package net.i2p.crypto;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.TimeZone;
import javax.security.auth.x500.X500Principal;
import kotlin.jvm.internal.ByteCompanionObject;
import net.i2p.data.DataHelper;
import net.i2p.data.Signature;
import net.i2p.data.SigningPrivateKey;
import net.i2p.data.SigningPublicKey;
import net.i2p.data.SimpleDataStructure;
import net.i2p.util.RandomSource;

/* loaded from: classes.dex */
public final class SelfSignedGenerator {
    private static final boolean DEBUG = false;
    private static final Map<String, String> OIDS = new HashMap(16);
    private static final String OID_C = "2.5.4.6";
    private static final String OID_CN = "2.5.4.3";
    private static final String OID_CRLNUM = "2.5.29.20";
    private static final String OID_L = "2.5.4.7";
    private static final String OID_O = "2.5.4.10";
    private static final String OID_OU = "2.5.4.11";
    private static final String OID_SKI = "2.5.29.14";
    private static final String OID_ST = "2.5.4.8";

    static {
        OIDS.put(OID_CN, "CN");
        OIDS.put(OID_C, "C");
        OIDS.put(OID_L, "L");
        OIDS.put(OID_ST, "ST");
        OIDS.put(OID_O, "O");
        OIDS.put(OID_OU, "OU");
        OIDS.put(OID_SKI, "SKI");
    }

    private static byte[] genTBS(String str, String str2, String str3, String str4, String str5, String str6, int i, byte[] bArr, PublicKey publicKey) throws GeneralSecurityException {
        byte[] bArr2 = {-96, 3, 2, 1, 2};
        RandomSource.getInstance().nextBytes(r1, 2, 4);
        byte[] bArr3 = {2, 4, (byte) (bArr3[2] & ByteCompanionObject.MAX_VALUE)};
        byte[] encoded = new X500Principal("CN=" + str + ",OU=" + str2 + ",O=" + str3 + ",L=" + str4 + ",ST=" + str5 + ",C=" + str6, OIDS).getEncoded();
        byte[] validity = getValidity(i);
        byte[] encoded2 = publicKey.getEncoded();
        byte[] extensions = getExtensions(encoded2);
        int length = bArr2.length + bArr3.length + bArr.length + encoded.length + validity.length + encoded.length + encoded2.length + extensions.length;
        byte[] bArr4 = new byte[spaceFor(length)];
        bArr4[0] = 48;
        int intToASN1 = SigUtil.intToASN1(bArr4, 1, length);
        System.arraycopy(bArr2, 0, bArr4, intToASN1, bArr2.length);
        int length2 = intToASN1 + bArr2.length;
        System.arraycopy(bArr3, 0, bArr4, length2, bArr3.length);
        int length3 = length2 + bArr3.length;
        System.arraycopy(bArr, 0, bArr4, length3, bArr.length);
        int length4 = length3 + bArr.length;
        System.arraycopy(encoded, 0, bArr4, length4, encoded.length);
        int length5 = length4 + encoded.length;
        System.arraycopy(validity, 0, bArr4, length5, validity.length);
        int length6 = length5 + validity.length;
        System.arraycopy(encoded, 0, bArr4, length6, encoded.length);
        int length7 = length6 + encoded.length;
        System.arraycopy(encoded2, 0, bArr4, length7, encoded2.length);
        System.arraycopy(extensions, 0, bArr4, length7 + encoded2.length, extensions.length);
        return bArr4;
    }

