package com.rsa.cryptoj.o;

import com.rsa.jsafe.cert.CertRequestException;
import com.rsa.jsafe.cert.GeneralName;
import com.rsa.jsafe.cert.ObjectID;
import com.rsa.jsafe.cert.crmf.ArchiveEncryptedKey;
import com.rsa.jsafe.cert.crmf.ArchiveEncryptedKeyLegacy;
import com.rsa.jsafe.cert.crmf.ArchiveFromParameters;
import com.rsa.jsafe.cert.crmf.ArchiveGeneratedPrivKey;
import com.rsa.jsafe.cert.crmf.ArchiveOptions;
import com.rsa.jsafe.cert.crmf.CertTemplateSpec;
import com.rsa.jsafe.cert.crmf.ControlsSpec;
import com.rsa.jsafe.cert.crmf.EncryptedValue;
import com.rsa.jsafe.cert.crmf.RegInfoSpec;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class re {

    /* renamed from: a, reason: collision with root package name */
    private static final Date f7589a = new Date(2524608000000L);

    /* renamed from: b, reason: collision with root package name */
    private static final Pattern f7590b = Pattern.compile("([^0-9]([^?%]|%3f|%25)*)\\?(([^?%]|%3f|%25)*)%");

    /* renamed from: c, reason: collision with root package name */
    private static final ControlsSpec.PubMethod[] f7591c = {ControlsSpec.PubMethod.DONT_CARE, ControlsSpec.PubMethod.X500, ControlsSpec.PubMethod.WEB, ControlsSpec.PubMethod.LDAP};

    /* renamed from: d, reason: collision with root package name */
    private static final Map<aa, a> f7592d = b();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public interface a {
        void a(f fVar, ControlsSpec controlsSpec, cf cfVar) throws CertRequestException;
    }

    private static d a(ov ovVar, d dVar) {
        return com.rsa.cryptoj.o.a.a("AttributeTypeAndValue", new Object[]{ovVar.c(), dVar});
    }

    private static d a(ArchiveOptions archiveOptions) throws CertRequestException {
        d mVar;
        int i3;
        d d4;
        d a4;
        if (archiveOptions instanceof ArchiveEncryptedKey) {
            a4 = com.rsa.cryptoj.o.a.a("EnvelopedData", ((ArchiveEncryptedKey) archiveOptions).getEncodedEnvelopedKey(), 0).d(com.rsa.cryptoj.o.a.c(0));
        } else {
            if (!(archiveOptions instanceof ArchiveEncryptedKeyLegacy)) {
                if (archiveOptions instanceof ArchiveFromParameters) {
                    mVar = new ad(((ArchiveFromParameters) archiveOptions).getKeyGenParameters());
                    i3 = 1;
                } else {
                    if (!(archiveOptions instanceof ArchiveGeneratedPrivKey)) {
                        throw new CertRequestException("Invalid ArchiveOptions object.");
                    }
                    mVar = new m(((ArchiveGeneratedPrivKey) archiveOptions).isArchiveEnabled());
                    i3 = 2;
                }
                d4 = mVar.d(com.rsa.cryptoj.o.a.c(i3));
                return com.rsa.cryptoj.o.a.a("PKIArchiveOptions", d4);
            }
            a4 = a(((ArchiveEncryptedKeyLegacy) archiveOptions).getEncryptedValue());
        }
        d4 = a4.c(com.rsa.cryptoj.o.a.c(0));
        return com.rsa.cryptoj.o.a.a("PKIArchiveOptions", d4);
    }

    public static d a(CertTemplateSpec certTemplateSpec) {
        d d4;
        d c4 = certTemplateSpec.getIssuer() != null ? com.rsa.cryptoj.o.a.a("RDNSequence", certTemplateSpec.getIssuer().getEncoded(), 0).c(com.rsa.cryptoj.o.a.c(3)) : null;
        d c5 = certTemplateSpec.getSubject() != null ? com.rsa.cryptoj.o.a.a("RDNSequence", certTemplateSpec.getSubject().getEncoded(), 0).c(com.rsa.cryptoj.o.a.c(5)) : null;
        d d5 = certTemplateSpec.getPublicKey() != null ? com.rsa.cryptoj.o.a.a("SubjectPublicKeyInfo", certTemplateSpec.getPublicKey().getEncoded(), 0).d(com.rsa.cryptoj.o.a.c(6)) : null;
        d d6 = certTemplateSpec.getExtensionSpec() != null ? op.a(certTemplateSpec.getExtensionSpec()).d(com.rsa.cryptoj.o.a.c(9)) : null;
        Date notBefore = certTemplateSpec.getNotBefore();
        Date notAfter = certTemplateSpec.getNotAfter();
        if (notBefore == null && notAfter == null) {
            d4 = null;
        } else {
            Object[] objArr = new Object[2];
            objArr[0] = notBefore == null ? null : a(notBefore);
            objArr[1] = notAfter == null ? null : a(notAfter);
            d4 = com.rsa.cryptoj.o.a.a("OptionalValidity", objArr).d(com.rsa.cryptoj.o.a.c(4));
        }
        return com.rsa.cryptoj.o.a.a("CertTemplate", new Object[]{null, null, null, c4, d4, c5, d5, null, null, d6});
    }

