i6);
        stringBuffer.append(" is not supported.");
        throw new InvalidParameterException(stringBuffer.toString());
    }

    public void addSubjectAltName(int i6, String str, boolean z5) {
        if (this.f12585n == null) {
            this.f12585n = new ASN1EncodableVector();
        }
        if (i6 == 2) {
            this.f12585n.add(new GeneralName(i6, str));
            if (X509Certificate.f12561c == 0) {
                this.f12579h = true;
                this.f12580i[3] = z5;
                return;
            }
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("The ");
        stringBuffer.append(i6);
        stringBuffer.append(" is not supported.");
        throw new InvalidParameterException(stringBuffer.toString());
    }

    public X509Certificate composeCert(byte[] bArr) {
        return new X509Certificate(new Certificate(this.f12572a, this.f12577f, new DERBitString(bArr)));
    }

    public void genRootCert() {
        this.f12578g = true;
    }

    public X509Certificate generate(String str) throws UseOrderException, IOException, ParsingException, InvalidKeyException, SignatureException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException {
        Signature signature;
        String str2;
        String jCEProvider;
        getTBSCert(str, this.f12574c.getAlgorithm());
        if (this.f12574c.getAlgorithm().equals("EC")) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(this.f12575d);
            stringBuffer.append("DSA");
            this.f12575d = stringBuffer.toString();
        }
        if (this.f12574c.toString().toLowerCase().indexOf("pkcs11") == -1 && this.f12574c.toString().toLowerCase().indexOf("androidkeystore") == -1 && this.f12574c.toString().toLowerCase().indexOf("lunakey") == -1) {
            if (this.f12574c.toString().toLowerCase().indexOf("magictoken") != -1) {
                str2 = this.f12575d;
                jCEProvider = "MagicToken";
            } else {
                str2 = this.f12575d;
                jCEProvider = Environment.getJCEProvider(str2);
            }
            signature = Signature.getInstance(str2, jCEProvider);
        } else {
            signature = Signature.getInstance(this.f12575d);
        }
        signature.initSign(this.f12574c);
        signature.update(this.f12572a.getDEREncoded());
        return composeCert(signature.sign());
    }

    public byte[] getTBSCert(String str, String str2) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException, UseOrderException, IOException, ParsingException {
        return getTBSCert(str, str2, "");
    }

    /* JADX WARN: Code restructure failed: missing block: B:13:0x006a, code lost:
    
        if (r0 != 0) goto L17;
     */
    /* JADX WARN: Code restructure failed: missing block: B:17:0x0091, code lost:
    
        if (r0 != 0) goto L22;
     */
    /* JADX WARN: Code restructure failed: missing block: B:4:0x0013, code lost:
    
        if (r0 != 0) goto L6;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public byte[] getTBSCert(java.lang.String r8, java.lang.String r9, java.lang.String r10) throws com.dreamsecurity.jcaos.exception.UseOrderException, java.io.IOException, com.dreamsecurity.jcaos.exception.ParsingException, java.security.NoSuchProviderException, java.security.NoSuchAlgorithmException, java.security.spec.InvalidKeySpecException {
        /*
            Method dump skipped, instructions count: 397
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.dreamsecurity.jcaos.x509.X509CertificateGenerator.getTBSCert(java.lang.String, java.lang.String, java.lang.String):byte[]");
    }

    public void setAuthorityKeyIdentifier(int i6, boolean z5) throws IOException, ParsingException, NoSuchAlgorithmException, UseOrderException {
        C0680j c0680j;
        byte[] bArr;
        X509Certificate x509Certificate = this.f12573b;
        if (x509Certificate == null && !this.f12578g) {
            throw new IOException("The issuerCert is not setted.");
        }
        if (!this.f12578g) {
            RDNSequence rDNSequence = null;
            byte[] subjectKeyIdentifier = (i6 & 1) != 0 ? x509Certificate.getSubjectKeyIdentifier() : null;
            if ((i6 & 2) != 0) {
                rDNSequence = this.f12573b.getIssuerDN().a();
                bArr = this.f12573b.getSerialNumber().toByteArray();
            } else {
                bArr = null;
            }
            c0680j = new C0680j(subjectKeyIdentifier, rDNSequence, bArr);
        } else {
            if (this.f12572a.getSubjectPublicKeyInfo() == null) {
                throw new UseOrderException("The SubjectPublicKey is not setted.");
            }
            c0680j = new C0680j(MessageDigest.getInstance("SHA1").digest(this.f12572a.getSubjectPublicKeyInfo().getSubjectPublicKey().getBytes()));
        }
        this.f12582k = c0680j;
        this.f12579h = true;
        this.f12580i[1] = z5;
    }

