package k20;

import java.math.BigInteger;
import java.net.InetAddress;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;
import kotlin.Pair;
import kotlin.collections.t;
import kotlin.collections.v;
import kotlin.i;
import kotlin.jvm.internal.o;
import kotlin.jvm.internal.s;
import kotlin.text.Regex;
import okhttp3.tls.internal.der.BasicDerAdapter;
import okhttp3.tls.internal.der.CertificateAdapters;
import okhttp3.tls.internal.der.c;
import okhttp3.tls.internal.der.d;
import okhttp3.tls.internal.der.e;
import okhttp3.tls.internal.der.f;
import okhttp3.tls.internal.der.k;
import okhttp3.tls.internal.der.m;
import okhttp3.tls.internal.der.n;
import okio.ByteString;

/* compiled from: HeldCertificate.kt */
/* loaded from: classes22.dex */
public final class b {

    /* renamed from: c, reason: collision with root package name */
    public static final C0599b f56667c = new C0599b(null);

    /* renamed from: d, reason: collision with root package name */
    public static final Regex f56668d = new Regex("-----BEGIN ([!-,.-~ ]*)-----([^-]*)-----END \\1-----");

    /* renamed from: a, reason: collision with root package name */
    public final KeyPair f56669a;

    /* renamed from: b, reason: collision with root package name */
    public final X509Certificate f56670b;

    /* compiled from: HeldCertificate.kt */
    /* loaded from: classes22.dex */
    public static final class a {

        /* renamed from: l, reason: collision with root package name */
        public static final C0598a f56671l = new C0598a(null);

        /* renamed from: c, reason: collision with root package name */
        public String f56674c;

        /* renamed from: d, reason: collision with root package name */
        public String f56675d;

        /* renamed from: f, reason: collision with root package name */
        public BigInteger f56677f;

        /* renamed from: g, reason: collision with root package name */
        public KeyPair f56678g;

        /* renamed from: h, reason: collision with root package name */
        public b f56679h;

        /* renamed from: j, reason: collision with root package name */
        public String f56681j;

        /* renamed from: k, reason: collision with root package name */
        public int f56682k;

        /* renamed from: a, reason: collision with root package name */
        public long f56672a = -1;

        /* renamed from: b, reason: collision with root package name */
        public long f56673b = -1;

        /* renamed from: e, reason: collision with root package name */
        public final List<String> f56676e = new ArrayList();

        /* renamed from: i, reason: collision with root package name */
        public int f56680i = -1;

        /* compiled from: HeldCertificate.kt */
        /* renamed from: k20.b$a$a, reason: collision with other inner class name */
        /* loaded from: classes22.dex */
        public static final class C0598a {
            private C0598a() {
            }

            public /* synthetic */ C0598a(o oVar) {
                this();
            }
        }

        public a() {
            d();
        }

        public final a a(String altName) {
            s.h(altName, "altName");
            this.f56676e.add(altName);
            return this;
        }

        public final b b() {
            KeyPair keyPair;
            List<List<c>> list;
            KeyPair keyPair2 = this.f56678g;
            if (keyPair2 == null) {
                keyPair2 = f();
            }
            CertificateAdapters certificateAdapters = CertificateAdapters.f70442a;
            BasicDerAdapter<m> g12 = certificateAdapters.g();
            ByteString.a aVar = ByteString.Companion;
            byte[] encoded = keyPair2.getPublic().getEncoded();
            s.g(encoded, "subjectKeyPair.public.encoded");
            m k12 = g12.k(ByteString.a.h(aVar, encoded, 0, 0, 3, null));
            List<List<c>> h12 = h();
            b bVar = this.f56679h;
            if (bVar != null) {
                s.e(bVar);
                keyPair = bVar.b();
                BasicDerAdapter<List<List<c>>> f12 = certificateAdapters.f();
                b bVar2 = this.f56679h;
                s.e(bVar2);
                byte[] encoded2 = bVar2.a().getSubjectX500Principal().getEncoded();
                s.g(encoded2, "signedBy!!.certificate.s…jectX500Principal.encoded");
                list = f12.k(ByteString.a.h(aVar, encoded2, 0, 0, 3, null));
            } else {
                keyPair = keyPair2;
                list = h12;
            }
            okhttp3.tls.internal.der.a g13 = g(keyPair);
            BigInteger bigInteger = this.f56677f;
            if (bigInteger == null) {
                bigInteger = BigInteger.ONE;
            }
            BigInteger bigInteger2 = bigInteger;
            s.g(bigInteger2, "serialNumber ?: BigInteger.ONE");
            n nVar = new n(2L, bigInteger2, g13, list, i(), h12, k12, null, null, e());
            Signature signature = Signature.getInstance(nVar.f());
            signature.initSign(keyPair.getPrivate());
            signature.update(certificateAdapters.h().p(nVar).toByteArray());
            byte[] sign = signature.sign();
            s.g(sign, "sign()");
            return new b(keyPair2, new f(nVar, g13, new e(ByteString.a.h(aVar, sign, 0, 0, 3, null), 0)).d());
        }

