package com.microsoft.workaccount.workplacejoin.core;

import com.microsoft.ngc.provider.cryptography.NgcKeyPairGenerator;
import com.microsoft.workaccount.workplacejoin.Logger;
import java.io.IOException;
import java.io.StringWriter;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.StringTokenizer;
import java.util.Vector;
import org.slf4j.Marker;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.ExtendedKeyUsage;
import org.spongycastle.asn1.x509.KeyPurposeId;
import org.spongycastle.asn1.x509.KeyUsage;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.asn1.x509.X509Extension;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.openssl.PEMWriter;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
import org.spongycastle.pkcs.PKCS10CertificationRequest;
import org.spongycastle.pkcs.PKCS10CertificationRequestBuilder;
import org.spongycastle.pkcs.PKCSException;
import org.spongycastle.util.io.pem.PemObject;

/* loaded from: classes.dex */
public class PKCS10CertGenerator {
    public static String CERTIFICATE_TYPE;
    public static String COMMON_NAME;
    public static String COUNTRY_NAME;
    public static String DEFAULT_X500DIR_NAME;
    public static String EMAIL_ADDRESS;
    public static String LOCALITY_NAME;
    public static String ORG_NAME;
    public static String ORG_UNIT_NAME;
    private static final String TAG = PKCS10CertGenerator.class.getSimpleName() + "#";
    private static ConfigurationForPKCS10 mDataForPKCS = new ConfigurationForPKCS10();
    private static KeyPair pair;

    /* loaded from: classes.dex */
    public enum AlgorithEnum {
        DSA1024,
        RSA1024,
        RSA2048
    }

    /* loaded from: classes.dex */
    public static class ConfigurationForPKCS10 {
        private KeyUsage keyUsage;
        private AlgorithEnum algorithm = AlgorithEnum.RSA2048;
        private SignatureAlgorithmEnum signatureAlgorithm = SignatureAlgorithmEnum.SHA256WithRSAEncryption;
        private Provider provider = new BouncyCastleProvider();
        private KeyPurposeId mKeyPurposeId = KeyPurposeId.id_kp_clientAuth;
        private String X500DirName = "";

        private void addX500DirAttribute(String str, String str2) {
            if (this.X500DirName.length() > 0) {
                this.X500DirName += Marker.ANY_NON_NULL_MARKER;
            }
            this.X500DirName += str + "=" + str2;
        }

        public String getAlgorithmString() {
            return this.algorithm.toString().subSequence(0, 3).toString();
        }

        public int getKeySIze() {
            try {
                return Integer.parseInt(this.algorithm.toString().substring(3));
            } catch (NumberFormatException unused) {
                return NgcKeyPairGenerator.KEY_PAIR_SIZE_BITS;
            }
        }

        public KeyUsage getKeyUsage() {
            KeyUsage keyUsage = this.keyUsage;
            return keyUsage != null ? keyUsage : new KeyUsage(184);
        }

        public Provider getProvider() {
            return this.provider;
        }

        public SignatureAlgorithmEnum getSignatureAlgorithm() {
            return this.signatureAlgorithm;
        }

        public String getX500DirName() {
            return this.X500DirName.length() > 0 ? this.X500DirName : PKCS10CertGenerator.DEFAULT_X500DIR_NAME;
        }

        public KeyPurposeId getmKeyPurposeId() {
            return this.mKeyPurposeId;
        }

        public void setAlgorithm(AlgorithEnum algorithEnum) {
            this.algorithm = algorithEnum;
        }

        public void setCommonName(String str) {
            addX500DirAttribute(PKCS10CertGenerator.COMMON_NAME, str);
        }

        public void setCountryName(String str) {
            addX500DirAttribute(PKCS10CertGenerator.COUNTRY_NAME, str);
        }

        public void setEmailAddress(String str) {
            addX500DirAttribute(PKCS10CertGenerator.EMAIL_ADDRESS, str);
        }

        public void setKeyUsage(int... iArr) {
            int i = 0;
            for (int i2 : iArr) {
                i |= i2;
            }
            this.keyUsage = new KeyUsage(i);
        }

        public void setLocalityName(String str) {
            addX500DirAttribute(PKCS10CertGenerator.LOCALITY_NAME, str);
        }

        public void setOrgName(String str) {
            addX500DirAttribute(PKCS10CertGenerator.ORG_NAME, str);
        }

        public void setOrgUnitName(String str) {
            addX500DirAttribute(PKCS10CertGenerator.ORG_UNIT_NAME, str);
        }

        public void setSignatureAlgorithn(SignatureAlgorithmEnum signatureAlgorithmEnum) {
            this.signatureAlgorithm = signatureAlgorithmEnum;
        }

        public void setmKeyPurposeId(KeyPurposeId keyPurposeId) {
            this.mKeyPurposeId = keyPurposeId;
        }
    }

    /* loaded from: classes.dex */
    public interface OnPKCS10CertificateGeneration {
        void onCertGenerated(String str);
    }

