package com.rsa.cryptoj.o;

import com.rsa.jsafe.cert.cmp.CMPException;
import com.rsa.jsafe.cert.cmp.CMPInvalidRequestException;
import com.rsa.jsafe.cert.cmp.CMPInvalidResponseException;
import com.rsa.jsafe.cert.cmp.CMPMessage;
import com.rsa.jsafe.cert.cmp.CMPRequestMessage;
import com.rsa.jsafe.cert.cmp.CMPResponseMessage;
import com.rsa.jsafe.cert.cmp.CMPServerConfig;
import com.rsa.jsafe.cert.cmp.MACProtection;
import com.rsa.jsafe.cert.cmp.MessageProtection;
import com.rsa.jsafe.cert.cmp.SignatureProtection;
import java.nio.ByteBuffer;
import java.security.InvalidParameterException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes3.dex */
abstract class gx implements ho {

    /* renamed from: a, reason: collision with root package name */
    public static final int f20701a = 0;

    /* renamed from: b, reason: collision with root package name */
    public static final int f20702b = 2;

    /* renamed from: c, reason: collision with root package name */
    public static final int f20703c = 7;

    /* renamed from: d, reason: collision with root package name */
    public static final int f20704d = 24;

    /* renamed from: e, reason: collision with root package name */
    public static final int f20705e = 1;

    /* renamed from: f, reason: collision with root package name */
    public static final int f20706f = 3;

    /* renamed from: g, reason: collision with root package name */
    public static final int f20707g = 8;

    /* renamed from: h, reason: collision with root package name */
    public static final int f20708h = 12;

    /* renamed from: i, reason: collision with root package name */
    public static final int f20709i = 19;

    /* renamed from: j, reason: collision with root package name */
    public static final int f20710j = 23;

    /* renamed from: k, reason: collision with root package name */
    public static final String f20711k = "Error signing request.";

    /* renamed from: o, reason: collision with root package name */
    private static final int f20712o = 16;

    /* renamed from: p, reason: collision with root package name */
    private static final String f20713p = "PBMHmacSHA1";

    /* renamed from: q, reason: collision with root package name */
    private static final d f20714q = a.a("Name", new byte[]{o6.f.f46232m0, 0}, 0).c(a.c(4));
    private List<d> A;
    private hn B;

    /* renamed from: l, reason: collision with root package name */
    public SecureRandom f20715l;

    /* renamed from: m, reason: collision with root package name */
    public ch f20716m;

    /* renamed from: n, reason: collision with root package name */
    public byte[] f20717n;

    /* renamed from: r, reason: collision with root package name */
    private d f20718r;

    /* renamed from: s, reason: collision with root package name */
    private d f20719s;

    /* renamed from: t, reason: collision with root package name */
    private byte[] f20720t;

    /* renamed from: u, reason: collision with root package name */
    private byte[] f20721u;

    /* renamed from: v, reason: collision with root package name */
    private byte[] f20722v;

    /* renamed from: w, reason: collision with root package name */
    private byte[] f20723w;

    /* renamed from: x, reason: collision with root package name */
    private byte[] f20724x;

    /* renamed from: y, reason: collision with root package name */
    private List<String> f20725y;

    /* renamed from: z, reason: collision with root package name */
    private List<d> f20726z;

    private gy a(d dVar, int i10, byte[] bArr) {
        if (i10 == f() || i10 == 23) {
            if (i10 == 1 || i10 == 3 || i10 == 8) {
                return new hf(this.f20716m, dVar, i10, bArr);
            }
            if (i10 == 12) {
                return new hr(this.f20716m, dVar, bArr);
            }
            if (i10 == 19) {
                return new hh(this.f20716m, dVar, bArr);
            }
            if (i10 == 23) {
                return new hi(this.f20716m, dVar, bArr);
            }
        }
        throw new CMPInvalidResponseException("Response was unexpected message type.");
    }

    private CMPResponseMessage a(byte[] bArr) {
        try {
            d a10 = a.a("PKIMessage", bArr, 0);
            int f10 = a.f(a10.a(1).b().a());
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            a.c(wrap);
            ByteBuffer a11 = a.a(wrap);
            byte[] bArr2 = new byte[a11.remaining()];
            a11.get(bArr2);
            ByteBuffer a12 = a.a(wrap);
            byte[] bArr3 = new byte[a12.remaining()];
            a12.get(bArr3);
            e eVar = e.f20468a;
            gy a13 = a(a10, f10, a.c(a.a("ProtectedPartSimple", new Object[]{a.a(eVar, bArr2, 0), a.a(eVar, bArr3, 0)})));
            a13.a(this.B);
            b(a13);
            if (a13.getMessageType() == CMPMessage.Type.ERROR_MESSAGE) {
                return a13;
            }
            a(a13);
            return a13;
        } catch (b e10) {
            throw new CMPInvalidResponseException("Invalid response encoding", e10);
        }
    }

    private void a() {
        byte[] bArr = new byte[16];
        this.f20723w = bArr;
        SecureRandom secureRandom = this.f20715l;
        if (secureRandom == null) {
            dc.a(this.f20716m).nextBytes(this.f20723w);
        } else {
            secureRandom.nextBytes(bArr);
        }
    }

    private void a(MACProtection mACProtection) {
        if (!mACProtection.getAlgorithm().equalsIgnoreCase("PBMHmacSHA1")) {
            throw new InvalidParameterException("Unsupported Shared Secret protection algorithm.");
        }
        this.B = new hm(this, mACProtection.getAlgorithm(), c(), mACProtection.getSharedSecret());
    }

