package com.koushikdutta.scratch.tls;

import h.e1;
import h.i0;
import h.y;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.Calendar;
import java.util.Date;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.jetbrains.annotations.NotNull;

/* compiled from: certificate.kt */
@y(bv = {1, 0, 3}, d1 = {"\u0000&\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\u001a\u0018\u0010\u0000\u001a\u00020\u00012\u0006\u0010\u0002\u001a\u00020\u00032\u0006\u0010\u0004\u001a\u00020\u0005H\u0002\u001a\u001a\u0010\u0000\u001a\u000e\u0012\u0004\u0012\u00020\u0007\u0012\u0004\u0012\u00020\u00010\u00062\u0006\u0010\b\u001a\u00020\u0005\u001a\u0012\u0010\t\u001a\u00020\n*\u00020\n2\u0006\u0010\u000b\u001a\u00020\u0001\u001a\u001a\u0010\t\u001a\u00020\n*\u00020\n2\u0006\u0010\f\u001a\u00020\u00072\u0006\u0010\u000b\u001a\u00020\u0001*\n\u0010\r\"\u00020\u00072\u00020\u0007*\n\u0010\u000e\"\u00020\u00012\u00020\u0001¨\u0006\u000f"}, d2 = {"createSelfSignedCertificate", "Ljava/security/cert/X509Certificate;", "keyPair", "Ljava/security/KeyPair;", "subjectDN", "", "Lkotlin/Pair;", "Ljava/security/interfaces/RSAPrivateKey;", "subjectName", "init", "Ljavax/net/ssl/SSLContext;", "certificate", "pk", "RSAPrivateKey", "X509Certificate", "core"}, k = 2, mv = {1, 1, 16})
/* loaded from: classes2.dex */
public final class CertificateKt {
    @NotNull
    public static final i0<RSAPrivateKey, X509Certificate> createSelfSignedCertificate(@NotNull String str) {
        h.q2.t.i0.f(str, "subjectName");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        h.q2.t.i0.a((Object) generateKeyPair, "pair");
        X509Certificate createSelfSignedCertificate = createSelfSignedCertificate(generateKeyPair, str);
        PrivateKey privateKey = generateKeyPair.getPrivate();
        if (privateKey != null) {
            return new i0<>((RSAPrivateKey) privateKey, createSelfSignedCertificate);
        }
        throw new e1("null cannot be cast to non-null type java.security.interfaces.RSAPrivateKey");
    }

    private static final X509Certificate createSelfSignedCertificate(KeyPair keyPair, String str) throws Exception {
        Provider bouncyCastleProvider = new BouncyCastleProvider();
        Security.addProvider(bouncyCastleProvider);
        long currentTimeMillis = System.currentTimeMillis();
        Date date = new Date(currentTimeMillis);
        X500Name x500Name = new X500Name("CN=" + str);
        BigInteger bigInteger = new BigInteger(String.valueOf(currentTimeMillis));
        Calendar calendar = Calendar.getInstance();
        h.q2.t.i0.a((Object) calendar, "calendar");
        calendar.setTime(date);
        calendar.add(1, 1);
        Date time = calendar.getTime();
        ContentSigner build = new JcaContentSignerBuilder("SHA256WithRSA").build(keyPair.getPrivate());
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500Name, bigInteger, date, time, x500Name, keyPair.getPublic());
        jcaX509v3CertificateBuilder.addExtension(Extension.subjectAlternativeName, false, new DERSequence(new ASN1Encodable[]{(ASN1Encodable) new GeneralName(2, str)}));
        jcaX509v3CertificateBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.19"), true, new BasicConstraints(true));
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider(bouncyCastleProvider).getCertificate(jcaX509v3CertificateBuilder.build(build));
        h.q2.t.i0.a((Object) certificate, "JcaX509CertificateConver…der.build(contentSigner))");
        return certificate;
    }

    @NotNull
    public static final SSLContext init(@NotNull SSLContext sSLContext, @NotNull X509Certificate x509Certificate) {
        h.q2.t.i0.f(sSLContext, "$this$init");
        h.q2.t.i0.f(x509Certificate, "certificate");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        keyStore.setCertificateEntry("cert", x509Certificate);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm(), sSLContext.getProvider());
        trustManagerFactory.init(keyStore);
        h.q2.t.i0.a((Object) trustManagerFactory, "tmf");
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
        return sSLContext;
    }

    @NotNull
    public static final SSLContext init(@NotNull SSLContext sSLContext, @NotNull RSAPrivateKey rSAPrivateKey, @NotNull X509Certificate x509Certificate) {
        h.q2.t.i0.f(sSLContext, "$this$init");
        h.q2.t.i0.f(rSAPrivateKey, "pk");
        h.q2.t.i0.f(x509Certificate, "certificate");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        char[] charArray = "".toCharArray();
        h.q2.t.i0.a((Object) charArray, "(this as java.lang.String).toCharArray()");
        keyStore.setKeyEntry("key", rSAPrivateKey, charArray, new X509Certificate[]{x509Certificate});
        keyStore.setCertificateEntry("cert", x509Certificate);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        char[] charArray2 = "".toCharArray();
        h.q2.t.i0.a((Object) charArray2, "(this as java.lang.String).toCharArray()");
        keyManagerFactory.init(keyStore, charArray2);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm(), sSLContext.getProvider());
        trustManagerFactory.init(keyStore);
        h.q2.t.i0.a((Object) keyManagerFactory, "kmf");
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        h.q2.t.i0.a((Object) trustManagerFactory, "tmf");
        sSLContext.init(keyManagers, trustManagerFactory.getTrustManagers(), null);
        return sSLContext;
    }
}
