package fr.kwit.stdlib.jvm.ssl;

import com.facebook.internal.ServerProtocol;
import com.revenuecat.purchases.attributes.SubscriberAttributeKt;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import sun.security.jca.JCAUtil;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* compiled from: SSL.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000T\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\b\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u001a\u0010\r\u001a\u00020\u000e2\b\b\u0002\u0010\u000f\u001a\u00020\u00042\b\b\u0002\u0010\u0010\u001a\u00020\tJ4\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\u00142\u0006\u0010\u0015\u001a\u00020\u000e2\b\b\u0002\u0010\u0010\u001a\u00020\t2\b\b\u0002\u0010\u0016\u001a\u00020\u00172\b\b\u0002\u0010\u0018\u001a\u00020\u0017J\u000e\u0010\u0019\u001a\u00020\u001a2\u0006\u0010\u0013\u001a\u00020\u0014J\b\u0010\u001b\u001a\u0004\u0018\u00010\u001cJ\u0006\u0010\u001d\u001a\u00020\u001eJ\u0010\u0010\u001f\u001a\u00020 2\b\b\u0002\u0010!\u001a\u00020\u0014R\u000e\u0010\u0003\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u0019\u0010\b\u001a\n \n*\u0004\u0018\u00010\t0\t¢\u0006\b\n\u0000\u001a\u0004\b\u000b\u0010\f¨\u0006\""}, d2 = {"Lfr/kwit/stdlib/jvm/ssl/SSL;", "", "()V", "CIPHER_BUFFER_SIZE", "", "PLAINTEXT_BUFFER_SIZE", "SSL_FRAME_CIPHER_SIZE", "SSL_FRAME_PLAINTEXT_MAX_SIZE", "deterministicRandom", "Ljava/security/SecureRandom;", "kotlin.jvm.PlatformType", "getDeterministicRandom", "()Ljava/security/SecureRandom;", "generateKeyPair", "Ljava/security/KeyPair;", "bits", "random", "generateSelfSignedCert", "Ljava/security/cert/X509Certificate;", "fqdn", "", "keyPair", "notBefore", "Ljava/util/Date;", "notAfter", "generateSelfSignedCreds", "Lfr/kwit/stdlib/jvm/ssl/SSLCreds;", "getDefaultTrustManager", "Ljavax/net/ssl/X509TrustManager;", "getUnsafeTrustManager", "Lfr/kwit/stdlib/jvm/ssl/TrustAll;", "newKeystore", "Ljava/security/KeyStore;", "type", "kwit-stdlib-jvm"}, k = 1, mv = {1, 4, 0})
/* loaded from: classes2.dex */
public final class SSL {
    public static final int CIPHER_BUFFER_SIZE = 16921;
    public static final SSL INSTANCE = new SSL();
    public static final int PLAINTEXT_BUFFER_SIZE = 33832;
    public static final int SSL_FRAME_CIPHER_SIZE = 16921;
    public static final int SSL_FRAME_PLAINTEXT_MAX_SIZE = 16916;
    private static final SecureRandom deterministicRandom;

    static {
        SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
        secureRandom.setSeed(12345L);
        deterministicRandom = secureRandom;
    }

    private SSL() {
    }

    public static /* synthetic */ KeyPair generateKeyPair$default(SSL ssl, int i, SecureRandom secureRandom, int i2, Object obj) {
        if ((i2 & 1) != 0) {
            i = 2048;
        }
        if ((i2 & 2) != 0) {
            secureRandom = JCAUtil.getSecureRandom();
            Intrinsics.checkNotNullExpressionValue(secureRandom, "JCAUtil.getSecureRandom()");
        }
        return ssl.generateKeyPair(i, secureRandom);
    }

    public static /* synthetic */ X509Certificate generateSelfSignedCert$default(SSL ssl, String str, KeyPair keyPair, SecureRandom deterministicRandom2, Date date, Date date2, int i, Object obj) {
        if ((i & 4) != 0) {
            deterministicRandom2 = deterministicRandom;
            Intrinsics.checkNotNullExpressionValue(deterministicRandom2, "deterministicRandom");
        }
        SecureRandom secureRandom = deterministicRandom2;
        if ((i & 8) != 0) {
            date = new Date(1558805479000L);
        }
        Date date3 = date;
        if ((i & 16) != 0) {
            date2 = new Date(1874424679000L);
        }
        return ssl.generateSelfSignedCert(str, keyPair, secureRandom, date3, date2);
    }