    public static d a(ControlsSpec controlsSpec) throws CertRequestException {
        ArrayList arrayList = new ArrayList();
        if (controlsSpec.getRegistrationToken() != null) {
            arrayList.add(a(ov.H, com.rsa.cryptoj.o.a.a(ag.f5328o, controlsSpec.getRegistrationToken())));
        }
        if (controlsSpec.getAuthenticator() != null) {
            arrayList.add(a(ov.I, com.rsa.cryptoj.o.a.a(ag.f5328o, controlsSpec.getAuthenticator())));
        }
        if (controlsSpec.isPublicationInformationSpecified()) {
            List<ControlsSpec.SinglePubInfo> publicationInfos = controlsSpec.getPublicationInfos();
            Object[] objArr = null;
            if (publicationInfos != null) {
                Object[] objArr2 = new Object[publicationInfos.size()];
                for (int i3 = 0; i3 < publicationInfos.size(); i3++) {
                    ControlsSpec.SinglePubInfo singlePubInfo = publicationInfos.get(i3);
                    GeneralName pubLocation = singlePubInfo.getPubLocation();
                    d a4 = pubLocation == null ? null : com.rsa.cryptoj.o.a.a("GeneralName", pubLocation.getEncoded(), 0);
                    Object[] objArr3 = new Object[2];
                    objArr3[0] = Integer.valueOf(singlePubInfo.getPubMethod().id());
                    objArr3[1] = a4;
                    objArr2[i3] = objArr3;
                }
                objArr = objArr2;
            }
            arrayList.add(a(ov.J, com.rsa.cryptoj.o.a.a("PKIPublicationInfo", new Object[]{Integer.valueOf(controlsSpec.getPublicationInformationAction() ? 1 : 0), objArr})));
        }
        ArchiveOptions archiveOptions = controlsSpec.getArchiveOptions();
        if (archiveOptions != null) {
            arrayList.add(a(ov.K, a(archiveOptions)));
        }
        if (controlsSpec.getOldCertIDSerialNumber() != null) {
            arrayList.add(a(ov.L, com.rsa.cryptoj.o.a.a("CertId", new Object[]{com.rsa.cryptoj.o.a.a("GeneralName", controlsSpec.getOldCertIDIssuer().getEncoded(), 0), controlsSpec.getOldCertIDSerialNumber()})));
        }
        PublicKey protocolEncryptionKey = controlsSpec.getProtocolEncryptionKey();
        if (protocolEncryptionKey != null) {
            arrayList.add(a(ov.M, com.rsa.cryptoj.o.a.a("SubjectPublicKeyInfo", protocolEncryptionKey.getEncoded(), 0)));
        }
        List<byte[]> otherControls = controlsSpec.getOtherControls();
        if (otherControls != null) {
            Iterator<byte[]> it = otherControls.iterator();
            while (it.hasNext()) {
                arrayList.add(com.rsa.cryptoj.o.a.a("AttributeTypeAndValue", it.next(), 0));
            }
        }
        return com.rsa.cryptoj.o.a.a("Controls", arrayList);
    }

    public static d a(EncryptedValue encryptedValue) {
        Object[] objArr = new Object[6];
        objArr[0] = encryptedValue.getIntendedAlgObjectID() == null ? null : a(encryptedValue.getIntendedAlgObjectID().toString(), encryptedValue.getIntendedAlgParams()).d(com.rsa.cryptoj.o.a.c(0));
        objArr[1] = encryptedValue.getSymmetricAlgObjectID() == null ? null : a(encryptedValue.getSymmetricAlgObjectID().toString(), encryptedValue.getSymmetricAlgParams()).d(com.rsa.cryptoj.o.a.c(1));
        objArr[2] = encryptedValue.getEncryptedSymmKey();
        objArr[3] = encryptedValue.getKeyAlgObjectID() != null ? a(encryptedValue.getKeyAlgObjectID().toString(), encryptedValue.getKeyAlgParams()).d(com.rsa.cryptoj.o.a.c(3)) : null;
        objArr[4] = encryptedValue.getValueHint();
        objArr[5] = encryptedValue.getEncryptedValue();
        return com.rsa.cryptoj.o.a.a("EncryptedValue", objArr);
    }

