package com.rsa.cryptoj.o;

import com.rsa.jsafe.cert.CertRequestException;
import com.rsa.jsafe.cert.GeneralName;
import com.rsa.jsafe.cert.ObjectID;
import com.rsa.jsafe.cert.crmf.ArchiveEncryptedKey;
import com.rsa.jsafe.cert.crmf.ArchiveEncryptedKeyLegacy;
import com.rsa.jsafe.cert.crmf.ArchiveFromParameters;
import com.rsa.jsafe.cert.crmf.ArchiveGeneratedPrivKey;
import com.rsa.jsafe.cert.crmf.ArchiveOptions;
import com.rsa.jsafe.cert.crmf.CertTemplateSpec;
import com.rsa.jsafe.cert.crmf.ControlsSpec;
import com.rsa.jsafe.cert.crmf.EncryptedValue;
import com.rsa.jsafe.cert.crmf.RegInfoSpec;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class rs {

    /* renamed from: a, reason: collision with root package name */
    private static final Date f1943a = new Date(2524608000000L);

    /* renamed from: b, reason: collision with root package name */
    private static final Pattern f1944b = Pattern.compile("([^0-9]([^?%]|%3f|%25)*)\\?(([^?%]|%3f|%25)*)%");

    /* renamed from: c, reason: collision with root package name */
    private static final ControlsSpec.PubMethod[] f1945c = {ControlsSpec.PubMethod.DONT_CARE, ControlsSpec.PubMethod.X500, ControlsSpec.PubMethod.WEB, ControlsSpec.PubMethod.LDAP};
    private static final Map<aa, a> d = b();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public interface a {
        void a(f fVar, ControlsSpec controlsSpec, ch chVar);
    }

    private static d a(pj pjVar, d dVar) {
        return com.rsa.cryptoj.o.a.a("AttributeTypeAndValue", new Object[]{pjVar.c(), dVar});
    }

    private static d a(ArchiveOptions archiveOptions) {
        d mVar;
        int i;
        d d2;
        d a2;
        if (archiveOptions instanceof ArchiveEncryptedKey) {
            a2 = com.rsa.cryptoj.o.a.a("EnvelopedData", ((ArchiveEncryptedKey) archiveOptions).getEncodedEnvelopedKey(), 0).d(com.rsa.cryptoj.o.a.c(0));
        } else {
            if (!(archiveOptions instanceof ArchiveEncryptedKeyLegacy)) {
                if (archiveOptions instanceof ArchiveFromParameters) {
                    mVar = new ad(((ArchiveFromParameters) archiveOptions).getKeyGenParameters());
                    i = 1;
                } else {
                    if (!(archiveOptions instanceof ArchiveGeneratedPrivKey)) {
                        throw new CertRequestException("Invalid ArchiveOptions object.");
                    }
                    mVar = new m(((ArchiveGeneratedPrivKey) archiveOptions).isArchiveEnabled());
                    i = 2;
                }
                d2 = mVar.d(com.rsa.cryptoj.o.a.c(i));
                return com.rsa.cryptoj.o.a.a("PKIArchiveOptions", d2);
            }
            a2 = a(((ArchiveEncryptedKeyLegacy) archiveOptions).getEncryptedValue());
        }
        d2 = a2.c(com.rsa.cryptoj.o.a.c(0));
        return com.rsa.cryptoj.o.a.a("PKIArchiveOptions", d2);
    }

    public static d a(CertTemplateSpec certTemplateSpec) {
        d d2;
        d c2 = certTemplateSpec.getIssuer() != null ? com.rsa.cryptoj.o.a.a("RDNSequence", certTemplateSpec.getIssuer().getEncoded(), 0).c(com.rsa.cryptoj.o.a.c(3)) : null;
        d c3 = certTemplateSpec.getSubject() != null ? com.rsa.cryptoj.o.a.a("RDNSequence", certTemplateSpec.getSubject().getEncoded(), 0).c(com.rsa.cryptoj.o.a.c(5)) : null;
        d d3 = certTemplateSpec.getPublicKey() != null ? com.rsa.cryptoj.o.a.a("SubjectPublicKeyInfo", certTemplateSpec.getPublicKey().getEncoded(), 0).d(com.rsa.cryptoj.o.a.c(6)) : null;
        d d4 = certTemplateSpec.getExtensionSpec() != null ? pd.a(certTemplateSpec.getExtensionSpec()).d(com.rsa.cryptoj.o.a.c(9)) : null;
        Date notBefore = certTemplateSpec.getNotBefore();
        Date notAfter = certTemplateSpec.getNotAfter();
        if (notBefore == null && notAfter == null) {
            d2 = null;
        } else {
            Object[] objArr = new Object[2];
            objArr[0] = notBefore == null ? null : a(notBefore);
            objArr[1] = notAfter == null ? null : a(notAfter);
            d2 = com.rsa.cryptoj.o.a.a("OptionalValidity", objArr).d(com.rsa.cryptoj.o.a.c(4));
        }
        return com.rsa.cryptoj.o.a.a("CertTemplate", new Object[]{null, null, null, c2, d2, c3, d3, null, null, d4});
    }