    /* JADX WARN: Code restructure failed: missing block: B:4:0x000c, code lost:
    
        if (com.dreamsecurity.jcaos.x509.X509Certificate.f12561c != 0) goto L6;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void setBasicConstraints(boolean r2, int r3, boolean r4) {
        /*
            r1 = this;
            r0 = -1
            if (r3 != r0) goto Le
            com.dreamsecurity.jcaos.asn1.x509.k r0 = new com.dreamsecurity.jcaos.asn1.x509.k
            r0.<init>(r2)
            r1.f12586o = r0
            int r0 = com.dreamsecurity.jcaos.x509.X509Certificate.f12561c
            if (r0 == 0) goto L15
        Le:
            com.dreamsecurity.jcaos.asn1.x509.k r0 = new com.dreamsecurity.jcaos.asn1.x509.k
            r0.<init>(r2, r3)
            r1.f12586o = r0
        L15:
            r2 = 1
            r1.f12579h = r2
            boolean[] r2 = r1.f12580i
            r3 = 4
            r2[r3] = r4
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.dreamsecurity.jcaos.x509.X509CertificateGenerator.setBasicConstraints(boolean, int, boolean):void");
    }

    public void setCertPolicy(String str, String str2, String str3, boolean z5) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (str3 != null && str3.length() > 0) {
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.add(new F(str3));
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            aSN1EncodableVector3.add(X509ObjectIdentifiers.id_qt_unotice);
            aSN1EncodableVector3.add(new DERSequence(aSN1EncodableVector2));
            aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector3));
        }
        if (str2 != null && str2.length() > 0) {
            ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
            aSN1EncodableVector4.add(X509ObjectIdentifiers.id_qt_cps);
            aSN1EncodableVector4.add(new H(str2));
            aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector4));
        }
        this.f12587p = new n(new DERSequence(new C[]{new C(new DERObjectIdentifier(str), new DERSequence(aSN1EncodableVector))}));
        this.f12579h = true;
        this.f12580i[5] = z5;
    }

    public void setCrlDP(String str, boolean z5) {
        this.f12588q = new com.dreamsecurity.jcaos.asn1.x509.l(new DERSequence(new q[]{new q(new r(new v(new GeneralName(6, str))))}));
        this.f12579h = true;
        this.f12580i[6] = z5;
    }

    public void setKeyUsage(int i6, boolean z5) {
        this.f12583l = new C0672b(i6);
        this.f12579h = true;
        this.f12580i[2] = z5;
    }

    public void setSerialNumber(byte[] bArr) {
        this.f12572a.a(new BigInteger(1, bArr));
    }

    public void setSubjectDN(X500Principal x500Principal) throws IOException, ParsingException {
        this.f12572a.b(new Name(x500Principal.a()));
    }

    public void setSubjectKeyIdentifier(boolean z5) throws NoSuchAlgorithmException, UseOrderException {
        if (this.f12572a.getSubjectPublicKeyInfo() == null) {
            throw new UseOrderException("The SubjectPublicKey is not setted.");
        }
        this.f12581j = new DEROctetString(MessageDigest.getInstance("SHA1").digest(this.f12572a.getSubjectPublicKeyInfo().getSubjectPublicKey().getBytes()));
        this.f12579h = true;
        this.f12580i[0] = z5;
    }

    public void setSubjectPublicKey(PublicKey publicKey) throws IOException, NoSuchAlgorithmException {
        this.f12572a.a(SubjectPublicKeyInfo.getInstance(new ASN1InputStream(publicKey.getEncoded()).readObject()));
    }

    public void setValidity(int i6, int i7, int i8) {
        Date time = Calendar.getInstance().getTime();
        Calendar calendar = Calendar.getInstance();
        if (i6 != 0) {
            calendar.add(1, i6);
        }
        if (i7 != 0) {
            calendar.add(2, i7);
        }
        if (i8 != 0) {
            calendar.add(5, i8);
        }
        this.f12572a.a(new K(time, calendar.getTime()));
    }

    public void setValidity(Date date, Date date2) {
        this.f12572a.a(new K(date, date2));
    }
}
