package io.ktor.network.tls.certificates;

import ab.h0;
import ab.x;
import ib.l;
import io.ktor.http.LinkHeader;
import io.ktor.network.tls.OID;
import io.ktor.utils.io.core.BytePacketBuilder;
import io.ktor.utils.io.core.ByteReadPacket;
import io.ktor.utils.io.core.Output;
import io.ktor.utils.io.core.OutputKt;
import io.ktor.utils.io.core.OutputPrimitivesKt;
import io.ktor.utils.io.core.StringsKt;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.net.InetAddress;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.time.Instant;
import java.time.ZoneOffset;
import java.time.format.DateTimeFormatter;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.collections.m;
import kotlin.collections.q;
import kotlin.collections.r;
import zc.a;
import zc.c;
import zc.d;

/* compiled from: Certificates.kt */
@Metadata(d1 = {"\u0000¤\u0001\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0004\n\u0002\u0010\b\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010 \n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u0019\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0011\n\u0002\u0010\u0012\n\u0002\b\u000b\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0015\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0010\u000b\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0018\u0002\n\u0002\b\u0004\u001aN\u0010\f\u001a\u00020\u000b2\n\b\u0002\u0010\u0001\u001a\u0004\u0018\u00010\u00002\b\b\u0002\u0010\u0003\u001a\u00020\u00022\b\b\u0002\u0010\u0004\u001a\u00020\u00022\b\b\u0002\u0010\u0005\u001a\u00020\u00022\b\b\u0002\u0010\u0006\u001a\u00020\u00022\b\b\u0002\u0010\b\u001a\u00020\u00072\b\b\u0002\u0010\n\u001a\u00020\t\u001aq\u0010\u001d\u001a\u00020\u001a2\u0006\u0010\u000e\u001a\u00020\r2\u0006\u0010\u000f\u001a\u00020\r2\u0006\u0010\u0011\u001a\u00020\u00102\u0006\u0010\u0013\u001a\u00020\u00122\u0006\u0010\u0003\u001a\u00020\u00022\b\b\u0002\u0010\u0015\u001a\u00020\u00142\b\b\u0002\u0010\n\u001a\u00020\t2\u000e\b\u0002\u0010\u0017\u001a\b\u0012\u0004\u0012\u00020\u00020\u00162\u000e\b\u0002\u0010\u0019\u001a\b\u0012\u0004\u0012\u00020\u00180\u0016H\u0000ø\u0001\u0000ø\u0001\u0001¢\u0006\u0004\b\u001b\u0010\u001c\u001af\u0010\f\u001a\u00020\u000b*\u00020\u000b2\n\b\u0002\u0010\u0001\u001a\u0004\u0018\u00010\u00002\b\b\u0002\u0010\u0003\u001a\u00020\u00022\b\b\u0002\u0010\u0004\u001a\u00020\u00022\b\b\u0002\u0010\u0005\u001a\u00020\u00022\b\b\u0002\u0010\u0006\u001a\u00020\u00022\b\b\u0002\u0010\b\u001a\u00020\u00072\b\b\u0002\u0010\u001e\u001a\u00020\u00022\b\b\u0002\u0010\u001f\u001a\u00020\u00022\b\b\u0002\u0010\n\u001a\u00020\t\u001a \u0010\"\u001a\u00020\u000b*\u00020\u000b2\n\b\u0002\u0010\u0001\u001a\u0004\u0018\u00010\u00002\b\b\u0002\u0010!\u001a\u00020 \u001ab\u0010(\u001a\u00020'*\u00020#2\u0006\u0010\u0003\u001a\u00020\u00022\u0006\u0010\u000f\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\r2\u0006\u0010\u0011\u001a\u00020\u00102\u0006\u0010%\u001a\u00020$2\u0006\u0010&\u001a\u00020$2\f\u0010\u0017\u001a\b\u0012\u0004\u0012\u00020\u00020\u00162\f\u0010\u0019\u001a\b\u0012\u0004\u0012\u00020\u00180\u00162\b\b\u0002\u0010\n\u001a\u00020\tH\u0002\u001a \u0010+\u001a\u00020'*\u00020#2\u0012\u0010*\u001a\u000e\u0012\u0004\u0012\u00020#\u0012\u0004\u0012\u00020'0)H\u0002\u001a\f\u0010,\u001a\u00020'*\u00020#H\u0002\u001a\f\u0010-\u001a\u00020'*\u00020#H\u0002\u001a(\u0010.\u001a\u00020'*\u00020#2\f\u0010\u0017\u001a\b\u0012\u0004\u0012\u00020\u00020\u00162\f\u0010\u0019\u001a\b\u0012\u0004\u0012\u00020\u00180\u0016H\u0002\u001a\f\u0010/\u001a\u00020'*\u00020#H\u0002\u001a\u0014\u00100\u001a\u00020'*\u00020#2\u0006\u0010\u0003\u001a\u00020\u0002H\u0002\u001a(\u00103\u001a\u00020'*\u00020#2\u0006\u00101\u001a\u00020\u00072\u0012\u00102\u001a\u000e\u0012\u0004\u0012\u00020#\u0012\u0004\u0012\u00020'0)H\u0002\u001a\u0014\u00105\u001a\u00020'*\u00020#2\u0006\u00104\u001a\u00020\rH\u0002\u001aj\u00106\u001a\u00020'*\u00020#2\u0006\u0010\u000f\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\r2\u0006\u0010\u0011\u001a\u00020\u00102\u0006\u0010\u0003\u001a\u00020\u00022\u0006\u0010%\u001a\u00020$2\u0006\u0010&\u001a\u00020$2\f\u0010\u0017\u001a\b\u0012\u0004\u0012\u00020\u00020\u00162\f\u0010\u0019\u001a\b\u0012\u0004\u0012\u00020\u00180\u00162\u0006\u0010\u0013\u001a\u00020\u00122\b\b\u0002\u0010\n\u001a\u00020\tH\u0002\u001a\u0016\u00108\u001a\u00020'*\u00020#2\b\b\u0002\u00107\u001a\u00020\u0007H\u0002\u001a \u0010:\u001a\u00020'*\u00020#2\u0012\u00109\u001a\u000e\u0012\u0004\u0012\u00020#\u0012\u0004\u0012\u00020'0)H\u0002\u001a\u001e\u0010>\u001a\u00020'*\u00020#2\u0006\u0010<\u001a\u00020;2\b\b\u0002\u0010=\u001a\u00020\u0007H\u0002\u001a\u0014\u0010@\u001a\u00020'*\u00020#2\u0006\u0010?