    public static d a(RegInfoSpec regInfoSpec) throws CertRequestException {
        ArrayList arrayList = new ArrayList();
        Map<String, String> nameValuePairs = regInfoSpec.getNameValuePairs();
        if (nameValuePairs != null) {
            arrayList.add(a(ov.N, com.rsa.cryptoj.o.a.a(ag.f5328o, a(nameValuePairs))));
        }
        if (regInfoSpec.getCertRequestID() != null) {
            ControlsSpec certRequestControls = regInfoSpec.getCertRequestControls();
            Object[] objArr = new Object[3];
            objArr[0] = regInfoSpec.getCertRequestID();
            objArr[1] = a(regInfoSpec.getCertRequestTemplate());
            objArr[2] = certRequestControls == null ? null : a(certRequestControls);
            arrayList.add(a(ov.O, com.rsa.cryptoj.o.a.a("CertRequest", objArr)));
        }
        List<byte[]> otherRegInfos = regInfoSpec.getOtherRegInfos();
        if (otherRegInfos != null) {
            Iterator<byte[]> it = otherRegInfos.iterator();
            while (it.hasNext()) {
                arrayList.add(com.rsa.cryptoj.o.a.a("AttributeTypeAndValue", it.next(), 0));
            }
        }
        return com.rsa.cryptoj.o.a.a("Controls", arrayList);
    }

    private static d a(String str, byte[] bArr) {
        Object[] objArr = new Object[2];
        objArr[0] = str;
        objArr[1] = bArr != null ? com.rsa.cryptoj.o.a.a(e.f5780a, bArr, 0) : null;
        return com.rsa.cryptoj.o.a.a("AlgorithmIdentifier", objArr);
    }

    private static d a(Date date) {
        return com.rsa.cryptoj.o.a.a(date.before(f7589a) ? as.f5357a : s.f7612a, date);
    }

    public static CertTemplateSpec a(d dVar, cf cfVar) throws CertRequestException {
        CertTemplateSpec certTemplateSpec = new CertTemplateSpec();
        d a4 = dVar.a(3);
        if (a4 != null) {
            certTemplateSpec.setIssuer(new X500Principal(com.rsa.cryptoj.o.a.a(com.rsa.cryptoj.o.a.a("RDNSequence", ((aj) a4).g()))));
        }
        d a5 = dVar.a(4);
        if (a5 != null) {
            aq aqVar = (aq) a5.a(0);
            aq aqVar2 = (aq) a5.a(1);
            certTemplateSpec.setValidity(aqVar == null ? null : aqVar.g(), aqVar2 != null ? aqVar2.g() : null);
        }
        d a6 = dVar.a(5);
        if (a6 != null) {
            certTemplateSpec.setSubject(new X500Principal(com.rsa.cryptoj.o.a.a(com.rsa.cryptoj.o.a.a("RDNSequence", ((aj) a6).g()))), false);
        }
        d a7 = dVar.a(6);
        if (a7 != null) {
            c b4 = ar.f5351a.b("SubjectPublicKeyInfo");
            try {
                certTemplateSpec.setPublicKey(new pn(com.rsa.cryptoj.o.a.a(b4.c(com.rsa.cryptoj.o.a.c(6)), ((f) a7).j()).d(b4.f()), cfVar, ka.f6625a).a());
            } catch (GeneralSecurityException e4) {
                throw new CertRequestException("Request contains unrecognized public key.", e4);
            }
        }
        d a8 = dVar.a(9);
        if (a8 != null) {
            certTemplateSpec.setExtensions(op.a(new pe(a8, 0)));
        }
        return certTemplateSpec;
    }

    public static EncryptedValue a(d dVar) {
        EncryptedValue encryptedValue = new EncryptedValue();
        d a4 = dVar.a(0);
        d a5 = dVar.a(1);
        d a6 = dVar.a(2);
        d a7 = dVar.a(3);
        d a8 = dVar.a(4);
        encryptedValue.setEncryptedValue(((k) dVar.a(5)).g());
        if (a4 != null) {
            aa aaVar = (aa) a4.a(0);
            f fVar = (f) a4.a(1);
            encryptedValue.setIntendedAlg(new ObjectID(aaVar.h()), fVar == null ? null : fVar.h());
        }
        if (a5 != null) {
            aa aaVar2 = (aa) a5.a(0);
            f fVar2 = (f) a5.a(1);
            encryptedValue.setSymmetricAlg(new ObjectID(aaVar2.h()), fVar2 == null ? null : fVar2.h());
        }
        if (a6 != null) {
            encryptedValue.setEncryptedSymmetricKey(((k) a6).g());
        }
        if (a7 != null) {
            aa aaVar3 = (aa) a7.a(0);
            f fVar3 = (f) a7.a(1);
            encryptedValue.setKeyAlg(new ObjectID(aaVar3.h()), fVar3 != null ? fVar3.h() : null);
        }
        if (a8 != null) {
            encryptedValue.setValueHint(((ad) a8).h());
        }
        return encryptedValue;
    }

