package com.unboundid.util.ssl.cert;

import com.unboundid.asn1.ASN1BitString;
import com.unboundid.asn1.ASN1Element;
import com.unboundid.asn1.ASN1Integer;
import com.unboundid.asn1.ASN1ObjectIdentifier;
import com.unboundid.asn1.ASN1OctetString;
import com.unboundid.asn1.ASN1Sequence;
import com.unboundid.util.Base64;
import com.unboundid.util.CryptoHelper;
import com.unboundid.util.Debug;
import com.unboundid.util.NotMutable;
import com.unboundid.util.NotNull;
import com.unboundid.util.Nullable;
import com.unboundid.util.OID;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import java.io.Serializable;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;

@ThreadSafety(level = ThreadSafetyLevel.COMPLETELY_THREADSAFE)
@NotMutable
/* loaded from: classes3.dex */
public final class PKCS8PrivateKey implements Serializable {
    private static final byte TYPE_ATTRIBUTES = -96;
    private static final byte TYPE_PUBLIC_KEY = -127;
    private static final long serialVersionUID = -5551171525811450486L;

    @Nullable
    private final ASN1Element attributesElement;

    @Nullable
    private final DecodedPrivateKey decodedPrivateKey;

    @NotNull
    private final ASN1OctetString encodedPrivateKey;

    @NotNull
    private final byte[] pkcs8PrivateKeyBytes;

    @Nullable
    private final String privateKeyAlgorithmName;

    @NotNull
    private final OID privateKeyAlgorithmOID;

    @Nullable
    private final ASN1Element privateKeyAlgorithmParameters;

    @Nullable
    private final ASN1BitString publicKey;

    @NotNull
    private final PKCS8PrivateKeyVersion version;

    /* renamed from: com.unboundid.util.ssl.cert.PKCS8PrivateKey$1, reason: invalid class name */
    /* loaded from: classes3.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$unboundid$util$ssl$cert$PublicKeyAlgorithmIdentifier;

        static {
            int[] iArr = new int[PublicKeyAlgorithmIdentifier.values().length];
            $SwitchMap$com$unboundid$util$ssl$cert$PublicKeyAlgorithmIdentifier = iArr;
            try {
                iArr[PublicKeyAlgorithmIdentifier.RSA.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$unboundid$util$ssl$cert$PublicKeyAlgorithmIdentifier[PublicKeyAlgorithmIdentifier.EC.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PKCS8PrivateKey(@NotNull PKCS8PrivateKeyVersion pKCS8PrivateKeyVersion, @NotNull OID oid, @Nullable ASN1Element aSN1Element, @NotNull ASN1OctetString aSN1OctetString, @Nullable DecodedPrivateKey decodedPrivateKey, @Nullable ASN1Element aSN1Element2, @Nullable ASN1BitString aSN1BitString) throws CertException {
        this.version = pKCS8PrivateKeyVersion;
        this.privateKeyAlgorithmOID = oid;
        this.privateKeyAlgorithmParameters = aSN1Element;
        this.encodedPrivateKey = aSN1OctetString;
        this.decodedPrivateKey = decodedPrivateKey;
        this.attributesElement = aSN1Element2;
        this.publicKey = aSN1BitString;
        PublicKeyAlgorithmIdentifier forOID = PublicKeyAlgorithmIdentifier.forOID(oid);
        if (forOID == null) {
            this.privateKeyAlgorithmName = null;
        } else {
            this.privateKeyAlgorithmName = forOID.getName();
        }
        this.pkcs8PrivateKeyBytes = encode().encode();
    }