\u001a\u00020$H\u0002\u001a\u0014\u0010A\u001a\u00020'*\u00020#2\u0006\u0010?\u001a\u00020$H\u0002\u001a\u001e\u0010D\u001a\u00020'*\u00020#2\u0006\u0010B\u001a\u00020\u00022\b\b\u0002\u0010C\u001a\u00020\u0007H\u0002\u001a\f\u0010E\u001a\u00020'*\u00020#H\u0002\u001a \u0010F\u001a\u00020'*\u00020#2\u0012\u00109\u001a\u000e\u0012\u0004\u0012\u00020#\u0012\u0004\u0012\u00020'0)H\u0002\u001a\u0014\u0010I\u001a\u00020'*\u00020#2\u0006\u0010H\u001a\u00020GH\u0002\u001a\u0014\u0010I\u001a\u00020'*\u00020#2\u0006\u0010H\u001a\u00020JH\u0002\u001a\u0014\u0010M\u001a\u00020'*\u00020#2\u0006\u0010L\u001a\u00020KH\u0002\u001a\u0014\u0010M\u001a\u00020'*\u00020#2\u0006\u0010L\u001a\u00020\u0007H\u0002\u001a\u0014\u0010O\u001a\u00020'*\u00020#2\u0006\u0010N\u001a\u00020\u0007H\u0002\u001a$\u0010T\u001a\u00020'*\u00020#2\u0006\u0010P\u001a\u00020\u00072\u0006\u0010Q\u001a\u00020\u00072\u0006\u0010S\u001a\u00020RH\u0002\u001a\f\u0010U\u001a\u00020\u0007*\u00020\u0007H\u0002\u001a\u0014\u0010V\u001a\u00020'*\u00020#2\u0006\u0010L\u001a\u00020RH\u0002\u001a\u0016\u0010X\u001a\u00020W*\u00020RH\u0002ø\u0001\u0001¢\u0006\u0004\bX\u0010Y\u001a\u0014\u0010Z\u001a\u00020'*\u00020#2\u0006\u0010L\u001a\u00020\u0007H\u0002\"\u001a\u0010[\u001a\u00020\r8\u0000X\u0080\u0004¢\u0006\f\n\u0004\b[\u0010\\\u001a\u0004\b]\u0010^\"\u0014\u0010_\u001a\u00020\r8\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b_\u0010\\\"\u001b\u0010c\u001a\b\u0012\u0004\u0012\u00020`0\u0016*\u00020\u000b8F¢\u0006\u0006\u001a\u0004\ba\u0010b\u0082\u0002\u000b\n\u0005\b¡\u001e0\u0001\n\u0002\b\u0019¨\u0006d"}, d2 = {"Ljava/io/File;", "file", "", "algorithm", "keyAlias", "keyPassword", "jksPassword", "", "keySizeInBits", "Lio/ktor/network/tls/certificates/KeyType;", "keyType", "Ljava/security/KeyStore;", "generateCertificate", "Ljavax/security/auth/x500/X500Principal;", "subject", "issuer", "Ljava/security/PublicKey;", "publicKey", "Ljava/security/KeyPair;", "signerKeyPair", "Lzc/a;", "validityDuration", "", "domains", "Ljava/net/InetAddress;", "ipAddresses", "Ljava/security/cert/X509Certificate;", "generateX509Certificate-Tu6dINM", "(Ljavax/security/auth/x500/X500Principal;Ljavax/security/auth/x500/X500Principal;Ljava/security/PublicKey;Ljava/security/KeyPair;Ljava/lang/String;JLio/ktor/network/tls/certificates/KeyType;Ljava/util/List;Ljava/util/List;)Ljava/security/cert/X509Certificate;", "generateX509Certificate", "caKeyAlias", "caPassword", "", "password", "trustStore", "Lio/ktor/utils/io/core/BytePacketBuilder;", "Ljava/time/Instant;", "validFrom", "validUntil", "Lab/h0;", "writeX509Info", "Lkotlin/Function1;", "content", "extKeyUsage", "clientAuth", "serverAuth", "subjectAlternativeNames", "caExtension", "writeAlgorithmIdentifier", "id", "builder", "writeX509Extension", "dName", "writeX500Principal", "writeCertificate", "v", "writeVersion", "block", "writeDerOctetString", "", "array", "unused", "writeDerBitString", "date", "writeDerUTCTime", "writeDerGeneralizedTime", "s", LinkHeader.Parameters.Type, "writeDerUTF8String", "writeDerNull", "writeDerSequence", "Lio/ktor/network/tls/OID;", "identifier", "writeDerObjectIdentifier", "", "Ljava/math/BigInteger;", "value", "writeAsnInt", "length", "writeDerLength", "kind", "typeIdentifier", "", "simpleType", "writeDerType", "derLength", "writeDerBoolean", "Lab/x;", "toUByte", "(Z)B", "writeDerInt", "DEFAULT_PRINCIPAL", "Ljavax/security/auth/x500/X500Principal;", "getDEFAULT_PRINCIPAL", "()Ljavax/security/auth/x500/X500Principal;", "DEFAULT_CA_PRINCIPAL", "Ljavax/net/ssl/TrustManager;", "getTrustManagers", "(Ljava/security/KeyStore;)Ljava/util/List;", "trustManagers", "ktor-network-tls-certificates"}, k = 2, mv = {1, 8, 0})
/* loaded from: classes.dex */
public final class CertificatesKt {
    private static final X500Principal DEFAULT_PRINCIPAL = new X500Principal("CN=localhost, OU=Kotlin, O=JetBrains, C=RU");
    private static final X500Principal DEFAULT_CA_PRINCIPAL = new X500Principal("CN=localhostCA, OU=Kotlin, O=JetBrains, C=RU");