    private void a(MessageProtection messageProtection) {
        if (messageProtection == null) {
            return;
        }
        if (messageProtection instanceof MACProtection) {
            if (!d()) {
                throw new InvalidParameterException("MAC protection is not allowable for specified message type.");
            }
            a((MACProtection) messageProtection);
        } else {
            if (!(messageProtection instanceof SignatureProtection)) {
                throw new InvalidParameterException("Invalid protection config.");
            }
            if (!e()) {
                throw new InvalidParameterException("Signature protection is not allowable for specified message type.");
            }
            a((SignatureProtection) messageProtection);
        }
    }

    private void a(SignatureProtection signatureProtection) {
        this.B = new hs(this, signatureProtection.getAlgorithm(), signatureProtection.getSigningKey(), signatureProtection.getRecipientCert().getPublicKey());
    }

    private void b(CMPRequestMessage cMPRequestMessage) {
        try {
            this.f20718r = cMPRequestMessage.getSender() == null ? f20714q : a.a("GeneralName", cMPRequestMessage.getSender().getEncoded(), 0);
            this.f20719s = cMPRequestMessage.getRecipient() == null ? f20714q : a.a("GeneralName", cMPRequestMessage.getRecipient().getEncoded(), 0);
            this.f20720t = cMPRequestMessage.getSenderKeyID();
            this.f20721u = cMPRequestMessage.getRecipientKeyID();
            this.f20722v = cMPRequestMessage.getTransactionID();
            this.f20724x = cMPRequestMessage.getRecipientNonce();
            byte[] senderNonce = cMPRequestMessage.getSenderNonce();
            this.f20723w = senderNonce;
            if (senderNonce == null) {
                a();
            }
            this.f20725y = cMPRequestMessage.getFreeText();
            List<byte[]> generalInfo = cMPRequestMessage.getGeneralInfo();
            if (generalInfo != null) {
                this.f20726z = new ArrayList();
                Iterator<byte[]> it = generalInfo.iterator();
                while (it.hasNext()) {
                    this.f20726z.add(a.a("InfoTypeAndValue", it.next(), 0));
                }
            }
            List<Certificate> extraCertificates = cMPRequestMessage.getExtraCertificates();
            if (extraCertificates != null) {
                this.A = new ArrayList();
                Iterator<Certificate> it2 = extraCertificates.iterator();
                while (it2.hasNext()) {
                    this.A.add(a.a(e.f20468a, it2.next().getEncoded(), 0));
                }
            }
        } catch (b unused) {
            throw new CMPInvalidRequestException("Invalid message contents.");
        } catch (CertificateEncodingException unused2) {
            throw new CMPInvalidRequestException("Invalid message contents.");
        }
    }

    private void b(CMPResponseMessage cMPResponseMessage) {
        byte[] bArr = this.f20722v;
        if (bArr != null && !Arrays.equals(bArr, ((gy) cMPResponseMessage).f20728a)) {
            throw new CMPInvalidResponseException("Transaction ID in response did not match transaction ID in request.");
        }
        if (!Arrays.equals(this.f20723w, ((gy) cMPResponseMessage).f20729b)) {
            throw new CMPInvalidResponseException("Sender nonce in request did not match recipient nonce in response.");
        }
    }

    private byte[] c() {
        byte[] bArr = new byte[20];
        SecureRandom secureRandom = this.f20715l;
        if (secureRandom == null) {
            dc.a(this.f20716m).nextBytes(bArr);
        } else {
            secureRandom.nextBytes(bArr);
        }
        return bArr;
    }

    private void g() {
        Object[] objArr = new Object[12];
        objArr[0] = 2;
        objArr[1] = this.f20718r;
        objArr[2] = this.f20719s;
        objArr[3] = new Date();
        hn hnVar = this.B;
        objArr[4] = hnVar == null ? null : hnVar.a().c(a.c(1));
        objArr[5] = this.f20720t;
        objArr[6] = this.f20721u;
        objArr[7] = this.f20722v;
        objArr[8] = this.f20723w;
        objArr[9] = this.f20724x;
        objArr[10] = this.f20725y;
        objArr[11] = this.f20726z;
        d a10 = a.a("PKIHeader", objArr);
        d b10 = b();
        this.f20717n = a.a(a.a("PKIMessage", new Object[]{a10, b10, this.B != null ? this.B.a(a.a(a.a("ProtectedPart", new Object[]{a10, b10}))) : null, this.A}));
    }

    @Override // com.rsa.cryptoj.o.ho
    public final CMPResponseMessage a(CMPServerConfig cMPServerConfig) {
        try {
            return a(ha.a(cMPServerConfig).a(this.f20717n));
        } catch (CMPException e10) {
            throw e10;
        } catch (Exception e11) {
            throw new CMPException(e11);
        }
    }

    public void a(ch chVar) {
        this.f20716m = chVar;
    }

    public abstract void a(CMPRequestMessage cMPRequestMessage);

    @Override // com.rsa.cryptoj.o.ho
    public void a(CMPRequestMessage cMPRequestMessage, MessageProtection messageProtection, SecureRandom secureRandom) {
        this.f20715l = secureRandom;
        a(messageProtection);
        b(cMPRequestMessage);
        a(cMPRequestMessage);
        g();
    }

    public abstract void a(CMPResponseMessage cMPResponseMessage);

    public abstract d b();

    public abstract boolean d();

    public abstract boolean e();

    public abstract int f();
}
