package u;

import android.annotation.TargetApi;
import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.Random;
import javax.security.auth.x500.X500Principal;
import me.zhanghai.android.materialprogressbar.BuildConfig;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.X500NameBuilder;
import org.spongycastle.asn1.x500.style.BCStyle;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.pkcs.PKCS10CertificationRequest;
import org.spongycastle.pkcs.PKCS10CertificationRequestBuilder;
import z.C0398b;

/* renamed from: u.d, reason: case insensitive filesystem */
/* loaded from: classes.dex */
public class C0373d {
    @Deprecated
    private static KeyPair a() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", Security.getProvider("BC"));
        keyPairGenerator.initialize(2048, new SecureRandom());
        return keyPairGenerator.generateKeyPair();
    }

    @TargetApi(18)
    @Deprecated
    private static KeyPair b(Context context, String str, X500Principal x500Principal, BigInteger bigInteger, Date date, Date date2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        KeyPairGeneratorSpec.Builder subject = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setStartDate(date).setEndDate(date2).setSerialNumber(bigInteger).setSubject(x500Principal);
        subject.setKeySize(2048);
        keyPairGenerator.initialize(subject.build());
        return keyPairGenerator.generateKeyPair();
    }

    @TargetApi(23)
    @Deprecated
    private static KeyPair c(String str, X500Principal x500Principal, BigInteger bigInteger, Date date, Date date2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 15).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setEncryptionPaddings("PKCS1Padding", "OAEPPadding").setSignaturePaddings("PKCS1", "PSS").setDigests("NONE", "SHA-256", "SHA-512").setCertificateNotBefore(date).setCertificateNotAfter(date2).setCertificateSerialNumber(bigInteger).setCertificateSubject(x500Principal).build());
        return keyPairGenerator.generateKeyPair();
    }

    public static void d(byte[] bArr, String[] strArr) throws C0371b {
        C0398b.d("CSMCryptoUtils", "checkCertificate()");
        try {
            String upperCase = ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr))).getSubjectX500Principal().getName().replaceAll("\\s+", BuildConfig.FLAVOR).toUpperCase(Locale.US);
            C0398b.j("CSMCryptoUtils", "subjectName = " + upperCase);
            if (strArr == null) {
                C0398b.j("CSMCryptoUtils", "Subject name check was skipped");
                return;
            }
            for (String str : strArr) {
                if (!upperCase.contains(str.toUpperCase(Locale.US))) {
                    C0398b.e("CSMCryptoUtils", "checkCertificate(): Client certificate is not issued for this device. Certificate subject does not contain: " + str);
                    throw new C0371b(-8881, "Client certificate is not issued for this device. Certificate subject does not contain: " + str);
                }
            }
        } catch (CertificateException e2) {
            C0398b.e("CSMCryptoUtils", "checkCertificate(): Client certificate is not X509 certificate." + e2.getMessage());
            C0398b.f("CSMCryptoUtils", e2);
            throw new C0371b(-8881, "Client certificate is not X509 certificate.", e2);
        }
    }

    public static KeyStore e(byte[] bArr, String str, String str2) throws C0371b {
        try {
            KeyStore keyStore = KeyStore.getInstance(str);
            keyStore.load(new ByteArrayInputStream(bArr), str2 == null ? null : str2.toCharArray());
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            C0398b.k("CSMCryptoUtils", "Error while deserializing keystore");
            C0398b.l("CSMCryptoUtils", e2);
            throw new C0371b(-8884, "Error while deserializing keystore", e2);
        }
    }

    public static X509Certificate f(KeyPair keyPair) throws C0371b {
        return g(keyPair, new Date());
    }

    public static X509Certificate g(KeyPair keyPair, Date date) throws C0371b {
        X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        x500NameBuilder.addRDN(BCStyle.OU, "None");
        x500NameBuilder.addRDN(BCStyle.f2365O, "None");
        x500NameBuilder.addRDN(BCStyle.CN, "None");
        Date date2 = new Date(date.getTime() + 1009152000000L);
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500NameBuilder.build(), new BigInteger(128, new Random(new Date().getTime())), date, date2, x500NameBuilder.build(), keyPair.getPublic());
        try {
            X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(jcaX509v3CertificateBuilder.build(new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(keyPair.getPrivate())));
            certificate.checkValidity(date);
            certificate.verify(certificate.getPublicKey());
            return certificate;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException | OperatorCreationException e2) {
            throw new C0371b(-8884, "Error while creating self-signed certificate.", e2);
        }
    }

    @Deprecated
    public static KeyPair h(Context context, String str, boolean z2) throws C0371b {
        try {
            X500Principal x500Principal = new X500Principal("CN=" + str);
            BigInteger valueOf = BigInteger.valueOf(1L);
            Calendar calendar = Calendar.getInstance();
            Date time = calendar.getTime();
            calendar.add(1, 10);
            Date time2 = calendar.getTime();
            return z2 ? c(str, x500Principal, valueOf, time, time2) : z2 ? b(context, str, x500Principal, valueOf, time, time2) : a();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e2) {
            C0398b.e("CSMCryptoUtils", "Error while generating keypair: " + e2.getMessage());
            C0398b.f("CSMCryptoUtils", e2);
            throw new C0371b(-8885, "Error while generating keypair.", e2);
        }
    }

    public static PKCS10CertificationRequest i(String str, KeyPair keyPair) throws C0371b {
        String str2 = "OU=CASE_ANDROID, CN=" + str;
        C0398b.d("CSMCryptoUtils", "generatePKCS10(" + str2 + ")");
        if (keyPair.getPrivate() == null || keyPair.getPublic() == null) {
            throw new NullPointerException("Passed keypair contains null key");
        }
        try {
            return new PKCS10CertificationRequestBuilder(new X500Name(str2), SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded())).build(new JcaContentSignerBuilder("SHA256withRSA").build(keyPair.getPrivate()));
        } catch (OperatorCreationException e2) {
            C0398b.e("CSMCryptoUtils", "generatePKCS10(): " + e2.getMessage());
            C0398b.f("CSMCryptoUtils", e2);
            throw new C0371b(-8883, "Error while creating PKCS10.", e2);
        }
    }

    public static X509Certificate j(byte[] bArr) throws C0371b {
        C0398b.d("CSMCryptoUtils", "getCert()");
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (CertificateException e2) {
            C0398b.e("CSMCryptoUtils", "getCert(): Passed bytes are not X509 certificate." + e2.getMessage());
            C0398b.f("CSMCryptoUtils", e2);
            throw new C0371b(-8881, "Passed bytes are not X509 certificate.", e2);
        }
    }

    public static byte[] k(PKCS10CertificationRequest pKCS10CertificationRequest) {
        C0398b.d("CSMCryptoUtils", "getPKCS10Bytes()");
        try {
            return pKCS10CertificationRequest.getEncoded();
        } catch (IOException e2) {
            C0398b.e("CSMCryptoUtils", "pkcs10 request encoding IOException");
            C0398b.f("CSMCryptoUtils", e2);
            return null;
        }
    }
}