    /* JADX INFO: Access modifiers changed from: private */
    public static final void caExtension(BytePacketBuilder bytePacketBuilder) {
        writeDerSequence(bytePacketBuilder, CertificatesKt$caExtension$1.INSTANCE);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void clientAuth(BytePacketBuilder bytePacketBuilder) {
        writeDerSequence(bytePacketBuilder, CertificatesKt$clientAuth$1.INSTANCE);
    }

    private static final int derLength(int i10) {
        int i11 = 1;
        if (!(i10 >= 0)) {
            throw new IllegalArgumentException("Failed requirement.".toString());
        }
        if (i10 == 0) {
            return 0;
        }
        int i12 = 127;
        while ((i10 & i12) != i10) {
            i12 |= i12 << 7;
            i11++;
        }
        return i11;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void extKeyUsage(BytePacketBuilder bytePacketBuilder, l<? super BytePacketBuilder, h0> lVar) {
        writeDerSequence(bytePacketBuilder, new CertificatesKt$extKeyUsage$1(lVar));
    }

    public static final KeyStore generateCertificate(File file, String algorithm, String keyAlias, String keyPassword, String jksPassword, int i10, KeyType keyType) {
        kotlin.jvm.internal.l.f(algorithm, "algorithm");
        kotlin.jvm.internal.l.f(keyAlias, "keyAlias");
        kotlin.jvm.internal.l.f(keyPassword, "keyPassword");
        kotlin.jvm.internal.l.f(jksPassword, "jksPassword");
        kotlin.jvm.internal.l.f(keyType, "keyType");
        KeyStore buildKeyStore = BuildersKt.buildKeyStore(new CertificatesKt$generateCertificate$keyStore$1(keyAlias, algorithm, keyPassword, i10, keyType));
        buildKeyStore.setCertificateEntry(keyAlias + "Cert", buildKeyStore.getCertificate(keyAlias));
        if (file != null) {
            BuildersKt.saveToFile(buildKeyStore, file, jksPassword);
        }
        return buildKeyStore;
    }