    public static d a(ControlsSpec controlsSpec) {
        ArrayList arrayList = new ArrayList();
        if (controlsSpec.getRegistrationToken() != null) {
            arrayList.add(a(pj.H, com.rsa.cryptoj.o.a.a(ag.o, controlsSpec.getRegistrationToken())));
        }
        if (controlsSpec.getAuthenticator() != null) {
            arrayList.add(a(pj.I, com.rsa.cryptoj.o.a.a(ag.o, controlsSpec.getAuthenticator())));
        }
        if (controlsSpec.isPublicationInformationSpecified()) {
            List<ControlsSpec.SinglePubInfo> publicationInfos = controlsSpec.getPublicationInfos();
            Object[] objArr = null;
            if (publicationInfos != null) {
                Object[] objArr2 = new Object[publicationInfos.size()];
                for (int i = 0; i < publicationInfos.size(); i++) {
                    ControlsSpec.SinglePubInfo singlePubInfo = publicationInfos.get(i);
                    GeneralName pubLocation = singlePubInfo.getPubLocation();
                    d a2 = pubLocation == null ? null : com.rsa.cryptoj.o.a.a("GeneralName", pubLocation.getEncoded(), 0);
                    Object[] objArr3 = new Object[2];
                    objArr3[0] = Integer.valueOf(singlePubInfo.getPubMethod().id());
                    objArr3[1] = a2;
                    objArr2[i] = objArr3;
                }
                objArr = objArr2;
            }
            arrayList.add(a(pj.J, com.rsa.cryptoj.o.a.a("PKIPublicationInfo", new Object[]{Integer.valueOf(controlsSpec.getPublicationInformationAction() ? 1 : 0), objArr})));
        }
        ArchiveOptions archiveOptions = controlsSpec.getArchiveOptions();
        if (archiveOptions != null) {
            arrayList.add(a(pj.K, a(archiveOptions)));
        }
        if (controlsSpec.getOldCertIDSerialNumber() != null) {
            arrayList.add(a(pj.L, com.rsa.cryptoj.o.a.a("CertId", new Object[]{com.rsa.cryptoj.o.a.a("GeneralName", controlsSpec.getOldCertIDIssuer().getEncoded(), 0), controlsSpec.getOldCertIDSerialNumber()})));
        }
        PublicKey protocolEncryptionKey = controlsSpec.getProtocolEncryptionKey();
        if (protocolEncryptionKey != null) {
            arrayList.add(a(pj.M, com.rsa.cryptoj.o.a.a("SubjectPublicKeyInfo", protocolEncryptionKey.getEncoded(), 0)));
        }
        List<byte[]> otherControls = controlsSpec.getOtherControls();
        if (otherControls != null) {
            Iterator<byte[]> it = otherControls.iterator();
            while (it.hasNext()) {
                arrayList.add(com.rsa.cryptoj.o.a.a("AttributeTypeAndValue", it.next(), 0));
            }
        }
        return com.rsa.cryptoj.o.a.a("Controls", arrayList);
    }

    public static d a(EncryptedValue encryptedValue) {
        Object[] objArr = new Object[6];
        objArr[0] = encryptedValue.getIntendedAlgObjectID() == null ? null : a(encryptedValue.getIntendedAlgObjectID().toString(), encryptedValue.getIntendedAlgParams()).d(com.rsa.cryptoj.o.a.c(0));
        objArr[1] = encryptedValue.getSymmetricAlgObjectID() == null ? null : a(encryptedValue.getSymmetricAlgObjectID().toString(), encryptedValue.getSymmetricAlgParams()).d(com.rsa.cryptoj.o.a.c(1));
        objArr[2] = encryptedValue.getEncryptedSymmKey();
        objArr[3] = encryptedValue.getKeyAlgObjectID() != null ? a(encryptedValue.getKeyAlgObjectID().toString(), encryptedValue.getKeyAlgParams()).d(com.rsa.cryptoj.o.a.c(3)) : null;
        objArr[4] = encryptedValue.getValueHint();
        objArr[5] = encryptedValue.getEncryptedValue();
        return com.rsa.cryptoj.o.a.a("EncryptedValue", objArr);
    }