    private static String a(Map<String, String> map) {
        StringBuffer stringBuffer = new StringBuffer();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            stringBuffer.append(c(entry.getKey()));
            stringBuffer.append("?");
            stringBuffer.append(c(entry.getValue()));
            stringBuffer.append("%");
        }
        return stringBuffer.toString();
    }

    public static Map<String, String> a(String str) throws CertRequestException {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        Matcher matcher = f7590b.matcher(str);
        int i3 = -1;
        while (matcher.lookingAt()) {
            linkedHashMap.put(b(matcher.group(1)), b(matcher.group(3)));
            i3 = matcher.end();
            matcher.region(i3, str.length());
        }
        if (i3 == str.length()) {
            return linkedHashMap;
        }
        throw new CertRequestException("RegInfo utf8pairs attribute contained invalidly formatted data.");
    }

    public static RegInfoSpec b(d dVar, cf cfVar) throws CertRequestException {
        RegInfoSpec regInfoSpec = new RegInfoSpec();
        for (int i3 = 0; i3 < dVar.c(); i3++) {
            d a4 = dVar.a(i3);
            d a5 = a4.a(0);
            f fVar = (f) a4.a(1);
            if (a5.equals(ov.N.c())) {
                regInfoSpec.setNameValuePairs(a(com.rsa.cryptoj.o.a.a((c) ag.f5328o, fVar.j()).toString()));
            } else if (a5.equals(ov.O.c())) {
                d a6 = com.rsa.cryptoj.o.a.a("CertRequest", fVar.h(), 0);
                BigInteger g3 = ((v) a6.a(0)).g();
                CertTemplateSpec a7 = a(a6.a(1), cfVar);
                d a8 = a6.a(2);
                regInfoSpec.setCertRequest(g3, a7, a8 != null ? c(a8, cfVar) : null);
            } else {
                regInfoSpec.addOtherRegInfo(com.rsa.cryptoj.o.a.c(a4));
            }
        }
        return regInfoSpec;
    }

    private static String b(String str) {
        return str.replaceAll("%3f", "?").replaceAll("%25", "%");
    }