    public static final KeyStore generateCertificate(KeyStore keyStore, File file, String algorithm, String keyAlias, String keyPassword, String jksPassword, int i10, String caKeyAlias, String caPassword, KeyType keyType) {
        kotlin.jvm.internal.l.f(keyStore, "<this>");
        kotlin.jvm.internal.l.f(algorithm, "algorithm");
        kotlin.jvm.internal.l.f(keyAlias, "keyAlias");
        kotlin.jvm.internal.l.f(keyPassword, "keyPassword");
        kotlin.jvm.internal.l.f(jksPassword, "jksPassword");
        kotlin.jvm.internal.l.f(caKeyAlias, "caKeyAlias");
        kotlin.jvm.internal.l.f(caPassword, "caPassword");
        kotlin.jvm.internal.l.f(keyType, "keyType");
        Certificate certificate = keyStore.getCertificate(caKeyAlias);
        PublicKey publicKey = certificate.getPublicKey();
        char[] charArray = caPassword.toCharArray();
        kotlin.jvm.internal.l.e(charArray, "this as java.lang.String).toCharArray()");
        Key key = keyStore.getKey(caKeyAlias, charArray);
        kotlin.jvm.internal.l.d(key, "null cannot be cast to non-null type java.security.PrivateKey");
        KeyStore buildKeyStore = BuildersKt.buildKeyStore(new CertificatesKt$generateCertificate$keyStore$2(keyAlias, algorithm, keyPassword, i10, keyType, new KeyPair(publicKey, (PrivateKey) key), certificate));
        if (file != null) {
            BuildersKt.saveToFile(buildKeyStore, file, jksPassword);
        }
        return buildKeyStore;
    }

    public static /* synthetic */ KeyStore generateCertificate$default(File file, String str, String str2, String str3, String str4, int i10, KeyType keyType, int i11, Object obj) {
        if ((i11 & 1) != 0) {
            file = null;
        }
        if ((i11 & 2) != 0) {
            str = "SHA1withRSA";
        }
        String str5 = str;
        if ((i11 & 4) != 0) {
            str2 = "mykey";
        }
        String str6 = str2;
        if ((i11 & 8) != 0) {
            str3 = "changeit";
        }
        String str7 = str3;
        String str8 = (i11 & 16) != 0 ? str7 : str4;
        if ((i11 & 32) != 0) {
            i10 = 1024;
        }
        int i12 = i10;
        if ((i11 & 64) != 0) {
            keyType = KeyType.Server;
        }
        return generateCertificate(file, str5, str6, str7, str8, i12, keyType);
    }

    public static /* synthetic */ KeyStore generateCertificate$default(KeyStore keyStore, File file, String str, String str2, String str3, String str4, int i10, String str5, String str6, KeyType keyType, int i11, Object obj) {
        File file2 = (i11 & 1) != 0 ? null : file;
        String str7 = (i11 & 2) != 0 ? "SHA1withRSA" : str;
        String str8 = (i11 & 4) != 0 ? "mykey" : str2;
        String str9 = (i11 & 8) != 0 ? "changeit" : str3;
        return generateCertificate(keyStore, file2, str7, str8, str9, (i11 & 16) != 0 ? str9 : str4, (i11 & 32) != 0 ? 1024 : i10, (i11 & 64) == 0 ? str5 : "mykey", (i11 & 128) == 0 ? str6 : "changeit", (i11 & 256) != 0 ? KeyType.Server : keyType);
    }

    /* renamed from: generateX509Certificate-Tu6dINM, reason: not valid java name */
    public static final X509Certificate m34generateX509CertificateTu6dINM(X500Principal subject, X500Principal issuer, PublicKey publicKey, KeyPair signerKeyPair, String algorithm, long j10, KeyType keyType, List<String> domains, List<? extends InetAddress> ipAddresses) {
        kotlin.jvm.internal.l.f(subject, "subject");
        kotlin.jvm.internal.l.f(issuer, "issuer");
        kotlin.jvm.internal.l.f(publicKey, "publicKey");
        kotlin.jvm.internal.l.f(signerKeyPair, "signerKeyPair");
        kotlin.jvm.internal.l.f(algorithm, "algorithm");
        kotlin.jvm.internal.l.f(keyType, "keyType");
        kotlin.jvm.internal.l.f(domains, "domains");
        kotlin.jvm.internal.l.f(ipAddresses, "ipAddresses");
        Instant now = Instant.now();
        BytePacketBuilder bytePacketBuilder = new BytePacketBuilder(null, 1, null);
        try {
            Duration ofSeconds = Duration.ofSeconds(a.d(j10), a.e(j10));
            kotlin.jvm.internal.l.e(ofSeconds, "toJavaDuration-LRDsOJo");
            Instant plus = now.plus((TemporalAmount) ofSeconds);
            kotlin.jvm.internal.l.e(now, "now");
            kotlin.jvm.internal.l.e(plus, "plus(validityDuration.toJavaDuration())");
            writeCertificate(bytePacketBuilder, issuer, subject, publicKey, algorithm, now, plus, domains, ipAddresses, signerKeyPair, keyType);
            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(StringsKt.readBytes$default(bytePacketBuilder.build(), 0, 1, null)));
            generateCertificate.verify(signerKeyPair.getPublic());
            kotlin.jvm.internal.l.d(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
            return (X509Certificate) generateCertificate;
        } catch (Throwable th) {
            bytePacketBuilder.release();
            throw th;
        }
    }