    private static byte[] genTBSCRL(X509Certificate x509Certificate, int i, int i2, byte[] bArr) throws GeneralSecurityException {
        byte[] bArr2 = {2, 1, 1};
        byte[] encoded = x509Certificate.getIssuerX500Principal().getEncoded();
        byte[] byteArray = x509Certificate.getSerialNumber().toByteArray();
        if (byteArray.length > 255) {
            throw new IllegalArgumentException();
        }
        long currentTimeMillis = System.currentTimeMillis();
        long j = currentTimeMillis + (i * 24 * 60 * 60 * 1000);
        byte[] date = getDate(currentTimeMillis);
        byte[] date2 = getDate(j);
        byte[] cRLExtensions = getCRLExtensions(i2);
        int length = byteArray.length + 2 + date.length;
        int spaceFor = spaceFor(length);
        int length2 = bArr2.length + bArr.length + encoded.length + date.length + date2.length + spaceFor(spaceFor) + cRLExtensions.length;
        byte[] bArr3 = new byte[spaceFor(length2)];
        bArr3[0] = 48;
        int intToASN1 = SigUtil.intToASN1(bArr3, 1, length2);
        System.arraycopy(bArr2, 0, bArr3, intToASN1, bArr2.length);
        int length3 = intToASN1 + bArr2.length;
        System.arraycopy(bArr, 0, bArr3, length3, bArr.length);
        int length4 = length3 + bArr.length;
        System.arraycopy(encoded, 0, bArr3, length4, encoded.length);
        int length5 = length4 + encoded.length;
        System.arraycopy(date, 0, bArr3, length5, date.length);
        int length6 = length5 + date.length;
        System.arraycopy(date2, 0, bArr3, length6, date2.length);
        int length7 = length6 + date2.length;
        bArr3[length7] = 48;
        int intToASN12 = SigUtil.intToASN1(bArr3, length7 + 1, spaceFor);
        bArr3[intToASN12] = 48;
        int intToASN13 = SigUtil.intToASN1(bArr3, intToASN12 + 1, length);
        int i3 = intToASN13 + 1;
        bArr3[intToASN13] = 2;
        int i4 = i3 + 1;
        bArr3[i3] = (byte) byteArray.length;
        System.arraycopy(byteArray, 0, bArr3, i4, byteArray.length);
        int length8 = i4 + byteArray.length;
        System.arraycopy(date, 0, bArr3, length8, date.length);
        System.arraycopy(cRLExtensions, 0, bArr3, length8 + date.length, cRLExtensions.length);
        return bArr3;
    }

    public static Object[] generate(String str, String str2, String str3, String str4, String str5, String str6, int i, SigType sigType) throws GeneralSecurityException {
        SimpleDataStructure[] generateSigningKeys = KeyGenerator.getInstance().generateSigningKeys(sigType);
        SigningPublicKey signingPublicKey = (SigningPublicKey) generateSigningKeys[0];
        SigningPrivateKey signingPrivateKey = (SigningPrivateKey) generateSigningKeys[1];
        PublicKey javaKey = SigUtil.toJavaKey(signingPublicKey);
        PrivateKey javaKey2 = SigUtil.toJavaKey(signingPrivateKey);
        switch (sigType) {
            case DSA_SHA1:
            case ECDSA_SHA256_P256:
            case ECDSA_SHA384_P384:
            case ECDSA_SHA512_P521:
            case RSA_SHA256_2048:
            case RSA_SHA384_3072:
            case RSA_SHA512_4096:
            case EdDSA_SHA512_Ed25519:
            case EdDSA_SHA512_Ed25519ph:
                byte[] encodedOIDSeq = getEncodedOIDSeq(sigType.getOID());
                byte[] genTBS = genTBS(str, str2, str3, str4, str5, str6, i, encodedOIDSeq, javaKey);
                int length = genTBS.length;
                Signature sign = DSAEngine.getInstance().sign(genTBS, signingPrivateKey);
                if (sign == null) {
                    throw new GeneralSecurityException("sig failed");
                }
                byte[] javaSig = SigUtil.toJavaSig(sign);
                int length2 = length + encodedOIDSeq.length + spaceFor(javaSig.length + 1);
                byte[] bArr = new byte[spaceFor(length2)];
                bArr[0] = 48;
                int intToASN1 = SigUtil.intToASN1(bArr, 1, length2);
                System.arraycopy(genTBS, 0, bArr, intToASN1, genTBS.length);
                int length3 = intToASN1 + genTBS.length;
                System.arraycopy(encodedOIDSeq, 0, bArr, length3, encodedOIDSeq.length);
                int length4 = length3 + encodedOIDSeq.length;
                bArr[length4] = 3;
                int intToASN12 = SigUtil.intToASN1(bArr, length4 + 1, javaSig.length + 1);
                bArr[intToASN12] = 0;
                System.arraycopy(javaSig, 0, bArr, intToASN12 + 1, javaSig.length);
                try {
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
                    x509Certificate.checkValidity();
                    X509CRL generateCRL = generateCRL(x509Certificate, i, 1, encodedOIDSeq, javaKey2);
                    PublicKey publicKey = x509Certificate.getPublicKey();
                    x509Certificate.verify(publicKey);
                    if (publicKey.equals(javaKey)) {
                        return new Object[]{javaKey, javaKey2, x509Certificate, generateCRL};
                    }
                    throw new GeneralSecurityException("pubkey mismatch");
                } catch (IllegalArgumentException e) {
                    throw new GeneralSecurityException("cert error", e);
                }
            default:
                throw new GeneralSecurityException("Unsupported: " + sigType);
        }
    }