    public PKCS8PrivateKey(@NotNull byte[] bArr) throws CertException {
        DecodedPrivateKey rSAPrivateKey;
        this.pkcs8PrivateKeyBytes = bArr;
        try {
            ASN1Element[] elements = ASN1Sequence.decodeAsSequence(bArr).elements();
            if (elements.length < 3) {
                throw new CertException(CertMessages.ERR_PRIVATE_KEY_DECODE_NOT_ENOUGH_ELEMENTS.get(Integer.valueOf(elements.length)));
            }
            try {
                int intValue = elements[0].decodeAsInteger().intValue();
                PKCS8PrivateKeyVersion valueOf = PKCS8PrivateKeyVersion.valueOf(intValue);
                this.version = valueOf;
                if (valueOf == null) {
                    throw new CertException(CertMessages.ERR_PRIVATE_KEY_DECODE_UNSUPPORTED_VERSION.get(Integer.valueOf(intValue)));
                }
                try {
                    ASN1Element[] elements2 = elements[1].decodeAsSequence().elements();
                    OID oid = elements2[0].decodeAsObjectIdentifier().getOID();
                    this.privateKeyAlgorithmOID = oid;
                    ASN1Element aSN1Element = null;
                    if (elements2.length > 1) {
                        this.privateKeyAlgorithmParameters = elements2[1];
                    } else {
                        this.privateKeyAlgorithmParameters = null;
                    }
                    ASN1OctetString decodeAsOctetString = elements[2].decodeAsOctetString();
                    this.encodedPrivateKey = decodeAsOctetString;
                    PublicKeyAlgorithmIdentifier forOID = PublicKeyAlgorithmIdentifier.forOID(oid);
                    if (forOID == null) {
                        this.privateKeyAlgorithmName = null;
                        this.decodedPrivateKey = null;
                    } else {
                        this.privateKeyAlgorithmName = forOID.getName();
                        int i = AnonymousClass1.$SwitchMap$com$unboundid$util$ssl$cert$PublicKeyAlgorithmIdentifier[forOID.ordinal()];
                        if (i != 1) {
                            if (i == 2) {
                                try {
                                    rSAPrivateKey = new EllipticCurvePrivateKey(decodeAsOctetString);
                                } catch (Exception e) {
                                    Debug.debugException(e);
                                }
                            }
                            rSAPrivateKey = null;
                        } else {
                            try {
                                rSAPrivateKey = new RSAPrivateKey(decodeAsOctetString);
                            } catch (Exception e2) {
                                Debug.debugException(e2);
                            }
                        }
                        this.decodedPrivateKey = rSAPrivateKey;
                    }
                    ASN1BitString aSN1BitString = null;
                    for (int i2 = 3; i2 < elements.length; i2++) {
                        ASN1Element aSN1Element2 = elements[i2];
                        byte type = aSN1Element2.getType();
                        if (type == -127) {
                            try {
                                aSN1BitString = ASN1BitString.decodeAsBitString(aSN1Element2);
                            } catch (Exception e3) {
                                Debug.debugException(e3);
                                throw new CertException(CertMessages.ERR_PRIVATE_KEY_DECODE_CANNOT_PARSE_PUBLIC_KEY.get(StaticUtils.getExceptionMessage(e3)), e3);
                            }
                        } else if (type == -96) {
                            aSN1Element = aSN1Element2;
                        }
                    }
                    this.attributesElement = aSN1Element;
                    this.publicKey = aSN1BitString;
                } catch (Exception e4) {
                    Debug.debugException(e4);
                    throw new CertException(CertMessages.ERR_PRIVATE_KEY_DECODE_CANNOT_PARSE_ALGORITHM.get(StaticUtils.getExceptionMessage(e4)), e4);
                }
            } catch (CertException e5) {
                Debug.debugException(e5);
                throw e5;
            } catch (Exception e6) {
                Debug.debugException(e6);
                throw new CertException(CertMessages.ERR_PRIVATE_KEY_DECODE_CANNOT_PARSE_VERSION.get(StaticUtils.getExceptionMessage(e6)), e6);
            }
        } catch (Exception e7) {
            Debug.debugException(e7);
            throw new CertException(CertMessages.ERR_PRIVATE_KEY_DECODE_NOT_SEQUENCE.get(StaticUtils.getExceptionMessage(e7)), e7);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @NotNull
    public static byte[] wrapRSAPrivateKey(@NotNull byte[] bArr) throws CertException {
        try {
            ArrayList arrayList = new ArrayList(5);
            arrayList.add(new ASN1Integer(PKCS8PrivateKeyVersion.V1.getIntValue()));
            arrayList.add(new ASN1Sequence(new ASN1ObjectIdentifier(PublicKeyAlgorithmIdentifier.RSA.getOID())));
            arrayList.add(new ASN1OctetString(bArr));
            return new ASN1Sequence(arrayList).encode();
        } catch (Exception e) {
            Debug.debugException(e);
            throw new CertException(CertMessages.ERR_PRIVATE_KEY_WRAP_RSA_KEY_ERROR.get(StaticUtils.getExceptionMessage(e)), e);
        }
    }

    @NotNull
    ASN1Element encode() throws CertException {
        try {
            ArrayList arrayList = new ArrayList(5);
            arrayList.add(new ASN1Integer(this.version.getIntValue()));
            if (this.privateKeyAlgorithmParameters == null) {
                arrayList.add(new ASN1Sequence(new ASN1ObjectIdentifier(this.privateKeyAlgorithmOID)));
            } else {
                arrayList.add(new ASN1Sequence(new ASN1ObjectIdentifier(this.privateKeyAlgorithmOID), this.privateKeyAlgorithmParameters));
            }
            arrayList.add(this.encodedPrivateKey);
            ASN1Element aSN1Element = this.attributesElement;
            if (aSN1Element != null) {
                arrayList.add(new ASN1Element((byte) -96, aSN1Element.getValue()));
            }
            ASN1BitString aSN1BitString = this.publicKey;
            if (aSN1BitString != null) {
                arrayList.add(new ASN1BitString((byte) -127, aSN1BitString.getBits()));
            }
            return new ASN1Sequence(arrayList);
        } catch (Exception e) {
            Debug.debugException(e);
            throw new CertException(CertMessages.ERR_PRIVATE_KEY_ENCODE_ERROR.get(toString(), StaticUtils.getExceptionMessage(e)), e);
        }
    }