    /* renamed from: generateX509Certificate-Tu6dINM$default, reason: not valid java name */
    public static /* synthetic */ X509Certificate m35generateX509CertificateTu6dINM$default(X500Principal x500Principal, X500Principal x500Principal2, PublicKey publicKey, KeyPair keyPair, String str, long j10, KeyType keyType, List list, List list2, int i10, Object obj) {
        long j11;
        List list3;
        List list4;
        List e10;
        List n10;
        if ((i10 & 32) != 0) {
            a.Companion companion = a.INSTANCE;
            j11 = c.f(3, d.DAYS);
        } else {
            j11 = j10;
        }
        KeyType keyType2 = (i10 & 64) != 0 ? KeyType.Server : keyType;
        if ((i10 & 128) != 0) {
            n10 = r.n("127.0.0.1", "localhost");
            list3 = n10;
        } else {
            list3 = list;
        }
        if ((i10 & 256) != 0) {
            e10 = q.e(InetAddress.getByName("127.0.0.1"));
            list4 = e10;
        } else {
            list4 = list2;
        }
        return m34generateX509CertificateTu6dINM(x500Principal, x500Principal2, publicKey, keyPair, str, j11, keyType2, list3, list4);
    }

    public static final X500Principal getDEFAULT_PRINCIPAL() {
        return DEFAULT_PRINCIPAL;
    }

    public static final List<TrustManager> getTrustManagers(KeyStore keyStore) {
        List<TrustManager> n02;
        kotlin.jvm.internal.l.f(keyStore, "<this>");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        kotlin.jvm.internal.l.e(trustManagers, "getInstance(TrustManager…Managers) }.trustManagers");
        n02 = m.n0(trustManagers);
        return n02;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void serverAuth(BytePacketBuilder bytePacketBuilder) {
        writeDerSequence(bytePacketBuilder, CertificatesKt$serverAuth$1.INSTANCE);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void subjectAlternativeNames(BytePacketBuilder bytePacketBuilder, List<String> list, List<? extends InetAddress> list2) {
        writeDerSequence(bytePacketBuilder, new CertificatesKt$subjectAlternativeNames$1(list, list2));
    }

    private static final byte toUByte(boolean z10) {
        return z10 ? x.a((byte) 255) : x.a((byte) 0);
    }

    public static final KeyStore trustStore(KeyStore keyStore, File file, char[] password) {
        File parentFile;
        kotlin.jvm.internal.l.f(keyStore, "<this>");
        kotlin.jvm.internal.l.f(password, "password");
        KeyStore keyStore2 = KeyStore.getInstance("JKS");
        kotlin.jvm.internal.l.c(keyStore2);
        keyStore2.load(null, null);
        Enumeration<String> aliases = keyStore.aliases();
        kotlin.jvm.internal.l.e(aliases, "aliases()");
        ArrayList<String> list = Collections.list(aliases);
        kotlin.jvm.internal.l.e(list, "list(this)");
        for (String str : list) {
            Certificate certificate = keyStore.getCertificate(str);
            kotlin.jvm.internal.l.e(certificate, "getCertificate(alias)");
            keyStore2.setCertificateEntry(str, certificate);
        }
        if (file != null && (parentFile = file.getParentFile()) != null) {
            parentFile.mkdirs();
        }
        if (file != null) {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                keyStore2.store(fileOutputStream, password);
                h0 h0Var = h0.f693a;
                fileOutputStream.close();
            } finally {
            }
        }
        return keyStore2;
    }

    public static /* synthetic */ KeyStore trustStore$default(KeyStore keyStore, File file, char[] cArr, int i10, Object obj) {
        if ((i10 & 1) != 0) {
            file = null;
        }
        if ((i10 & 2) != 0) {
            cArr = "changeit".toCharArray();
            kotlin.jvm.internal.l.e(cArr, "this as java.lang.String).toCharArray()");
        }
        return trustStore(keyStore, file, cArr);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeAlgorithmIdentifier(BytePacketBuilder bytePacketBuilder, String str) {
        writeDerSequence(bytePacketBuilder, new CertificatesKt$writeAlgorithmIdentifier$1(str));
    }