    private static X509CRL generateCRL(X509Certificate x509Certificate, int i, int i2, byte[] bArr, PrivateKey privateKey) throws GeneralSecurityException {
        SigningPrivateKey fromJavaKey = SigUtil.fromJavaKey(privateKey);
        byte[] genTBSCRL = genTBSCRL(x509Certificate, i, i2, bArr);
        int length = genTBSCRL.length;
        Signature sign = DSAEngine.getInstance().sign(genTBSCRL, fromJavaKey);
        if (sign == null) {
            throw new GeneralSecurityException("sig failed");
        }
        byte[] javaSig = SigUtil.toJavaSig(sign);
        int length2 = length + bArr.length + spaceFor(javaSig.length + 1);
        byte[] bArr2 = new byte[spaceFor(length2)];
        bArr2[0] = 48;
        int intToASN1 = SigUtil.intToASN1(bArr2, 1, length2);
        System.arraycopy(genTBSCRL, 0, bArr2, intToASN1, genTBSCRL.length);
        int length3 = intToASN1 + genTBSCRL.length;
        System.arraycopy(bArr, 0, bArr2, length3, bArr.length);
        int length4 = length3 + bArr.length;
        bArr2[length4] = 3;
        int intToASN12 = SigUtil.intToASN1(bArr2, length4 + 1, javaSig.length + 1);
        bArr2[intToASN12] = 0;
        System.arraycopy(javaSig, 0, bArr2, intToASN12 + 1, javaSig.length);
        try {
            return (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(new ByteArrayInputStream(bArr2));
        } catch (IllegalArgumentException e) {
            throw new GeneralSecurityException("cert error", e);
        }
    }

    private static byte[] getCRLExtensions(int i) {
        if (i < 0 || i > 255) {
            throw new IllegalArgumentException();
        }
        byte[] encodedOID = getEncodedOID(OID_CRLNUM);
        int length = encodedOID.length + 5;
        int spaceFor = spaceFor(length);
        int spaceFor2 = spaceFor(spaceFor);
        byte[] bArr = new byte[spaceFor(spaceFor2)];
        bArr[0] = -96;
        int intToASN1 = SigUtil.intToASN1(bArr, 1, spaceFor2);
        bArr[intToASN1] = 48;
        int intToASN12 = SigUtil.intToASN1(bArr, intToASN1 + 1, spaceFor);
        bArr[intToASN12] = 48;
        int intToASN13 = SigUtil.intToASN1(bArr, intToASN12 + 1, length);
        System.arraycopy(encodedOID, 0, bArr, intToASN13, encodedOID.length);
        int length2 = intToASN13 + encodedOID.length;
        int i2 = length2 + 1;
        bArr[length2] = 4;
        int i3 = i2 + 1;
        bArr[i2] = 3;
        int i4 = i3 + 1;
        bArr[i3] = 2;
        bArr[i4] = 1;
        bArr[i4 + 1] = (byte) i;
        return bArr;
    }

    private static byte[] getDate(long j) {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyMMddHHmmss");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        byte[] ascii = DataHelper.getASCII(simpleDateFormat.format(new Date(j)));
        if (ascii.length != 12) {
            throw new IllegalArgumentException();
        }
        byte[] bArr = new byte[15];
        bArr[0] = 23;
        bArr[1] = 13;
        System.arraycopy(ascii, 0, bArr, 2, 12);
        bArr[14] = 90;
        return bArr;
    }