    private static Map<aa, a> b() {
        HashMap hashMap = new HashMap();
        hashMap.put(ov.H.c(), new a() { // from class: com.rsa.cryptoj.o.re.1
            @Override // com.rsa.cryptoj.o.re.a
            public void a(f fVar, ControlsSpec controlsSpec, cf cfVar) throws CertRequestException {
                try {
                    controlsSpec.setRegistrationToken(com.rsa.cryptoj.o.a.a((c) ag.f5328o, fVar.i()).toString());
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Registration Token Control");
                }
            }
        });
        hashMap.put(ov.I.c(), new a() { // from class: com.rsa.cryptoj.o.re.2
            @Override // com.rsa.cryptoj.o.re.a
            public void a(f fVar, ControlsSpec controlsSpec, cf cfVar) throws CertRequestException {
                try {
                    controlsSpec.setAuthenticator(com.rsa.cryptoj.o.a.a((c) ag.f5328o, fVar.i()).toString());
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Authenticator Control");
                }
            }
        });
        hashMap.put(ov.J.c(), new a() { // from class: com.rsa.cryptoj.o.re.3
            @Override // com.rsa.cryptoj.o.re.a
            public void a(f fVar, ControlsSpec controlsSpec, cf cfVar) throws CertRequestException {
                try {
                    d a4 = com.rsa.cryptoj.o.a.a("PKIPublicationInfo", fVar.i());
                    v vVar = (v) a4.a(0);
                    ArrayList arrayList = null;
                    if (vVar.i() == 0) {
                        controlsSpec.setPublicationInformation(false, null);
                        return;
                    }
                    if (vVar.i() != 1) {
                        throw new CertRequestException("Invalid CRMF Publication Information Control encoding.");
                    }
                    d a5 = a4.a(1);
                    if (a5 != null) {
                        arrayList = new ArrayList();
                        for (int i3 = 0; i3 < a5.c(); i3++) {
                            d a6 = a5.a(i3);
                            v vVar2 = (v) a6.a(0);
                            d a7 = a6.a(1);
                            int i4 = vVar2.i();
                            if (i4 < 0 || i4 >= ControlsSpec.PubMethod.values().length) {
                                throw new CertRequestException("Invalid CRMF Publication Information Control encoding.");
                            }
                            if (a7 == null) {
                                arrayList.add(new ControlsSpec.SinglePubInfo(re.f7591c[i4]));
                            } else {
                                arrayList.add(new ControlsSpec.SinglePubInfo(re.f7591c[i4], new GeneralName(com.rsa.cryptoj.o.a.c(a7))));
                            }
                        }
                    }
                    controlsSpec.setPublicationInformation(true, arrayList);
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Publication Information Control");
                }
            }
        });
        hashMap.put(ov.K.c(), new a() { // from class: com.rsa.cryptoj.o.re.4
            @Override // com.rsa.cryptoj.o.re.a
            public void a(f fVar, ControlsSpec controlsSpec, cf cfVar) throws CertRequestException {
                ArchiveOptions archiveEncryptedKeyLegacy;
                try {
                    ByteBuffer j3 = fVar.j();
                    d a4 = com.rsa.cryptoj.o.a.a("PKIArchiveOptions", j3);
                    int f3 = com.rsa.cryptoj.o.a.f(a4.b().a());
                    if (f3 != 0) {
                        controlsSpec.setArchiveOptions(f3 == 1 ? new ArchiveFromParameters(((ad) a4).h()) : new ArchiveGeneratedPrivKey(((m) a4).g()));
                        return;
                    }
                    if (com.rsa.cryptoj.o.a.f(a4.b().e()) == 0) {
                        j3.rewind();
                        com.rsa.cryptoj.o.a.c(j3);
                        ByteBuffer allocate = ByteBuffer.allocate(j3.remaining());
                        com.rsa.cryptoj.o.a.c(j3);
                        com.rsa.cryptoj.o.a.a(true, 16, j3.remaining(), allocate);
                        allocate.put(j3);
                        allocate.rewind();
                        byte[] bArr = new byte[allocate.remaining()];
                        allocate.get(bArr);
                        archiveEncryptedKeyLegacy = new ArchiveEncryptedKey(bArr);
                    } else {
                        archiveEncryptedKeyLegacy = new ArchiveEncryptedKeyLegacy(re.a(a4));
                    }
                    controlsSpec.setArchiveOptions(archiveEncryptedKeyLegacy);
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Archive Control.");
                }
            }
        });
        hashMap.put(ov.L.c(), new a() { // from class: com.rsa.cryptoj.o.re.5
            @Override // com.rsa.cryptoj.o.re.a
            public void a(f fVar, ControlsSpec controlsSpec, cf cfVar) throws CertRequestException {
                try {
                    d a4 = com.rsa.cryptoj.o.a.a("CertId", fVar.j());
                    controlsSpec.setOldCertID(new GeneralName(com.rsa.cryptoj.o.a.c(a4.a(0))), ((v) a4.a(1)).g());
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF OldCert ID Control");
                }
            }
        });
        hashMap.put(ov.M.c(), new a() { // from class: com.rsa.cryptoj.o.re.6
            @Override // com.rsa.cryptoj.o.re.a
            public void a(f fVar, ControlsSpec controlsSpec, cf cfVar) throws CertRequestException {
                try {
                    controlsSpec.setProtocolEncryptionKey(new pn(com.rsa.cryptoj.o.a.a("SubjectPublicKeyInfo", fVar.j()), cfVar, ka.f6625a).a());
                } catch (b unused) {
                    throw new CertRequestException("Could not decode CRMF Protocol Encryption Key Control");
                } catch (GeneralSecurityException e4) {
                    throw new CertRequestException("Could not construct Protocol Encryption Key Control", e4);
                }
            }
        });
        return hashMap;
    }

    public static ControlsSpec c(d dVar, cf cfVar) throws CertRequestException {
        ControlsSpec controlsSpec = new ControlsSpec();
        for (int i3 = 0; i3 < dVar.c(); i3++) {
            d a4 = dVar.a(i3);
            a aVar = f7592d.get(a4.a(0));
            if (aVar == null) {
                controlsSpec.addControl(com.rsa.cryptoj.o.a.c(a4));
            } else {
                aVar.a((f) a4.a(1), controlsSpec, cfVar);
            }
        }
        return controlsSpec;
    }

    private static String c(String str) {
        return str.replaceAll("\\?", "\\%3f").replaceAll("\\%", "\\%25");
    }
}