    private static final void writeAsnInt(BytePacketBuilder bytePacketBuilder, int i10) {
        writeDerType(bytePacketBuilder, 0, 2, true);
        BytePacketBuilder bytePacketBuilder2 = new BytePacketBuilder(null, 1, null);
        boolean z10 = true;
        for (int i11 = 0; i11 < 4; i11++) {
            int i12 = (i10 >>> (((4 - i11) - 1) * 8)) & 255;
            if (i12 != 0 || !z10) {
                try {
                    bytePacketBuilder2.writeByte((byte) i12);
                    z10 = false;
                } catch (Throwable th) {
                    bytePacketBuilder2.release();
                    throw th;
                }
            }
        }
        ByteReadPacket build = bytePacketBuilder2.build();
        writeDerLength(bytePacketBuilder, (int) build.getRemaining());
        bytePacketBuilder.writePacket(build);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeAsnInt(BytePacketBuilder bytePacketBuilder, BigInteger bigInteger) {
        writeDerType(bytePacketBuilder, 0, 2, true);
        byte[] encoded = bigInteger.toByteArray();
        writeDerLength(bytePacketBuilder, encoded.length);
        kotlin.jvm.internal.l.e(encoded, "encoded");
        OutputKt.writeFully$default((Output) bytePacketBuilder, encoded, 0, 0, 6, (Object) null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeCertificate(BytePacketBuilder bytePacketBuilder, X500Principal x500Principal, X500Principal x500Principal2, PublicKey publicKey, String str, Instant instant, Instant instant2, List<String> list, List<? extends InetAddress> list2, KeyPair keyPair, KeyType keyType) {
        if (!(instant.compareTo(instant2) < 0)) {
            throw new IllegalArgumentException("validFrom must be before validUntil".toString());
        }
        BytePacketBuilder bytePacketBuilder2 = new BytePacketBuilder(null, 1, null);
        try {
            writeX509Info(bytePacketBuilder2, str, x500Principal, x500Principal2, publicKey, instant, instant2, list, list2, keyType);
            byte[] readBytes$default = StringsKt.readBytes$default(bytePacketBuilder2.build(), 0, 1, null);
            Signature signature = Signature.getInstance(str);
            signature.initSign(keyPair.getPrivate());
            signature.update(readBytes$default);
            writeDerSequence(bytePacketBuilder, new CertificatesKt$writeCertificate$2(readBytes$default, signature.sign(), str));
        } catch (Throwable th) {
            bytePacketBuilder2.release();
            throw th;
        }
    }

    private static final void writeDerBitString(BytePacketBuilder bytePacketBuilder, byte[] bArr, int i10) {
        if (!(i10 >= 0 && i10 < 8)) {
            throw new IllegalArgumentException("Failed requirement.".toString());
        }
        writeDerType(bytePacketBuilder, 0, 3, true);
        writeDerLength(bytePacketBuilder, bArr.length + 1);
        bytePacketBuilder.writeByte((byte) i10);
        OutputKt.writeFully$default((Output) bytePacketBuilder, bArr, 0, 0, 6, (Object) null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void writeDerBitString$default(BytePacketBuilder bytePacketBuilder, byte[] bArr, int i10, int i11, Object obj) {
        if ((i11 & 2) != 0) {
            i10 = 0;
        }
        writeDerBitString(bytePacketBuilder, bArr, i10);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeDerBoolean(BytePacketBuilder bytePacketBuilder, boolean z10) {
        writeDerType(bytePacketBuilder, 0, 1, true);
        writeDerLength(bytePacketBuilder, 1);
        bytePacketBuilder.writeByte(toUByte(z10));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeDerGeneralizedTime(BytePacketBuilder bytePacketBuilder, Instant instant) {
        String format = DateTimeFormatter.ofPattern("yyyyMMddHHmmss'Z'").format(instant.atZone(ZoneOffset.UTC));
        kotlin.jvm.internal.l.e(format, "ofPattern(\"yyyyMMddHHmms…e.atZone(ZoneOffset.UTC))");
        writeDerUTF8String(bytePacketBuilder, format, 24);
    }

    private static final void writeDerInt(BytePacketBuilder bytePacketBuilder, int i10) {
        if (!(i10 >= 0)) {
            throw new IllegalArgumentException("Failed requirement.".toString());
        }
        int derLength = derLength(i10);
        for (int i11 = 0; i11 < derLength; i11++) {
            int i12 = (i10 >> (((derLength - i11) - 1) * 7)) & 127;
            if (i11 == derLength - 1) {
                bytePacketBuilder.writeByte((byte) i12);
            } else {
                bytePacketBuilder.writeByte((byte) (i12 | 128));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeDerLength(BytePacketBuilder bytePacketBuilder, int i10) {
        if (!(i10 >= 0)) {
            throw new IllegalArgumentException("Failed requirement.".toString());
        }
        if (i10 <= 127) {
            bytePacketBuilder.writeByte((byte) i10);
            return;
        }
        if (i10 <= 255) {
            bytePacketBuilder.writeByte((byte) -127);
            bytePacketBuilder.writeByte((byte) i10);
            return;
        }
        if (i10 <= 65535) {
            bytePacketBuilder.writeByte((byte) -126);
            bytePacketBuilder.writeByte((byte) (i10 >>> 8));
            bytePacketBuilder.writeByte((byte) i10);
        } else {
            if (i10 <= 16777215) {
                bytePacketBuilder.writeByte((byte) -125);
                bytePacketBuilder.writeByte((byte) (i10 >>> 16));
                bytePacketBuilder.writeByte((byte) (255 & (i10 >>> 8)));
                bytePacketBuilder.writeByte((byte) i10);
                return;
            }
            bytePacketBuilder.writeByte((byte) -124);
            bytePacketBuilder.writeByte((byte) (i10 >>> 24));
            bytePacketBuilder.writeByte((byte) ((i10 >>> 16) & 255));
            bytePacketBuilder.writeByte((byte) (255 & (i10 >>> 8)));
            bytePacketBuilder.writeByte((byte) i10);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeDerNull(BytePacketBuilder bytePacketBuilder) {
        OutputPrimitivesKt.writeShort(bytePacketBuilder, (short) 1280);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeDerObjectIdentifier(BytePacketBuilder bytePacketBuilder, OID oid) {
        writeDerObjectIdentifier(bytePacketBuilder, oid.getAsArray());
    }