    private static byte[] getEncodedOID(String str) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(16);
        byteArrayOutputStream.write(6);
        byteArrayOutputStream.write(0);
        String[] split = DataHelper.split(str, "[.]");
        if (split.length < 2) {
            throw new IllegalArgumentException("length: " + split.length);
        }
        byteArrayOutputStream.write((Integer.parseInt(split[0]) * 40) + Integer.parseInt(split[1]));
        for (int i = 2; i < split.length; i++) {
            int parseInt = Integer.parseInt(split[i]);
            if (parseInt >= 2097152 || parseInt < 0) {
                throw new IllegalArgumentException();
            }
            if (parseInt >= 16384) {
                byteArrayOutputStream.write((parseInt >> 14) | 128);
            }
            if (parseInt >= 128) {
                byteArrayOutputStream.write((parseInt >> 7) | 128);
            }
            byteArrayOutputStream.write(parseInt & 127);
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        if (byteArray.length > 129) {
            throw new IllegalArgumentException();
        }
        byteArray[1] = (byte) (byteArray.length - 2);
        return byteArray;
    }

    private static byte[] getEncodedOIDSeq(String str) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(16);
        byteArrayOutputStream.write(48);
        byteArrayOutputStream.write(0);
        byte[] encodedOID = getEncodedOID(str);
        byteArrayOutputStream.write(encodedOID, 0, encodedOID.length);
        byteArrayOutputStream.write(5);
        byteArrayOutputStream.write(0);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArray[1] = (byte) (byteArray.length - 2);
        return byteArray;
    }

    private static byte[] getExtensions(byte[] bArr) {
        int i = bArr[1] & ByteCompanionObject.MIN_VALUE;
        int i2 = (i != 0 ? 2 + i : 2) + 1;
        MessageDigest sha1 = SHA1.getInstance();
        sha1.update(bArr, i2, bArr.length - i2);
        byte[] digest = sha1.digest();
        byte[] encodedOID = getEncodedOID(OID_SKI);
        int spaceFor = spaceFor(digest.length);
        int length = encodedOID.length + spaceFor(spaceFor);
        int spaceFor2 = spaceFor(length);
        int spaceFor3 = spaceFor(spaceFor2);
        byte[] bArr2 = new byte[spaceFor(spaceFor3)];
        bArr2[0] = -93;
        int intToASN1 = SigUtil.intToASN1(bArr2, 1, spaceFor3);
        bArr2[intToASN1] = 48;
        int intToASN12 = SigUtil.intToASN1(bArr2, intToASN1 + 1, spaceFor2);
        bArr2[intToASN12] = 48;
        int intToASN13 = SigUtil.intToASN1(bArr2, intToASN12 + 1, length);
        System.arraycopy(encodedOID, 0, bArr2, intToASN13, encodedOID.length);
        int length2 = intToASN13 + encodedOID.length;
        bArr2[length2] = 4;
        int intToASN14 = SigUtil.intToASN1(bArr2, length2 + 1, spaceFor);
        bArr2[intToASN14] = 4;
        System.arraycopy(digest, 0, bArr2, SigUtil.intToASN1(bArr2, intToASN14 + 1, digest.length), digest.length);
        return bArr2;
    }

    private static byte[] getValidity(int i) {
        byte[] bArr = new byte[32];
        bArr[0] = 48;
        bArr[1] = 30;
        long currentTimeMillis = System.currentTimeMillis();
        long j = currentTimeMillis + (i * 24 * 60 * 60 * 1000);
        byte[] date = getDate(currentTimeMillis);
        byte[] date2 = getDate(j);
        System.arraycopy(date, 0, bArr, 2, 15);
        System.arraycopy(date2, 0, bArr, 17, 15);
        return bArr;
    }

    private static int spaceFor(int i) {
        return (i > 255 ? 3 : i > 127 ? 2 : 1) + 1 + i;
    }
}