    /* loaded from: classes.dex */
    public enum SignatureAlgorithmEnum {
        SHA1WithRSAEncryption,
        SHA224WithRSAEncryption,
        SHA256WithRSAEncryption,
        SHA384WithRSAEncryption,
        SHA512WithRSAEncryption,
        idDSAWithSha1
    }

    static {
        Logger.v(TAG, "Class is loaded and ConfigurationForPKCS10 is instantiated.");
        CERTIFICATE_TYPE = "CERTIFICATE REQUEST";
        COMMON_NAME = "CN";
        COUNTRY_NAME = "C";
        EMAIL_ADDRESS = "EMAIL";
        LOCALITY_NAME = "L";
        ORG_NAME = "O";
        ORG_UNIT_NAME = "OU";
        DEFAULT_X500DIR_NAME = "CN=AGREEYA";
    }

    public static KeyPair generateKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(mDataForPKCS.getAlgorithmString(), mDataForPKCS.getProvider());
        keyPairGenerator.initialize(mDataForPKCS.getKeySIze(), new SecureRandom());
        Logger.v(TAG, "Algorithm:" + mDataForPKCS.getAlgorithmString() + " provider:" + mDataForPKCS.getProvider().getName() + " keySize:" + mDataForPKCS.getKeySIze());
        return keyPairGenerator.generateKeyPair();
    }

    public static void generatePKCS10CertSigningRequest(String str, OnPKCS10CertificateGeneration onPKCS10CertificateGeneration) {
        String str2;
        if (str != null && !str.isEmpty()) {
            try {
                str2 = getCertificateStripedVersion(getPKCS10Cert());
            } catch (Exception e) {
                Logger.e(TAG + "generatePKCS10CertSigningRequest", e.getMessage(), WorkplaceJoinFailure.CERTIFICATE, e);
            }
            onPKCS10CertificateGeneration.onCertGenerated(str2);
        }
        str2 = null;
        onPKCS10CertificateGeneration.onCertGenerated(str2);
    }

    private static PKCS10CertificationRequest generateRequest(KeyPair keyPair) throws OperatorCreationException, PKCSException {
        PKCS10CertificationRequestBuilder pKCS10CertificationRequestBuilder = new PKCS10CertificationRequestBuilder(new X500Name(mDataForPKCS.getX500DirName()), SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()));
        pKCS10CertificationRequestBuilder.addAttribute(X509Extension.keyUsage, mDataForPKCS.getKeyUsage());
        Vector vector = new Vector();
        vector.add(mDataForPKCS.getmKeyPurposeId());
        pKCS10CertificationRequestBuilder.addAttribute(X509Extension.extendedKeyUsage, new ExtendedKeyUsage(vector));
        Logger.v(TAG, "Signature alg:" + mDataForPKCS.getSignatureAlgorithm().toString());
        JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(mDataForPKCS.getSignatureAlgorithm().toString());
        jcaContentSignerBuilder.setProvider(mDataForPKCS.getProvider());
        PKCS10CertificationRequest build = pKCS10CertificationRequestBuilder.build(jcaContentSignerBuilder.build(keyPair.getPrivate()));
        if (build.isSignatureValid(new JcaContentVerifierProviderBuilder().build(keyPair.getPublic()))) {
            return build;
        }
        Logger.e(TAG + "generateRequest", "NOT A VALID CERTIFICATE Request", WorkplaceJoinFailure.CERTIFICATE);
        return null;
    }

    public static String getCertificateStripedVersion(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, "\n");
        int countTokens = stringTokenizer.countTokens();
        StringBuffer stringBuffer = new StringBuffer();
        int i = 0;
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (i != 0 && i != countTokens - 1) {
                stringBuffer.append(nextToken + "\n");
            }
            i++;
        }
        return stringBuffer.toString();
    }

    public static ConfigurationForPKCS10 getConfigurationForPKCS10() {
        return mDataForPKCS;
    }

    public static KeyPair getKeyPair() {
        return pair;
    }

    public static String getPKCS10Cert() {
        String str = new String("FAILURE");
        try {
            pair = generateKeyPair();
            return printCertRequest(generateRequest(pair));
        } catch (Exception e) {
            String str2 = str + e;
            Logger.e(TAG + "getPKCS10Cert", "ERROR = " + str2, WorkplaceJoinFailure.CERTIFICATE, e);
            Logger.e(TAG + "getPKCS10Cert", "ERROR = " + str2, WorkplaceJoinFailure.CERTIFICATE);
            return str2;
        }
    }

    private static String printCertRequest(PKCS10CertificationRequest pKCS10CertificationRequest) throws IOException {
        PemObject pemObject = new PemObject(CERTIFICATE_TYPE, pKCS10CertificationRequest.getEncoded());
        StringWriter stringWriter = new StringWriter();
        PEMWriter pEMWriter = new PEMWriter(stringWriter);
        pEMWriter.writeObject(pemObject);
        pEMWriter.close();
        new String();
        String stringBuffer = stringWriter.getBuffer().toString();
        stringWriter.close();
        return stringBuffer;
    }
}