    public static d a(RegInfoSpec regInfoSpec) {
        ArrayList arrayList = new ArrayList();
        Map<String, String> nameValuePairs = regInfoSpec.getNameValuePairs();
        if (nameValuePairs != null) {
            arrayList.add(a(pj.N, com.rsa.cryptoj.o.a.a(ag.o, a(nameValuePairs))));
        }
        if (regInfoSpec.getCertRequestID() != null) {
            ControlsSpec certRequestControls = regInfoSpec.getCertRequestControls();
            Object[] objArr = new Object[3];
            objArr[0] = regInfoSpec.getCertRequestID();
            objArr[1] = a(regInfoSpec.getCertRequestTemplate());
            objArr[2] = certRequestControls == null ? null : a(certRequestControls);
            arrayList.add(a(pj.O, com.rsa.cryptoj.o.a.a("CertRequest", objArr)));
        }
        List<byte[]> otherRegInfos = regInfoSpec.getOtherRegInfos();
        if (otherRegInfos != null) {
            Iterator<byte[]> it = otherRegInfos.iterator();
            while (it.hasNext()) {
                arrayList.add(com.rsa.cryptoj.o.a.a("AttributeTypeAndValue", it.next(), 0));
            }
        }
        return com.rsa.cryptoj.o.a.a("Controls", arrayList);
    }

    private static d a(String str, byte[] bArr) {
        Object[] objArr = new Object[2];
        objArr[0] = str;
        objArr[1] = bArr != null ? com.rsa.cryptoj.o.a.a(e.f1367a, bArr, 0) : null;
        return com.rsa.cryptoj.o.a.a("AlgorithmIdentifier", objArr);
    }

    private static d a(Date date) {
        return com.rsa.cryptoj.o.a.a(date.before(f1943a) ? as.f1192a : s.f1955a, date);
    }

    public static CertTemplateSpec a(d dVar, ch chVar) {
        CertTemplateSpec certTemplateSpec = new CertTemplateSpec();
        d a2 = dVar.a(3);
        if (a2 != null) {
            certTemplateSpec.setIssuer(new X500Principal(com.rsa.cryptoj.o.a.a(com.rsa.cryptoj.o.a.a("RDNSequence", ((aj) a2).g()))));
        }
        d a3 = dVar.a(4);
        if (a3 != null) {
            aq aqVar = (aq) a3.a(0);
            aq aqVar2 = (aq) a3.a(1);
            certTemplateSpec.setValidity(aqVar == null ? null : aqVar.g(), aqVar2 != null ? aqVar2.g() : null);
        }
        d a4 = dVar.a(5);
        if (a4 != null) {
            certTemplateSpec.setSubject(new X500Principal(com.rsa.cryptoj.o.a.a(com.rsa.cryptoj.o.a.a("RDNSequence", ((aj) a4).g()))), false);
        }
        d a5 = dVar.a(6);
        if (a5 != null) {
            c b2 = ar.f1189a.b("SubjectPublicKeyInfo");
            try {
                certTemplateSpec.setPublicKey(new qb(com.rsa.cryptoj.o.a.a(b2.c(com.rsa.cryptoj.o.a.c(6)), ((f) a5).j()).d(b2.f()), chVar, kf.f1566a).a());
            } catch (GeneralSecurityException e) {
                throw new CertRequestException("Request contains unrecognized public key.", e);
            }
        }
        d a6 = dVar.a(9);
        if (a6 != null) {
            certTemplateSpec.setExtensions(pd.a(new ps(a6, 0)));
        }
        return certTemplateSpec;
    }

