package U2;

import android.content.Context;
import com.microsoft.identity.common.java.platform.AbstractDevicePopManager;
import com.sophos.jsceplib.ScepException;
import java.io.IOException;
import java.math.BigInteger;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Locale;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DERPrintableString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.ExtensionsGenerator;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
import org.jscep.client.ClientException;
import org.jscep.transaction.TransactionException;
import y5.d;

/* loaded from: classes2.dex */
public class b {

    /* renamed from: n, reason: collision with root package name */
    private static a f2285n;

    /* renamed from: a, reason: collision with root package name */
    private y5.b f2286a;

    /* renamed from: b, reason: collision with root package name */
    private final String f2287b;

    /* renamed from: c, reason: collision with root package name */
    private final String f2288c;

    /* renamed from: d, reason: collision with root package name */
    private final String f2289d;

    /* renamed from: e, reason: collision with root package name */
    private final String f2290e;

    /* renamed from: f, reason: collision with root package name */
    private final Context f2291f;

    /* renamed from: g, reason: collision with root package name */
    private String f2292g = null;

    /* renamed from: h, reason: collision with root package name */
    private String f2293h = null;

    /* renamed from: i, reason: collision with root package name */
    private String f2294i = null;

    /* renamed from: j, reason: collision with root package name */
    private String f2295j = null;

    /* renamed from: k, reason: collision with root package name */
    private String f2296k = null;

    /* renamed from: l, reason: collision with root package name */
    private int f2297l = 192;

    /* renamed from: m, reason: collision with root package name */
    private int f2298m = 2048;

    public b(Context context, String str, String str2, String str3, String str4) {
        this.f2287b = str;
        this.f2288c = str2;
        this.f2289d = str3;
        this.f2291f = context;
        this.f2290e = str4;
    }

    private void a(PKCS10CertificationRequestBuilder pKCS10CertificationRequestBuilder) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        try {
            String str = this.f2293h;
            if (str != null && str.length() > 0) {
                a4.c.e("SCEP", "add PrincipalName : " + this.f2293h);
                ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
                aSN1EncodableVector2.add(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.20.2.3"));
                aSN1EncodableVector2.add(new DERTaggedObject(true, 0, (ASN1Encodable) new DERUTF8String(this.f2293h)));
                aSN1EncodableVector.add(new DERTaggedObject(false, 0, (ASN1Encodable) new DERSequence(aSN1EncodableVector2)));
            }
            String str2 = this.f2294i;
            if (str2 != null && str2.length() > 0) {
                a4.c.e("SCEP", "add DnsName : " + this.f2294i);
                aSN1EncodableVector.add(new GeneralName(2, new DERIA5String(this.f2294i)));
            }
            String str3 = this.f2295j;
            if (str3 != null && str3.length() > 0) {
                a4.c.e("SCEP", "add Rfc822Name : " + this.f2295j);
                aSN1EncodableVector.add(new GeneralName(1, new DERIA5String(this.f2295j)));
            }
            String str4 = this.f2296k;
            if (str4 != null && str4.length() > 0) {
                a4.c.e("SCEP", "add UniformResourceIdentifier : " + this.f2296k);
                aSN1EncodableVector.add(new GeneralName(6, new DERIA5String(this.f2296k)));
            }
            if (aSN1EncodableVector.size() > 0) {
                ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
                extensionsGenerator.addExtension(Extension.subjectAlternativeName, true, (ASN1Encodable) new DERSequence(aSN1EncodableVector));
                pKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate());
            }
        } catch (Exception e6) {
            a4.c.k("SCEP", "cannot add SubjectAltName.", e6);
        }
    }

    private d e(String str, String str2, KeyPair keyPair) throws ScepException {
        try {
            X509Certificate b6 = b(str2, keyPair);
            PKCS10CertificationRequestBuilder jcaPKCS10CertificationRequestBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Principal(str2), keyPair.getPublic());
            int i6 = this.f2297l;
            if (i6 != 0) {
                KeyUsage keyUsage = new KeyUsage(i6);
                a4.c.e("SCEP", "enroll certifcate with key usage: " + keyUsage.toString());
                jcaPKCS10CertificationRequestBuilder.addAttribute(Extension.keyUsage, keyUsage);
            }
            jcaPKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, new DERPrintableString(str));
            a(jcaPKCS10CertificationRequestBuilder);
            return this.f2286a.b(b6, keyPair.getPrivate(), jcaPKCS10CertificationRequestBuilder.build(new JcaContentSignerBuilder("SHA256withRSA").build(keyPair.getPrivate())), this.f2292g);
        } catch (ClientException e6) {
            throw new ScepException(e6);
        } catch (TransactionException e7) {
            throw new ScepException(e7);
        } catch (Exception e8) {
            throw new ScepException(e8);
        }
    }

    public static a f() {
        return f2285n;
    }

    public static void h(a aVar) {
        f2285n = aVar;
    }

    public X509Certificate b(String str, KeyPair keyPair) throws InvalidKeyException, SignatureException, OperatorCreationException, IOException, CertificateException {
        Security.addProvider(new BouncyCastleProvider());
        Calendar calendar = Calendar.getInstance();
        calendar.add(5, -1);
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(5, 1);
        return new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(new X509v3CertificateBuilder(new X500Name(str), BigInteger.valueOf(System.currentTimeMillis()), calendar.getTime(), calendar2.getTime(), Locale.getDefault(), new X500Name(str), SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded())).build(new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(new BouncyCastleProvider()).build(keyPair.getPrivate())));
    }

    public void c() throws ScepException {
        try {
            this.f2286a = new y5.b(new URL(this.f2287b), new y5.c(new A5.b()));
        } catch (MalformedURLException e6) {
            throw new ScepException(e6);
        }
    }

    public boolean d(String str) throws ScepException {
        if (this.f2286a == null) {
            throw new ScepException("No connect called!");
        }
        String format = String.format("CN=%s, O=%s", this.f2288c, this.f2289d);
        KeyPair g6 = g();
        d e6 = e(str, format, g6);
        if (e6 == null) {
            return false;
        }
        if (e6.b()) {
            new c(this.f2291f, this.f2288c, this.f2289d, this.f2290e).i(e6.a(), g6.getPrivate());
        }
        return e6.b();
    }

    public KeyPair g() throws ScepException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(AbstractDevicePopManager.KeyPairGeneratorAlgorithms.RSA);
            keyPairGenerator.initialize(this.f2298m);
            return keyPairGenerator.genKeyPair();
        } catch (Exception e6) {
            throw new ScepException(e6);
        }
    }

    public void i(int i6) {
        this.f2297l = i6;
    }
}