    @Nullable
    public ASN1Element getAttributesElement() {
        return this.attributesElement;
    }

    @Nullable
    public DecodedPrivateKey getDecodedPrivateKey() {
        return this.decodedPrivateKey;
    }

    @NotNull
    public ASN1OctetString getEncodedPrivateKey() {
        return this.encodedPrivateKey;
    }

    @NotNull
    public byte[] getPKCS8PrivateKeyBytes() {
        return this.pkcs8PrivateKeyBytes;
    }

    @Nullable
    public String getPrivateKeyAlgorithmName() {
        return this.privateKeyAlgorithmName;
    }

    @NotNull
    public String getPrivateKeyAlgorithmNameOrOID() {
        String str = this.privateKeyAlgorithmName;
        return str == null ? this.privateKeyAlgorithmOID.toString() : str;
    }

    @NotNull
    public OID getPrivateKeyAlgorithmOID() {
        return this.privateKeyAlgorithmOID;
    }

    @Nullable
    public ASN1Element getPrivateKeyAlgorithmParameters() {
        return this.privateKeyAlgorithmParameters;
    }

    @Nullable
    public ASN1BitString getPublicKey() {
        return this.publicKey;
    }

    @NotNull
    public PKCS8PrivateKeyVersion getVersion() {
        return this.version;
    }

    @NotNull
    public List<String> toPEM() {
        ArrayList arrayList = new ArrayList(10);
        arrayList.add(PKCS8PEMFileReader.BEGIN_PRIVATE_KEY_HEADER);
        arrayList.addAll(StaticUtils.wrapLine(Base64.encode(this.pkcs8PrivateKeyBytes), 64));
        arrayList.add(PKCS8PEMFileReader.END_PRIVATE_KEY_FOOTER);
        return Collections.unmodifiableList(arrayList);
    }

    @NotNull
    public String toPEMString() {
        StringBuilder sb = new StringBuilder(PKCS8PEMFileReader.BEGIN_PRIVATE_KEY_HEADER);
        sb.append(StaticUtils.EOL);
        Iterator<String> it = StaticUtils.wrapLine(Base64.encode(this.pkcs8PrivateKeyBytes), 64).iterator();
        while (it.hasNext()) {
            sb.append(it.next());
            sb.append(StaticUtils.EOL);
        }
        sb.append(PKCS8PEMFileReader.END_PRIVATE_KEY_FOOTER);
        sb.append(StaticUtils.EOL);
        return sb.toString();
    }

    @NotNull
    public PrivateKey toPrivateKey() throws GeneralSecurityException {
        return CryptoHelper.getKeyFactory(getPrivateKeyAlgorithmNameOrOID()).generatePrivate(new PKCS8EncodedKeySpec(this.pkcs8PrivateKeyBytes));
    }

    @NotNull
    public String toString() {
        StringBuilder sb = new StringBuilder();
        toString(sb);
        return sb.toString();
    }

    public void toString(@NotNull StringBuilder sb) {
        sb.append("PKCS8PrivateKey(version='");
        sb.append(this.version.getName());
        sb.append("', privateKeyAlgorithmOID=");
        sb.append(this.privateKeyAlgorithmOID.toString());
        sb.append('\'');
        if (this.privateKeyAlgorithmName != null) {
            sb.append(", privateKeyAlgorithmName='");
            sb.append(this.privateKeyAlgorithmName);
            sb.append('\'');
        }
        if (this.decodedPrivateKey == null) {
            sb.append(", encodedPrivateKey='");
            StaticUtils.toHex(this.encodedPrivateKey.getValue(), ":", sb);
            sb.append('\'');
        } else {
            sb.append(", decodedPrivateKey=");
            this.decodedPrivateKey.toString(sb);
            if (this.decodedPrivateKey instanceof EllipticCurvePrivateKey) {
                try {
                    OID oid = this.privateKeyAlgorithmParameters.decodeAsObjectIdentifier().getOID();
                    sb.append(", ellipticCurvePrivateKeyParameters=namedCurve='");
                    sb.append(NamedCurve.getNameOrOID(oid));
                    sb.append('\'');
                } catch (Exception e) {
                    Debug.debugException(e);
                }
            }
        }
        sb.append("')");
    }
}