    /* JADX WARN: Removed duplicated region for block: B:21:0x002e  */
    /* JADX WARN: Removed duplicated region for block: B:37:0x0066  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static final void writeDerObjectIdentifier(io.ktor.utils.io.core.BytePacketBuilder r6, int[] r7) {
        /*
            int r0 = r7.length
            r1 = 1
            r2 = 0
            r3 = 2
            if (r0 < r3) goto L8
            r0 = r1
            goto L9
        L8:
            r0 = r2
        L9:
            java.lang.String r4 = "Failed requirement."
            if (r0 == 0) goto L7a
            r0 = r7[r2]
            if (r0 < 0) goto L16
            r5 = 3
            if (r0 >= r5) goto L16
            r5 = r1
            goto L17
        L16:
            r5 = r2
        L17:
            if (r5 == 0) goto L70
            r5 = 40
            if (r0 == r3) goto L2b
            r0 = r7[r1]
            if (r0 < 0) goto L25
            if (r0 >= r5) goto L25
            r0 = r1
            goto L26
        L25:
            r0 = r2
        L26:
            if (r0 == 0) goto L29
            goto L2b
        L29:
            r0 = r2
            goto L2c
        L2b:
            r0 = r1
        L2c:
            if (r0 == 0) goto L66
            io.ktor.utils.io.core.BytePacketBuilder r0 = new io.ktor.utils.io.core.BytePacketBuilder
            r4 = 0
            r0.<init>(r4, r1, r4)
            r4 = r7[r2]     // Catch: java.lang.Throwable -> L61
            int r4 = r4 * r5
            r5 = r7[r1]     // Catch: java.lang.Throwable -> L61
            int r4 = r4 + r5
            writeDerInt(r0, r4)     // Catch: java.lang.Throwable -> L61
            int r4 = kotlin.collections.i.G(r7)     // Catch: java.lang.Throwable -> L61
            if (r3 > r4) goto L4d
        L43:
            r5 = r7[r3]     // Catch: java.lang.Throwable -> L61
            writeDerInt(r0, r5)     // Catch: java.lang.Throwable -> L61
            if (r3 == r4) goto L4d
            int r3 = r3 + 1
            goto L43
        L4d:
            io.ktor.utils.io.core.ByteReadPacket r7 = r0.build()     // Catch: java.lang.Throwable -> L61
            r0 = 6
            writeDerType(r6, r2, r0, r1)
            long r0 = r7.getRemaining()
            int r0 = (int) r0
            writeDerLength(r6, r0)
            r6.writePacket(r7)
            return
        L61:
            r6 = move-exception
            r0.release()
            throw r6
        L66:
            java.lang.IllegalArgumentException r6 = new java.lang.IllegalArgumentException
            java.lang.String r7 = r4.toString()
            r6.<init>(r7)
            throw r6
        L70:
            java.lang.IllegalArgumentException r6 = new java.lang.IllegalArgumentException
            java.lang.String r7 = r4.toString()
            r6.<init>(r7)
            throw r6
        L7a:
            java.lang.IllegalArgumentException r6 = new java.lang.IllegalArgumentException
            java.lang.String r7 = r4.toString()
            r6.<init>(r7)
            throw r6
        */
        throw new UnsupportedOperationException("Method not decompiled: io.ktor.network.tls.certificates.CertificatesKt.writeDerObjectIdentifier(io.ktor.utils.io.core.BytePacketBuilder, int[]):void");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeDerOctetString(BytePacketBuilder bytePacketBuilder, l<? super BytePacketBuilder, h0> lVar) {
        BytePacketBuilder bytePacketBuilder2 = new BytePacketBuilder(null, 1, null);
        try {
            lVar.invoke(bytePacketBuilder2);
            ByteReadPacket build = bytePacketBuilder2.build();
            writeDerType(bytePacketBuilder, 0, 4, true);
            writeDerLength(bytePacketBuilder, (int) build.getRemaining());
            bytePacketBuilder.writePacket(build);
        } catch (Throwable th) {
            bytePacketBuilder2.release();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeDerSequence(BytePacketBuilder bytePacketBuilder, l<? super BytePacketBuilder, h0> lVar) {
        BytePacketBuilder bytePacketBuilder2 = new BytePacketBuilder(null, 1, null);
        try {
            lVar.invoke(bytePacketBuilder2);
            ByteReadPacket build = bytePacketBuilder2.build();
            writeDerType(bytePacketBuilder, 0, 16, false);
            writeDerLength(bytePacketBuilder, (int) build.getRemaining());
            bytePacketBuilder.writePacket(build);
        } catch (Throwable th) {
            bytePacketBuilder2.release();
            throw th;
        }
    }

