package com.RNRSA;

import android.util.Log;
import androidx.autofill.HintConstants;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.Signature;
import java.util.HashMap;
import java.util.Map;
import java.util.function.BiConsumer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.ExtensionsGenerator;
import org.bouncycastle.i18n.MessageBundle;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;

/* loaded from: classes.dex */
public class CsrHelper {
    private static final String DEFAULT_SIGNATURE_ALGORITHM = "SHA256withECDSA";
    private static final Map<String, ASN1ObjectIdentifier> attributesMap = new HashMap<String, ASN1ObjectIdentifier>() { // from class: com.RNRSA.CsrHelper.1
        {
            put("commonName", BCStyle.CN);
            put("organizationName", BCStyle.O);
            put("organizationUnitName", BCStyle.OU);
            put("countryName", BCStyle.C);
            put("stateOrProvinceName", BCStyle.ST);
            put("localityName", BCStyle.L);
            put(HintConstants.AUTOFILL_HINT_EMAIL_ADDRESS, BCStyle.EmailAddress);
            put("organizationIdentifier", BCStyle.ORGANIZATION_IDENTIFIER);
            put(MessageBundle.TITLE_ENTRY, BCStyle.T);
            put("description", BCStyle.DESCRIPTION);
            put("givenName", BCStyle.GIVENNAME);
            put("surname", BCStyle.SURNAME);
        }
    };

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class JCESigner implements ContentSigner {
        private static Map<String, AlgorithmIdentifier> ALGOS;
        private String mAlgo;
        private ByteArrayOutputStream outputStream;
        private Signature signature;

        static {
            HashMap hashMap = new HashMap();
            ALGOS = hashMap;
            hashMap.put(CsrHelper.DEFAULT_SIGNATURE_ALGORITHM.toLowerCase(), new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.10045.4.3.2")));
            ALGOS.put("SHA256withRSA".toLowerCase(), new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.113549.1.1.11")));
            ALGOS.put("SHA1withRSA".toLowerCase(), new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.840.113549.1.1.5")));
        }

        public JCESigner(String str, String str2) {
            this.mAlgo = str.toLowerCase();
            try {
                KeyStore.Entry entry = getEntry(str2);
                this.outputStream = new ByteArrayOutputStream();
                this.signature = Signature.getInstance(str);
                this.signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
            } catch (IOException e) {
                Log.e("generateCSR", "IOException: " + e.getMessage());
                throw new IllegalArgumentException(e.getMessage());
            } catch (GeneralSecurityException e2) {
                Log.e("generateCSR", "generateCSR: " + e2.getMessage());
                throw new IllegalArgumentException(e2.getMessage());
            }
        }

        @Override // org.bouncycastle.operator.ContentSigner
        public AlgorithmIdentifier getAlgorithmIdentifier() {
            AlgorithmIdentifier algorithmIdentifier = ALGOS.get(this.mAlgo);
            if (algorithmIdentifier != null) {
                return algorithmIdentifier;
            }
            throw new IllegalArgumentException("Does not support algo: " + this.mAlgo);
        }

        public KeyStore.Entry getEntry(String str) throws GeneralSecurityException, IOException {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getEntry(str, null);
        }

        @Override // org.bouncycastle.operator.ContentSigner
        public OutputStream getOutputStream() {
            return this.outputStream;
        }

        @Override // org.bouncycastle.operator.ContentSigner
        public byte[] getSignature() {
            try {
                this.signature.update(this.outputStream.toByteArray());
                return this.signature.sign();
            } catch (GeneralSecurityException e) {
                e.printStackTrace();
                return null;
            }
        }
    }

    public static PKCS10CertificationRequest generateCSR(PublicKey publicKey, HashMap<String, String> hashMap, String str, String str2) throws IOException, OperatorCreationException {
        JCESigner jCESigner = new JCESigner(str2, str);
        final X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        hashMap.forEach(new BiConsumer() { // from class: com.RNRSA.CsrHelper$$ExternalSyntheticLambda0
            @Override // java.util.function.BiConsumer
            public final void accept(Object obj, Object obj2) {
                CsrHelper.lambda$generateCSR$0(X500NameBuilder.this, (String) obj, (String) obj2);
            }
        });
        JcaPKCS10CertificationRequestBuilder jcaPKCS10CertificationRequestBuilder = new JcaPKCS10CertificationRequestBuilder(x500NameBuilder.build(), publicKey);
        jcaPKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new ExtensionsGenerator().generate());
        return jcaPKCS10CertificationRequestBuilder.build(jCESigner);
    }

    public static PKCS10CertificationRequest generateCSRWithEC(PublicKey publicKey, HashMap<String, String> hashMap, String str) throws IOException, OperatorCreationException {
        return generateCSR(publicKey, hashMap, str, DEFAULT_SIGNATURE_ALGORITHM);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$generateCSR$0(X500NameBuilder x500NameBuilder, String str, String str2) {
        Map<String, ASN1ObjectIdentifier> map = attributesMap;
        if (map.containsKey(str)) {
            x500NameBuilder.addRDN(map.get(str), str2);
        }
    }
}