    public static /* synthetic */ KeyStore newKeystore$default(SSL ssl, String str, int i, Object obj) {
        if ((i & 1) != 0) {
            str = "JKS";
        }
        return ssl.newKeystore(str);
    }

    public final KeyPair generateKeyPair(int bits, SecureRandom random) {
        Intrinsics.checkNotNullParameter(random, "random");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(bits, random);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Intrinsics.checkNotNullExpressionValue(generateKeyPair, "keyGen.generateKeyPair()");
        return generateKeyPair;
    }

    public final X509Certificate generateSelfSignedCert(String fqdn, KeyPair keyPair, SecureRandom random, Date notBefore, Date notAfter) {
        Intrinsics.checkNotNullParameter(fqdn, "fqdn");
        Intrinsics.checkNotNullParameter(keyPair, "keyPair");
        Intrinsics.checkNotNullParameter(random, "random");
        Intrinsics.checkNotNullParameter(notBefore, "notBefore");
        Intrinsics.checkNotNullParameter(notAfter, "notAfter");
        PrivateKey privateKey = keyPair.getPrivate();
        X509CertInfo x509CertInfo = new X509CertInfo();
        X500Name x500Name = new X500Name("CN=" + fqdn);
        x509CertInfo.set(ServerProtocol.FALLBACK_DIALOG_PARAM_VERSION, new CertificateVersion(2));
        x509CertInfo.set("serialNumber", new CertificateSerialNumber(new BigInteger(64, random)));
        x509CertInfo.set("subject", x500Name);
        x509CertInfo.set("issuer", x500Name);
        x509CertInfo.set("validity", new CertificateValidity(notBefore, notAfter));
        x509CertInfo.set(SubscriberAttributeKt.JSON_NAME_KEY, new CertificateX509Key(keyPair.getPublic()));
        x509CertInfo.set("algorithmID", new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.sha256WithRSAEncryption_oid)));
        X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
        x509CertImpl.sign(privateKey, "SHA256withRSA");
        x509CertInfo.set("algorithmID.algorithm", x509CertImpl.get("x509.algorithm"));
        X509Certificate x509CertImpl2 = new X509CertImpl(x509CertInfo);
        x509CertImpl2.sign(privateKey, "SHA256withRSA");
        x509CertImpl2.verify(keyPair.getPublic());
        return x509CertImpl2;
    }

    public final SSLCreds generateSelfSignedCreds(String fqdn) {
        Intrinsics.checkNotNullParameter(fqdn, "fqdn");
        SecureRandom deterministicRandom2 = deterministicRandom;
        Intrinsics.checkNotNullExpressionValue(deterministicRandom2, "deterministicRandom");
        KeyPair generateKeyPair = generateKeyPair(1024, deterministicRandom2);
        SecureRandom deterministicRandom3 = deterministicRandom;
        Intrinsics.checkNotNullExpressionValue(deterministicRandom3, "deterministicRandom");
        X509Certificate generateSelfSignedCert$default = generateSelfSignedCert$default(this, fqdn, generateKeyPair, deterministicRandom3, null, null, 24, null);
        PrivateKey privateKey = generateKeyPair.getPrivate();
        Intrinsics.checkNotNullExpressionValue(privateKey, "keyPair.private");
        return new SSLCreds(privateKey, new X509Certificate[]{generateSelfSignedCert$default});
    }

    public final X509TrustManager getDefaultTrustManager() {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        Intrinsics.checkNotNullExpressionValue(trustManagerFactory, "trustManagerFactory");
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        return null;
    }

    public final SecureRandom getDeterministicRandom() {
        return deterministicRandom;
    }

    public final TrustAll getUnsafeTrustManager() {
        return TrustAll.INSTANCE;
    }

    public final KeyStore newKeystore(String type) {
        Intrinsics.checkNotNullParameter(type, "type");
        KeyStore ks = KeyStore.getInstance(type);
        ks.load(null, null);
        Intrinsics.checkNotNullExpressionValue(ks, "ks");
        return ks;
    }
}