    private static final void writeDerType(BytePacketBuilder bytePacketBuilder, int i10, int i11, boolean z10) {
        if (!(i10 >= 0 && i10 < 4)) {
            throw new IllegalArgumentException("Failed requirement.".toString());
        }
        if (!(i11 >= 0)) {
            throw new IllegalArgumentException("Failed requirement.".toString());
        }
        if (i11 >= 0 && i11 < 31) {
            bytePacketBuilder.writeByte((byte) ((i10 << 6) | i11 | (z10 ? 0 : 32)));
        } else {
            bytePacketBuilder.writeByte((byte) ((i10 << 6) | 31 | (z10 ? 0 : 32)));
            writeDerInt(bytePacketBuilder, i11);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeDerUTCTime(BytePacketBuilder bytePacketBuilder, Instant instant) {
        String format = DateTimeFormatter.ofPattern("yyMMddHHmmss'Z'").format(instant.atZone(ZoneOffset.UTC));
        kotlin.jvm.internal.l.e(format, "ofPattern(\"yyMMddHHmmss'…e.atZone(ZoneOffset.UTC))");
        writeDerUTF8String(bytePacketBuilder, format, 23);
    }

    private static final void writeDerUTF8String(BytePacketBuilder bytePacketBuilder, String str, int i10) {
        BytePacketBuilder bytePacketBuilder2 = new BytePacketBuilder(null, 1, null);
        try {
            StringsKt.writeText$default(bytePacketBuilder2, str, 0, 0, (Charset) null, 14, (Object) null);
            ByteReadPacket build = bytePacketBuilder2.build();
            writeDerType(bytePacketBuilder, 0, i10, true);
            writeDerLength(bytePacketBuilder, (int) build.getRemaining());
            bytePacketBuilder.writePacket(build);
        } catch (Throwable th) {
            bytePacketBuilder2.release();
            throw th;
        }
    }

    static /* synthetic */ void writeDerUTF8String$default(BytePacketBuilder bytePacketBuilder, String str, int i10, int i11, Object obj) {
        if ((i11 & 2) != 0) {
            i10 = 12;
        }
        writeDerUTF8String(bytePacketBuilder, str, i10);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeVersion(BytePacketBuilder bytePacketBuilder, int i10) {
        writeDerType(bytePacketBuilder, 2, 0, false);
        BytePacketBuilder bytePacketBuilder2 = new BytePacketBuilder(null, 1, null);
        try {
            writeAsnInt(bytePacketBuilder2, i10);
            ByteReadPacket build = bytePacketBuilder2.build();
            writeDerLength(bytePacketBuilder, (int) build.getRemaining());
            bytePacketBuilder.writePacket(build);
        } catch (Throwable th) {
            bytePacketBuilder2.release();
            throw th;
        }
    }

    static /* synthetic */ void writeVersion$default(BytePacketBuilder bytePacketBuilder, int i10, int i11, Object obj) {
        if ((i11 & 1) != 0) {
            i10 = 2;
        }
        writeVersion(bytePacketBuilder, i10);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeX500Principal(BytePacketBuilder bytePacketBuilder, X500Principal x500Principal) {
        byte[] encoded = x500Principal.getEncoded();
        kotlin.jvm.internal.l.e(encoded, "dName.encoded");
        OutputKt.writeFully$default((Output) bytePacketBuilder, encoded, 0, 0, 6, (Object) null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeX509Extension(BytePacketBuilder bytePacketBuilder, int i10, l<? super BytePacketBuilder, h0> lVar) {
        bytePacketBuilder.writeByte((byte) (i10 | 128));
        BytePacketBuilder bytePacketBuilder2 = new BytePacketBuilder(null, 1, null);
        try {
            lVar.invoke(bytePacketBuilder2);
            ByteReadPacket build = bytePacketBuilder2.build();
            writeDerLength(bytePacketBuilder, (int) build.getRemaining());
            bytePacketBuilder.writePacket(build);
        } catch (Throwable th) {
            bytePacketBuilder2.release();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void writeX509Info(BytePacketBuilder bytePacketBuilder, String str, X500Principal x500Principal, X500Principal x500Principal2, PublicKey publicKey, Instant instant, Instant instant2, List<String> list, List<? extends InetAddress> list2, KeyType keyType) {
        writeDerSequence(bytePacketBuilder, new CertificatesKt$writeX509Info$1(new BigInteger(64, new SecureRandom()), str, x500Principal, x500Principal2, publicKey, instant, instant2, keyType, list, list2));
    }
}