    public static EncryptedValue a(d dVar) {
        EncryptedValue encryptedValue = new EncryptedValue();
        d a2 = dVar.a(0);
        d a3 = dVar.a(1);
        d a4 = dVar.a(2);
        d a5 = dVar.a(3);
        d a6 = dVar.a(4);
        encryptedValue.setEncryptedValue(((k) dVar.a(5)).g());
        if (a2 != null) {
            aa aaVar = (aa) a2.a(0);
            f fVar = (f) a2.a(1);
            encryptedValue.setIntendedAlg(new ObjectID(aaVar.h()), fVar == null ? null : fVar.h());
        }
        if (a3 != null) {
            aa aaVar2 = (aa) a3.a(0);
            f fVar2 = (f) a3.a(1);
            encryptedValue.setSymmetricAlg(new ObjectID(aaVar2.h()), fVar2 == null ? null : fVar2.h());
        }
        if (a4 != null) {
            encryptedValue.setEncryptedSymmetricKey(((k) a4).g());
        }
        if (a5 != null) {
            aa aaVar3 = (aa) a5.a(0);
            f fVar3 = (f) a5.a(1);
            encryptedValue.setKeyAlg(new ObjectID(aaVar3.h()), fVar3 != null ? fVar3.h() : null);
        }
        if (a6 != null) {
            encryptedValue.setValueHint(((ad) a6).h());
        }
        return encryptedValue;
    }

    private static String a(Map<String, String> map) {
        StringBuffer stringBuffer = new StringBuffer();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            stringBuffer.append(c(entry.getKey()));
            stringBuffer.append("?");
            stringBuffer.append(c(entry.getValue()));
            stringBuffer.append("%");
        }
        return stringBuffer.toString();
    }

    public static Map<String, String> a(String str) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        Matcher matcher = f1944b.matcher(str);
        int i = -1;
        while (matcher.lookingAt()) {
            linkedHashMap.put(b(matcher.group(1)), b(matcher.group(3)));
            i = matcher.end();
            matcher.region(i, str.length());
        }
        if (i == str.length()) {
            return linkedHashMap;
        }
        throw new CertRequestException("RegInfo utf8pairs attribute contained invalidly formatted data.");
    }

    public static RegInfoSpec b(d dVar, ch chVar) {
        RegInfoSpec regInfoSpec = new RegInfoSpec();
        for (int i = 0; i < dVar.c(); i++) {
            d a2 = dVar.a(i);
            d a3 = a2.a(0);
            f fVar = (f) a2.a(1);
            if (a3.equals(pj.N.c())) {
                regInfoSpec.setNameValuePairs(a(com.rsa.cryptoj.o.a.a((c) ag.o, fVar.j()).toString()));
            } else if (a3.equals(pj.O.c())) {
                d a4 = com.rsa.cryptoj.o.a.a("CertRequest", fVar.h(), 0);
                BigInteger g = ((v) a4.a(0)).g();
                CertTemplateSpec a5 = a(a4.a(1), chVar);
                d a6 = a4.a(2);
                regInfoSpec.setCertRequest(g, a5, a6 != null ? c(a6, chVar) : null);
            } else {
                regInfoSpec.addOtherRegInfo(com.rsa.cryptoj.o.a.c(a2));
            }
        }
        return regInfoSpec;
    }

    private static String b(String str) {
        return str.replaceAll("%3f", "?").replaceAll("%25", "%");
    }