        public final a c(String cn2) {
            s.h(cn2, "cn");
            this.f56674c = cn2;
            return this;
        }

        public final a d() {
            this.f56681j = "EC";
            this.f56682k = 256;
            return this;
        }

        public final List<k> e() {
            Pair a12;
            ArrayList arrayList = new ArrayList();
            int i12 = this.f56680i;
            if (i12 != -1) {
                arrayList.add(new k("2.5.29.19", true, new d(true, Long.valueOf(i12))));
            }
            if (!this.f56676e.isEmpty()) {
                List<String> list = this.f56676e;
                ArrayList arrayList2 = new ArrayList(v.v(list, 10));
                for (String str : list) {
                    if (y10.d.i(str)) {
                        BasicDerAdapter<ByteString> e12 = CertificateAdapters.f70442a.e();
                        ByteString.a aVar = ByteString.Companion;
                        byte[] address = InetAddress.getByName(str).getAddress();
                        s.g(address, "getByName(it).address");
                        a12 = i.a(e12, ByteString.a.h(aVar, address, 0, 0, 3, null));
                    } else {
                        a12 = i.a(CertificateAdapters.f70442a.d(), str);
                    }
                    arrayList2.add(a12);
                }
                arrayList.add(new k("2.5.29.17", true, arrayList2));
            }
            return arrayList;
        }

        public final KeyPair f() {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.f56681j);
            keyPairGenerator.initialize(this.f56682k, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            s.g(generateKeyPair, "getInstance(keyAlgorithm…generateKeyPair()\n      }");
            return generateKeyPair;
        }

        public final okhttp3.tls.internal.der.a g(KeyPair keyPair) {
            return keyPair.getPrivate() instanceof RSAPrivateKey ? new okhttp3.tls.internal.der.a("1.2.840.113549.1.1.11", null) : new okhttp3.tls.internal.der.a("1.2.840.10045.4.3.2", ByteString.EMPTY);
        }

        public final List<List<c>> h() {
            ArrayList arrayList = new ArrayList();
            String str = this.f56675d;
            if (str != null) {
                arrayList.add(t.e(new c("2.5.4.11", str)));
            }
            String str2 = this.f56674c;
            if (str2 == null) {
                str2 = UUID.randomUUID().toString();
                s.g(str2, "randomUUID().toString()");
            }
            arrayList.add(t.e(new c("2.5.4.3", str2)));
            return arrayList;
        }

        public final okhttp3.tls.internal.der.o i() {
            long j12 = this.f56672a;
            if (j12 == -1) {
                j12 = System.currentTimeMillis();
            }
            long j13 = this.f56673b;
            if (j13 == -1) {
                j13 = j12 + 86400000;
            }
            return new okhttp3.tls.internal.der.o(j12, j13);
        }
    }

    /* compiled from: HeldCertificate.kt */
    /* renamed from: k20.b$b, reason: collision with other inner class name */
    /* loaded from: classes22.dex */
    public static final class C0599b {
        private C0599b() {
        }

        public /* synthetic */ C0599b(o oVar) {
            this();
        }
    }

    public b(KeyPair keyPair, X509Certificate certificate) {
        s.h(keyPair, "keyPair");
        s.h(certificate, "certificate");
        this.f56669a = keyPair;
        this.f56670b = certificate;
    }

    @i10.b
    public final X509Certificate a() {
        return this.f56670b;
    }

    @i10.b
    public final KeyPair b() {
        return this.f56669a;
    }
}