    private static Map<aa, a> b() {
        HashMap hashMap = new HashMap();
        hashMap.put(pj.H.c(), new a() { // from class: com.rsa.cryptoj.o.rs.1
            @Override // com.rsa.cryptoj.o.rs.a
            public void a(f fVar, ControlsSpec controlsSpec, ch chVar) {
                try {
                    controlsSpec.setRegistrationToken(com.rsa.cryptoj.o.a.a((c) ag.o, fVar.i()).toString());
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Registration Token Control");
                }
            }
        });
        hashMap.put(pj.I.c(), new a() { // from class: com.rsa.cryptoj.o.rs.2
            @Override // com.rsa.cryptoj.o.rs.a
            public void a(f fVar, ControlsSpec controlsSpec, ch chVar) {
                try {
                    controlsSpec.setAuthenticator(com.rsa.cryptoj.o.a.a((c) ag.o, fVar.i()).toString());
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Authenticator Control");
                }
            }
        });
        hashMap.put(pj.J.c(), new a() { // from class: com.rsa.cryptoj.o.rs.3
            @Override // com.rsa.cryptoj.o.rs.a
            public void a(f fVar, ControlsSpec controlsSpec, ch chVar) {
                try {
                    d a2 = com.rsa.cryptoj.o.a.a("PKIPublicationInfo", fVar.i());
                    v vVar = (v) a2.a(0);
                    ArrayList arrayList = null;
                    if (vVar.i() == 0) {
                        controlsSpec.setPublicationInformation(false, null);
                        return;
                    }
                    if (vVar.i() != 1) {
                        throw new CertRequestException("Invalid CRMF Publication Information Control encoding.");
                    }
                    d a3 = a2.a(1);
                    if (a3 != null) {
                        arrayList = new ArrayList();
                        for (int i = 0; i < a3.c(); i++) {
                            d a4 = a3.a(i);
                            v vVar2 = (v) a4.a(0);
                            d a5 = a4.a(1);
                            int i2 = vVar2.i();
                            if (i2 < 0 || i2 >= ControlsSpec.PubMethod.values().length) {
                                throw new CertRequestException("Invalid CRMF Publication Information Control encoding.");
                            }
                            if (a5 == null) {
                                arrayList.add(new ControlsSpec.SinglePubInfo(rs.f1945c[i2]));
                            } else {
                                arrayList.add(new ControlsSpec.SinglePubInfo(rs.f1945c[i2], new GeneralName(com.rsa.cryptoj.o.a.c(a5))));
                            }
                        }
                    }
                    controlsSpec.setPublicationInformation(true, arrayList);
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Publication Information Control");
                }
            }
        });
        hashMap.put(pj.K.c(), new a() { // from class: com.rsa.cryptoj.o.rs.4
            @Override // com.rsa.cryptoj.o.rs.a
            public void a(f fVar, ControlsSpec controlsSpec, ch chVar) {
                ArchiveOptions archiveEncryptedKeyLegacy;
                try {
                    ByteBuffer j = fVar.j();
                    d a2 = com.rsa.cryptoj.o.a.a("PKIArchiveOptions", j);
                    int f = com.rsa.cryptoj.o.a.f(a2.b().a());
                    if (f != 0) {
                        controlsSpec.setArchiveOptions(f == 1 ? new ArchiveFromParameters(((ad) a2).h()) : new ArchiveGeneratedPrivKey(((m) a2).g()));
                        return;
                    }
                    if (com.rsa.cryptoj.o.a.f(a2.b().e()) == 0) {
                        j.rewind();
                        com.rsa.cryptoj.o.a.c(j);
                        ByteBuffer allocate = ByteBuffer.allocate(j.remaining());
                        com.rsa.cryptoj.o.a.c(j);
                        com.rsa.cryptoj.o.a.a(true, 16, j.remaining(), allocate);
                        allocate.put(j);
                        allocate.rewind();
                        byte[] bArr = new byte[allocate.remaining()];
                        allocate.get(bArr);
                        archiveEncryptedKeyLegacy = new ArchiveEncryptedKey(bArr);
                    } else {
                        archiveEncryptedKeyLegacy = new ArchiveEncryptedKeyLegacy(rs.a(a2));
                    }
                    controlsSpec.setArchiveOptions(archiveEncryptedKeyLegacy);
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Archive Control.");
                }
            }
        });
        hashMap.put(pj.L.c(), new a() { // from class: com.rsa.cryptoj.o.rs.5
            @Override // com.rsa.cryptoj.o.rs.a
            public void a(f fVar, ControlsSpec controlsSpec, ch chVar) {
                try {
                    d a2 = com.rsa.cryptoj.o.a.a("CertId", fVar.j());
                    controlsSpec.setOldCertID(new GeneralName(com.rsa.cryptoj.o.a.c(a2.a(0))), ((v) a2.a(1)).g());
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF OldCert ID Control");
                }
            }
        });
        hashMap.put(pj.M.c(), new a() { // from class: com.rsa.cryptoj.o.rs.6
            @Override // com.rsa.cryptoj.o.rs.a
            public void a(f fVar, ControlsSpec controlsSpec, ch chVar) {
                try {
                    controlsSpec.setProtocolEncryptionKey(new qb(com.rsa.cryptoj.o.a.a("SubjectPublicKeyInfo", fVar.j()), chVar, kf.f1566a).a());
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Protocol Encryption Key Control");
                } catch (GeneralSecurityException e) {
                    throw new CertRequestException("Could not construct Protocol Encryption Key Control", e);
                }
            }
        });
        return hashMap;
    }

    public static ControlsSpec c(d dVar, ch chVar) {
        ControlsSpec controlsSpec = new ControlsSpec();
        for (int i = 0; i < dVar.c(); i++) {
            d a2 = dVar.a(i);
            a aVar = d.get(a2.a(0));
            if (aVar == null) {
                controlsSpec.addControl(com.rsa.cryptoj.o.a.c(a2));
            } else {
                aVar.a((f) a2.a(1), controlsSpec, chVar);
            }
        }
        return controlsSpec;
    }

    private static String c(String str) {
        return str.replaceAll("\\?", "\\%3f").replaceAll("\\%", "\\%25");
    }
}
